-
Notifications
You must be signed in to change notification settings - Fork 4
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Ensure same control plane scale between load test runs
- Loading branch information
Showing
6 changed files
with
116 additions
and
10 deletions.
There are no files selected for viewing
31 changes: 31 additions & 0 deletions
31
webhosting-operator/config/policy/controlplane/etcd-main.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,31 @@ | ||
| apiVersion: kyverno.io/v1 | ||
| kind: Policy | ||
| metadata: | ||
| name: etcd-main | ||
| namespace: shoot--fb28d21f90--sharding | ||
| spec: | ||
| failurePolicy: Ignore | ||
| rules: | ||
| # set static requests/limits on etcd-main to ensure similar evaluation environment between load test runs | ||
| - name: resources | ||
| match: | ||
| any: | ||
| - resources: | ||
| kinds: | ||
| - Pod | ||
| selector: | ||
| matchLabels: | ||
| instance: etcd-main | ||
| name: etcd | ||
| mutate: | ||
| patchStrategicMerge: | ||
| spec: | ||
| containers: | ||
| - name: etcd | ||
| resources: | ||
| requests: | ||
| cpu: 1000m | ||
| memory: 3Gi | ||
| limits: | ||
| cpu: 2000m | ||
| memory: 6Gi |
25 changes: 25 additions & 0 deletions
25
webhosting-operator/config/policy/controlplane/kube-apiserver-scale.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,25 @@ | ||
| apiVersion: kyverno.io/v1 | ||
| kind: Policy | ||
| metadata: | ||
| name: kube-apiserver-scale | ||
| namespace: shoot--fb28d21f90--sharding | ||
| spec: | ||
| failurePolicy: Ignore | ||
| # schema validation doesn't seem to work in combination with the /scale subresource, disable it for now | ||
| schemaValidation: false | ||
| rules: | ||
| # set static replicas on kube-apiserver to ensure similar evaluation environment between load test runs | ||
| - name: replicas | ||
| match: | ||
| any: | ||
| - resources: | ||
| # mutate scale requests by HPA | ||
| kinds: | ||
| - Deployment/scale | ||
| # the Scale subresource doesn't have the original resource's labels -> we have to match by name | ||
| names: | ||
| - kube-apiserver | ||
| mutate: | ||
| patchStrategicMerge: | ||
| spec: | ||
| replicas: 4 |
55 changes: 55 additions & 0 deletions
55
webhosting-operator/config/policy/controlplane/kube-apiserver.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,55 @@ | ||
| apiVersion: kyverno.io/v1 | ||
| kind: Policy | ||
| metadata: | ||
| name: kube-apiserver | ||
| namespace: shoot--fb28d21f90--sharding | ||
| spec: | ||
| failurePolicy: Ignore | ||
| rules: | ||
| # set static replicas on kube-apiserver to ensure similar evaluation environment between load test runs | ||
| # if the cluster is hibernated (spec.replicas=0), this rule is skipped | ||
| - name: replicas | ||
| match: | ||
| any: | ||
| - resources: | ||
| kinds: | ||
| - Deployment | ||
| selector: | ||
| matchLabels: | ||
| app: kubernetes | ||
| role: apiserver | ||
| preconditions: | ||
| all: | ||
| # Only patch spec.replicas if the control plane is not hibernated, i.e., if spec.replicas>=1. | ||
| # NB: gardenlet deploys kube-apiserver with spec.replicas=null which is defaulted after the policy webhook call | ||
| # to spec.replicas=1. Hence, treat spec.replicas=null the same way as spec.replicas=1. | ||
| - key: "{{ request.object.spec.replicas || `1` }}" | ||
| operator: GreaterThan | ||
| value: 0 | ||
| mutate: | ||
| patchStrategicMerge: | ||
| spec: | ||
| replicas: 4 | ||
| # set static requests/limits on kube-apiserver to ensure similar evaluation environment between load test runs | ||
| - name: resources | ||
| match: | ||
| any: | ||
| - resources: | ||
| kinds: | ||
| - Pod | ||
| selector: | ||
| matchLabels: | ||
| app: kubernetes | ||
| role: apiserver | ||
| mutate: | ||
| patchStrategicMerge: | ||
| spec: | ||
| containers: | ||
| - name: kube-apiserver | ||
| resources: | ||
| requests: | ||
| cpu: 1000m | ||
| memory: 4Gi | ||
| limits: | ||
| cpu: 2000m | ||
| memory: 8Gi |
File renamed without changes.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
8 changes: 0 additions & 8 deletions
8
...osting-operator/config/policy/controlplane/patch_kube-controller-manager_ratelimiter.yaml
This file was deleted.
Oops, something went wrong.