Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Dev #9

Merged
merged 2 commits into from
May 18, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
23 changes: 23 additions & 0 deletions NOTES.md
Original file line number Diff line number Diff line change
Expand Up @@ -372,3 +372,26 @@ metrics:
```

All of the above is the minimum required in order for scraping to work

# How To Drain Off A Node
- https://stackoverflow.com/questions/39231880/kubernetes-api-get-pods-on-specific-nodes
- https://spacelift.io/blog/kubectl-delete-pod

Get a list of all your nodes
```bash
kubectl get nodes -o wide
```

Find out what is all running on your node:
```bash
kubectl get pods -A -o wide --field-selector spec.nodeName=<node name>
```

Drain the node
```bash
kubectl drain <node name> --delete-emptydir-data --ignore-daemonsets
```
This will ignore PVCs and Daemonsets on the node, don't include those parameters if you want to be stopped from that happening

Once drained complete, go to your Cloud PRovder and terminate the node

20 changes: 20 additions & 0 deletions RECOMMENDATIONS.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
# Recommendations

This is a doc outlining things to consider when setting up your own kubernetes cluster. Things that should be evaluated to have an effecting scaling and operation of Kubernetes

# How Are People Connecting To Your Cluster ?
LoadBalancers are easier, but they cost more per. Ingress Controller is more complicated BUT it only uses one LoadBalancer

# Install your CRDS First
Interdependencies between your applications will make this easier

# Version Lock Everything
You don't want your CRDs or application upgrading at a random time from a random deploy. CRD and Operator misalignment is a pain in the ass to debug as there is generally no logs from the application, and nothing but vague output from Kubernetes

# Setup All Your Metrics Monitoring Services And Then Put In Resource.Limits and Resource.Requests parameters
These metrics are how Kubernetes will assign your resources. If they are not defined, kubernetes will dump them just anywhere.

Also, you can't really determine what a pod needs until its running. So you'll want to setup either metrics-server or prometheus-adapter or some way to monitor CPU and Memory usage of your Pod so you can determine how much it needs, and how much it should _not_ need.

Without these values, Kubernetes is pretty ineffective at scaling and optimising your cluster resources

13 changes: 13 additions & 0 deletions manifest.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
apiVersion: apiregistration.k8s.io/v1
kind: APIService
metadata:
name: v1beta1.custom.metrics.k8s.io
spec:
service:
name: prometheus-adapter
namespace: prometheus-adapter
group: custom.metrics.k8s.io
version: v1beta1
insecureSkipTLSVerify: true
groupPriorityMinimum: 100
versionPriority: 100
6 changes: 4 additions & 2 deletions modules/k8config/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -86,6 +86,7 @@ module "argocd" {
]
}


module "prometheus" {
source = "./modules/prometheus"

Expand All @@ -104,6 +105,7 @@ module "prometheus" {
]
}


module "kyverno" {
source = "./modules/kyverno"

Expand All @@ -113,7 +115,6 @@ module "kyverno" {
}

depends_on = [
module.prometheus,
time_sleep.wait_60_seconds
]
}
Expand Down Expand Up @@ -159,4 +160,5 @@ module "prometheus-adapter" {
time_sleep.wait_60_seconds,
module.prometheus
]
}
}

Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
# All Values: https://github.com/cert-manager/cert-manager/blob/master/deploy/charts/cert-manager/values.yaml


installCRDs: false # this is deprecated but still necessary ! The other options won't install it

crds:
enabled: false # whether to install the CRDs
keep: true # whether to keep the CRDs after cert-manager is removed

# Updating this to include cloudflare since we use that for validation
# Its likely to be up-to-date the fastest. Google is just an always good redundancy
# CloudFlare DNS Servers:
# - 1.1.1.1:53
# - 1.0.0.1:53
# Google DNS Servers:
# - 8.8.8.8:53
# - 8.8.4.4:53
dns01RecursiveNameservers: "1.1.1.1:53,1.0.0.1:53,8.8.8.8:53,8.8.4.4:53"


prometheus:
enabled: true
servicemonitor:
enabled: true


affinity:
nodeAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 1
preference:
matchExpressions:
- key: resource-demand
operator: In
values:
- low
Loading
Loading