Skip to content

Commit

Permalink
Merge branch 'alpha' into alpha-to-beta
Browse files Browse the repository at this point in the history 
Signed-off-by: Sandor Szücs <[email protected]>
  • Loading branch information
@szuecs
szuecs committed Sep 12, 2018
2 parents dc71c04 + 0b939d8 commit 2f54c35
Show file tree
Hide file tree
Showing 19 changed files with 192 additions and 66 deletions.
4 changes: 0 additions & 4 deletions cluster/cluster.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -135,10 +135,6 @@ Resources:
FromPort: 30080
IpProtocol: tcp
ToPort: 30080
- CidrIp: "{{.Values.vpc_ipv4_cidr}}"
FromPort: 4194
IpProtocol: tcp
ToPort: 4194
- CidrIp: "{{.Values.vpc_ipv4_cidr}}"
FromPort: 9054
IpProtocol: tcp
Expand Down
7 changes: 7 additions & 0 deletions cluster/config-defaults.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,13 @@ autoscaling_buffer_pods: "1"
autoscaling_buffer_pods: "0"
{{end}}

# lightstep
{{if eq .Environment "production"}}
lightstep_token: "aws:kms:AQICAHgrx06TPoR1aNmcPHJjFu5mmoICT5KJkx2fsTJpmXmbNAH+8Ml18b8ZkUO/0KAwtIZTAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMSf79AuT/RI5rvWWjAgEQgDuN7obV7JD4iBMnOJ4Th93DfM5j572dXjf+gWmHx4JKMTTJPX2w6hgfQXX3LjI49l0p479a6IXIlZJOSg=="
{{else}}
lightstep_token: "aws:kms:AQICAHgrx06TPoR1aNmcPHJjFu5mmoICT5KJkx2fsTJpmXmbNAHvvYXdV1r7NviF5S+Jyx5zAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMQBqSQk/2TuQOsHGOAgEQgDsrNbCwF4AxoQXZuxXUOPnuQhFCY02EhWcB4xqmjFy8DelZtiCldRtxRdLyDL4uXiEyV8vOFyhxgqso/A=="
{{end}}

# tokeninfo
{{if eq .Environment "production"}}
tokeninfo_url: "https://info.services.auth.zalando.com/oauth2/tokeninfo"
Expand Down
75 changes: 75 additions & 0 deletions cluster/manifests/cadvisor/daemonset.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,75 @@
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: cadvisor
namespace: kube-system
labels:
application: cadvisor
version: v0.30.2
spec:
updateStrategy:
type: RollingUpdate
selector:
matchLabels:
application: cadvisor
template:
metadata:
labels:
application: cadvisor
version: v0.30.2
spec:
priorityClassName: system-node-critical
containers:
- name: cadvisor
image: registry.opensource.zalan.do/teapot/cadvisor:v0.30.2
args:
- --housekeeping_interval=10s
- --max_housekeeping_interval=15s
- --event_storage_event_limit=default=0
- --event_storage_age_limit=default=0
- --disable_metrics=percpu,tcp,udp
- --docker_only
resources:
requests:
memory: 150Mi
cpu: 150m
limits:
memory: 150Mi
cpu: 150m
volumeMounts:
- name: rootfs
mountPath: /rootfs
readOnly: true
- name: var-run
mountPath: /var/run
readOnly: true
- name: sys
mountPath: /sys
readOnly: true
- name: docker
mountPath: /var/lib/docker
readOnly: true
ports:
- name: http
containerPort: 8080
protocol: TCP
automountServiceAccountToken: false
terminationGracePeriodSeconds: 30
volumes:
- name: rootfs
hostPath:
path: /
- name: var-run
hostPath:
path: /var/run
- name: sys
hostPath:
path: /sys
- name: docker
hostPath:
path: /var/lib/docker
tolerations:
- operator: Exists
effect: NoSchedule
- operator: Exists
effect: NoExecute
15 changes: 15 additions & 0 deletions cluster/manifests/cadvisor/service.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
kind: Service
apiVersion: v1
metadata:
name: cadvisor
namespace: kube-system
labels:
application: cadvisor
spec:
type: ClusterIP
ports:
- port: 80
targetPort: 8080
protocol: TCP
selector:
application: cadvisor
6 changes: 3 additions & 3 deletions cluster/manifests/coredns/deployment-coredns.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ metadata:
namespace: kube-system
labels:
application: coredns
version: v1.1.3
version: v1.2.0
kubernetes.io/cluster-service: "true"
kubernetes.io/name: "CoreDNS"
component: cluster-dns
Expand All @@ -22,7 +22,7 @@ spec:
metadata:
labels:
application: coredns
version: v1.1.3
version: v1.2.0
component: cluster-dns
spec:
affinity:
Expand All @@ -48,7 +48,7 @@ spec:
topologyKey: kubernetes.io/hostname
containers:
- name: coredns
image: registry.opensource.zalan.do/teapot/coredns:1.1.3
image: registry.opensource.zalan.do/teapot/coredns:1.2.0
resources:
requests:
cpu: 250m
Expand Down
6 changes: 3 additions & 3 deletions cluster/manifests/etcd-backup/cronjob.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ metadata:
namespace: kube-system
labels:
application: etcd-backup
version: "master-5"
version: "master-9"
spec:
schedule: "23 * * * *"
concurrencyPolicy: Forbid
Expand All @@ -16,15 +16,15 @@ spec:
metadata:
labels:
application: etcd-backup
version: "master-5"
version: "master-9"
annotations:
iam.amazonaws.com/role: "{{ .LocalID }}-etcd-backup"
spec:
priorityClassName: system-cluster-critical
restartPolicy: Never
containers:
- name: etcd-backup
image: pierone.stups.zalan.do/teapot/etcd-backup:master-5
image: pierone.stups.zalan.do/teapot/etcd-backup:master-9
env:
- name: ETCD_S3_BACKUP_BUCKET
value: "{{ .ConfigItems.etcd_s3_backup_bucket }}"
Expand Down
6 changes: 3 additions & 3 deletions cluster/manifests/heapster/deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ metadata:
labels:
application: heapster
kubernetes.io/cluster-service: "true"
version: v1.5.2
version: v1.5.4
spec:
replicas: 1
selector:
Expand All @@ -16,12 +16,12 @@ spec:
metadata:
labels:
application: heapster
version: v1.5.2
version: v1.5.4
spec:
priorityClassName: system-cluster-critical
serviceAccountName: system
containers:
- image: registry.opensource.zalan.do/teapot/heapster:v1.5.2
- image: registry.opensource.zalan.do/teapot/heapster:v1.5.4
name: heapster
livenessProbe:
httpGet:
Expand Down
6 changes: 3 additions & 3 deletions cluster/manifests/ingress-controller/deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ metadata:
namespace: kube-system
labels:
application: kube-ingress-aws-controller
version: v0.7.3
version: v0.7.4
spec:
replicas: 1
selector:
Expand All @@ -15,15 +15,15 @@ spec:
metadata:
labels:
application: kube-ingress-aws-controller
version: v0.7.3
version: v0.7.4
annotations:
iam.amazonaws.com/role: "{{ .LocalID }}-app-ingr-ctrl"
spec:
priorityClassName: system-cluster-critical
serviceAccountName: system
containers:
- name: controller
image: registry.opensource.zalan.do/teapot/kube-ingress-aws-controller:v0.7.3
image: registry.opensource.zalan.do/teapot/kube-ingress-aws-controller:v0.7.4
args:
- -stack-termination-protection
env:
Expand Down
6 changes: 3 additions & 3 deletions cluster/manifests/kube-cluster-autoscaler/daemonset.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ metadata:
namespace: kube-system
labels:
application: kube-cluster-autoscaler
version: v1.2.2-teapot14
version: v1.3.1-teapot16
spec:
selector:
matchLabels:
Expand All @@ -16,7 +16,7 @@ spec:
metadata:
labels:
application: kube-cluster-autoscaler
version: v1.2.2-teapot14
version: v1.3.1-teapot16
annotations:
iam.amazonaws.com/role: "{{ .LocalID }}-app-autoscaler"
config/pool-sizes: "{{range .NodePools}}{{.Name}}-{{.MinSize}}-{{.MaxSize}} {{end}}"
Expand All @@ -29,7 +29,7 @@ spec:
effect: NoSchedule
containers:
- name: cluster-autoscaler
image: registry.opensource.zalan.do/teapot/kube-cluster-autoscaler-custom:v1.2.2-teapot14
image: registry.opensource.zalan.do/teapot/kube-cluster-autoscaler-custom:v1.3.1-teapot16
command:
- ./cluster-autoscaler
- --v=4
Expand Down
4 changes: 1 addition & 3 deletions cluster/manifests/kube-proxy/configmap.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,9 +24,7 @@ data:
tcpEstablishedTimeout: 24h0m0s
enableProfiling: false
featureGates:
ExperimentalCriticalPodAnnotation: true
TaintBasedEvictions: true
PodPriority: true
healthzBindAddress: 0.0.0.0:10256
hostnameOverride: ""
iptables:
Expand All @@ -44,4 +42,4 @@ data:
oomScoreAdj: -999
portRange: ""
resourceContainer: /kube-proxy
udpTimeoutMilliseconds: 250ms
udpIdleTimeout: 250ms
6 changes: 3 additions & 3 deletions cluster/manifests/kube-proxy/daemonset.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ metadata:
namespace: kube-system
labels:
application: kube-proxy
version: v1.10.5
version: v1.11.3
spec:
selector:
matchLabels:
Expand All @@ -17,7 +17,7 @@ spec:
name: kube-proxy
labels:
application: kube-proxy
version: v1.10.5
version: v1.11.3
annotations:
config/hash: {{"configmap.yaml" | manifestHash}}
spec:
Expand All @@ -30,7 +30,7 @@ spec:
hostNetwork: true
containers:
- name: kube-proxy
image: registry.opensource.zalan.do/teapot/hyperkube:v1.10.5
image: registry.opensource.zalan.do/teapot/hyperkube:v1.11.3
command:
- /hyperkube
- proxy
Expand Down
39 changes: 29 additions & 10 deletions cluster/manifests/prometheus/configmap.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -92,21 +92,40 @@ data:
- action: replace
source_labels: ['__meta_kubernetes_pod_node_name']
target_label: node_name
- job_name: 'kubelet-cadvisor'
- job_name: 'cadvisor'
scheme: http
honor_labels: true
kubernetes_sd_configs:
- role: node
- role: endpoints
namespaces:
names:
- kube-system
relabel_configs:
- source_labels: [__meta_kubernetes_endpoints_name]
action: keep
regex: cadvisor
- action: replace
source_labels: ['__meta_kubernetes_pod_node_name']
target_label: node_name
metric_relabel_configs:
- action: replace
source_labels: ['container_label_application']
target_label: application
- action: replace
source_labels: ['container_label_io_kubernetes_container_name']
target_label: container_name
- action: replace
source_labels: ['container_label_io_kubernetes_pod_name']
target_label: pod_name
- action: replace
source_labels: ['container_label_io_kubernetes_pod_namespace']
target_label: namespace
- action: replace
source_labels: ['container_label_io_kubernetes_pod_uid']
target_label: uid
- source_labels: [__name__]
action: keep
regex: '(container_cpu_cfs_throttled_seconds_total|container_cpu_usage_seconds_total|container_memory_working_set_bytes|container_network_receive_bytes_total|container_network_transmit_bytes_total)'
relabel_configs:
- source_labels: [__meta_kubernetes_node_address_InternalIP]
target_label: __address__
regex: (.*)
replacement: $1:4194
- action: replace
source_labels: [instance]
target_label: node_name
- job_name: 'kubelet-metrics'
kubernetes_sd_configs:
- role: node
Expand Down
14 changes: 10 additions & 4 deletions cluster/manifests/skipper/daemonset.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ metadata:
namespace: kube-system
labels:
application: skipper-ingress
version: v0.10.59
version: v0.10.80
component: ingress
spec:
selector:
Expand All @@ -18,7 +18,7 @@ spec:
name: skipper-ingress
labels:
application: skipper-ingress
version: v0.10.59
version: v0.10.80
component: ingress
annotations:
kubernetes-log-watcher/scalyr-parser: |
Expand All @@ -33,13 +33,18 @@ spec:
hostNetwork: true
containers:
- name: skipper-ingress
image: registry.opensource.zalan.do/pathfinder/skipper:v0.10.59
image: registry.opensource.zalan.do/pathfinder/skipper-lightstep:v0.10.80
ports:
- name: ingress-port
containerPort: 9999
hostPort: 9999
env:
- name: LIGHTSTEP_TOKEN
valueFrom:
secretKeyRef:
name: skipper-ingress
key: lightstep-token
args:
- "skipper"
- "-kubernetes"
- "-kubernetes-in-cluster"
- "-kubernetes-path-mode=path-prefix"
Expand All @@ -55,6 +60,7 @@ spec:
- "-enable-connection-metrics"
- "-oauth2-tokeninfo-url={{ .ConfigItems.tokeninfo_url }}"
- "-histogram-metric-buckets=.01,.025,.05,.075,.1,.2,.3,.4,.5,.75,1,2,3,4,5,7,10,15,20,30,60,120,300,600"
- "-opentracing=tracing_lightstep component-name=skipper-ingress token=$(LIGHTSTEP_TOKEN) collector=tracing.zmon.zalan.do:8444 cmd-line=skipper-ingress max-buffered-spans=4096"
resources:
limits:
memory: 200Mi
Expand Down
Loading

0 comments on commit 2f54c35

Please sign in to comment.