diff --git a/packages/apps/http-cache/Chart.yaml b/packages/apps/http-cache/Chart.yaml index fdb62f9e..2224053c 100644 --- a/packages/apps/http-cache/Chart.yaml +++ b/packages/apps/http-cache/Chart.yaml @@ -16,7 +16,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.3.1 +version: 0.4.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/packages/apps/http-cache/README.md b/packages/apps/http-cache/README.md index 904fdf61..cb482fc0 100644 --- a/packages/apps/http-cache/README.md +++ b/packages/apps/http-cache/README.md @@ -60,13 +60,17 @@ VTS module shows wrong upstream resonse time ### Common parameters -| Name | Description | Value | -| ------------------ | ----------------------------------------------- | ------- | -| `external` | Enable external access from outside the cluster | `false` | -| `size` | Persistent Volume size | `10Gi` | -| `storageClass` | StorageClass used to store the data | `""` | -| `haproxy.replicas` | Number of HAProxy replicas | `2` | -| `nginx.replicas` | Number of Nginx replicas | `2` | +| Name | Description | Value | +| ------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------- | +| `external` | Enable external access from outside the cluster | `false` | +| `size` | Persistent Volume size | `10Gi` | +| `storageClass` | StorageClass used to store the data | `""` | +| `haproxy.replicas` | Number of HAProxy replicas | `2` | +| `nginx.replicas` | Number of Nginx replicas | `2` | +| `haproxy.resources` | Resources | `{}` | +| `haproxy.resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if resources is set (resources is recommended for production). | `nano` | +| `nginx.resources` | Resources | `{}` | +| `nginx.resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if resources is set (resources is recommended for production). | `nano` | ### Configuration parameters diff --git a/packages/apps/http-cache/templates/_resources.tpl b/packages/apps/http-cache/templates/_resources.tpl new file mode 100644 index 00000000..7ada56d4 --- /dev/null +++ b/packages/apps/http-cache/templates/_resources.tpl @@ -0,0 +1,50 @@ +{{/* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{/* vim: set filetype=mustache: */}} + +{{/* +Return a resource request/limit object based on a given preset. +These presets are for basic testing and not meant to be used in production +{{ include "resources.preset" (dict "type" "nano") -}} +*/}} +{{- define "resources.preset" -}} +{{/* The limits are the requests increased by 50% (except ephemeral-storage and xlarge/2xlarge sizes)*/}} +{{- $presets := dict + "nano" (dict + "requests" (dict "cpu" "100m" "memory" "128Mi" "ephemeral-storage" "50Mi") + "limits" (dict "cpu" "150m" "memory" "192Mi" "ephemeral-storage" "2Gi") + ) + "micro" (dict + "requests" (dict "cpu" "250m" "memory" "256Mi" "ephemeral-storage" "50Mi") + "limits" (dict "cpu" "375m" "memory" "384Mi" "ephemeral-storage" "2Gi") + ) + "small" (dict + "requests" (dict "cpu" "500m" "memory" "512Mi" "ephemeral-storage" "50Mi") + "limits" (dict "cpu" "750m" "memory" "768Mi" "ephemeral-storage" "2Gi") + ) + "medium" (dict + "requests" (dict "cpu" "500m" "memory" "1024Mi" "ephemeral-storage" "50Mi") + "limits" (dict "cpu" "750m" "memory" "1536Mi" "ephemeral-storage" "2Gi") + ) + "large" (dict + "requests" (dict "cpu" "1.0" "memory" "2048Mi" "ephemeral-storage" "50Mi") + "limits" (dict "cpu" "1.5" "memory" "3072Mi" "ephemeral-storage" "2Gi") + ) + "xlarge" (dict + "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi") + "limits" (dict "cpu" "3.0" "memory" "6144Mi" "ephemeral-storage" "2Gi") + ) + "2xlarge" (dict + "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi") + "limits" (dict "cpu" "6.0" "memory" "12288Mi" "ephemeral-storage" "2Gi") + ) + }} +{{- if hasKey $presets .type -}} +{{- index $presets .type | toYaml -}} +{{- else -}} +{{- printf "ERROR: Preset key '%s' invalid. Allowed values are %s" .type (join "," (keys $presets)) | fail -}} +{{- end -}} +{{- end -}} diff --git a/packages/apps/http-cache/templates/haproxy/deployment.yaml b/packages/apps/http-cache/templates/haproxy/deployment.yaml index 10ef9b55..b60814dc 100644 --- a/packages/apps/http-cache/templates/haproxy/deployment.yaml +++ b/packages/apps/http-cache/templates/haproxy/deployment.yaml @@ -33,6 +33,11 @@ spec: containers: - image: haproxy:latest name: haproxy + {{- if .Values.haproxy.resources }} + resources: {{- toYaml .Values.haproxy.resources | nindent 10 }} + {{- else if ne .Values.haproxy.resourcesPreset "none" }} + resources: {{- include "resources.preset" (dict "type" .Values.haproxy.resourcesPreset "Release" .Release) | nindent 10 }} + {{- end }} ports: - containerPort: 8080 name: http diff --git a/packages/apps/http-cache/templates/nginx/deployment.yaml b/packages/apps/http-cache/templates/nginx/deployment.yaml index e83e81e1..ae640fd5 100644 --- a/packages/apps/http-cache/templates/nginx/deployment.yaml +++ b/packages/apps/http-cache/templates/nginx/deployment.yaml @@ -52,6 +52,11 @@ spec: shareProcessNamespace: true containers: - name: nginx + {{- if $.Values.nginx.resources }} + resources: {{- toYaml $.Values.nginx.resources | nindent 10 }} + {{- else if ne $.Values.nginx.resourcesPreset "none" }} + resources: {{- include "resources.preset" (dict "type" $.Values.nginx.resourcesPreset "Release" $.Release) | nindent 10 }} + {{- end }} image: "{{ $.Files.Get "images/nginx-cache.tag" | trim }}" readinessProbe: httpGet: @@ -83,6 +88,13 @@ spec: - name: reloader image: "{{ $.Files.Get "images/nginx-cache.tag" | trim }}" command: ["/usr/bin/nginx-reloader.sh"] + resources: + limits: + cpu: 50m + memory: 50Mi + requests: + cpu: 50m + memory: 50Mi #command: ["sleep", "infinity"] volumeMounts: - mountPath: /etc/nginx/nginx.conf diff --git a/packages/apps/http-cache/values.schema.json b/packages/apps/http-cache/values.schema.json index cb1dfc86..ab3fbb7b 100644 --- a/packages/apps/http-cache/values.schema.json +++ b/packages/apps/http-cache/values.schema.json @@ -24,6 +24,16 @@ "type": "number", "description": "Number of HAProxy replicas", "default": 2 + }, + "resources": { + "type": "object", + "description": "Resources", + "default": {} + }, + "resourcesPreset": { + "type": "string", + "description": "Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if resources is set (resources is recommended for production).", + "default": "nano" } } }, @@ -34,6 +44,16 @@ "type": "number", "description": "Number of Nginx replicas", "default": 2 + }, + "resources": { + "type": "object", + "description": "Resources", + "default": {} + }, + "resourcesPreset": { + "type": "string", + "description": "Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if resources is set (resources is recommended for production).", + "default": "nano" } } }, diff --git a/packages/apps/http-cache/values.yaml b/packages/apps/http-cache/values.yaml index 526cb62c..e514ebcc 100644 --- a/packages/apps/http-cache/values.yaml +++ b/packages/apps/http-cache/values.yaml @@ -12,8 +12,32 @@ size: 10Gi storageClass: "" haproxy: replicas: 2 + ## @param haproxy.resources Resources + resources: {} + # resources: + # limits: + # cpu: 4000m + # memory: 4Gi + # requests: + # cpu: 100m + # memory: 512Mi + + ## @param haproxy.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if resources is set (resources is recommended for production). + resourcesPreset: "nano" nginx: replicas: 2 + ## @param nginx.resources Resources + resources: {} + # resources: + # limits: + # cpu: 4000m + # memory: 4Gi + # requests: + # cpu: 100m + # memory: 512Mi + + ## @param nginx.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if resources is set (resources is recommended for production). + resourcesPreset: "nano" ## @section Configuration parameters diff --git a/packages/apps/kafka/Chart.yaml b/packages/apps/kafka/Chart.yaml index 3d1d6e36..d4e910d4 100644 --- a/packages/apps/kafka/Chart.yaml +++ b/packages/apps/kafka/Chart.yaml @@ -16,7 +16,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.4.0 +version: 0.5.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/packages/apps/kafka/README.md b/packages/apps/kafka/README.md index 7cd045cc..d6a23fc8 100644 --- a/packages/apps/kafka/README.md +++ b/packages/apps/kafka/README.md @@ -4,20 +4,22 @@ ### Common parameters -| Name | Description | Value | -| ------------------------ | ----------------------------------------------- | ------- | -| `external` | Enable external access from outside the cluster | `false` | -| `kafka.size` | Persistent Volume size for Kafka | `10Gi` | -| `kafka.replicas` | Number of Kafka replicas | `3` | -| `kafka.storageClass` | StorageClass used to store the Kafka data | `""` | -| `zookeeper.size` | Persistent Volume size for ZooKeeper | `5Gi` | -| `zookeeper.replicas` | Number of ZooKeeper replicas | `3` | -| `zookeeper.storageClass` | StorageClass used to store the ZooKeeper data | `""` | +| Name | Description | Value | +| --------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------- | +| `external` | Enable external access from outside the cluster | `false` | +| `kafka.size` | Persistent Volume size for Kafka | `10Gi` | +| `kafka.replicas` | Number of Kafka replicas | `3` | +| `kafka.storageClass` | StorageClass used to store the Kafka data | `""` | +| `zookeeper.size` | Persistent Volume size for ZooKeeper | `5Gi` | +| `zookeeper.replicas` | Number of ZooKeeper replicas | `3` | +| `zookeeper.storageClass` | StorageClass used to store the ZooKeeper data | `""` | +| `kafka.resources` | Resources | `{}` | +| `kafka.resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if resources is set (resources is recommended for production). | `nano` | +| `zookeeper.resources` | Resources | `{}` | +| `zookeeper.resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if resources is set (resources is recommended for production). | `nano` | ### Configuration parameters -| Name | Description | Value | -| ----------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------ | -| `topics` | Topics configuration | `[]` | -| `resources` | Resources | `{}` | -| `resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if resources is set (resources is recommended for production). | `nano` | +| Name | Description | Value | +| -------- | -------------------- | ----- | +| `topics` | Topics configuration | `[]` | diff --git a/packages/apps/kafka/templates/kafka.yaml b/packages/apps/kafka/templates/kafka.yaml index 742f365d..c981580c 100644 --- a/packages/apps/kafka/templates/kafka.yaml +++ b/packages/apps/kafka/templates/kafka.yaml @@ -8,10 +8,10 @@ metadata: spec: kafka: replicas: {{ .Values.kafka.replicas }} - {{- if .Values.resources }} - resources: {{- toYaml .Values.resources | nindent 6 }} - {{- else if ne .Values.resourcesPreset "none" }} - resources: {{- include "resources.preset" (dict "type" .Values.resourcesPreset "Release" .Release) | nindent 6 }} + {{- if .Values.kafka.resources }} + resources: {{- toYaml .Values.kafka.resources | nindent 6 }} + {{- else if ne .Values.kafka.resourcesPreset "none" }} + resources: {{- include "resources.preset" (dict "type" .Values.kafka.resourcesPreset "Release" .Release) | nindent 6 }} {{- end }} listeners: - name: plain @@ -70,6 +70,11 @@ spec: key: kafka-metrics-config.yml zookeeper: replicas: {{ .Values.zookeeper.replicas }} + {{- if .Values.zookeeper.resources }} + resources: {{- toYaml .Values.zookeeper.resources | nindent 6 }} + {{- else if ne .Values.zookeeper.resourcesPreset "none" }} + resources: {{- include "resources.preset" (dict "type" .Values.zookeeper.resourcesPreset "Release" .Release) | nindent 6 }} + {{- end }} storage: type: persistent-claim {{- with .Values.zookeeper.size }} diff --git a/packages/apps/kafka/values.schema.json b/packages/apps/kafka/values.schema.json index eb7e2488..8a1b33f8 100644 --- a/packages/apps/kafka/values.schema.json +++ b/packages/apps/kafka/values.schema.json @@ -24,6 +24,16 @@ "type": "string", "description": "StorageClass used to store the Kafka data", "default": "" + }, + "resources": { + "type": "object", + "description": "Resources", + "default": {} + }, + "resourcesPreset": { + "type": "string", + "description": "Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if resources is set (resources is recommended for production).", + "default": "nano" } } }, @@ -44,6 +54,16 @@ "type": "string", "description": "StorageClass used to store the ZooKeeper data", "default": "" + }, + "resources": { + "type": "object", + "description": "Resources", + "default": {} + }, + "resourcesPreset": { + "type": "string", + "description": "Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if resources is set (resources is recommended for production).", + "default": "nano" } } }, @@ -52,16 +72,6 @@ "description": "Topics configuration", "default": [], "items": {} - }, - "resources": { - "type": "object", - "description": "Resources", - "default": {} - }, - "resourcesPreset": { - "type": "string", - "description": "Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if resources is set (resources is recommended for production).", - "default": "nano" } } } \ No newline at end of file diff --git a/packages/apps/kafka/values.yaml b/packages/apps/kafka/values.yaml index 7b05c6de..185f8841 100644 --- a/packages/apps/kafka/values.yaml +++ b/packages/apps/kafka/values.yaml @@ -14,10 +14,35 @@ kafka: size: 10Gi replicas: 3 storageClass: "" + ## @param kafka.resources Resources + resources: {} + # resources: + # limits: + # cpu: 4000m + # memory: 4Gi + # requests: + # cpu: 100m + # memory: 512Mi + + ## @param kafka.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if resources is set (resources is recommended for production). + resourcesPreset: "nano" + zookeeper: size: 5Gi replicas: 3 storageClass: "" + ## @param zookeeper.resources Resources + resources: {} + # resources: + # limits: + # cpu: 4000m + # memory: 4Gi + # requests: + # cpu: 100m + # memory: 512Mi + + ## @param zookeeper.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if resources is set (resources is recommended for production). + resourcesPreset: "nano" ## @section Configuration parameters @@ -39,16 +64,3 @@ zookeeper: ## replicas: 3 ## topics: [] - -## @param resources Resources -resources: {} - # resources: - # limits: - # cpu: 4000m - # memory: 4Gi - # requests: - # cpu: 100m - # memory: 512Mi - -## @param resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if resources is set (resources is recommended for production). -resourcesPreset: "nano" diff --git a/packages/apps/kubernetes/Chart.yaml b/packages/apps/kubernetes/Chart.yaml index 58d8c8ff..bde52de2 100644 --- a/packages/apps/kubernetes/Chart.yaml +++ b/packages/apps/kubernetes/Chart.yaml @@ -16,7 +16,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.15.2 +version: 0.17.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/packages/apps/kubernetes/templates/_resources.tpl b/packages/apps/kubernetes/templates/_resources.tpl new file mode 100644 index 00000000..7ada56d4 --- /dev/null +++ b/packages/apps/kubernetes/templates/_resources.tpl @@ -0,0 +1,50 @@ +{{/* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{/* vim: set filetype=mustache: */}} + +{{/* +Return a resource request/limit object based on a given preset. +These presets are for basic testing and not meant to be used in production +{{ include "resources.preset" (dict "type" "nano") -}} +*/}} +{{- define "resources.preset" -}} +{{/* The limits are the requests increased by 50% (except ephemeral-storage and xlarge/2xlarge sizes)*/}} +{{- $presets := dict + "nano" (dict + "requests" (dict "cpu" "100m" "memory" "128Mi" "ephemeral-storage" "50Mi") + "limits" (dict "cpu" "150m" "memory" "192Mi" "ephemeral-storage" "2Gi") + ) + "micro" (dict + "requests" (dict "cpu" "250m" "memory" "256Mi" "ephemeral-storage" "50Mi") + "limits" (dict "cpu" "375m" "memory" "384Mi" "ephemeral-storage" "2Gi") + ) + "small" (dict + "requests" (dict "cpu" "500m" "memory" "512Mi" "ephemeral-storage" "50Mi") + "limits" (dict "cpu" "750m" "memory" "768Mi" "ephemeral-storage" "2Gi") + ) + "medium" (dict + "requests" (dict "cpu" "500m" "memory" "1024Mi" "ephemeral-storage" "50Mi") + "limits" (dict "cpu" "750m" "memory" "1536Mi" "ephemeral-storage" "2Gi") + ) + "large" (dict + "requests" (dict "cpu" "1.0" "memory" "2048Mi" "ephemeral-storage" "50Mi") + "limits" (dict "cpu" "1.5" "memory" "3072Mi" "ephemeral-storage" "2Gi") + ) + "xlarge" (dict + "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi") + "limits" (dict "cpu" "3.0" "memory" "6144Mi" "ephemeral-storage" "2Gi") + ) + "2xlarge" (dict + "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi") + "limits" (dict "cpu" "6.0" "memory" "12288Mi" "ephemeral-storage" "2Gi") + ) + }} +{{- if hasKey $presets .type -}} +{{- index $presets .type | toYaml -}} +{{- else -}} +{{- printf "ERROR: Preset key '%s' invalid. Allowed values are %s" .type (join "," (keys $presets)) | fail -}} +{{- end -}} +{{- end -}} diff --git a/packages/apps/kubernetes/templates/cluster-autoscaler/deployment.yaml b/packages/apps/kubernetes/templates/cluster-autoscaler/deployment.yaml index 6b31f53a..a00e0155 100644 --- a/packages/apps/kubernetes/templates/cluster-autoscaler/deployment.yaml +++ b/packages/apps/kubernetes/templates/cluster-autoscaler/deployment.yaml @@ -26,6 +26,13 @@ spec: containers: - image: "{{ $.Files.Get "images/cluster-autoscaler.tag" | trim }}" name: cluster-autoscaler + resources: + limits: + cpu: 512m + memory: 512Mi + requests: + cpu: 125m + memory: 128Mi command: - /cluster-autoscaler args: diff --git a/packages/apps/kubernetes/templates/cluster.yaml b/packages/apps/kubernetes/templates/cluster.yaml index 37cc560f..a208bc6e 100644 --- a/packages/apps/kubernetes/templates/cluster.yaml +++ b/packages/apps/kubernetes/templates/cluster.yaml @@ -102,12 +102,37 @@ metadata: annotations: kamaji.clastix.io/kubeconfig-secret-key: "super-admin.svc" spec: + apiServer: + {{- if .Values.kamajiControlPlane.apiServer.resources }} + resources: {{- toYaml .Values.kamajiControlPlane.apiServer.resources | nindent 6 }} + {{- else if ne .Values.kamajiControlPlane.apiServer.resourcesPreset "none" }} + resources: {{- include "resources.preset" (dict "type" .Values.kamajiControlPlane.apiServer.resourcesPreset "Release" .Release) | nindent 6 }} + {{- end }} + controllerManager: + {{- if .Values.kamajiControlPlane.controllerManager.resources }} + resources: {{- toYaml .Values.kamajiControlPlane.controllerManager.resources | nindent 6 }} + {{- else if ne .Values.kamajiControlPlane.controllerManager.resourcesPreset "none" }} + resources: {{- include "resources.preset" (dict "type" .Values.kamajiControlPlane.controllerManager.resourcesPreset "Release" .Release) | nindent 6 }} + {{- end }} + scheduler: + {{- if .Values.kamajiControlPlane.scheduler.resources }} + resources: {{- toYaml .Values.kamajiControlPlane.scheduler.resources | nindent 6 }} + {{- else if ne .Values.kamajiControlPlane.scheduler.resourcesPreset "none" }} + resources: {{- include "resources.preset" (dict "type" .Values.kamajiControlPlane.scheduler.resourcesPreset "Release" .Release) | nindent 6 }} + {{- end }} dataStoreName: "{{ $etcd }}" addons: coreDNS: dnsServiceIPs: - 10.95.0.10 - konnectivity: {} + konnectivity: + server: + port: 8132 + {{- if .Values.kamajiControlPlane.addons.konnectivity.server.resources }} + resources: {{- toYaml .Values.kamajiControlPlane.addons.konnectivity.server.resources | nindent 10 }} + {{- else if ne .Values.kamajiControlPlane.addons.konnectivity.server.resourcesPreset "none" }} + resources: {{- include "resources.preset" (dict "type" .Values.kamajiControlPlane.addons.konnectivity.server.resourcesPreset "Release" .Release) | nindent 10 }} + {{- end }} kubelet: cgroupfs: systemd preferredAddressTypes: diff --git a/packages/apps/kubernetes/templates/csi/deploy.yaml b/packages/apps/kubernetes/templates/csi/deploy.yaml index d0d83e37..27a37454 100644 --- a/packages/apps/kubernetes/templates/csi/deploy.yaml +++ b/packages/apps/kubernetes/templates/csi/deploy.yaml @@ -63,11 +63,21 @@ spec: mountPath: /etc/kubernetes/kubeconfig readOnly: true resources: + limits: + cpu: 512m + memory: 512Mi requests: - memory: 50Mi - cpu: 10m + cpu: 125m + memory: 128Mi - name: csi-provisioner image: quay.io/openshift/origin-csi-external-provisioner:latest + resources: + limits: + cpu: 512m + memory: 512Mi + requests: + cpu: 125m + memory: 128Mi args: - "--csi-address=$(ADDRESS)" - "--default-fstype=ext4" @@ -102,9 +112,12 @@ spec: mountPath: /etc/kubernetes/kubeconfig readOnly: true resources: + limits: + cpu: 512m + memory: 512Mi requests: - memory: 50Mi - cpu: 10m + cpu: 125m + memory: 128Mi - name: csi-liveness-probe image: quay.io/openshift/origin-csi-livenessprobe:latest args: @@ -115,9 +128,12 @@ spec: - name: socket-dir mountPath: /csi resources: + limits: + cpu: 512m + memory: 512Mi requests: - memory: 50Mi - cpu: 10m + cpu: 125m + memory: 128Mi volumes: - name: socket-dir emptyDir: {} diff --git a/packages/apps/kubernetes/templates/helmreleases/cert-manager-crds.yaml b/packages/apps/kubernetes/templates/helmreleases/cert-manager-crds.yaml index 2b07948f..8ee5dc82 100644 --- a/packages/apps/kubernetes/templates/helmreleases/cert-manager-crds.yaml +++ b/packages/apps/kubernetes/templates/helmreleases/cert-manager-crds.yaml @@ -18,7 +18,8 @@ spec: namespace: cozy-system kubeConfig: secretRef: - name: {{ .Release.Name }}-kubeconfig + name: {{ .Release.Name }}-admin-kubeconfig + key: super-admin.svc targetNamespace: cozy-cert-manager-crds storageNamespace: cozy-cert-manager-crds install: diff --git a/packages/apps/kubernetes/templates/helmreleases/cert-manager.yaml b/packages/apps/kubernetes/templates/helmreleases/cert-manager.yaml index de9d76f9..8a7213a9 100644 --- a/packages/apps/kubernetes/templates/helmreleases/cert-manager.yaml +++ b/packages/apps/kubernetes/templates/helmreleases/cert-manager.yaml @@ -19,7 +19,8 @@ spec: namespace: cozy-system kubeConfig: secretRef: - name: {{ .Release.Name }}-kubeconfig + name: {{ .Release.Name }}-admin-kubeconfig + key: super-admin.svc targetNamespace: cozy-cert-manager storageNamespace: cozy-cert-manager install: diff --git a/packages/apps/kubernetes/templates/helmreleases/cilium.yaml b/packages/apps/kubernetes/templates/helmreleases/cilium.yaml index 50546df3..cf6bbe12 100644 --- a/packages/apps/kubernetes/templates/helmreleases/cilium.yaml +++ b/packages/apps/kubernetes/templates/helmreleases/cilium.yaml @@ -18,7 +18,8 @@ spec: namespace: cozy-system kubeConfig: secretRef: - name: {{ .Release.Name }}-kubeconfig + name: {{ .Release.Name }}-admin-kubeconfig + key: super-admin.svc targetNamespace: cozy-cilium storageNamespace: cozy-cilium install: diff --git a/packages/apps/kubernetes/templates/helmreleases/csi.yaml b/packages/apps/kubernetes/templates/helmreleases/csi.yaml index 4f0bf29a..2fe33509 100644 --- a/packages/apps/kubernetes/templates/helmreleases/csi.yaml +++ b/packages/apps/kubernetes/templates/helmreleases/csi.yaml @@ -18,7 +18,8 @@ spec: namespace: cozy-system kubeConfig: secretRef: - name: {{ .Release.Name }}-kubeconfig + name: {{ .Release.Name }}-admin-kubeconfig + key: super-admin.svc targetNamespace: cozy-csi storageNamespace: cozy-csi install: diff --git a/packages/apps/kubernetes/templates/helmreleases/fluxcd.yaml b/packages/apps/kubernetes/templates/helmreleases/fluxcd.yaml index fde18212..c11629b9 100644 --- a/packages/apps/kubernetes/templates/helmreleases/fluxcd.yaml +++ b/packages/apps/kubernetes/templates/helmreleases/fluxcd.yaml @@ -19,7 +19,8 @@ spec: namespace: cozy-system kubeConfig: secretRef: - name: {{ .Release.Name }}-kubeconfig + name: {{ .Release.Name }}-admin-kubeconfig + key: super-admin.svc targetNamespace: cozy-fluxcd storageNamespace: cozy-fluxcd install: diff --git a/packages/apps/kubernetes/templates/helmreleases/ingress-nginx.yaml b/packages/apps/kubernetes/templates/helmreleases/ingress-nginx.yaml index 0bb7f022..8daaf01f 100644 --- a/packages/apps/kubernetes/templates/helmreleases/ingress-nginx.yaml +++ b/packages/apps/kubernetes/templates/helmreleases/ingress-nginx.yaml @@ -19,7 +19,8 @@ spec: namespace: cozy-system kubeConfig: secretRef: - name: {{ .Release.Name }}-kubeconfig + name: {{ .Release.Name }}-admin-kubeconfig + key: super-admin.svc targetNamespace: cozy-ingress-nginx storageNamespace: cozy-ingress-nginx install: diff --git a/packages/apps/kubernetes/templates/helmreleases/monitoring-agents.yaml b/packages/apps/kubernetes/templates/helmreleases/monitoring-agents.yaml index dc8792d7..ab129e64 100644 --- a/packages/apps/kubernetes/templates/helmreleases/monitoring-agents.yaml +++ b/packages/apps/kubernetes/templates/helmreleases/monitoring-agents.yaml @@ -21,7 +21,8 @@ spec: namespace: cozy-system kubeConfig: secretRef: - name: {{ .Release.Name }}-kubeconfig + name: {{ .Release.Name }}-admin-kubeconfig + key: super-admin.svc targetNamespace: cozy-monitoring-agents storageNamespace: cozy-monitoring-agents install: diff --git a/packages/apps/kubernetes/templates/helmreleases/victoria-metrics-operator.yaml b/packages/apps/kubernetes/templates/helmreleases/victoria-metrics-operator.yaml index 1079654a..de19c968 100644 --- a/packages/apps/kubernetes/templates/helmreleases/victoria-metrics-operator.yaml +++ b/packages/apps/kubernetes/templates/helmreleases/victoria-metrics-operator.yaml @@ -19,7 +19,8 @@ spec: namespace: cozy-system kubeConfig: secretRef: - name: {{ .Release.Name }}-kubeconfig + name: {{ .Release.Name }}-admin-kubeconfig + key: super-admin.svc targetNamespace: cozy-victoria-metrics-operator storageNamespace: cozy-victoria-metrics-operator install: diff --git a/packages/apps/kubernetes/templates/kccm/manager.yaml b/packages/apps/kubernetes/templates/kccm/manager.yaml index 12e48245..81426d4e 100644 --- a/packages/apps/kubernetes/templates/kccm/manager.yaml +++ b/packages/apps/kubernetes/templates/kccm/manager.yaml @@ -36,8 +36,12 @@ spec: #securityContext: # privileged: true resources: + limits: + cpu: 512m + memory: 512Mi requests: - cpu: 100m + cpu: 125m + memory: 128Mi volumeMounts: - mountPath: /etc/kubernetes/kubeconfig name: kubeconfig diff --git a/packages/apps/kubernetes/values.yaml b/packages/apps/kubernetes/values.yaml index cf66210a..e195b9b9 100644 --- a/packages/apps/kubernetes/values.yaml +++ b/packages/apps/kubernetes/values.yaml @@ -69,3 +69,63 @@ addons: ## enabled: false valuesOverride: {} + +## @section Kamaji control plane +## +kamajiControlPlane: + apiServer: + ## @param kamajiControlPlane.apiServer.resources Resources + resources: {} + # resources: + # limits: + # cpu: 4000m + # memory: 4Gi + # requests: + # cpu: 100m + # memory: 512Mi + + ## @param kamajiControlPlane.apiServer.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if resources is set (resources is recommended for production). + resourcesPreset: "micro" + + controllerManager: + ## @param kamajiControlPlane.controllerManager.resources Resources + resources: {} + # resources: + # limits: + # cpu: 4000m + # memory: 4Gi + # requests: + # cpu: 100m + # memory: 512Mi + + ## @param kamajiControlPlane.controllerManager.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if resources is set (resources is recommended for production). + resourcesPreset: "micro" + scheduler: + ## @param kamajiControlPlane.scheduler.resources Resources + resources: {} + # resources: + # limits: + # cpu: 4000m + # memory: 4Gi + # requests: + # cpu: 100m + # memory: 512Mi + + ## @param kamajiControlPlane.scheduler.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if resources is set (resources is recommended for production). + resourcesPreset: "micro" + addons: + konnectivity: + server: + ## @param kamajiControlPlane.addons.konnectivity.server.resources Resources + resources: {} + # resources: + # limits: + # cpu: 4000m + # memory: 4Gi + # requests: + # cpu: 100m + # memory: 512Mi + + ## @param kamajiControlPlane.addons.konnectivity.server.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if resources is set (resources is recommended for production). + resourcesPreset: "micro" + \ No newline at end of file diff --git a/packages/apps/tcp-balancer/Chart.yaml b/packages/apps/tcp-balancer/Chart.yaml index c4e9744f..9d701dcd 100644 --- a/packages/apps/tcp-balancer/Chart.yaml +++ b/packages/apps/tcp-balancer/Chart.yaml @@ -16,7 +16,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.2.0 +version: 0.3.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/packages/apps/tcp-balancer/README.md b/packages/apps/tcp-balancer/README.md index 1e5d7dd9..bbdf88c3 100644 --- a/packages/apps/tcp-balancer/README.md +++ b/packages/apps/tcp-balancer/README.md @@ -19,11 +19,13 @@ Managed TCP Load Balancer Service efficiently utilizes HAProxy for load balancin ### Configuration parameters -| Name | Description | Value | -| -------------------------------- | ------------------------------------------------------------- | ------- | -| `httpAndHttps.mode` | Mode for balancer. Allowed values: `tcp` and `tcp-with-proxy` | `tcp` | -| `httpAndHttps.targetPorts.http` | HTTP port number. | `80` | -| `httpAndHttps.targetPorts.https` | HTTPS port number. | `443` | -| `httpAndHttps.endpoints` | Endpoint addresses list | `[]` | -| `whitelistHTTP` | Secure HTTP by enabling client networks whitelisting | `false` | -| `whitelist` | List of client networks | `[]` | +| Name | Description | Value | +| -------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------- | +| `httpAndHttps.mode` | Mode for balancer. Allowed values: `tcp` and `tcp-with-proxy` | `tcp` | +| `httpAndHttps.targetPorts.http` | HTTP port number. | `80` | +| `httpAndHttps.targetPorts.https` | HTTPS port number. | `443` | +| `httpAndHttps.endpoints` | Endpoint addresses list | `[]` | +| `whitelistHTTP` | Secure HTTP by enabling client networks whitelisting | `false` | +| `whitelist` | List of client networks | `[]` | +| `resources` | Resources | `{}` | +| `resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if resources is set (resources is recommended for production). | `nano` | diff --git a/packages/apps/tcp-balancer/templates/_resources.tpl b/packages/apps/tcp-balancer/templates/_resources.tpl new file mode 100644 index 00000000..7ada56d4 --- /dev/null +++ b/packages/apps/tcp-balancer/templates/_resources.tpl @@ -0,0 +1,50 @@ +{{/* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{/* vim: set filetype=mustache: */}} + +{{/* +Return a resource request/limit object based on a given preset. +These presets are for basic testing and not meant to be used in production +{{ include "resources.preset" (dict "type" "nano") -}} +*/}} +{{- define "resources.preset" -}} +{{/* The limits are the requests increased by 50% (except ephemeral-storage and xlarge/2xlarge sizes)*/}} +{{- $presets := dict + "nano" (dict + "requests" (dict "cpu" "100m" "memory" "128Mi" "ephemeral-storage" "50Mi") + "limits" (dict "cpu" "150m" "memory" "192Mi" "ephemeral-storage" "2Gi") + ) + "micro" (dict + "requests" (dict "cpu" "250m" "memory" "256Mi" "ephemeral-storage" "50Mi") + "limits" (dict "cpu" "375m" "memory" "384Mi" "ephemeral-storage" "2Gi") + ) + "small" (dict + "requests" (dict "cpu" "500m" "memory" "512Mi" "ephemeral-storage" "50Mi") + "limits" (dict "cpu" "750m" "memory" "768Mi" "ephemeral-storage" "2Gi") + ) + "medium" (dict + "requests" (dict "cpu" "500m" "memory" "1024Mi" "ephemeral-storage" "50Mi") + "limits" (dict "cpu" "750m" "memory" "1536Mi" "ephemeral-storage" "2Gi") + ) + "large" (dict + "requests" (dict "cpu" "1.0" "memory" "2048Mi" "ephemeral-storage" "50Mi") + "limits" (dict "cpu" "1.5" "memory" "3072Mi" "ephemeral-storage" "2Gi") + ) + "xlarge" (dict + "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi") + "limits" (dict "cpu" "3.0" "memory" "6144Mi" "ephemeral-storage" "2Gi") + ) + "2xlarge" (dict + "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi") + "limits" (dict "cpu" "6.0" "memory" "12288Mi" "ephemeral-storage" "2Gi") + ) + }} +{{- if hasKey $presets .type -}} +{{- index $presets .type | toYaml -}} +{{- else -}} +{{- printf "ERROR: Preset key '%s' invalid. Allowed values are %s" .type (join "," (keys $presets)) | fail -}} +{{- end -}} +{{- end -}} diff --git a/packages/apps/tcp-balancer/templates/deployment.yaml b/packages/apps/tcp-balancer/templates/deployment.yaml index 0f70bbae..fff64a4c 100644 --- a/packages/apps/tcp-balancer/templates/deployment.yaml +++ b/packages/apps/tcp-balancer/templates/deployment.yaml @@ -33,6 +33,11 @@ spec: containers: - image: haproxy:latest name: haproxy + {{- if .Values.resources }} + resources: {{- toYaml .Values.resources | nindent 10 }} + {{- else if ne .Values.resourcesPreset "none" }} + resources: {{- include "resources.preset" (dict "type" .Values.resourcesPreset "Release" .Release) | nindent 10 }} + {{- end }} ports: {{- with .Values.httpAndHttps }} - containerPort: 8080 diff --git a/packages/apps/tcp-balancer/values.schema.json b/packages/apps/tcp-balancer/values.schema.json index 43cf639d..73a0b045 100644 --- a/packages/apps/tcp-balancer/values.schema.json +++ b/packages/apps/tcp-balancer/values.schema.json @@ -57,6 +57,16 @@ "description": "List of client networks", "default": [], "items": {} + }, + "resources": { + "type": "object", + "description": "Resources", + "default": {} + }, + "resourcesPreset": { + "type": "string", + "description": "Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if resources is set (resources is recommended for production).", + "default": "nano" } } } diff --git a/packages/apps/tcp-balancer/values.yaml b/packages/apps/tcp-balancer/values.yaml index 439283f0..fb14c01a 100644 --- a/packages/apps/tcp-balancer/values.yaml +++ b/packages/apps/tcp-balancer/values.yaml @@ -43,3 +43,16 @@ httpAndHttps: ## whitelistHTTP: false whitelist: [] + +## @param resources Resources +resources: {} +# resources: +# limits: +# cpu: 4000m +# memory: 4Gi +# requests: +# cpu: 100m +# memory: 512Mi + +## @param resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if resources is set (resources is recommended for production). +resourcesPreset: "nano" diff --git a/packages/apps/tenant/Chart.yaml b/packages/apps/tenant/Chart.yaml index 7e1a5573..bba14724 100644 --- a/packages/apps/tenant/Chart.yaml +++ b/packages/apps/tenant/Chart.yaml @@ -4,4 +4,4 @@ description: Separated tenant namespace icon: /logos/tenant.svg type: application -version: 1.9.0 +version: 1.9.1 diff --git a/packages/apps/tenant/templates/namespace.yaml b/packages/apps/tenant/templates/namespace.yaml index 3d2ec3b1..d97ebf42 100644 --- a/packages/apps/tenant/templates/namespace.yaml +++ b/packages/apps/tenant/templates/namespace.yaml @@ -41,6 +41,7 @@ metadata: {{- end }} {{- end }} {{- include "cozystack.namespace-anotations" (list $ $existingNS) | nindent 4 }} + alpha.kubevirt.io/auto-memory-limits-ratio: "1.0" ownerReferences: - apiVersion: v1 blockOwnerDeletion: true diff --git a/packages/apps/versions_map b/packages/apps/versions_map index cfd912ab..f96e27b3 100644 --- a/packages/apps/versions_map +++ b/packages/apps/versions_map @@ -20,7 +20,8 @@ ferretdb 0.5.0 HEAD http-cache 0.1.0 a956713 http-cache 0.2.0 5ca8823 http-cache 0.3.0 fab5940 -http-cache 0.3.1 HEAD +http-cache 0.3.1 fab5940b +http-cache 0.4.0 HEAD kafka 0.1.0 760f86d2 kafka 0.2.0 a2cc83d kafka 0.2.1 3ac17018 @@ -30,7 +31,8 @@ kafka 0.3.0 c07c4bbd kafka 0.3.1 b7375f73 kafka 0.3.2 b75aaf17 kafka 0.3.3 425ce77f -kafka 0.4.0 HEAD +kafka 0.4.0 0e10f952 +kafka 0.5.0 HEAD kubernetes 0.1.0 f642698 kubernetes 0.2.0 7cd7de73 kubernetes 0.3.0 7caccec1 @@ -52,7 +54,9 @@ kubernetes 0.14.0 bfbde07c kubernetes 0.14.1 fde4bcfa kubernetes 0.15.0 cb7b8158 kubernetes 0.15.1 43e593c7 -kubernetes 0.15.2 HEAD +kubernetes 0.15.2 43e593c7 +kubernetes 0.16.0 3d03b227 +kubernetes 0.17.0 HEAD mysql 0.1.0 f642698 mysql 0.2.0 8b975ff0 mysql 0.3.0 5ca8823 @@ -100,7 +104,8 @@ redis 0.4.0 abc8f082 redis 0.5.0 0e728870 redis 0.6.0 HEAD tcp-balancer 0.1.0 f642698 -tcp-balancer 0.2.0 HEAD +tcp-balancer 0.2.0 a9567139 +tcp-balancer 0.3.0 HEAD tenant 0.1.3 3d1b86c tenant 0.1.4 d200480 tenant 0.1.5 e3ab858 @@ -122,7 +127,8 @@ tenant 1.6.7 06afcf27 tenant 1.6.8 4cc48e6f tenant 1.7.0 6c73e3f3 tenant 1.8.0 e2369ba -tenant 1.9.0 HEAD +tenant 1.9.0 43e593c7 +tenant 1.9.1 HEAD virtual-machine 0.1.4 f2015d6 virtual-machine 0.1.5 7cd7de7 virtual-machine 0.2.0 5ca8823 @@ -147,4 +153,5 @@ vm-instance 0.5.1 HEAD vpn 0.1.0 f642698 vpn 0.2.0 7151424 vpn 0.3.0 a2bcf100 -vpn 0.3.1 HEAD +vpn 0.3.1 f7220f19 +vpn 0.4.0 HEAD diff --git a/packages/apps/vpn/Chart.yaml b/packages/apps/vpn/Chart.yaml index 8fe285f6..c82e77dd 100644 --- a/packages/apps/vpn/Chart.yaml +++ b/packages/apps/vpn/Chart.yaml @@ -16,7 +16,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.3.1 +version: 0.4.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/packages/apps/vpn/README.md b/packages/apps/vpn/README.md index b89b7ca9..3920302d 100644 --- a/packages/apps/vpn/README.md +++ b/packages/apps/vpn/README.md @@ -22,8 +22,10 @@ The VPN Service is powered by the Outline Server, an advanced and user-friendly ### Configuration parameters -| Name | Description | Value | -| ------------- | ------------------------------------------- | ----- | -| `host` | Host used to substitute into generated URLs | `""` | -| `users` | Users configuration | `{}` | -| `externalIPs` | List of externalIPs for service. | `[]` | +| Name | Description | Value | +| ----------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------ | +| `host` | Host used to substitute into generated URLs | `""` | +| `users` | Users configuration | `{}` | +| `externalIPs` | List of externalIPs for service. | `[]` | +| `resources` | Resources | `{}` | +| `resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if resources is set (resources is recommended for production). | `nano` | diff --git a/packages/apps/vpn/templates/_resources.tpl b/packages/apps/vpn/templates/_resources.tpl new file mode 100644 index 00000000..7ada56d4 --- /dev/null +++ b/packages/apps/vpn/templates/_resources.tpl @@ -0,0 +1,50 @@ +{{/* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{/* vim: set filetype=mustache: */}} + +{{/* +Return a resource request/limit object based on a given preset. +These presets are for basic testing and not meant to be used in production +{{ include "resources.preset" (dict "type" "nano") -}} +*/}} +{{- define "resources.preset" -}} +{{/* The limits are the requests increased by 50% (except ephemeral-storage and xlarge/2xlarge sizes)*/}} +{{- $presets := dict + "nano" (dict + "requests" (dict "cpu" "100m" "memory" "128Mi" "ephemeral-storage" "50Mi") + "limits" (dict "cpu" "150m" "memory" "192Mi" "ephemeral-storage" "2Gi") + ) + "micro" (dict + "requests" (dict "cpu" "250m" "memory" "256Mi" "ephemeral-storage" "50Mi") + "limits" (dict "cpu" "375m" "memory" "384Mi" "ephemeral-storage" "2Gi") + ) + "small" (dict + "requests" (dict "cpu" "500m" "memory" "512Mi" "ephemeral-storage" "50Mi") + "limits" (dict "cpu" "750m" "memory" "768Mi" "ephemeral-storage" "2Gi") + ) + "medium" (dict + "requests" (dict "cpu" "500m" "memory" "1024Mi" "ephemeral-storage" "50Mi") + "limits" (dict "cpu" "750m" "memory" "1536Mi" "ephemeral-storage" "2Gi") + ) + "large" (dict + "requests" (dict "cpu" "1.0" "memory" "2048Mi" "ephemeral-storage" "50Mi") + "limits" (dict "cpu" "1.5" "memory" "3072Mi" "ephemeral-storage" "2Gi") + ) + "xlarge" (dict + "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi") + "limits" (dict "cpu" "3.0" "memory" "6144Mi" "ephemeral-storage" "2Gi") + ) + "2xlarge" (dict + "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi") + "limits" (dict "cpu" "6.0" "memory" "12288Mi" "ephemeral-storage" "2Gi") + ) + }} +{{- if hasKey $presets .type -}} +{{- index $presets .type | toYaml -}} +{{- else -}} +{{- printf "ERROR: Preset key '%s' invalid. Allowed values are %s" .type (join "," (keys $presets)) | fail -}} +{{- end -}} +{{- end -}} diff --git a/packages/apps/vpn/templates/deployment.yaml b/packages/apps/vpn/templates/deployment.yaml index 72050a25..8de539ab 100644 --- a/packages/apps/vpn/templates/deployment.yaml +++ b/packages/apps/vpn/templates/deployment.yaml @@ -42,6 +42,11 @@ spec: containers: - name: outline-vpn image: quay.io/outline/shadowbox:stable + {{- if .Values.resources }} + resources: {{- toYaml .Values.resources | nindent 10 }} + {{- else if ne .Values.resourcesPreset "none" }} + resources: {{- include "resources.preset" (dict "type" .Values.resourcesPreset "Release" .Release) | nindent 10 }} + {{- end }} ports: - containerPort: 40000 protocol: TCP diff --git a/packages/apps/vpn/values.schema.json b/packages/apps/vpn/values.schema.json index 30f6807c..84f9c71d 100644 --- a/packages/apps/vpn/values.schema.json +++ b/packages/apps/vpn/values.schema.json @@ -24,6 +24,16 @@ "items": { "type": "string" } + }, + "resources": { + "type": "object", + "description": "Resources", + "default": {} + }, + "resourcesPreset": { + "type": "string", + "description": "Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if resources is set (resources is recommended for production).", + "default": "nano" } } } \ No newline at end of file diff --git a/packages/apps/vpn/values.yaml b/packages/apps/vpn/values.yaml index 817c1041..f781e50a 100644 --- a/packages/apps/vpn/values.yaml +++ b/packages/apps/vpn/values.yaml @@ -29,3 +29,16 @@ users: {} ## - "11.22.33.46" ## externalIPs: [] + +## @param resources Resources +resources: {} +# resources: +# limits: +# cpu: 4000m +# memory: 4Gi +# requests: +# cpu: 100m +# memory: 512Mi + +## @param resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if resources is set (resources is recommended for production). +resourcesPreset: "nano" diff --git a/packages/core/platform/bundles/paas-full.yaml b/packages/core/platform/bundles/paas-full.yaml index cd9cb806..7bf3c977 100644 --- a/packages/core/platform/bundles/paas-full.yaml +++ b/packages/core/platform/bundles/paas-full.yaml @@ -205,7 +205,7 @@ releases: releaseName: piraeus-operator chart: cozy-piraeus-operator namespace: cozy-linstor - dependsOn: [cilium,kubeovn,cert-manager] + dependsOn: [cilium,kubeovn,cert-manager,victoria-metrics-operator] - name: linstor releaseName: linstor diff --git a/packages/extra/etcd/Chart.yaml b/packages/extra/etcd/Chart.yaml index 75f070fc..30da9487 100644 --- a/packages/extra/etcd/Chart.yaml +++ b/packages/extra/etcd/Chart.yaml @@ -3,4 +3,4 @@ name: etcd description: Storage for Kubernetes clusters icon: /logos/etcd.svg type: application -version: 2.6.1 +version: 2.7.0 diff --git a/packages/extra/etcd/templates/etcd-cluster.yaml b/packages/extra/etcd/templates/etcd-cluster.yaml index a31520fa..a44ff0ca 100644 --- a/packages/extra/etcd/templates/etcd-cluster.yaml +++ b/packages/extra/etcd/templates/etcd-cluster.yaml @@ -46,6 +46,9 @@ spec: - name: metrics containerPort: 2381 protocol: TCP + {{- with .Values.resources }} + resources: {{- toYaml . | nindent 10 }} + {{- end }} topologySpreadConstraints: - maxSkew: 1 topologyKey: "kubernetes.io/hostname" diff --git a/packages/extra/etcd/values.yaml b/packages/extra/etcd/values.yaml index 459acc11..7a6a89e5 100644 --- a/packages/extra/etcd/values.yaml +++ b/packages/extra/etcd/values.yaml @@ -7,3 +7,12 @@ size: 4Gi storageClass: "" replicas: 3 + +## @param resources Resources +resources: + limits: + cpu: 1000m + memory: 1Gi + requests: + cpu: 100m + memory: 512Mi diff --git a/packages/extra/monitoring/Chart.yaml b/packages/extra/monitoring/Chart.yaml index 8d40963c..47e29462 100644 --- a/packages/extra/monitoring/Chart.yaml +++ b/packages/extra/monitoring/Chart.yaml @@ -3,4 +3,4 @@ name: monitoring description: Monitoring and observability stack icon: /logos/monitoring.svg type: application -version: 1.9.0 +version: 1.9.1 diff --git a/packages/extra/monitoring/templates/alerta/alerta-db.yaml b/packages/extra/monitoring/templates/alerta/alerta-db.yaml index 5f6b3293..ea10e6a1 100644 --- a/packages/extra/monitoring/templates/alerta/alerta-db.yaml +++ b/packages/extra/monitoring/templates/alerta/alerta-db.yaml @@ -17,6 +17,13 @@ spec: {{- with .Values.alerta.storageClassName }} storageClass: {{ . }} {{- end }} + resources: + limits: + cpu: "1" + memory: 2048Mi + requests: + cpu: 100m + memory: 512Mi monitoring: enablePodMonitor: true diff --git a/packages/extra/monitoring/templates/alerta/alerta.yaml b/packages/extra/monitoring/templates/alerta/alerta.yaml index 9513afdc..35d580c1 100644 --- a/packages/extra/monitoring/templates/alerta/alerta.yaml +++ b/packages/extra/monitoring/templates/alerta/alerta.yaml @@ -77,6 +77,7 @@ spec: - name: alerta image: "alerta/alerta-web:9.0.4" imagePullPolicy: IfNotPresent + resources: {{- toYaml .Values.alerta.resources | nindent 12 }} env: - name: ADMIN_USERS valueFrom: diff --git a/packages/extra/monitoring/templates/grafana/db.yaml b/packages/extra/monitoring/templates/grafana/db.yaml index f8a7a9fb..e4ea3f95 100644 --- a/packages/extra/monitoring/templates/grafana/db.yaml +++ b/packages/extra/monitoring/templates/grafana/db.yaml @@ -15,7 +15,13 @@ spec: {{- end }} monitoring: enablePodMonitor: true - + resources: + limits: + cpu: "1" + memory: 2048Mi + requests: + cpu: 100m + memory: 512Mi inheritedMetadata: labels: policy.cozystack.io/allow-to-apiserver: "true" diff --git a/packages/extra/monitoring/templates/grafana/grafana.yaml b/packages/extra/monitoring/templates/grafana/grafana.yaml index a0174255..2397fd10 100644 --- a/packages/extra/monitoring/templates/grafana/grafana.yaml +++ b/packages/extra/monitoring/templates/grafana/grafana.yaml @@ -38,6 +38,7 @@ spec: spec: containers: - name: grafana + resources: {{- toYaml .Values.grafana.resources | nindent 16 }} image: "{{ $.Files.Get "images/grafana.tag" | trim }}" securityContext: allowPrivilegeEscalation: false diff --git a/packages/extra/monitoring/templates/vm/vmcluster.yaml b/packages/extra/monitoring/templates/vm/vmcluster.yaml index 93b21fc3..344afff1 100644 --- a/packages/extra/monitoring/templates/vm/vmcluster.yaml +++ b/packages/extra/monitoring/templates/vm/vmcluster.yaml @@ -13,27 +13,10 @@ spec: # it's usually more than default 30 maxLabelsPerTimeseries: "60" replicaCount: 2 - resources: - limits: - {{- with . | dig "vminsert" "resources" "limits" "cpu" nil }} - cpu: {{ . | quote }} - {{- end }} - memory: {{ . | dig "vminsert" "resources" "limits" "memory" "1000Mi" }} - requests: - cpu: {{ . | dig "vminsert" "resources" "requests" "cpu" "500m" }} - memory: {{ . | dig "vminsert" "resources" "requests" "memory" "500Mi" }} + resources: {} vmselect: replicaCount: 2 - resources: - limits: - # if we don't set the cpu limit, victoriametrics-operator will set 500m here, which is ridiculous small - # see internal/config/config.go in victoriametrics-operator - # 2 vcpu is the bare minimum for **single** Grafana user - cpu: {{ . | dig "vmselect" "resources" "limits" "cpu" "2000m" }} - memory: {{ . | dig "vmselect" "resources" "limits" "memory" "1000Mi" }} - requests: - cpu: {{ . | dig "vmselect" "resources" "requests" "cpu" "500m" }} - memory: {{ . | dig "vmselect" "resources" "requests" "memory" "500Mi" }} + resources: {} extraArgs: search.maxUniqueTimeseries: "600000" vmalert.proxyURL: http://vmalert-{{ .name }}.{{ $.Release.Namespace }}.svc:8080 @@ -50,15 +33,7 @@ spec: storage: 2Gi vmstorage: replicaCount: 2 - resources: - limits: - {{- with . | dig "vmstorage" "resources" "limits" "cpu" nil }} - cpu: {{ . | quote }} - {{- end }} - memory: {{ . | dig "vmstorage" "resources" "limits" "memory" "2048Mi" }} - requests: - cpu: {{ . | dig "vmstorage" "resources" "requests" "cpu" "100m" }} - memory: {{ . | dig "vmstorage" "resources" "requests" "memory" "500Mi" }} + resources: {} storage: volumeClaimTemplate: spec: diff --git a/packages/extra/monitoring/templates/vpa.yaml b/packages/extra/monitoring/templates/vpa.yaml index 640f7a5b..3235a334 100644 --- a/packages/extra/monitoring/templates/vpa.yaml +++ b/packages/extra/monitoring/templates/vpa.yaml @@ -1,62 +1,89 @@ +{{- range .Values.metricsStorages }} +--- apiVersion: autoscaling.k8s.io/v1 kind: VerticalPodAutoscaler metadata: - name: vpa-vminsert + name: vpa-vminsert-{{ .name }} spec: targetRef: apiVersion: apps/v1 kind: Deployment - name: vminsert-shortterm + name: vminsert-{{ .name }} updatePolicy: updateMode: Auto resourcePolicy: containerPolicies: - containerName: vminsert minAllowed: + {{- if and .vminsert .vminsert.minAllowed }} + {{- toYaml .vminsert.minAllowed | nindent 10 }} + {{- else }} cpu: 250m memory: 256Mi + {{- end }} maxAllowed: + {{- if and .vminsert .vminsert.maxAllowed }} + {{- toYaml .vminsert.maxAllowed | nindent 10 }} + {{- else }} cpu: 2000m memory: 4Gi + {{- end }} --- apiVersion: autoscaling.k8s.io/v1 kind: VerticalPodAutoscaler metadata: - name: vpa-vmselect + name: vpa-vmselect-{{ .name }} spec: targetRef: apiVersion: apps/v1 kind: StatefulSet - name: vmselect-shortterm + name: vmselect-{{ .name }} updatePolicy: updateMode: Auto resourcePolicy: containerPolicies: - containerName: vmselect minAllowed: + {{- if and .vmselect .vmselect.minAllowed }} + {{- toYaml .vmselect.minAllowed | nindent 10 }} + {{- else }} cpu: 250m memory: 256Mi + {{- end }} maxAllowed: + {{- if and .vmselect .vmselect.maxAllowed }} + {{- toYaml .vmselect.maxAllowed | nindent 10 }} + {{- else }} cpu: 4000m memory: 8Gi + {{- end }} --- apiVersion: autoscaling.k8s.io/v1 kind: VerticalPodAutoscaler metadata: - name: vpa-vmstorage + name: vpa-vmstorage-{{ .name }} spec: targetRef: apiVersion: apps/v1 kind: StatefulSet - name: vmstorage-shortterm + name: vmstorage-{{ .name }} updatePolicy: updateMode: Auto resourcePolicy: containerPolicies: - containerName: vmstorage minAllowed: + {{- if and .vmstorage .vmstorage.minAllowed }} + {{- toYaml .vmstorage.minAllowed | nindent 10 }} + {{- else }} cpu: 100m memory: 512Mi + {{- end }} maxAllowed: + {{- if and .vmstorage .vmstorage.maxAllowed }} + {{- toYaml .vmstorage.maxAllowed | nindent 10 }} + {{- else }} cpu: 4000m memory: 8Gi + {{- end }} +{{- end }} diff --git a/packages/extra/monitoring/values.yaml b/packages/extra/monitoring/values.yaml index 7dbc474d..c359df3a 100644 --- a/packages/extra/monitoring/values.yaml +++ b/packages/extra/monitoring/values.yaml @@ -13,26 +13,26 @@ host: "" ## storage: 10Gi ## storageClassName: "" ## vminsert: -## resources: -## limits: -## memory: 1024Mi -## requests: -## cpu: 200m -## memory: 512Mi +## minAllowed: +## cpu: 200m +## memory: 512Mi +## maxAllowed: +## cpu: 1500m +## memory: 3Gi ## vmselect: -## resources: -## limits: -## memory: 2048Mi -## requests: -## cpu: 300m -## memory: 1Gi +## minAllowed: +## cpu: 300m +## memory: 1Gi +## maxAllowed: +## cpu: 3500m +## memory: 6Gi ## vmstorage: -## resources: -## limits: -## memory: 4096Mi -## requests: -## cpu: 500m -## memory: 2Gi +## minAllowed: +## cpu: 500m +## memory: 2Gi +## maxAllowed: +## cpu: 4000m +## memory: 8Gi ## metricsStorages: - name: shortterm @@ -40,24 +40,11 @@ metricsStorages: deduplicationInterval: "15s" storage: 10Gi storageClassName: "" - vminsert: - resources: {} - vmselect: - resources: {} - vmstorage: - resources: {} - name: longterm retentionPeriod: "14d" deduplicationInterval: "5m" storage: 10Gi storageClassName: "" - vminsert: - resources: {} - vmselect: - resources: {} - vmstorage: - resources: {} - ## @param logsStorages [array] Configuration of logs storage instances ## @@ -74,7 +61,13 @@ logsStorages: alerta: storage: 10Gi storageClassName: "" - + resources: + limits: + cpu: "1" + memory: 1Gi + requests: + cpu: 100m + memory: 256Mi alerts: ## @param alerta.alerts.telegram.token telegram token for your bot ## @param alerta.alerts.telegram.chatID specify multiple ID's separated by comma. Get yours in https://t.me/chatid_echo_bot @@ -95,3 +88,10 @@ alerta: grafana: db: size: 10Gi + resources: + limits: + cpu: "1" + memory: 1Gi + requests: + cpu: 100m + memory: 256Mi diff --git a/packages/extra/seaweedfs/Chart.yaml b/packages/extra/seaweedfs/Chart.yaml index 185ebc9c..39114925 100644 --- a/packages/extra/seaweedfs/Chart.yaml +++ b/packages/extra/seaweedfs/Chart.yaml @@ -16,7 +16,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.3.0 +version: 0.4.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/packages/extra/seaweedfs/templates/seaweedfs.yaml b/packages/extra/seaweedfs/templates/seaweedfs.yaml index 5ab911b5..b9846aa1 100644 --- a/packages/extra/seaweedfs/templates/seaweedfs.yaml +++ b/packages/extra/seaweedfs/templates/seaweedfs.yaml @@ -20,16 +20,27 @@ spec: values: global: serviceAccountName: "{{ .Release.Namespace }}-seaweedfs" - seaweedfs: - + master: + resources: + requests: + cpu: "100m" + memory: "128Mi" + limits: + cpu: "500m" + memory: "512Mi" volume: replicas: {{ .Values.replicas }} - + resources: + requests: + cpu: "100m" + memory: "128Mi" + limits: + cpu: "500m" + memory: "512Mi" # TODO: workaround for non-working online resize podAnnotations: volume-size: "{{ .Values.size }}" - dataDirs: - name: data1 type: "persistentVolumeClaim" @@ -38,11 +49,16 @@ spec: storageClass: {{ . }} {{- end }} maxVolumes: 0 - filer: s3: domainName: {{ .Values.host | default (printf "s3.%s" $host) }} - + resources: + requests: + cpu: "100m" + memory: "128Mi" + limits: + cpu: "500m" + memory: "512Mi" s3: ingress: className: {{ $ingress }} @@ -56,10 +72,16 @@ spec: - hosts: - {{ .Values.host | default (printf "s3.%s" $host) }} secretName: {{ .Release.Name }}-s3-ingress-tls - cosi: driverName: "{{ .Release.Namespace }}.seaweedfs.objectstorage.k8s.io" bucketClassName: "{{ .Release.Namespace }}" + resources: + requests: + cpu: "100m" + memory: "128Mi" + limits: + cpu: "500m" + memory: "512Mi" --- apiVersion: cozystack.io/v1alpha1 kind: WorkloadMonitor diff --git a/packages/extra/seaweedfs/templates/vpa.yaml b/packages/extra/seaweedfs/templates/vpa.yaml new file mode 100644 index 00000000..fff252a6 --- /dev/null +++ b/packages/extra/seaweedfs/templates/vpa.yaml @@ -0,0 +1,66 @@ +apiVersion: autoscaling.k8s.io/v1 +kind: VerticalPodAutoscaler +metadata: + name: {{ .Release.Name }}-filer +spec: + targetRef: + apiVersion: apps/v1 + kind: StatefulSet + name: {{ .Release.Name }}-filer + updatePolicy: + updateMode: Auto + resourcePolicy: + containerPolicies: + - containerName: seaweedfs + minAllowed: + cpu: 250m + memory: 256Mi + maxAllowed: + cpu: "1" + memory: 2048Mi + +--- + +apiVersion: autoscaling.k8s.io/v1 +kind: VerticalPodAutoscaler +metadata: + name: {{ .Release.Name }}-master +spec: + targetRef: + apiVersion: apps/v1 + kind: StatefulSet + name: {{ .Release.Name }}-master + updatePolicy: + updateMode: Auto + resourcePolicy: + containerPolicies: + - containerName: seaweedfs + minAllowed: + cpu: 250m + memory: 256Mi + maxAllowed: + cpu: "1" + memory: 2048Mi + +--- + +apiVersion: autoscaling.k8s.io/v1 +kind: VerticalPodAutoscaler +metadata: + name: {{ .Release.Name }}-volume +spec: + targetRef: + apiVersion: apps/v1 + kind: StatefulSet + name: {{ .Release.Name }}-volume + updatePolicy: + updateMode: Auto + resourcePolicy: + containerPolicies: + - containerName: seaweedfs + minAllowed: + cpu: 250m + memory: 256Mi + maxAllowed: + cpu: "1" + memory: 2048Mi diff --git a/packages/extra/versions_map b/packages/extra/versions_map index 13cc268a..f190ebcb 100644 --- a/packages/extra/versions_map +++ b/packages/extra/versions_map @@ -8,7 +8,8 @@ etcd 2.3.0 b908400d etcd 2.4.0 cb7b8158 etcd 2.5.0 861e6c46 etcd 2.6.0 a7425b0 -etcd 2.6.1 HEAD +etcd 2.6.1 063439ac +etcd 2.7.0 HEAD info 1.0.0 HEAD ingress 1.0.0 f642698 ingress 1.1.0 838bee5d @@ -31,8 +32,10 @@ monitoring 1.6.1 3bb97596 monitoring 1.7.0 749110aa monitoring 1.8.0 80b4c151 monitoring 1.8.1 06daf341 -monitoring 1.9.0 HEAD +monitoring 1.9.0 8267072d +monitoring 1.9.1 HEAD seaweedfs 0.1.0 5ca8823 seaweedfs 0.2.0 9e33dc0 seaweedfs 0.2.1 249bf35 -seaweedfs 0.3.0 HEAD +seaweedfs 0.3.0 0e728870 +seaweedfs 0.4.0 HEAD diff --git a/packages/system/capi-providers/templates/providers.yaml b/packages/system/capi-providers/templates/providers.yaml index 12ca0ce2..03305879 100644 --- a/packages/system/capi-providers/templates/providers.yaml +++ b/packages/system/capi-providers/templates/providers.yaml @@ -19,7 +19,7 @@ spec: - name: manager resources: limits: - cpu: 1024m + cpu: "1" memory: 1024Mi --- apiVersion: operator.cluster.x-k8s.io/v1alpha2 diff --git a/packages/system/fluxcd-operator/charts/flux-operator/Chart.yaml b/packages/system/fluxcd-operator/charts/flux-operator/Chart.yaml index a88cbb77..93402076 100644 --- a/packages/system/fluxcd-operator/charts/flux-operator/Chart.yaml +++ b/packages/system/fluxcd-operator/charts/flux-operator/Chart.yaml @@ -8,7 +8,7 @@ annotations: - name: Upstream Project url: https://github.com/controlplaneio-fluxcd/flux-operator apiVersion: v2 -appVersion: v0.17.0 +appVersion: v0.18.0 description: 'A Helm chart for deploying the Flux Operator. ' home: https://github.com/controlplaneio-fluxcd icon: https://raw.githubusercontent.com/cncf/artwork/main/projects/flux/icon/color/flux-icon-color.png @@ -25,4 +25,4 @@ sources: - https://github.com/controlplaneio-fluxcd/flux-operator - https://github.com/controlplaneio-fluxcd/charts type: application -version: 0.17.0 +version: 0.18.0 diff --git a/packages/system/fluxcd-operator/charts/flux-operator/README.md b/packages/system/fluxcd-operator/charts/flux-operator/README.md index 838dfe1e..7a1090ac 100644 --- a/packages/system/fluxcd-operator/charts/flux-operator/README.md +++ b/packages/system/fluxcd-operator/charts/flux-operator/README.md @@ -1,6 +1,6 @@ # flux-operator -![Version: 0.17.0](https://img.shields.io/badge/Version-0.17.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v0.17.0](https://img.shields.io/badge/AppVersion-v0.17.0-informational?style=flat-square) +![Version: 0.18.0](https://img.shields.io/badge/Version-0.18.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v0.18.0](https://img.shields.io/badge/AppVersion-v0.18.0-informational?style=flat-square) The [Flux Operator](https://github.com/controlplaneio-fluxcd/flux-operator) provides a declarative API for the installation and upgrade of CNCF [Flux](https://fluxcd.io) and the @@ -46,11 +46,13 @@ see the Flux Operator [documentation](https://fluxcd.control-plane.io/operator/) | marketplace | object | `{"account":"","license":"","type":""}` | Marketplace settings. | | multitenancy | object | `{"defaultServiceAccount":"flux-operator","enabled":false}` | Enable [multitenancy lockdown](https://fluxcd.control-plane.io/operator/resourceset/#role-based-access-control) for the ResourceSet APIs. | | nameOverride | string | `""` | | +| nodeSelector | object | `{}` | Pod Node Selector settings. | | podSecurityContext | object | `{}` | Pod security context settings. | | priorityClassName | string | `""` | Pod priority class name. Recommended value is system-cluster-critical. | | rbac.create | bool | `true` | Grant the cluster-admin role to the flux-operator service account (required for the Flux Instance deployment). | | rbac.createAggregation | bool | `true` | Grant the Kubernetes view, edit and admin roles access to ResourceSet APIs. | | readinessProbe | object | `{"httpGet":{"path":"/readyz","port":8081},"initialDelaySeconds":5,"periodSeconds":10}` | Container readiness probe settings. | +| reporting | object | `{"interval":"5m"}` | Flux [reporting](https://fluxcd.control-plane.io/operator/fluxreport/) settings. | | resources | object | `{"limits":{"cpu":"1000m","memory":"1Gi"},"requests":{"cpu":"100m","memory":"64Mi"}}` | Container resources requests and limits settings. | | securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"readOnlyRootFilesystem":true,"runAsNonRoot":true,"seccompProfile":{"type":"RuntimeDefault"}}` | Container security context settings. The default is compliant with the pod security restricted profile. | | serviceAccount | object | `{"automount":true,"create":true,"name":""}` | Pod service account settings. The name of the service account defaults to the release name. | diff --git a/packages/system/fluxcd-operator/charts/flux-operator/templates/deployment.yaml b/packages/system/fluxcd-operator/charts/flux-operator/templates/deployment.yaml index 1fe17f4f..8767d972 100644 --- a/packages/system/fluxcd-operator/charts/flux-operator/templates/deployment.yaml +++ b/packages/system/fluxcd-operator/charts/flux-operator/templates/deployment.yaml @@ -61,6 +61,8 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace + - name: REPORTING_INTERVAL + value: {{ .Values.reporting.interval }} {{- with .Values.marketplace.type }} - name: MARKETPLACE_TYPE value: {{ . }} @@ -108,3 +110,8 @@ spec: tolerations: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + diff --git a/packages/system/fluxcd-operator/charts/flux-operator/values.schema.json b/packages/system/fluxcd-operator/charts/flux-operator/values.schema.json index 326bedfe..b033d9f6 100644 --- a/packages/system/fluxcd-operator/charts/flux-operator/values.schema.json +++ b/packages/system/fluxcd-operator/charts/flux-operator/values.schema.json @@ -194,6 +194,12 @@ "nameOverride": { "type": "string" }, + "nodeSelector": { + "properties": {}, + "type": [ + "object" + ] + }, "podSecurityContext": { "default": { "fsGroup": 1337 @@ -246,6 +252,17 @@ }, "type": "object" }, + "reporting": { + "properties": { + "interval": { + "type": "string" + } + }, + "required": [ + "interval" + ], + "type": "object" + }, "resources": { "properties": { "limits": { diff --git a/packages/system/fluxcd-operator/charts/flux-operator/values.yaml b/packages/system/fluxcd-operator/charts/flux-operator/values.yaml index b91a25fd..f1accd65 100644 --- a/packages/system/fluxcd-operator/charts/flux-operator/values.yaml +++ b/packages/system/fluxcd-operator/charts/flux-operator/values.yaml @@ -8,6 +8,10 @@ multitenancy: enabled: false defaultServiceAccount: "flux-operator" # @schema required: true +# -- Flux [reporting](https://fluxcd.control-plane.io/operator/fluxreport/) settings. +reporting: + interval: 5m # @schema required: true + # -- Install and upgrade the custom resource definitions. installCRDs: true # @schema default: true @@ -96,6 +100,9 @@ affinity: # @schema default: {"nodeAffinity":{"requiredDuringSchedulingIgnoredDu # -- Pod tolerations settings. tolerations: [ ] # @schema item: object ; uniqueItems: true +# -- Pod Node Selector settings. +nodeSelector: { } # @schema type: object + # -- If `true`, the container ports (`8080` and `8081`) are exposed on the host network. hostNetwork: false # @schema default: false diff --git a/packages/system/fluxcd/charts/flux-instance/Chart.yaml b/packages/system/fluxcd/charts/flux-instance/Chart.yaml index 46970bd7..a065c181 100644 --- a/packages/system/fluxcd/charts/flux-instance/Chart.yaml +++ b/packages/system/fluxcd/charts/flux-instance/Chart.yaml @@ -8,7 +8,7 @@ annotations: - name: Upstream Project url: https://github.com/controlplaneio-fluxcd/flux-operator apiVersion: v2 -appVersion: v0.17.0 +appVersion: v0.18.0 description: 'A Helm chart for deploying a Flux instance managed by Flux Operator. ' home: https://github.com/controlplaneio-fluxcd icon: https://raw.githubusercontent.com/cncf/artwork/main/projects/flux/icon/color/flux-icon-color.png @@ -25,4 +25,4 @@ sources: - https://github.com/controlplaneio-fluxcd/flux-operator - https://github.com/controlplaneio-fluxcd/charts type: application -version: 0.17.0 +version: 0.18.0 diff --git a/packages/system/fluxcd/charts/flux-instance/README.md b/packages/system/fluxcd/charts/flux-instance/README.md index d2f2f291..d56bb5f2 100644 --- a/packages/system/fluxcd/charts/flux-instance/README.md +++ b/packages/system/fluxcd/charts/flux-instance/README.md @@ -1,6 +1,6 @@ # flux-instance -![Version: 0.17.0](https://img.shields.io/badge/Version-0.17.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v0.17.0](https://img.shields.io/badge/AppVersion-v0.17.0-informational?style=flat-square) +![Version: 0.18.0](https://img.shields.io/badge/Version-0.18.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v0.18.0](https://img.shields.io/badge/AppVersion-v0.18.0-informational?style=flat-square) This chart is a thin wrapper around the `FluxInstance` custom resource, which is used by the [Flux Operator](https://github.com/controlplaneio-fluxcd/flux-operator) diff --git a/packages/system/ingress-nginx/charts/ingress-nginx/Chart.yaml b/packages/system/ingress-nginx/charts/ingress-nginx/Chart.yaml index 62c880fc..fd7b8103 100644 --- a/packages/system/ingress-nginx/charts/ingress-nginx/Chart.yaml +++ b/packages/system/ingress-nginx/charts/ingress-nginx/Chart.yaml @@ -1,9 +1,9 @@ annotations: artifacthub.io/changes: | - - Update Ingress-Nginx version controller-v1.11.1 + - Update Ingress-Nginx version controller-v1.11.2 artifacthub.io/prerelease: "false" apiVersion: v2 -appVersion: 1.11.1 +appVersion: 1.11.2 description: Ingress controller for Kubernetes using NGINX as a reverse proxy and load balancer home: https://github.com/kubernetes/ingress-nginx @@ -22,4 +22,4 @@ maintainers: name: ingress-nginx sources: - https://github.com/kubernetes/ingress-nginx -version: 4.11.1 +version: 4.11.2 diff --git a/packages/system/ingress-nginx/charts/ingress-nginx/README.md b/packages/system/ingress-nginx/charts/ingress-nginx/README.md index 0acf3da9..26eab285 100644 --- a/packages/system/ingress-nginx/charts/ingress-nginx/README.md +++ b/packages/system/ingress-nginx/charts/ingress-nginx/README.md @@ -2,7 +2,7 @@ [ingress-nginx](https://github.com/kubernetes/ingress-nginx) Ingress controller for Kubernetes using NGINX as a reverse proxy and load balancer -![Version: 4.11.1](https://img.shields.io/badge/Version-4.11.1-informational?style=flat-square) ![AppVersion: 1.11.1](https://img.shields.io/badge/AppVersion-1.11.1-informational?style=flat-square) +![Version: 4.11.2](https://img.shields.io/badge/Version-4.11.2-informational?style=flat-square) ![AppVersion: 1.11.2](https://img.shields.io/badge/AppVersion-1.11.2-informational?style=flat-square) To use, add `ingressClassName: nginx` spec field or the `kubernetes.io/ingress.class: nginx` annotation to your Ingress resources. @@ -253,11 +253,11 @@ As of version `1.26.0` of this chart, by simply not providing any clusterIP valu | controller.admissionWebhooks.namespaceSelector | object | `{}` | | | controller.admissionWebhooks.objectSelector | object | `{}` | | | controller.admissionWebhooks.patch.enabled | bool | `true` | | -| controller.admissionWebhooks.patch.image.digest | string | `"sha256:36d05b4077fb8e3d13663702fa337f124675ba8667cbd949c03a8e8ea6fa4366"` | | +| controller.admissionWebhooks.patch.image.digest | string | `"sha256:a320a50cc91bd15fd2d6fa6de58bd98c1bd64b9a6f926ce23a600d87043455a3"` | | | controller.admissionWebhooks.patch.image.image | string | `"ingress-nginx/kube-webhook-certgen"` | | | controller.admissionWebhooks.patch.image.pullPolicy | string | `"IfNotPresent"` | | | controller.admissionWebhooks.patch.image.registry | string | `"registry.k8s.io"` | | -| controller.admissionWebhooks.patch.image.tag | string | `"v1.4.1"` | | +| controller.admissionWebhooks.patch.image.tag | string | `"v1.4.3"` | | | controller.admissionWebhooks.patch.labels | object | `{}` | Labels to be added to patch job resources | | controller.admissionWebhooks.patch.networkPolicy.enabled | bool | `false` | Enable 'networkPolicy' or not | | controller.admissionWebhooks.patch.nodeSelector."kubernetes.io/os" | string | `"linux"` | | @@ -325,8 +325,8 @@ As of version `1.26.0` of this chart, by simply not providing any clusterIP valu | controller.hostname | object | `{}` | Optionally customize the pod hostname. | | controller.image.allowPrivilegeEscalation | bool | `false` | | | controller.image.chroot | bool | `false` | | -| controller.image.digest | string | `"sha256:e6439a12b52076965928e83b7b56aae6731231677b01e81818bce7fa5c60161a"` | | -| controller.image.digestChroot | string | `"sha256:7cabe4bd7558bfdf5b707976d7be56fd15ffece735d7c90fc238b6eda290fd8d"` | | +| controller.image.digest | string | `"sha256:d5f8217feeac4887cb1ed21f27c2674e58be06bd8f5184cacea2a69abaf78dce"` | | +| controller.image.digestChroot | string | `"sha256:21b55a2f0213a18b91612a8c0850167e00a8e34391fd595139a708f9c047e7a8"` | | | controller.image.image | string | `"ingress-nginx/controller"` | | | controller.image.pullPolicy | string | `"IfNotPresent"` | | | controller.image.readOnlyRootFilesystem | bool | `false` | | @@ -334,7 +334,7 @@ As of version `1.26.0` of this chart, by simply not providing any clusterIP valu | controller.image.runAsNonRoot | bool | `true` | | | controller.image.runAsUser | int | `101` | | | controller.image.seccompProfile.type | string | `"RuntimeDefault"` | | -| controller.image.tag | string | `"v1.11.1"` | | +| controller.image.tag | string | `"v1.11.2"` | | | controller.ingressClass | string | `"nginx"` | For backwards compatibility with ingress.class annotation, use ingressClass. Algorithm is as follows, first ingressClassName is considered, if not present, controller looks for ingress.class annotation | | controller.ingressClassByName | bool | `false` | Process IngressClass per name (additionally as per spec.controller). | | controller.ingressClassResource | object | `{"aliases":[],"annotations":{},"controllerValue":"k8s.io/ingress-nginx","default":false,"enabled":true,"name":"nginx","parameters":{}}` | This section refers to the creation of the IngressClass resource. IngressClasses are immutable and cannot be changed after creation. We do not support namespaced IngressClasses, yet, so a ClusterRole and a ClusterRoleBinding is required. | @@ -400,11 +400,11 @@ As of version `1.26.0` of this chart, by simply not providing any clusterIP valu | controller.opentelemetry.containerSecurityContext.runAsUser | int | `65532` | The image's default user, inherited from its base image `cgr.dev/chainguard/static`. | | controller.opentelemetry.containerSecurityContext.seccompProfile.type | string | `"RuntimeDefault"` | | | controller.opentelemetry.enabled | bool | `false` | | -| controller.opentelemetry.image.digest | string | `"sha256:13bee3f5223883d3ca62fee7309ad02d22ec00ff0d7033e3e9aca7a9f60fd472"` | | +| controller.opentelemetry.image.digest | string | `"sha256:f7604ac0547ed64d79b98d92133234e66c2c8aade3c1f4809fed5eec1fb7f922"` | | | controller.opentelemetry.image.distroless | bool | `true` | | -| controller.opentelemetry.image.image | string | `"ingress-nginx/opentelemetry"` | | +| controller.opentelemetry.image.image | string | `"ingress-nginx/opentelemetry-1.25.3"` | | | controller.opentelemetry.image.registry | string | `"registry.k8s.io"` | | -| controller.opentelemetry.image.tag | string | `"v20230721-3e2062ee5"` | | +| controller.opentelemetry.image.tag | string | `"v20240813-b933310d"` | | | controller.opentelemetry.name | string | `"opentelemetry"` | | | controller.opentelemetry.resources | object | `{}` | | | controller.podAnnotations | object | `{}` | Annotations to be added to controller pods # | diff --git a/packages/system/ingress-nginx/charts/ingress-nginx/templates/_helpers.tpl b/packages/system/ingress-nginx/charts/ingress-nginx/templates/_helpers.tpl index 0c6a3e20..99246888 100644 --- a/packages/system/ingress-nginx/charts/ingress-nginx/templates/_helpers.tpl +++ b/packages/system/ingress-nginx/charts/ingress-nginx/templates/_helpers.tpl @@ -244,15 +244,6 @@ Return the appropriate apiGroup for PodSecurityPolicy. {{- end -}} {{- end -}} -{{/* -Check the ingress controller version tag is at most three versions behind the last release -*/}} -{{- define "isControllerTagValid" -}} -{{- if not (semverCompare ">=0.27.0-0" .Values.controller.image.tag) -}} -{{- fail "Controller container image tag should be 0.27.0 or higher" -}} -{{- end -}} -{{- end -}} - {{/* Extra modules. */}} diff --git a/packages/system/ingress-nginx/charts/ingress-nginx/templates/controller-daemonset.yaml b/packages/system/ingress-nginx/charts/ingress-nginx/templates/controller-daemonset.yaml index 80ad656b..6ab68fbd 100644 --- a/packages/system/ingress-nginx/charts/ingress-nginx/templates/controller-daemonset.yaml +++ b/packages/system/ingress-nginx/charts/ingress-nginx/templates/controller-daemonset.yaml @@ -1,5 +1,4 @@ {{- if eq .Values.controller.kind "DaemonSet" -}} -{{- include "isControllerTagValid" . -}} apiVersion: apps/v1 kind: DaemonSet metadata: diff --git a/packages/system/ingress-nginx/charts/ingress-nginx/templates/controller-deployment.yaml b/packages/system/ingress-nginx/charts/ingress-nginx/templates/controller-deployment.yaml index e2915a76..bddde891 100644 --- a/packages/system/ingress-nginx/charts/ingress-nginx/templates/controller-deployment.yaml +++ b/packages/system/ingress-nginx/charts/ingress-nginx/templates/controller-deployment.yaml @@ -1,5 +1,4 @@ {{- if eq .Values.controller.kind "Deployment" -}} -{{- include "isControllerTagValid" . -}} apiVersion: apps/v1 kind: Deployment metadata: diff --git a/packages/system/ingress-nginx/charts/ingress-nginx/tests/controller-daemonset_test.yaml b/packages/system/ingress-nginx/charts/ingress-nginx/tests/controller-daemonset_test.yaml index 6ee794af..bc810a1c 100644 --- a/packages/system/ingress-nginx/charts/ingress-nginx/tests/controller-daemonset_test.yaml +++ b/packages/system/ingress-nginx/charts/ingress-nginx/tests/controller-daemonset_test.yaml @@ -138,3 +138,13 @@ tests: values: - controller topologyKey: kubernetes.io/hostname + + - it: should create a DaemonSet with a custom tag if `controller.image.tag` is set + set: + controller.kind: DaemonSet + controller.image.tag: my-little-custom-tag + controller.image.digest: sha256:faa2d18687f734994b6bd9e309e7a73852a81c30e1b8f63165fcd4f0a087e3cd + asserts: + - equal: + path: spec.template.spec.containers[0].image + value: registry.k8s.io/ingress-nginx/controller:my-little-custom-tag@sha256:faa2d18687f734994b6bd9e309e7a73852a81c30e1b8f63165fcd4f0a087e3cd diff --git a/packages/system/ingress-nginx/charts/ingress-nginx/tests/controller-deployment_test.yaml b/packages/system/ingress-nginx/charts/ingress-nginx/tests/controller-deployment_test.yaml index 82b97a0f..da400487 100644 --- a/packages/system/ingress-nginx/charts/ingress-nginx/tests/controller-deployment_test.yaml +++ b/packages/system/ingress-nginx/charts/ingress-nginx/tests/controller-deployment_test.yaml @@ -160,3 +160,12 @@ tests: values: - controller topologyKey: kubernetes.io/hostname + + - it: should create a Deployment with a custom tag if `controller.image.tag` is set + set: + controller.image.tag: my-little-custom-tag + controller.image.digest: sha256:faa2d18687f734994b6bd9e309e7a73852a81c30e1b8f63165fcd4f0a087e3cd + asserts: + - equal: + path: spec.template.spec.containers[0].image + value: registry.k8s.io/ingress-nginx/controller:my-little-custom-tag@sha256:faa2d18687f734994b6bd9e309e7a73852a81c30e1b8f63165fcd4f0a087e3cd diff --git a/packages/system/ingress-nginx/charts/ingress-nginx/values.yaml b/packages/system/ingress-nginx/charts/ingress-nginx/values.yaml index 92735d2a..fbd0b31c 100644 --- a/packages/system/ingress-nginx/charts/ingress-nginx/values.yaml +++ b/packages/system/ingress-nginx/charts/ingress-nginx/values.yaml @@ -26,9 +26,9 @@ controller: ## for backwards compatibility consider setting the full image url via the repository value below ## use *either* current default registry/image or repository format or installing chart by providing the values.yaml will fail ## repository: - tag: "v1.11.1" - digest: sha256:e6439a12b52076965928e83b7b56aae6731231677b01e81818bce7fa5c60161a - digestChroot: sha256:7cabe4bd7558bfdf5b707976d7be56fd15ffece735d7c90fc238b6eda290fd8d + tag: "v1.11.2" + digest: sha256:d5f8217feeac4887cb1ed21f27c2674e58be06bd8f5184cacea2a69abaf78dce + digestChroot: sha256:21b55a2f0213a18b91612a8c0850167e00a8e34391fd595139a708f9c047e7a8 pullPolicy: IfNotPresent runAsNonRoot: true # www-data -> uid 101 @@ -706,12 +706,12 @@ controller: name: opentelemetry image: registry: registry.k8s.io - image: ingress-nginx/opentelemetry + image: ingress-nginx/opentelemetry-1.25.3 ## for backwards compatibility consider setting the full image url via the repository value below ## use *either* current default registry/image or repository format or installing chart by providing the values.yaml will fail ## repository: - tag: "v20230721-3e2062ee5" - digest: sha256:13bee3f5223883d3ca62fee7309ad02d22ec00ff0d7033e3e9aca7a9f60fd472 + tag: v20240813-b933310d + digest: sha256:f7604ac0547ed64d79b98d92133234e66c2c8aade3c1f4809fed5eec1fb7f922 distroless: true containerSecurityContext: runAsNonRoot: true @@ -804,8 +804,8 @@ controller: ## for backwards compatibility consider setting the full image url via the repository value below ## use *either* current default registry/image or repository format or installing chart by providing the values.yaml will fail ## repository: - tag: v1.4.1 - digest: sha256:36d05b4077fb8e3d13663702fa337f124675ba8667cbd949c03a8e8ea6fa4366 + tag: v1.4.3 + digest: sha256:a320a50cc91bd15fd2d6fa6de58bd98c1bd64b9a6f926ce23a600d87043455a3 pullPolicy: IfNotPresent # -- Provide a priority class name to the webhook patching job ## diff --git a/packages/system/ingress-nginx/values.yaml b/packages/system/ingress-nginx/values.yaml index 8ed5b271..5571ff37 100644 --- a/packages/system/ingress-nginx/values.yaml +++ b/packages/system/ingress-nginx/values.yaml @@ -4,9 +4,9 @@ ingress-nginx: enable-ssl-passthrough: "" image: registry: ghcr.io - image: kvaps/ingress-nginx-with-protobuf-exporter/controller + image: cozystack/ingress-nginx-with-protobuf-exporter/controller tag: v1.11.2 - digest: sha256:e80856ece4e30e9646d65c8d92c25a3446a0bba1c2468cd026f17df9e60d2c0f + digest: sha256:beba8869ee370599e1f26557a9669ebdc9481c07b34059f348eb3e17b647e7e0 allowSnippetAnnotations: true replicaCount: 2 admissionWebhooks: @@ -16,10 +16,17 @@ ingress-nginx: enabled: true extraContainers: - name: protobuf-exporter - image: ghcr.io/kvaps/ingress-nginx-with-protobuf-exporter/protobuf-exporter:v1.11.2@sha256:25ed6a5f508bbc59134ad786f1e765d1c2187742075a4e828d68ef3f07a78e52 + image: ghcr.io/kvaps/ingress-nginx-with-protobuf-exporter/protobuf-exporter:v1.11.2@sha256:6d9235a9ee6f2be1921db4687afbdcd85d145b087dd916b5a96455bdb5cff560 args: - --server.telemetry-address=0.0.0.0:9090 - --server.exporter-address=0.0.0.0:9091 + resources: + limits: + cpu: 100m + memory: 90Mi + requests: + cpu: 100m + memory: 90Mi service: #type: NodePort # ClusterIP externalTrafficPolicy: "Local" @@ -40,8 +47,22 @@ ingress-nginx: upstream-keepalive-timeout: "60" upstream-keepalive-connections: "320" ssl-session-tickets: "true" - + resources: + limits: + cpu: "1" + memory: 2048Mi + requests: + cpu: 100m + memory: 90Mi defaultBackend: ## enabled: true + resources: + limits: + cpu: 10m + memory: 20Mi + requests: + cpu: 10m + memory: 20Mi + diff --git a/packages/system/kubevirt/templates/kubevirt-cr.yaml b/packages/system/kubevirt/templates/kubevirt-cr.yaml index 5b0b3a0b..a292c15a 100644 --- a/packages/system/kubevirt/templates/kubevirt-cr.yaml +++ b/packages/system/kubevirt/templates/kubevirt-cr.yaml @@ -14,6 +14,7 @@ spec: - HotplugVolumes - ExpandDisks - LiveMigration + - AutoResourceLimitsGate evictionStrategy: LiveMigrate customizeComponents: {} imagePullPolicy: IfNotPresent diff --git a/packages/system/linstor/templates/satellites-plunger.yaml b/packages/system/linstor/templates/satellites-plunger.yaml index d70191e0..b3abd152 100644 --- a/packages/system/linstor/templates/satellites-plunger.yaml +++ b/packages/system/linstor/templates/satellites-plunger.yaml @@ -25,8 +25,6 @@ spec: # make some room for live debugging readOnlyRootFilesystem: false volumeMounts: - - mountPath: /run - name: host-run - mountPath: /dev name: dev - mountPath: /var/lib/drbd diff --git a/packages/system/linstor/templates/satellites-talos.yaml b/packages/system/linstor/templates/satellites-talos.yaml index 6c65cc95..c5be9204 100644 --- a/packages/system/linstor/templates/satellites-talos.yaml +++ b/packages/system/linstor/templates/satellites-talos.yaml @@ -22,11 +22,6 @@ spec: $patch: delete - name: drbd-module-loader $patch: delete - containers: - - name: linstor-satellite - volumeMounts: - - mountPath: /run - name: host-run volumes: - name: run-systemd-system $patch: delete @@ -46,7 +41,3 @@ spec: hostPath: path: /var/etc/lvm/archive type: DirectoryOrCreate - - name: host-run - hostPath: - path: /run - type: DirectoryOrCreate diff --git a/packages/system/monitoring-agents/templates/vmagent.yaml b/packages/system/monitoring-agents/templates/vmagent.yaml index 65b93983..bf53965b 100644 --- a/packages/system/monitoring-agents/templates/vmagent.yaml +++ b/packages/system/monitoring-agents/templates/vmagent.yaml @@ -10,7 +10,10 @@ spec: promscrape.streamParse: "true" promscrape.maxScrapeSize: 32MB remoteWrite: - - url: {{ .Values.vmagent.remoteWrite.url | quote }} + {{- range .Values.vmagent.remoteWrite.urls }} + - url: {{ . | quote }} + {{- end }} + scrapeInterval: 30s selectAllByDefault: true additionalScrapeConfigs: diff --git a/packages/system/monitoring-agents/values.yaml b/packages/system/monitoring-agents/values.yaml index 4f1694e3..a6798a78 100644 --- a/packages/system/monitoring-agents/values.yaml +++ b/packages/system/monitoring-agents/values.yaml @@ -306,7 +306,9 @@ vmagent: cluster: cozystack tenant: tenant-root remoteWrite: - url: http://vminsert-shortterm.tenant-root.svc:8480/insert/0/prometheus + urls: + - http://vminsert-shortterm.tenant-root.svc:8480/insert/0/prometheus + - http://vminsert-longterm.tenant-root.svc:8480/insert/0/prometheus fluent-bit: readinessProbe: diff --git a/packages/system/seaweedfs/charts/seaweedfs/templates/cosi-deployment.yaml b/packages/system/seaweedfs/charts/seaweedfs/templates/cosi-deployment.yaml index 15e5fa6d..5c5c7e30 100644 --- a/packages/system/seaweedfs/charts/seaweedfs/templates/cosi-deployment.yaml +++ b/packages/system/seaweedfs/charts/seaweedfs/templates/cosi-deployment.yaml @@ -140,6 +140,10 @@ spec: mountPath: /usr/local/share/ca-certificates/client/ {{- end }} {{ tpl .Values.cosi.extraVolumeMounts . | nindent 12 | trim }} + {{- with .Values.cosi.resources }} + resources: + {{- toYaml . | nindent 12 }} + {{- end }} - name: seaweedfs-cosi-sidecar image: "{{ .Values.cosi.sidecar.image }}" imagePullPolicy: {{ default "IfNotPresent" .Values.global.imagePullPolicy }} diff --git a/packages/system/seaweedfs/templates/database.yaml b/packages/system/seaweedfs/templates/database.yaml index e952ff97..dc11b101 100644 --- a/packages/system/seaweedfs/templates/database.yaml +++ b/packages/system/seaweedfs/templates/database.yaml @@ -10,7 +10,13 @@ spec: monitoring: enablePodMonitor: true - + resources: + limits: + cpu: "1" + memory: 2048Mi + requests: + cpu: 100m + memory: 512Mi inheritedMetadata: labels: policy.cozystack.io/allow-to-apiserver: "true" diff --git a/packages/system/seaweedfs/values.yaml b/packages/system/seaweedfs/values.yaml index 056e9bb7..f7e3c5d9 100644 --- a/packages/system/seaweedfs/values.yaml +++ b/packages/system/seaweedfs/values.yaml @@ -6,7 +6,6 @@ global: WEED_CLUSTER_SW_FILER: "seaweedfs-filer-client:8888" seaweedfs: - master: replicas: 3 volumeSizeLimitMB: 100 diff --git a/packages/system/vertical-pod-autoscaler/Makefile b/packages/system/vertical-pod-autoscaler/Makefile index 465eef91..389f9c6e 100644 --- a/packages/system/vertical-pod-autoscaler/Makefile +++ b/packages/system/vertical-pod-autoscaler/Makefile @@ -1,11 +1,11 @@ -export NAME=victoria-metrics-operator +export NAME=vertical-pod-autoscaler export NAMESPACE=cozy-$(NAME) include ../../../scripts/package.mk update: rm -rf charts - # VictoriaMetrics operator + # VirtualPodAutoscaler operator helm repo add cowboysysop https://cowboysysop.github.io/charts/ helm repo update cowboysysop helm pull cowboysysop/vertical-pod-autoscaler --untar --untardir charts