From 3adaed739521244e688c6ddade1b01b6d366a4b8 Mon Sep 17 00:00:00 2001 From: Steve Hipwell Date: Wed, 26 Jul 2023 14:17:41 +0100 Subject: [PATCH] feat(chart): Added changes for v3.11.0 Signed-off-by: Steve Hipwell --- charts/metrics-server/Chart.yaml | 18 +-- charts/metrics-server/README.md | 132 +++++++++--------- .../metrics-server/templates/deployment.yaml | 3 +- charts/metrics-server/values.yaml | 20 ++- 4 files changed, 89 insertions(+), 84 deletions(-) diff --git a/charts/metrics-server/Chart.yaml b/charts/metrics-server/Chart.yaml index 996f21301..054f84dfe 100644 --- a/charts/metrics-server/Chart.yaml +++ b/charts/metrics-server/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: metrics-server description: Metrics Server is a scalable, efficient source of container resource metrics for Kubernetes built-in autoscaling pipelines. type: application -version: 3.10.0 -appVersion: 0.6.3 +version: 3.11.0 +appVersion: 0.6.4 keywords: - kubernetes - metrics-server @@ -21,11 +21,11 @@ maintainers: url: https://github.com/endrec annotations: artifacthub.io/changes: | - - kind: fixed - description: "Fixed auth-reader role binding namespace to always use kube-system." - - kind: fixed - description: "Fixed addon resizer configuration." - kind: added - description: "Added support for running under PodSecurity restricted." - - kind: fixed - description: "Fixed container port default not having been updated to 10250." + description: "Added default Metrics Server resource requests." + - kind: changed + description: "Updated the Metrics Server OCI image to v0.6.3." + - kind: changed + description: "Updated the addon resizer OCI image to v1.8.19." + - kind: changed + description: "Changed the default addon resizer nanny resource configuration to match the documented Metrics Server autoscaling values." diff --git a/charts/metrics-server/README.md b/charts/metrics-server/README.md index a10cbae5f..50956b9ad 100644 --- a/charts/metrics-server/README.md +++ b/charts/metrics-server/README.md @@ -22,69 +22,69 @@ helm upgrade --install metrics-server metrics-server/metrics-server The following table lists the configurable parameters of the _Metrics Server_ chart and their default values. -| Parameter | Description | Default | -| ------------------------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------ | -| `image.repository` | Image repository. | `registry.k8s.io/metrics-server/metrics-server` | -| `image.tag` | Image tag, will override the default tag derived from the chart app version. | `""` | -| `image.pullPolicy` | Image pull policy. | `IfNotPresent` | -| `imagePullSecrets` | Image pull secrets. | `[]` | -| `nameOverride` | Override the `name` of the chart. | `nil` | -| `fullnameOverride` | Override the `fullname` of the chart. | `nil` | -| `serviceAccount.create` | If `true`, create a new service account. | `true` | -| `serviceAccount.annotations` | Annotations to add to the service account. | `{}` | -| `serviceAccount.name` | Service account to be used. If not set and `serviceAccount.create` is `true`, a name is generated using the full name template. | `nil` | -| `serviceAccount.secrets` | The list of secrets mountable by this service account. See https://kubernetes.io/docs/reference/labels-annotations-taints/#enforce-mountable-secrets | `[]` | -| `rbac.create` | If `true`, create the RBAC resources. | `true` | -| `rbac.pspEnabled` | If `true`, create a pod security policy resource. | `false` | -| `apiService.create` | If `true`, create the `v1beta1.metrics.k8s.io` API service. You typically want this enabled! If you disable API service creation you have to manage it outside of this chart for e.g horizontal pod autoscaling to work with this release. | `true` | -| `apiService.annotations` | Annotations to add to the API service | `{}` | -| `apiService.insecureSkipTLSVerify` | Specifies whether to skip TLS verification | `true` | -| `apiService.caBundle` | The PEM encoded CA bundle for TLS verification | `""` | -| `commonLabels` | Labels to add to each object of the chart. | `{}` | -| `podLabels` | Labels to add to the pod. | `{}` | -| `podAnnotations` | Annotations to add to the pod. | `{}` | -| `podSecurityContext` | Security context for the pod. | `{}` | -| `securityContext` | Security context for the _metrics-server_ container. | _See values.yaml_ | -| `priorityClassName` | Priority class name to use. | `system-cluster-critical` | -| `containerPort` | port for the _metrics-server_ container. | `10250` | -| `hostNetwork.enabled` | If `true`, start _metric-server_ in hostNetwork mode. You would require this enabled if you use alternate overlay networking for pods and API server unable to communicate with metrics-server. As an example, this is required if you use Weave network on EKS. | `false` | -| `replicas` | Number of replicas to run. | `1` | -| `updateStrategy` | Customise the default update strategy. | `{}` | -| `podDisruptionBudget.enabled` | If `true`, create `PodDisruptionBudget` resource. | `{}` | -| `podDisruptionBudget.minAvailable` | Set the `PodDisruptionBugdet` minimum available pods. | `nil` | -| `podDisruptionBudget.maxUnavailable` | Set the `PodDisruptionBugdet` maximum unavailable pods. | `nil` | -| `defaultArgs` | Default arguments to pass to the _metrics-server_ command. | See _values.yaml_ | -| `args` | Additional arguments to pass to the _metrics-server_ command. | `[]` | -| `livenessProbe` | Liveness probe. | See _values.yaml_ | -| `readinessProbe` | Readiness probe. | See _values.yaml_ | -| `service.type` | Service type. | `ClusterIP` | -| `service.port` | Service port. | `443` | -| `service.annotations` | Annotations to add to the service. | `{}` | -| `service.labels` | Labels to add to the service. | `{}` | -| `addonResizer.enabled` | If `true`, run the addon-resizer as a sidecar to automatically scale resource requests with cluster size. | `false` | -| `addonResizer.image.repository` | addon-resizer image repository | registry.k8s.io/autoscaling/addon-resizer | -| `addonResizer.image.tag` | addon-resizer image tag | 1.8.14 | -| `addonResizer.resources` | Resource requests and limits for the _nanny_ container. | `{limits: {cpu: 40m, memory: 25Mi}, requests: {cpu: 40m, memory: 25Mi}}` | -| `addonResizer.nanny.cpu` | The base CPU requirement. | 20m | -| `addonResizer.nanny.extraCPU` | The amount of CPU to add per node. | 1m | -| `addonResizer.nanny.extraMemory` | The amount of memory to add per node. | 2Mi | -| `addonResizer.nanny.memory` | The base memory requirement. | 15Mi | -| `addonResizer.nanny.minClusterSize` | Specifies the smallest number of nodes resources will be scaled to. | 10 | -| `addonResizer.nanny.pollPeriod` | The time, in milliseconds, to poll the dependent container. | 300000 | -| `addonResizer.nanny.threshold` | A number between 0-100. The dependent's resources are rewritten when they deviate from expected by more than threshold. | 5 | -| `metrics.enabled` | If `true`, allow unauthenticated access to `/metrics`. | `false` | -| `serviceMonitor.enabled` | If `true`, create a _Prometheus_ service monitor. This needs `metrics.enabled` to be `true`. | `false` | -| `serviceMonitor.additionalLabels` | Additional labels to be set on the ServiceMonitor. | `{}` | -| `serviceMonitor.metricRelabelings` | _Prometheus_ metric relabeling. | `[]` | -| `serviceMonitor.relabelings` | _Prometheus_ relabeling. | `[]` | -| `serviceMonitor.interval` | _Prometheus_ scrape frequency. | `1m` | -| `serviceMonitor.scrapeTimeout` | _Prometheus_ scrape timeout. | `10s` | -| `resources` | Resource requests and limits for the _metrics-server_ container. See https://github.com/kubernetes-sigs/metrics-server#scaling | `{}` | -| `extraVolumeMounts` | Additional volume mounts for the _metrics-server_ container. | `[]` | -| `extraVolumes` | Additional volumes for the pod. | `[]` | -| `nodeSelector` | Node labels for pod assignment. | `{}` | -| `tolerations` | Tolerations for pod assignment. | `[]` | -| `affinity` | Affinity for pod assignment. | `{}` | -| `topologySpreadConstraints` | Pod Topology Spread Constraints. | `[]` | -| `deploymentAnnotations` | Annotations to add to the deployment. | `{}` | -| `schedulerName` | scheduler to set to the deployment. | `""` | +| Parameter | Description | Default | +| ------------------------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------ | +| `image.repository` | Image repository. | `registry.k8s.io/metrics-server/metrics-server` | +| `image.tag` | Image tag, will override the default tag derived from the chart app version. | `""` | +| `image.pullPolicy` | Image pull policy. | `IfNotPresent` | +| `imagePullSecrets` | Image pull secrets. | `[]` | +| `nameOverride` | Override the `name` of the chart. | `nil` | +| `fullnameOverride` | Override the `fullname` of the chart. | `nil` | +| `serviceAccount.create` | If `true`, create a new service account. | `true` | +| `serviceAccount.annotations` | Annotations to add to the service account. | `{}` | +| `serviceAccount.name` | Service account to be used. If not set and `serviceAccount.create` is `true`, a name is generated using the full name template. | `nil` | +| `serviceAccount.secrets` | The list of secrets mountable by this service account. See https://kubernetes.io/docs/reference/labels-annotations-taints/#enforce-mountable-secrets | `[]` | +| `rbac.create` | If `true`, create the RBAC resources. | `true` | +| `rbac.pspEnabled` | If `true`, create a pod security policy resource. | `false` | +| `apiService.create` | If `true`, create the `v1beta1.metrics.k8s.io` API service. You typically want this enabled! If you disable API service creation you have to manage it outside of this chart for e.g horizontal pod autoscaling to work with this release. | `true` | +| `apiService.annotations` | Annotations to add to the API service | `{}` | +| `apiService.insecureSkipTLSVerify` | Specifies whether to skip TLS verification | `true` | +| `apiService.caBundle` | The PEM encoded CA bundle for TLS verification | `""` | +| `commonLabels` | Labels to add to each object of the chart. | `{}` | +| `podLabels` | Labels to add to the pod. | `{}` | +| `podAnnotations` | Annotations to add to the pod. | `{}` | +| `podSecurityContext` | Security context for the pod. | `{}` | +| `securityContext` | Security context for the _metrics-server_ container. | _See values.yaml_ | +| `priorityClassName` | Priority class name to use. | `system-cluster-critical` | +| `containerPort` | port for the _metrics-server_ container. | `10250` | +| `hostNetwork.enabled` | If `true`, start _metric-server_ in hostNetwork mode. You would require this enabled if you use alternate overlay networking for pods and API server unable to communicate with metrics-server. As an example, this is required if you use Weave network on EKS. | `false` | +| `replicas` | Number of replicas to run. | `1` | +| `updateStrategy` | Customise the default update strategy. | `{}` | +| `podDisruptionBudget.enabled` | If `true`, create `PodDisruptionBudget` resource. | `{}` | +| `podDisruptionBudget.minAvailable` | Set the `PodDisruptionBugdet` minimum available pods. | `nil` | +| `podDisruptionBudget.maxUnavailable` | Set the `PodDisruptionBugdet` maximum unavailable pods. | `nil` | +| `defaultArgs` | Default arguments to pass to the _metrics-server_ command. | See _values.yaml_ | +| `args` | Additional arguments to pass to the _metrics-server_ command. | `[]` | +| `livenessProbe` | Liveness probe. | See _values.yaml_ | +| `readinessProbe` | Readiness probe. | See _values.yaml_ | +| `service.type` | Service type. | `ClusterIP` | +| `service.port` | Service port. | `443` | +| `service.annotations` | Annotations to add to the service. | `{}` | +| `service.labels` | Labels to add to the service. | `{}` | +| `addonResizer.enabled` | If `true`, run the addon-resizer as a sidecar to automatically scale resource requests with cluster size. | `false` | +| `addonResizer.image.repository` | addon-resizer image repository | `registry.k8s.io/autoscaling/addon-resizer` | +| `addonResizer.image.tag` | addon-resizer image tag | `1.8.19` | +| `addonResizer.resources` | Resource requests and limits for the _nanny_ container. | `{ requests: { cpu: 40m, memory: 25Mi }, limits: { cpu: 40m, memory: 25Mi } }` | +| `addonResizer.nanny.cpu` | The base CPU requirement. | `0m` | +| `addonResizer.nanny.extraCPU` | The amount of CPU to add per node. | `1m` | +| `addonResizer.nanny.memory` | The base memory requirement. | `0Mi` | +| `addonResizer.nanny.extraMemory` | The amount of memory to add per node. | `2Mi` | +| `addonResizer.nanny.minClusterSize` | Specifies the smallest number of nodes resources will be scaled to. | `100` | +| `addonResizer.nanny.pollPeriod` | The time, in milliseconds, to poll the dependent container. | `300000` | +| `addonResizer.nanny.threshold` | A number between 0-100. The dependent's resources are rewritten when they deviate from expected by more than threshold. | `5` | +| `metrics.enabled` | If `true`, allow unauthenticated access to `/metrics`. | `false` | +| `serviceMonitor.enabled` | If `true`, create a _Prometheus_ service monitor. This needs `metrics.enabled` to be `true`. | `false` | +| `serviceMonitor.additionalLabels` | Additional labels to be set on the ServiceMonitor. | `{}` | +| `serviceMonitor.metricRelabelings` | _Prometheus_ metric relabeling. | `[]` | +| `serviceMonitor.relabelings` | _Prometheus_ relabeling. | `[]` | +| `serviceMonitor.interval` | _Prometheus_ scrape frequency. | `1m` | +| `serviceMonitor.scrapeTimeout` | _Prometheus_ scrape timeout. | `10s` | +| `resources` | Resource requests and limits for the _metrics-server_ container. See https://github.com/kubernetes-sigs/metrics-server#scaling | `{ requests: { cpu: 100m, memory: 200Mi }}` | +| `extraVolumeMounts` | Additional volume mounts for the _metrics-server_ container. | `[]` | +| `extraVolumes` | Additional volumes for the pod. | `[]` | +| `nodeSelector` | Node labels for pod assignment. | `{}` | +| `tolerations` | Tolerations for pod assignment. | `[]` | +| `affinity` | Affinity for pod assignment. | `{}` | +| `topologySpreadConstraints` | Pod Topology Spread Constraints. | `[]` | +| `deploymentAnnotations` | Annotations to add to the deployment. | `{}` | +| `schedulerName` | scheduler to set to the deployment. | `""` | diff --git a/charts/metrics-server/templates/deployment.yaml b/charts/metrics-server/templates/deployment.yaml index 9f44be441..1d656fccd 100644 --- a/charts/metrics-server/templates/deployment.yaml +++ b/charts/metrics-server/templates/deployment.yaml @@ -103,9 +103,8 @@ spec: - /pod_nanny - --config-dir=/etc/config - --deployment={{ include "metrics-server.fullname" . }} - - --threshold={{ .Values.addonResizer.nanny.threshold }} - - --deployment={{ include "metrics-server.fullname" . }} - --container=metrics-server + - --threshold={{ .Values.addonResizer.nanny.threshold }} - --poll-period={{ .Values.addonResizer.nanny.pollPeriod }} - --estimator=exponential - --minClusterSize={{ .Values.addonResizer.nanny.minClusterSize }} diff --git a/charts/metrics-server/values.yaml b/charts/metrics-server/values.yaml index 7520a947b..fba10aaf2 100644 --- a/charts/metrics-server/values.yaml +++ b/charts/metrics-server/values.yaml @@ -127,20 +127,20 @@ addonResizer: enabled: false image: repository: registry.k8s.io/autoscaling/addon-resizer - tag: 1.8.14 + tag: 1.8.19 resources: - limits: + requests: cpu: 40m memory: 25Mi - requests: + limits: cpu: 40m memory: 25Mi nanny: - cpu: 20m + cpu: 0m extraCpu: 1m + memory: 0Mi extraMemory: 2Mi - memory: 15Mi - minClusterSize: 10 + minClusterSize: 100 pollPeriod: 300000 threshold: 5 @@ -156,7 +156,13 @@ serviceMonitor: relabelings: [] # See https://github.com/kubernetes-sigs/metrics-server#scaling -resources: {} +resources: + requests: + cpu: 100m + memory: 200Mi + # limits: + # cpu: + # memory: extraVolumeMounts: []