From b3dfa6d7449ca0d08dba749d7c1ae5d6997e6e2a Mon Sep 17 00:00:00 2001 From: Roi Kramer Date: Sun, 17 Mar 2024 21:44:32 +0200 Subject: [PATCH 1/2] added network client --- .../templates/auto-update/clusterrole.yaml | 12 ++ .../templates/auto-update/role.yaml | 12 ++ .../templates/network-client/_helpers.tpl | 71 ++++++++++++ .../templates/network-client/clusterrole.yaml | 15 +++ .../network-client/clusterrolebinding.yaml | 16 +++ .../templates/network-client/daemonset.yaml | 105 ++++++++++++++++++ .../network-client/serviceaccount.yaml | 9 ++ .../ocean-kubernetes-controller/values.yaml | 27 +++++ 8 files changed, 267 insertions(+) create mode 100644 charts/ocean-kubernetes-controller/templates/network-client/_helpers.tpl create mode 100644 charts/ocean-kubernetes-controller/templates/network-client/clusterrole.yaml create mode 100644 charts/ocean-kubernetes-controller/templates/network-client/clusterrolebinding.yaml create mode 100644 charts/ocean-kubernetes-controller/templates/network-client/daemonset.yaml create mode 100644 charts/ocean-kubernetes-controller/templates/network-client/serviceaccount.yaml diff --git a/charts/ocean-kubernetes-controller/templates/auto-update/clusterrole.yaml b/charts/ocean-kubernetes-controller/templates/auto-update/clusterrole.yaml index ef14c39..c36ea7a 100644 --- a/charts/ocean-kubernetes-controller/templates/auto-update/clusterrole.yaml +++ b/charts/ocean-kubernetes-controller/templates/auto-update/clusterrole.yaml @@ -50,4 +50,16 @@ rules: resourceNames: - {{ printf "%s-auth-reader" (include "metrics-server.fullname" .) }} {{- end }} + +# Network Client requires +{{- if (index .Values "ocean-network-client" "deployChart") }} +- apiGroups: [ "rbac.authorization.k8s.io" ] + resources: [ "clusterroles" ] + verbs: [ "get", "patch", "escalate", "bind" ] + resourceNames: [ {{ include "ocean-network-client.fullname" . }} ] +- apiGroups: [ "rbac.authorization.k8s.io" ] + resources: [ "clusterrolebindings" ] + verbs: [ "get", "patch" ] + resourceNames: [ {{ include "ocean-network-client.fullname" . }} ] +{{- end }} {{- end }} \ No newline at end of file diff --git a/charts/ocean-kubernetes-controller/templates/auto-update/role.yaml b/charts/ocean-kubernetes-controller/templates/auto-update/role.yaml index 0dff1e8..be8420f 100644 --- a/charts/ocean-kubernetes-controller/templates/auto-update/role.yaml +++ b/charts/ocean-kubernetes-controller/templates/auto-update/role.yaml @@ -70,4 +70,16 @@ rules: resourceNames: [ {{ include "metrics-server.fullname" . }} ] verbs: [ "get", "patch" ] {{- end }} + +# Network Client requires +{{- if (index .Values "ocean-network-client" "deployChart") }} +- apiGroups: [ "" ] + resources: [ "serviceaccounts" ] + resourceNames: [ {{ include "ocean-network-client.fullname" . }} ] + verbs: [ "get", "patch" ] +- apiGroups: ["apps"] + resources: [ "daemonsets" ] + resourceNames: [ {{ include "ocean-network-client.fullname" . }} ] + verbs: [ "get", "patch" ] +{{- end }} {{- end }} \ No newline at end of file diff --git a/charts/ocean-kubernetes-controller/templates/network-client/_helpers.tpl b/charts/ocean-kubernetes-controller/templates/network-client/_helpers.tpl new file mode 100644 index 0000000..6d913f0 --- /dev/null +++ b/charts/ocean-kubernetes-controller/templates/network-client/_helpers.tpl @@ -0,0 +1,71 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "ocean-network-client.name" -}} +{{- $values := (index .Values "ocean-network-client") -}} +{{- default "ocean-network-client" $values.name | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "ocean-network-client.fullname" -}} +{{- $values := (index .Values "ocean-network-client") -}} +{{- if $values.fullnameOverride }} +{{- $values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default (include "ocean-network-client.name" .) $values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +DaemonSet labels. +*/}} +{{- define "ocean-network-client.daemon-set.labels" -}} +app: ocean-network-client +{{- end }} + +{{/* +Common labels +*/}} +{{- define "ocean-network-client.labels" -}} +helm.sh/chart: {{ include "ocean-kubernetes-controller.chart" . }} +{{ include "ocean-network-client.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "ocean-network-client.selectorLabels" -}} +app.kubernetes.io/name: {{ include "ocean-network-client.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +NodeSelector labels. +*/}} +{{- define "ocean-network-client.node-selector.labels" -}} +kubernetes.io/os: linux +{{- end }} + +{{/* +Is Dev Environment +*/}} +{{- define "ocean-network-client.isDevEnv" }} +{{- if and .Values.spotinst.baseUrl (not (eq .Values.spotinst.baseUrl "ocean.api.spot.io:443")) -}} +true +{{- else -}} +false +{{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/ocean-kubernetes-controller/templates/network-client/clusterrole.yaml b/charts/ocean-kubernetes-controller/templates/network-client/clusterrole.yaml new file mode 100644 index 0000000..1b64984 --- /dev/null +++ b/charts/ocean-kubernetes-controller/templates/network-client/clusterrole.yaml @@ -0,0 +1,15 @@ +{{- if index .Values "ocean-network-client" "deployChart" -}} +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ include "ocean-network-client.fullname" . }} + labels: + {{- include "ocean-network-client.labels" . | nindent 4 }} +rules: + # ---------------------------------------------------------------------------- + # Required for functional operation (read-only). + # ---------------------------------------------------------------------------- + - apiGroups: [""] + resources: ["pods", "nodes"] + verbs: ["get", "list", "watch"] +{{- end }} \ No newline at end of file diff --git a/charts/ocean-kubernetes-controller/templates/network-client/clusterrolebinding.yaml b/charts/ocean-kubernetes-controller/templates/network-client/clusterrolebinding.yaml new file mode 100644 index 0000000..bbdfd0f --- /dev/null +++ b/charts/ocean-kubernetes-controller/templates/network-client/clusterrolebinding.yaml @@ -0,0 +1,16 @@ +{{- if index .Values "ocean-network-client" "deployChart" -}} +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ include "ocean-network-client.fullname" . }} + labels: + {{- include "ocean-network-client.labels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ include "ocean-network-client.fullname" . }} +subjects: + - kind: ServiceAccount + name: {{ include "ocean-network-client.fullname" . }} + namespace: {{ .Release.Namespace }} +{{- end }} \ No newline at end of file diff --git a/charts/ocean-kubernetes-controller/templates/network-client/daemonset.yaml b/charts/ocean-kubernetes-controller/templates/network-client/daemonset.yaml new file mode 100644 index 0000000..841a2e5 --- /dev/null +++ b/charts/ocean-kubernetes-controller/templates/network-client/daemonset.yaml @@ -0,0 +1,105 @@ +{{- if index .Values "ocean-network-client" "deployChart" -}} +{{ $values := index .Values "ocean-network-client" }} +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: {{ include "ocean-network-client.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "ocean-network-client.labels" . | nindent 4 }} +spec: + selector: + matchLabels: + {{- include "ocean-network-client.selectorLabels" . | nindent 6 }} + updateStrategy: + rollingUpdate: + maxSurge: 0 + maxUnavailable: 10% + template: + metadata: + labels: + {{- include "ocean-network-client.selectorLabels" . | nindent 8 }} + spec: + priorityClassName: system-node-critical + hostNetwork: true + hostPID: true + tolerations: + {{- toYaml $values.tolerations | nindent 6 }} + nodeSelector: + {{- include "ocean-network-client.node-selector.labels" . | nindent 8 }} + volumes: + - name: varlog + hostPath: + path: /var/log + serviceAccountName: {{ include "ocean-network-client.fullname" . }} + terminationGracePeriodSeconds: 30 + {{- with $values.image.pullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + containers: + - name: "spotinst-ocean-network-client" + image: {{ $values.image.repository }}:{{ $values.image.tag | default .Chart.AppVersion }} + securityContext: + privileged: true + capabilities: + drop: ["all"] + add: [ "NET_ADMIN", "SYS_ADMIN"] # bpf need SYS_ADMIN network netlink need NET_ADMIN + imagePullPolicy: {{ $values.image.pullPolicy }} + resources: + {{- toYaml $values.resources | nindent 12 }} + volumeMounts: + - name: varlog + mountPath: /var/log + env: + - name: REPORT_INTERVAL + value: "60" + - name: NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: SPOTINST_TOKEN + valueFrom: + secretKeyRef: + name: {{ include "ocean-kubernetes-controller.secretName" . }} + key: token + optional: true + - name: SPOTINST_ACCOUNT + valueFrom: + secretKeyRef: + name: {{ include "ocean-kubernetes-controller.secretName" . }} + key: account + optional: true + - name: SPOTINST_TOKEN_LEGACY + valueFrom: + configMapKeyRef: + name: {{ include "ocean-kubernetes-controller.configMapName" . }} + key: spotinst.token + optional: true + - name: SPOTINST_ACCOUNT_LEGACY + valueFrom: + configMapKeyRef: + name: {{ include "ocean-kubernetes-controller.configMapName" . }} + key: spotinst.account + optional: true + - name: CLUSTER_IDENTIFIER + valueFrom: + configMapKeyRef: + name: {{ include "ocean-kubernetes-controller.configMapName" . }} + key: spotinst.cluster-identifier + optional: true + - name: MY_POD_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + - name: CILIUM_CNI_TUNNEL_MODE + valueFrom: + configMapKeyRef: + key: tunnel + name: cilium-config + optional: true + {{- if eq (include "ocean-network-client.isDevEnv" .) "true" }} + - name: ENV_DEV + value: "true" + {{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/ocean-kubernetes-controller/templates/network-client/serviceaccount.yaml b/charts/ocean-kubernetes-controller/templates/network-client/serviceaccount.yaml new file mode 100644 index 0000000..7ead418 --- /dev/null +++ b/charts/ocean-kubernetes-controller/templates/network-client/serviceaccount.yaml @@ -0,0 +1,9 @@ +{{- if index .Values "ocean-network-client" "deployChart" -}} +kind: ServiceAccount +apiVersion: v1 +metadata: + name: {{ include "ocean-network-client.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "ocean-network-client.labels" . | nindent 4 }} +{{- end }} \ No newline at end of file diff --git a/charts/ocean-kubernetes-controller/values.yaml b/charts/ocean-kubernetes-controller/values.yaml index 765584f..87266f1 100644 --- a/charts/ocean-kubernetes-controller/values.yaml +++ b/charts/ocean-kubernetes-controller/values.yaml @@ -241,3 +241,30 @@ autoUpdate: annotations: {} # The name of the service account to use. (Optional) name: "" + +# -- Configurations for Ocean Network Client. +ocean-network-client: + # -- Specifies whether the Ocean Network Client should be deployed. (Optional) + deployChart: true + + image: + # -- (Optional) Image repository. + repository: public.ecr.aws/spotinst/spot-network-client + # -- (Optional) Image pull policy. + pullPolicy: IfNotPresent + # -- (Optional) Image pull secrets. + pullSecrets: [] + # -- (Optional) Image tag. Defaults to `.Chart.AppVersion`. + tag: "1.0.6" + + # -- (Optional) Resource requests and limits. + # Ref: http://kubernetes.io/docs/user-guide/compute-resources/ + resources: + requests: + cpu: 30m + memory: 150Mi + + # -- (Optional) Tolerations - Enable pods to run an all nodes in cluster + # Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + tolerations: + - operator: "Exists" From 8dfd4aed0a71e6beb202b1afd692a00184a601f7 Mon Sep 17 00:00:00 2001 From: Roi Kramer Date: Sun, 17 Mar 2024 22:09:05 +0200 Subject: [PATCH 2/2] added metric-exporter --- charts/ocean-kubernetes-controller/Chart.yaml | 2 +- charts/ocean-kubernetes-controller/README.md | 43 ++++++- .../templates/auto-update/role.yaml | 15 +++ .../templates/configmap.yaml | 1 + .../templates/metric-exporter/_helpers.tpl | 78 ++++++++++++ .../templates/metric-exporter/deployment.yaml | 108 ++++++++++++++++ .../templates/metric-exporter/service.yaml | 22 ++++ .../templates/network-client/_helpers.tpl | 10 -- .../templates/network-client/daemonset.yaml | 2 +- .../ocean-kubernetes-controller/values.yaml | 115 +++++++++++++++++- 10 files changed, 382 insertions(+), 14 deletions(-) create mode 100644 charts/ocean-kubernetes-controller/templates/metric-exporter/_helpers.tpl create mode 100644 charts/ocean-kubernetes-controller/templates/metric-exporter/deployment.yaml create mode 100644 charts/ocean-kubernetes-controller/templates/metric-exporter/service.yaml diff --git a/charts/ocean-kubernetes-controller/Chart.yaml b/charts/ocean-kubernetes-controller/Chart.yaml index ee18f60..199a684 100644 --- a/charts/ocean-kubernetes-controller/Chart.yaml +++ b/charts/ocean-kubernetes-controller/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: ocean-kubernetes-controller description: A Helm chart for Ocean Kubernetes Controller type: application -version: 0.1.30 +version: 0.1.31 appVersion: 2.0.50 kubeVersion: ">=1.20.0-0" maintainers: diff --git a/charts/ocean-kubernetes-controller/README.md b/charts/ocean-kubernetes-controller/README.md index c9b852f..4cdc6c0 100644 --- a/charts/ocean-kubernetes-controller/README.md +++ b/charts/ocean-kubernetes-controller/README.md @@ -1,6 +1,6 @@ # ocean-kubernetes-controller -![Version: 0.1.30](https://img.shields.io/badge/Version-0.1.30-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2.0.50](https://img.shields.io/badge/AppVersion-2.0.50-informational?style=flat-square) +![Version: 0.1.31](https://img.shields.io/badge/Version-0.1.31-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2.0.50](https://img.shields.io/badge/AppVersion-2.0.50-informational?style=flat-square) A Helm chart for Ocean Kubernetes Controller. @@ -108,6 +108,46 @@ Kubernetes: `>=1.20.0-0` | metrics-server.image.tag | string | `""` | | | nameOverride | string | `""` | | | nodeSelector | object | `{}` | | +| ocean-metric-exporter | object | `{"affinity":{},"deployChart":false,"image":{"pullPolicy":"IfNotPresent","pullSecrets":[],"repository":"gcr.io/spotinst-artifacts/spot-ocean-metric-exporter","tag":"1.0.4"},"metricsConfiguration":{"allowLabels":null,"allowMetrics":null,"categories":["scaling"],"denyLabels":null,"denyMetrics":null},"nodeSelector":{},"podAnnotations":{},"podEnvVariables":[],"probes":{"enabled":true,"liveness":{"enabled":false,"failureThreshold":3,"initialDelaySeconds":15,"periodSeconds":10,"timeoutSeconds":1},"readiness":{"enabled":false,"failureThreshold":3,"initialDelaySeconds":15,"periodSeconds":10,"successThreshold":1,"timeoutSeconds":1}},"replicaCount":1,"resources":{"limits":{"cpu":"500m","memory":"500Mi"},"requests":{"cpu":"100m","memory":"50Mi"}},"service":{"create":true},"tolerations":[{"key":"node-role.kubernetes.io/master","operator":"Exists"},{"key":"node-role.kubernetes.io/control-plane","operator":"Exists"}]}` | Configurations for Ocean Metric Exporter. | +| ocean-metric-exporter.affinity | Optional | `{}` | Pod scheduling preferences. Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity | +| ocean-metric-exporter.deployChart | bool | `false` | Specifies whether the Ocean Metric Exporter should be deployed. (Optional) | +| ocean-metric-exporter.image.pullPolicy | Optional | `"IfNotPresent"` | Image pull policy. | +| ocean-metric-exporter.image.pullSecrets | Optional | `[]` | Image pull secrets. | +| ocean-metric-exporter.image.repository | Optional | `"gcr.io/spotinst-artifacts/spot-ocean-metric-exporter"` | Image repository. | +| ocean-metric-exporter.image.tag | Optional | `"1.0.4"` | Image tag. Defaults to `.Chart.AppVersion`. | +| ocean-metric-exporter.metricsConfiguration | Optional | `{"allowLabels":null,"allowMetrics":null,"categories":["scaling"],"denyLabels":null,"denyMetrics":null}` | Exporter Metrics Configurations | +| ocean-metric-exporter.metricsConfiguration.allowLabels | Array[string] | `nil` | List of Labels to allow - if empty will get everything. Shouldn't be used with `denyLabels`. Possible values can be found here: https://docs.spot.io/ocean/tools-and-integrations/prometheus/scrape?id=labels | +| ocean-metric-exporter.metricsConfiguration.allowMetrics | Array[string] | `nil` | List of Metrics to allow - if empty will get everything. Shouldn't be used with `denyMetrics`. Possible values can be found here: https://docs.spot.io/ocean/tools-and-integrations/prometheus/scrape?id=metrics | +| ocean-metric-exporter.metricsConfiguration.categories | Array[string] | `["scaling"]` | List of Categories to enable - if empty will get no metrics. Additional possible values can be found here: https://docs.spot.io/ocean/tools-and-integrations/prometheus/scrape?id=categories | +| ocean-metric-exporter.metricsConfiguration.denyLabels | Array[string] | `nil` | List of Labels to deny - if empty will get everything. Shouldn't be used with `allowLabels`. Possible values can be found here: https://docs.spot.io/ocean/tools-and-integrations/prometheus/scrape?id=labels | +| ocean-metric-exporter.metricsConfiguration.denyMetrics | Array[string] | `nil` | List of Metrics to deny - if empty will get everything. Shouldn't be used with `allowMetrics`. Possible values can be found here: https://docs.spot.io/ocean/tools-and-integrations/prometheus/scrape?id=metrics | +| ocean-metric-exporter.nodeSelector | Optional | `{}` | Node selector. | +| ocean-metric-exporter.podAnnotations | Optional | `{}` | Pod annotations. Ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ | +| ocean-metric-exporter.podEnvVariables | Optional | `[]` | Additional environment variables for the exporter container. | +| ocean-metric-exporter.probes.enabled | Bool | `true` | Whether to include both liveness and readiness probe, if this is set to true it will ignore the nested enabled booleans. | +| ocean-metric-exporter.probes.liveness.enabled | Bool | `false` | Whether to include liveness probe, this will be ignored if probes.enabled was set to true. | +| ocean-metric-exporter.probes.liveness.failureThreshold | Integer | `3` | Liveness probe failure threshold. | +| ocean-metric-exporter.probes.liveness.initialDelaySeconds | Integer | `15` | Liveness probe initial delay. | +| ocean-metric-exporter.probes.liveness.periodSeconds | Integer | `10` | Liveness probe period. | +| ocean-metric-exporter.probes.liveness.timeoutSeconds | Integer | `1` | Liveness probe timeout. | +| ocean-metric-exporter.probes.readiness.enabled | Bool | `false` | Whether to include readiness probe, this will be ignored if probes.enabled was set to true. | +| ocean-metric-exporter.probes.readiness.failureThreshold | Integer | `3` | Readiness probe failure threshold. | +| ocean-metric-exporter.probes.readiness.initialDelaySeconds | Integer | `15` | Readiness probe initial delay. | +| ocean-metric-exporter.probes.readiness.periodSeconds | Integer | `10` | Readiness probe period. | +| ocean-metric-exporter.probes.readiness.successThreshold | Integer | `1` | Readiness probe success threshold. | +| ocean-metric-exporter.probes.readiness.timeoutSeconds | Integer | `1` | Readiness probe timeout. | +| ocean-metric-exporter.replicaCount | Optional | `1` | Replicas. Ref: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#replicas | +| ocean-metric-exporter.resources | Optional | `{"limits":{"cpu":"500m","memory":"500Mi"},"requests":{"cpu":"100m","memory":"50Mi"}}` | Resource requests and limits. Ref: http://kubernetes.io/docs/user-guide/compute-resources/ | +| ocean-metric-exporter.service.create | Optional | `true` | Controls whether a service should be created. | +| ocean-metric-exporter.tolerations | Optional | `[{"key":"node-role.kubernetes.io/master","operator":"Exists"},{"key":"node-role.kubernetes.io/control-plane","operator":"Exists"}]` | Tolerations for nodes that have taints on them. Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ | +| ocean-network-client | object | `{"deployChart":false,"image":{"pullPolicy":"IfNotPresent","pullSecrets":[],"repository":"public.ecr.aws/spotinst/spot-network-client","tag":"1.0.6"},"resources":{"requests":{"cpu":"30m","memory":"150Mi"}},"tolerations":[{"operator":"Exists"}]}` | Configurations for Ocean Network Client. | +| ocean-network-client.deployChart | bool | `false` | Specifies whether the Ocean Network Client should be deployed. (Optional) | +| ocean-network-client.image.pullPolicy | Optional | `"IfNotPresent"` | Image pull policy. | +| ocean-network-client.image.pullSecrets | Optional | `[]` | Image pull secrets. | +| ocean-network-client.image.repository | Optional | `"public.ecr.aws/spotinst/spot-network-client"` | Image repository. | +| ocean-network-client.image.tag | Optional | `"1.0.6"` | Image tag. Defaults to `.Chart.AppVersion`. | +| ocean-network-client.resources | Optional | `{"requests":{"cpu":"30m","memory":"150Mi"}}` | Resource requests and limits. Ref: http://kubernetes.io/docs/user-guide/compute-resources/ | +| ocean-network-client.tolerations | Optional | `[{"operator":"Exists"}]` | Tolerations - Enable pods to run an all nodes in cluster Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ | | podAnnotations | object | `{}` | | | podLabels | object | `{}` | | | podSecurityContext.fsGroup | int | `10001` | | @@ -137,6 +177,7 @@ Kubernetes: `>=1.20.0-0` | spotinst.disableAutoUpdate | bool | `false` | Disable auto update. (Optional) | | spotinst.disableAutomaticRightSizing | bool | `false` | Disable automatic RightSizing. (Optional) | | spotinst.enableCsrApproval | bool | `false` | Enable CSR approval. (Optional) | +| spotinst.httpBaseUrl | string | `""` | HTTP Base URL. (Optional) | | spotinst.proxyUrl | string | `""` | Proxy URL. (Optional) | | spotinst.token | string | `""` | Spot Token. (Required) Ref: https://docs.spot.io/administration/api/create-api-token | | tolerations | string | `nil` | Tolerations for nodes that have taints on them. (Optional) Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ | diff --git a/charts/ocean-kubernetes-controller/templates/auto-update/role.yaml b/charts/ocean-kubernetes-controller/templates/auto-update/role.yaml index be8420f..b36e51d 100644 --- a/charts/ocean-kubernetes-controller/templates/auto-update/role.yaml +++ b/charts/ocean-kubernetes-controller/templates/auto-update/role.yaml @@ -82,4 +82,19 @@ rules: resourceNames: [ {{ include "ocean-network-client.fullname" . }} ] verbs: [ "get", "patch" ] {{- end }} + +# Metric Exporter requires +{{- if index .Values "ocean-metric-exporter" "deployChart" -}} +{{- $values := index .Values "ocean-metric-exporter" }} +{{- if $values.service.create }} +- apiGroups: [ "" ] + resources: [ "services" ] + resourceNames: [ {{ include "ocean-metric-exporter.fullname" . }} ] + verbs: [ "get", "patch" ] +{{- end }} +- apiGroups: [ "apps" ] + resources: [ "deployments" ] + resourceNames: [ {{ include "ocean-metric-exporter.fullname" . }} ] + verbs: [ "get", "patch" ] +{{- end }} {{- end }} \ No newline at end of file diff --git a/charts/ocean-kubernetes-controller/templates/configmap.yaml b/charts/ocean-kubernetes-controller/templates/configmap.yaml index 27b648a..5f080d4 100644 --- a/charts/ocean-kubernetes-controller/templates/configmap.yaml +++ b/charts/ocean-kubernetes-controller/templates/configmap.yaml @@ -8,6 +8,7 @@ metadata: data: spotinst.cluster-identifier: {{ required "`spotinst.clusterIdentifier` must be specified" .Values.spotinst.clusterIdentifier }} base-url: {{ default "" .Values.spotinst.baseUrl | quote }} + http-base-url: {{ default "" .Values.spotinst.httpBaseUrl | quote }} proxy-url: {{ default "" .Values.spotinst.proxyUrl | quote }} leader-election: {{ gt (int .Values.replicas) 1 | quote }} disable-auto-update: {{ default "false" .Values.spotinst.disableAutoUpdate | quote }} diff --git a/charts/ocean-kubernetes-controller/templates/metric-exporter/_helpers.tpl b/charts/ocean-kubernetes-controller/templates/metric-exporter/_helpers.tpl new file mode 100644 index 0000000..96d8722 --- /dev/null +++ b/charts/ocean-kubernetes-controller/templates/metric-exporter/_helpers.tpl @@ -0,0 +1,78 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "ocean-metric-exporter.name" -}} +{{- $values := (index .Values "ocean-metric-exporter") -}} +{{- default "ocean-metric-exporter" $values.name | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "ocean-metric-exporter.fullname" -}} +{{- $values := (index .Values "ocean-metric-exporter") -}} +{{- if $values.fullnameOverride }} +{{- $values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default (include "ocean-metric-exporter.name" .) $values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "ocean-metric-exporter.labels" -}} +helm.sh/chart: {{ include "ocean-kubernetes-controller.chart" . }} +{{ include "ocean-metric-exporter.selectorLabels" . }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "ocean-metric-exporter.selectorLabels" -}} +app.kubernetes.io/name: {{ include "ocean-metric-exporter.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Container command. +*/}} +{{- define "ocean-metric-exporter.command" -}} +{{- printf "[ \"java\", \"-Dspring.profiles.active=prod,default\", \"-jar\", \"/app/app.jar\" ]" -}} +{{- end }} + +{{/* +probes. +*/}} +{{- define "ocean-metric-exporter.probes" -}} +{{- $values := index .Values "ocean-metric-exporter" }} +{{- if or $values.probes.liveness.enabled $values.probes.enabled }} +livenessProbe: + httpGet: + path: /health/liveness + port: exporter + initialDelaySeconds: {{ $values.probes.liveness.initialDelaySeconds }} + periodSeconds: {{ $values.probes.liveness.periodSeconds }} + failureThreshold: {{ $values.probes.liveness.failureThreshold }} + timeoutSeconds: {{ $values.probes.liveness.timeoutSeconds }} +{{- end}} +{{- if or $values.probes.readiness.enabled $values.probes.enabled }} +readinessProbe: + httpGet: + path: /health/readiness + port: exporter + initialDelaySeconds: {{ $values.probes.readiness.initialDelaySeconds }} + periodSeconds: {{ $values.probes.readiness.periodSeconds }} + failureThreshold: {{ $values.probes.readiness.failureThreshold }} + successThreshold: {{ $values.probes.readiness.successThreshold }} + timeoutSeconds: {{ $values.probes.readiness.timeoutSeconds }} +{{- end}} +{{- end }} \ No newline at end of file diff --git a/charts/ocean-kubernetes-controller/templates/metric-exporter/deployment.yaml b/charts/ocean-kubernetes-controller/templates/metric-exporter/deployment.yaml new file mode 100644 index 0000000..357ad74 --- /dev/null +++ b/charts/ocean-kubernetes-controller/templates/metric-exporter/deployment.yaml @@ -0,0 +1,108 @@ +{{- if index .Values "ocean-metric-exporter" "deployChart" -}} +{{- $values := index .Values "ocean-metric-exporter" }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "ocean-metric-exporter.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "ocean-metric-exporter.labels" . | nindent 4 }} +spec: + replicas: {{ $values.replicaCount }} + selector: + matchLabels: + {{- include "ocean-metric-exporter.selectorLabels" . | nindent 6 }} + template: + metadata: + {{- with $values.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "ocean-metric-exporter.selectorLabels" . | nindent 8 }} + spec: + {{- with $values.image.pullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + containers: + - name: spot-ocean-metric-exporter + ports: + - containerPort: 5050 + name: exporter + env: + - name: SPOTINST_TOKEN + valueFrom: + secretKeyRef: + name: {{ include "ocean-kubernetes-controller.secretName" . }} + key: token + optional: true + - name: SPOTINST_TOKEN_LEGACY + valueFrom: + configMapKeyRef: + name: {{ include "ocean-kubernetes-controller.configMapName" . }} + key: spotinst.token + optional: true + - name: SPOTINST_ACCOUNT + valueFrom: + secretKeyRef: + name: {{ include "ocean-kubernetes-controller.secretName" . }} + key: account + optional: true + - name: SPOTINST_ACCOUNT_LEGACY + valueFrom: + configMapKeyRef: + name: {{ include "ocean-kubernetes-controller.configMapName" . }} + key: spotinst.account + optional: true + - name: CLUSTER_IDENTIFIER + valueFrom: + configMapKeyRef: + name: {{ include "ocean-kubernetes-controller.configMapName" . }} + key: spotinst.cluster-identifier + - name: BASE_SPOTINST_URL + valueFrom: + configMapKeyRef: + name: {{ include "ocean-kubernetes-controller.configMapName" . }} + key: http-base-url + optional: true + - name: PROXY_URL + valueFrom: + configMapKeyRef: + name: {{ include "ocean-kubernetes-controller.configMapName" . }} + key: proxy-url + optional: true + - name: USER_ENV_CERTIFICATES + valueFrom: + secretKeyRef: + name: {{ include "ocean-kubernetes-controller.caBundleSecretName" . }} + key: {{ .Values.caBundleSecret.key }} + optional: true + {{- with $values.podEnvVariables }} + {{- toYaml . | nindent 8 }} + {{- end }} + image: {{ $values.image.repository }}:{{ $values.image.tag | default .Chart.AppVersion }} + imagePullPolicy: {{ $values.image.pullPolicy }} + command: {{ include "ocean-metric-exporter.command" . }} + args: + - --categories={{ join "," $values.metricsConfiguration.categories }} + - --allow-metrics={{ join "," $values.metricsConfiguration.allowMetrics }} + - --deny-metrics={{ join "," $values.metricsConfiguration.denyMetrics }} + - --allow-labels={{ join "," $values.metricsConfiguration.allowLabels }} + - --deny-labels={{ join "," $values.metricsConfiguration.denyLabels }} + resources: + {{- toYaml $values.resources | nindent 12 }} + {{- include "ocean-metric-exporter.probes" . | nindent 8 }} + {{- with $values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with $values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with $values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/ocean-kubernetes-controller/templates/metric-exporter/service.yaml b/charts/ocean-kubernetes-controller/templates/metric-exporter/service.yaml new file mode 100644 index 0000000..b906261 --- /dev/null +++ b/charts/ocean-kubernetes-controller/templates/metric-exporter/service.yaml @@ -0,0 +1,22 @@ +{{- if index .Values "ocean-metric-exporter" "deployChart" -}} +{{- $values := index .Values "ocean-metric-exporter" }} +{{- if $values.service.create }} +apiVersion: v1 +kind: Service +metadata: + name: {{ include "ocean-metric-exporter.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "ocean-metric-exporter.labels" . | nindent 4 }} +spec: + ports: + - name: exporter + port: 5050 + protocol: TCP + targetPort: exporter + selector: + {{- include "ocean-metric-exporter.selectorLabels" . | nindent 4 }} + sessionAffinity: None + type: ClusterIP +{{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/ocean-kubernetes-controller/templates/network-client/_helpers.tpl b/charts/ocean-kubernetes-controller/templates/network-client/_helpers.tpl index 6d913f0..3bcdaf4 100644 --- a/charts/ocean-kubernetes-controller/templates/network-client/_helpers.tpl +++ b/charts/ocean-kubernetes-controller/templates/network-client/_helpers.tpl @@ -25,22 +25,12 @@ If release name contains chart name it will be used as a full name. {{- end }} {{- end }} -{{/* -DaemonSet labels. -*/}} -{{- define "ocean-network-client.daemon-set.labels" -}} -app: ocean-network-client -{{- end }} - {{/* Common labels */}} {{- define "ocean-network-client.labels" -}} helm.sh/chart: {{ include "ocean-kubernetes-controller.chart" . }} {{ include "ocean-network-client.selectorLabels" . }} -{{- if .Chart.AppVersion }} -app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} -{{- end }} app.kubernetes.io/managed-by: {{ .Release.Service }} {{- end }} diff --git a/charts/ocean-kubernetes-controller/templates/network-client/daemonset.yaml b/charts/ocean-kubernetes-controller/templates/network-client/daemonset.yaml index 841a2e5..9df567f 100644 --- a/charts/ocean-kubernetes-controller/templates/network-client/daemonset.yaml +++ b/charts/ocean-kubernetes-controller/templates/network-client/daemonset.yaml @@ -1,5 +1,5 @@ {{- if index .Values "ocean-network-client" "deployChart" -}} -{{ $values := index .Values "ocean-network-client" }} +{{- $values := index .Values "ocean-network-client" }} apiVersion: apps/v1 kind: DaemonSet metadata: diff --git a/charts/ocean-kubernetes-controller/values.yaml b/charts/ocean-kubernetes-controller/values.yaml index 87266f1..f238789 100644 --- a/charts/ocean-kubernetes-controller/values.yaml +++ b/charts/ocean-kubernetes-controller/values.yaml @@ -17,6 +17,8 @@ spotinst: clusterIdentifier: "" # -- Base URL. (Optional) baseUrl: "" + # -- HTTP Base URL. (Optional) + httpBaseUrl: "" # -- Proxy URL. (Optional) proxyUrl: "" # -- Disable auto update. (Optional) @@ -245,7 +247,7 @@ autoUpdate: # -- Configurations for Ocean Network Client. ocean-network-client: # -- Specifies whether the Ocean Network Client should be deployed. (Optional) - deployChart: true + deployChart: false image: # -- (Optional) Image repository. @@ -268,3 +270,114 @@ ocean-network-client: # Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ tolerations: - operator: "Exists" + +# -- Configurations for Ocean Metric Exporter. +ocean-metric-exporter: + # -- Specifies whether the Ocean Metric Exporter should be deployed. (Optional) + deployChart: false + + # -- (Optional) Replicas. + # Ref: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#replicas + replicaCount: 1 + + # Image. + # Ref: https://kubernetes.io/docs/concepts/containers/images/ + image: + # -- (Optional) Image repository. + repository: gcr.io/spotinst-artifacts/spot-ocean-metric-exporter + # -- (Optional) Image pull policy. + pullPolicy: IfNotPresent + # -- (Optional) Image pull secrets. + pullSecrets: [] + # -- (Optional) Image tag. Defaults to `.Chart.AppVersion`. + tag: "1.0.4" + + # -- (Optional) Pod annotations. + # Ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ + podAnnotations: {} + + # -- (Optional) Additional environment variables for the exporter container. + podEnvVariables: [] + # - name: envName + # value: envValue + + # -- (Optional) Resource requests and limits. + # Ref: http://kubernetes.io/docs/user-guide/compute-resources/ + resources: + limits: + cpu: 500m + memory: 500Mi + requests: + cpu: 100m + memory: 50Mi + + # -- (Optional) Node selector. + nodeSelector: {} + + # -- (Optional) Tolerations for nodes that have taints on them. + # Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ + tolerations: + - key: node-role.kubernetes.io/master + operator: Exists + - key: node-role.kubernetes.io/control-plane + operator: Exists + + # -- (Optional) Pod scheduling preferences. + # Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity + affinity: {} + + # Service. + service: + # -- (Optional) Controls whether a service should be created. + create: true + + # Probes configuration + probes: + # -- (Bool) Whether to include both liveness and readiness probe, if this is set to true it will ignore the nested enabled booleans. + enabled: true + + # Liveness probe configuration. + liveness: + # -- (Bool) Whether to include liveness probe, this will be ignored if probes.enabled was set to true. + enabled: false + # -- (Integer) Liveness probe initial delay. + initialDelaySeconds: 15 + # -- (Integer) Liveness probe period. + periodSeconds: 10 + # -- (Integer) Liveness probe failure threshold. + failureThreshold: 3 + # -- (Integer) Liveness probe timeout. + timeoutSeconds: 1 + + # Readiness probe configuration. + readiness: + # -- (Bool) Whether to include readiness probe, this will be ignored if probes.enabled was set to true. + enabled: false + # -- (Integer) Readiness probe initial delay. + initialDelaySeconds: 15 + # -- (Integer) Readiness probe period. + periodSeconds: 10 + # -- (Integer) Readiness probe failure threshold. + failureThreshold: 3 + # -- (Integer) Readiness probe success threshold. + successThreshold: 1 + # -- (Integer) Readiness probe timeout. + timeoutSeconds: 1 + + # -- (Optional) Exporter Metrics Configurations + metricsConfiguration: + # -- (Array[string]) List of Categories to enable - if empty will get no metrics. Additional possible values can be found here: https://docs.spot.io/ocean/tools-and-integrations/prometheus/scrape?id=categories + categories: + - scaling + + # -- (Array[string]) List of Metrics to allow - if empty will get everything. Shouldn't be used with `denyMetrics`. Possible values can be found here: https://docs.spot.io/ocean/tools-and-integrations/prometheus/scrape?id=metrics + allowMetrics: + + # -- (Array[string]) List of Metrics to deny - if empty will get everything. Shouldn't be used with `allowMetrics`. Possible values can be found here: https://docs.spot.io/ocean/tools-and-integrations/prometheus/scrape?id=metrics + denyMetrics: + + # -- (Array[string]) List of Labels to allow - if empty will get everything. Shouldn't be used with `denyLabels`. Possible values can be found here: https://docs.spot.io/ocean/tools-and-integrations/prometheus/scrape?id=labels + allowLabels: + + # -- (Array[string]) List of Labels to deny - if empty will get everything. Shouldn't be used with `allowLabels`. Possible values can be found here: https://docs.spot.io/ocean/tools-and-integrations/prometheus/scrape?id=labels + denyLabels: