Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(helm): set CP memory limits, by default equal to memory request, set CP CPU requests #6127

Merged
merged 6 commits into from
Mar 10, 2023
Merged

fix(helm): set CP memory limits, by default equal to memory request, set CP CPU requests #6127

Show file tree
Hide file tree
Changes from 5 commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
ab73ae4
ci: don't require CPU limits and enable kube-linter checks
michaelbeaumont Feb 24, 2023
cc5a795
ci(make): only kube-lint deployments/charts/kuma
michaelbeaumont Feb 27, 2023
bc9d236
fix(helm): set CP memory limits, by default equal to memory request
michaelbeaumont Feb 24, 2023
7685ce6
chore: regenerate
michaelbeaumont Feb 28, 2023
8ee4245
Merge branch 'master' into fix/helm_limits
michaelbeaumont Mar 10, 2023
3dd187f
Merge branch 'master' into fix/helm_limits
michaelbeaumont Mar 10, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
18 changes: 15 additions & 3 deletions .kube-linter.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,18 @@
checks:
doNotAutoAddDefaults: true
include:
- "privileged-container"
exclude:
- "unset-cpu-requirements"

customChecks:
- name: "unset-cpu-requests"
description: "Indicates when containers do not have CPU requests set."
scope:
objectKinds:
- DeploymentLike
remediation: >-
Set CPU requests for your container based on its requirements.
Refer to https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/#requests-and-limits for details.
template: "cpu-requirements"
params:
requirementsType: "request"
lowerBoundMillis: 0
upperBoundMillis: 0
4 changes: 3 additions & 1 deletion app/kumactl/cmd/install/testdata/install-control-plane.cni-enabled.golden.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -652,8 +652,10 @@ spec:
path: /ready
port: 5680
resources:
limits:
memory: 256Mi
requests:
cpu: 100m
cpu: 500m
memory: 256Mi

volumeMounts:
Expand Down
4 changes: 3 additions & 1 deletion app/kumactl/cmd/install/testdata/install-control-plane.cni-legacy-enabled.golden.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -630,8 +630,10 @@ spec:
path: /ready
port: 5680
resources:
limits:
memory: 256Mi
requests:
cpu: 100m
cpu: 500m
memory: 256Mi

volumeMounts:
Expand Down
4 changes: 3 additions & 1 deletion app/kumactl/cmd/install/testdata/install-control-plane.defaults.golden.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5897,8 +5897,10 @@ spec:
path: /ready
port: 5680
resources:
limits:
memory: 256Mi
requests:
cpu: 100m
cpu: 500m
memory: 256Mi

volumeMounts:
Expand Down
8 changes: 3 additions & 5 deletions app/kumactl/cmd/install/testdata/install-control-plane.dump-values.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -158,14 +158,12 @@ controlPlane:
automountServiceAccountToken: true

# -- Optionally override the resource spec
# @default -- the resources will be chosen based on the mode
resources:
requests:
# cpu: 100m
# memory: 256Mi
cpu: 500m
memory: 256Mi
limits:
# cpu: 250m
# memory: 512Mi
memory: 256Mi

# -- Pod lifecycle settings (useful for adding a preStop hook, when
# using AWS ALB or NLB)
Expand Down
4 changes: 3 additions & 1 deletion app/kumactl/cmd/install/testdata/install-control-plane.gateway-api-present-not-enabled.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5897,8 +5897,10 @@ spec:
path: /ready
port: 5680
resources:
limits:
memory: 256Mi
requests:
cpu: 100m
cpu: 500m
memory: 256Mi

volumeMounts:
Expand Down
4 changes: 3 additions & 1 deletion app/kumactl/cmd/install/testdata/install-control-plane.gateway-api-present.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6053,8 +6053,10 @@ spec:
path: /ready
port: 5680
resources:
limits:
memory: 256Mi
requests:
cpu: 100m
cpu: 500m
memory: 256Mi

volumeMounts:
Expand Down
2 changes: 2 additions & 0 deletions app/kumactl/cmd/install/testdata/install-control-plane.global-universal-on-k8s.golden.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -232,6 +232,8 @@ spec:
path: /ready
port: 5680
resources:
limits:
memory: 256Mi
requests:
cpu: 500m
memory: 256Mi
Expand Down
2 changes: 2 additions & 0 deletions app/kumactl/cmd/install/testdata/install-control-plane.global.golden.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -467,6 +467,8 @@ spec:
path: /ready
port: 5680
resources:
limits:
memory: 256Mi
requests:
cpu: 500m
memory: 256Mi
Expand Down
4 changes: 3 additions & 1 deletion app/kumactl/cmd/install/testdata/install-control-plane.override-env-vars.golden.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -452,8 +452,10 @@ spec:
path: /ready
port: 5680
resources:
limits:
memory: 256Mi
requests:
cpu: 100m
cpu: 500m
memory: 256Mi

volumeMounts:
Expand Down
4 changes: 3 additions & 1 deletion app/kumactl/cmd/install/testdata/install-control-plane.overrides.golden.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -468,8 +468,10 @@ spec:
path: /ready
port: 5680
resources:
limits:
memory: 256Mi
requests:
cpu: 100m
cpu: 500m
memory: 256Mi

volumeMounts:
Expand Down
4 changes: 3 additions & 1 deletion app/kumactl/cmd/install/testdata/install-control-plane.registry.golden.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -452,8 +452,10 @@ spec:
path: /ready
port: 5680
resources:
limits:
memory: 256Mi
requests:
cpu: 100m
cpu: 500m
memory: 256Mi

volumeMounts:
Expand Down
4 changes: 3 additions & 1 deletion ...l/cmd/install/testdata/install-control-plane.tproxy-ebpf-experimental-enabled.golden.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -462,8 +462,10 @@ spec:
path: /ready
port: 5680
resources:
limits:
memory: 256Mi
requests:
cpu: 100m
cpu: 500m
memory: 256Mi

volumeMounts:
Expand Down
4 changes: 3 additions & 1 deletion app/kumactl/cmd/install/testdata/install-control-plane.with-egress.golden.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -483,8 +483,10 @@ spec:
path: /ready
port: 5680
resources:
limits:
memory: 256Mi
requests:
cpu: 100m
cpu: 500m
memory: 256Mi

volumeMounts:
Expand Down
4 changes: 3 additions & 1 deletion app/kumactl/cmd/install/testdata/install-control-plane.with-helm-set.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5963,8 +5963,10 @@ spec:
path: /ready
port: 5680
resources:
limits:
memory: 256Mi
requests:
cpu: 100m
cpu: 500m
memory: 256Mi

volumeMounts:
Expand Down
4 changes: 3 additions & 1 deletion app/kumactl/cmd/install/testdata/install-control-plane.with-helm-values.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -452,8 +452,10 @@ spec:
path: /ready
port: 5680
resources:
limits:
memory: 256Mi
requests:
cpu: 100m
cpu: 500m
memory: 256Mi

volumeMounts:
Expand Down
4 changes: 3 additions & 1 deletion app/kumactl/cmd/install/testdata/install-control-plane.with-ingress.golden.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -487,8 +487,10 @@ spec:
path: /ready
port: 5680
resources:
limits:
memory: 256Mi
requests:
cpu: 100m
cpu: 500m
memory: 256Mi

volumeMounts:
Expand Down
4 changes: 3 additions & 1 deletion app/kumactl/cmd/install/testdata/install-control-plane.zone.golden.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -456,8 +456,10 @@ spec:
path: /ready
port: 5680
resources:
limits:
memory: 256Mi
requests:
cpu: 100m
cpu: 500m
memory: 256Mi

volumeMounts:
Expand Down
4 changes: 3 additions & 1 deletion app/kumactl/cmd/install/testdata/install-cp-helm/empty.golden.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -452,8 +452,10 @@ spec:
path: /ready
port: 5680
resources:
limits:
memory: 256Mi
requests:
cpu: 100m
cpu: 500m
memory: 256Mi

volumeMounts:
Expand Down
4 changes: 3 additions & 1 deletion app/kumactl/cmd/install/testdata/install-cp-helm/fix4485.golden.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -475,8 +475,10 @@ spec:
path: /ready
port: 5680
resources:
limits:
memory: 256Mi
requests:
cpu: 100m
cpu: 500m
memory: 256Mi

volumeMounts:
Expand Down
4 changes: 3 additions & 1 deletion app/kumactl/cmd/install/testdata/install-cp-helm/fix4496.golden.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -498,8 +498,10 @@ spec:
path: /ready
port: 5680
resources:
limits:
memory: 256Mi
requests:
cpu: 100m
cpu: 500m
memory: 256Mi

volumeMounts:
Expand Down
4 changes: 3 additions & 1 deletion app/kumactl/cmd/install/testdata/install-cp-helm/fix4935.golden.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -728,8 +728,10 @@ spec:
path: /ready
port: 5680
resources:
limits:
memory: 256Mi
requests:
cpu: 100m
cpu: 500m
memory: 256Mi

volumeMounts:
Expand Down
4 changes: 3 additions & 1 deletion app/kumactl/cmd/install/testdata/install-cp-helm/fix5978.golden.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -518,8 +518,10 @@ spec:
path: /ready
port: 5680
resources:
limits:
memory: 256Mi
requests:
cpu: 100m
cpu: 500m
memory: 256Mi

volumeMounts:
Expand Down
4 changes: 3 additions & 1 deletion app/kumactl/cmd/install/testdata/install-cp-helm/securityContext.golden.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -453,8 +453,10 @@ spec:
path: /ready
port: 5680
resources:
limits:
memory: 256Mi
lahabana marked this conversation as resolved.
Show resolved Hide resolved
requests:
cpu: 100m
cpu: 500m
memory: 256Mi

volumeMounts:
Expand Down
2 changes: 1 addition & 1 deletion deployments/charts/kuma/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -53,7 +53,7 @@ A Helm chart for the Kuma Control Plane
| controlPlane.globalZoneSyncService.port | int | `5685` | Port on which Global Zone Sync Service is exposed |
| controlPlane.defaults.skipMeshCreation | bool | `false` | Whether to skip creating the default Mesh |
| controlPlane.automountServiceAccountToken | bool | `true` | Whether to automountServiceAccountToken for cp. Optionally set to false |
| controlPlane.resources | object | the resources will be chosen based on the mode | Optionally override the resource spec |
| controlPlane.resources | object | `{"limits":{"memory":"256Mi"},"requests":{"cpu":"500m","memory":"256Mi"}}` | Optionally override the resource spec |
| controlPlane.lifecycle | object | `{}` | Pod lifecycle settings (useful for adding a preStop hook, when using AWS ALB or NLB) |
| controlPlane.terminationGracePeriodSeconds | int | `30` | Number of seconds to wait before force killing the pod. Make sure to update this if you add a preStop hook. |
| controlPlane.tls.general.secretName | string | `""` | Secret that contains tls.crt, tls.key [and ca.crt when no controlPlane.tls.general.caSecretName specified] for protecting Kuma in-cluster communication |
Expand Down
17 changes: 2 additions & 15 deletions deployments/charts/kuma/templates/cp-deployment.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -153,21 +153,8 @@ spec:
path: /ready
port: 5680
resources:
{{- if .Values.controlPlane.resources.requests }}
requests:
{{ .Values.controlPlane.resources.requests | toYaml | nindent 14 }}
{{- else if eq .Values.controlPlane.mode "global" }}
requests:
cpu: 500m
memory: 256Mi
{{- else }}
requests:
cpu: 100m
memory: 256Mi
{{- end }}
{{- if .Values.controlPlane.resources.limits }}
limits:
{{ .Values.controlPlane.resources.limits | toYaml | nindent 14 }}
{{- if .Values.controlPlane.resources }}
{{- .Values.controlPlane.resources | toYaml | nindent 12 }}
{{- end }}
{{ with .Values.controlPlane.lifecycle }}
lifecycle: {{ . | toYaml | nindent 14 }}
Expand Down
8 changes: 3 additions & 5 deletions deployments/charts/kuma/values.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -158,14 +158,12 @@ controlPlane:
automountServiceAccountToken: true

# -- Optionally override the resource spec
# @default -- the resources will be chosen based on the mode
resources:
requests:
# cpu: 100m
# memory: 256Mi
cpu: 500m
memory: 256Mi
limits:
# cpu: 250m
# memory: 512Mi
memory: 256Mi

# -- Pod lifecycle settings (useful for adding a preStop hook, when
# using AWS ALB or NLB)
Expand Down
2 changes: 1 addition & 1 deletion mk/check.mk
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,7 @@ format: fmt format/common

.PHONY: kube-lint
kube-lint:
$(KUBE_LINTER) lint .
$(KUBE_LINTER) lint deployments/charts/kuma
michaelbeaumont marked this conversation as resolved.
Show resolved Hide resolved

.PHONY: hadolint
hadolint:
Expand Down