Skip to content

Commit

Permalink
Merge pull request #312 from aramase/set-resource-limits
Browse files Browse the repository at this point in the history 
chore: set resource limits in deploy and charts
  • Loading branch information
@k8s-ci-robot
k8s-ci-robot authored Sep 17, 2020
2 parents cd8c6a7 + cb0792f commit 215c176
Show file tree
Hide file tree
Showing 6 changed files with 144 additions and 2 deletions.
7 changes: 7 additions & 0 deletions manifest_staging/charts/secrets-store-csi-driver/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,7 @@ The following table lists the configurable parameters of the csi-secrets-store-p
| `linux.image.repository` | Linux image repository | `us.gcr.io/k8s-artifacts-prod/csi-secrets-store/driver` |
| `linux.image.pullPolicy` | Linux image pull policy | `Always` |
| `linux.image.tag` | Linux image tag | `v0.0.13` |
| `linux.driver.resources` | The resource request/limits for the linux secrets-store container image | `limits: 200m CPU, 200Mi; requests: 50m CPU, 100Mi` |
| `linux.enabled` | Install secrets store csi driver on linux nodes | true |
| `linux.kubeletRootDir` | Configure the kubelet root dir | `/var/lib/kubelet` |
| `linux.nodeSelector` | Node Selector for the daemonset on linux nodes | `{}` |
Expand All @@ -34,13 +35,16 @@ The following table lists the configurable parameters of the csi-secrets-store-p
| `linux.registrarImage.repository` | Linux node-driver-registrar image repository | `quay.io/k8scsi/csi-node-driver-registrar` |
| `linux.registrarImage.pullPolicy` | Linux node-driver-registrar image pull policy | `Always` |
| `linux.registrarImage.tag` | Linux node-driver-registrar image tag | `v1.2.0` |
| `linux.registrar.resources` | The resource request/limits for the linux node-driver-registrar container image | `limits: 100m CPU, 100Mi; requests: 10m CPU, 20Mi` |
| `linux.livenessProbeImage.repository` | Linux liveness-probe image repository | `quay.io/k8scsi/livenessprobe` |
| `linux.livenessProbeImage.pullPolicy` | Linux liveness-probe image pull policy | `Always` |
| `linux.livenessProbeImage.tag` | Linux liveness-probe image tag | `v2.0.0` |
| `linux.livenessProbe.resources` | The resource request/limits for the linux liveness-probe container image | `limits: 100m CPU, 100Mi; requests: 10m CPU, 20Mi` |
| `linux.env` | Environment variables to be passed for the daemonset on linux nodes | `[]` |
| `windows.image.repository` | Windows image repository | `us.gcr.io/k8s-artifacts-prod/csi-secrets-store/driver` |
| `windows.image.pullPolicy` | Windows image pull policy | `IfNotPresent` |
| `windows.image.tag` | Windows image tag | `v0.0.13` |
| `windows.driver.resources` | The resource request/limits for the windows secrets-store container image | `limits: 400m CPU, 400Mi; requests: 50m CPU, 100Mi` |
| `windows.enabled` | Install secrets store csi driver on windows nodes | false |
| `windows.kubeletRootDir` | Configure the kubelet root dir | `C:\var\lib\kubelet` |
| `windows.nodeSelector` | Node Selector for the daemonset on windows nodes | `{}` |
Expand All @@ -49,13 +53,16 @@ The following table lists the configurable parameters of the csi-secrets-store-p
| `windows.registrarImage.repository` | Windows node-driver-registrar image repository | `mcr.microsoft.com/oss/kubernetes-csi/csi-node-driver-registrar` |
| `windows.registrarImage.pullPolicy` | Windows node-driver-registrar image pull policy | `Always` |
| `windows.registrarImage.tag` | Windows node-driver-registrar image tag | `v1.2.1-alpha.1-windows-1809-amd64` |
| `windows.registrar.resources` | The resource request/limits for the windows node-driver-registrar container image | `limits: 200m CPU, 200Mi; requests: 10m CPU, 20Mi` |
| `windows.livenessProbeImage.repository` | Windows liveness-probe image repository | `mcr.microsoft.com/oss/kubernetes-csi/livenessprobe` |
| `windows.livenessProbeImage.pullPolicy` | Windows liveness-probe image pull policy | `Always` |
| `windows.livenessProbeImage.tag` | Windows liveness-probe image tag | `v2.0.1-alpha.1-windows-1809-amd64` |
| `windows.livenessProbe.resources` | The resource request/limits for the windows liveness-probe container image | `limits: 200m CPU, 200Mi; requests: 10m CPU, 20Mi` |
| `windows.env` | Environment variables to be passed for the daemonset on windows nodes | `[]` |
| `logLevel.debug` | Enable debug logging | true |
| `livenessProbe.port` | Liveness probe port | `9808` |
| `livenessProbe.logLevel` | Liveness probe container logging verbosity level | `2` |
| `rbac.install` | Install default rbac roles and bindings | true |
| `syncSecret.enabled` | Enable rbac roles and bindings required for syncing to Kubernetes native secrets (the default will change to false after v0.0.14) | true |
| `minimumProviderVersions` | A comma delimited list of key-value pairs of minimum provider versions with driver | `""` |
| `grpcSupportedProviders` | A `;` delimited list of providers that support grpc for driver-provider [alpha] | `""` |
15 changes: 15 additions & 0 deletions ...t_staging/charts/secrets-store-csi-driver/templates/secrets-store-csi-driver-windows.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,10 @@ spec:
mountPath: C:\csi
- name: registration-dir
mountPath: C:\registration
{{- with .Values.windows.registrar.resources }}
resources:
{{ toYaml . | indent 12 }}
{{- end }}
- name: secrets-store
image: "{{ .Values.windows.image.repository }}:{{ .Values.windows.image.tag }}"
args:
Expand All @@ -52,6 +56,9 @@ spec:
{{- if and (semverCompare ">= v0.0.9-0" .Values.windows.image.tag) .Values.minimumProviderVersions }}
- "--min-provider-version={{ .Values.minimumProviderVersions }}"
{{- end }}
{{- if and (semverCompare ">= v0.0.14-0" .Values.linux.image.tag) .Values.grpcSupportedProviders }}
- "--grpc-supported-providers={{ .Values.grpcSupportedProviders }}"
{{- end }}
- "--metrics-addr={{ .Values.windows.metricsAddr }}"
env:
{{- with .Values.windows.env }}
Expand Down Expand Up @@ -89,6 +96,10 @@ spec:
mountPropagation: Bidirectional
- name: providers-dir
mountPath: C:\k\secrets-store-csi-providers
{{- with .Values.windows.driver.resources }}
resources:
{{ toYaml . | indent 12 }}
{{- end }}
{{- if semverCompare ">= v0.0.9-0" .Values.windows.image.tag }}
- name: liveness-probe
image: "{{ .Values.windows.livenessProbeImage.repository }}:{{ .Values.windows.livenessProbeImage.tag }}"
Expand All @@ -100,6 +111,10 @@ spec:
volumeMounts:
- name: plugin-dir
mountPath: C:\csi
{{- with .Values.windows.livenessProbe.resources }}
resources:
{{ toYaml . | indent 12 }}
{{- end }}
{{- end }}
volumes:
- name: mountpoint-dir
Expand Down
15 changes: 15 additions & 0 deletions manifest_staging/charts/secrets-store-csi-driver/templates/secrets-store-csi-driver.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -44,6 +44,10 @@ spec:
mountPath: /csi
- name: registration-dir
mountPath: /registration
{{- with .Values.linux.registrar.resources }}
resources:
{{ toYaml . | indent 12 }}
{{- end }}
- name: secrets-store
image: "{{ .Values.linux.image.repository }}:{{ .Values.linux.image.tag }}"
args:
Expand All @@ -54,6 +58,9 @@ spec:
{{- if and (semverCompare ">= v0.0.8-0" .Values.linux.image.tag) .Values.minimumProviderVersions }}
- "--min-provider-version={{ .Values.minimumProviderVersions }}"
{{- end }}
{{- if and (semverCompare ">= v0.0.14-0" .Values.linux.image.tag) .Values.grpcSupportedProviders }}
- "--grpc-supported-providers={{ .Values.grpcSupportedProviders }}"
{{- end }}
- "--metrics-addr={{ .Values.linux.metricsAddr }}"
env:
{{- with .Values.linux.env }}
Expand Down Expand Up @@ -91,6 +98,10 @@ spec:
mountPropagation: Bidirectional
- name: providers-dir
mountPath: /etc/kubernetes/secrets-store-csi-providers
{{- with .Values.linux.driver.resources }}
resources:
{{ toYaml . | indent 12 }}
{{- end }}
{{- if semverCompare ">= v0.0.8-0" .Values.linux.image.tag }}
- name: liveness-probe
image: "{{ .Values.linux.livenessProbeImage.repository }}:{{ .Values.linux.livenessProbeImage.tag }}"
Expand All @@ -103,6 +114,10 @@ spec:
volumeMounts:
- name: plugin-dir
mountPath: /csi
{{- with .Values.linux.livenessProbe.resources }}
resources:
{{ toYaml . | indent 12 }}
{{- end }}
{{- end }}
volumes:
- name: mountpoint-dir
Expand Down
67 changes: 65 additions & 2 deletions manifest_staging/charts/secrets-store-csi-driver/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,14 +4,44 @@ linux:
repository: us.gcr.io/k8s-artifacts-prod/csi-secrets-store/driver
tag: v0.0.13
pullPolicy: Always

driver:
resources:
limits:
cpu: 200m
memory: 200Mi
requests:
cpu: 50m
memory: 100Mi

registrarImage:
repository: quay.io/k8scsi/csi-node-driver-registrar
tag: v1.2.0
pullPolicy: Always

registrar:
resources:
limits:
cpu: 100m
memory: 100Mi
requests:
cpu: 10m
memory: 20Mi

livenessProbeImage:
repository: quay.io/k8scsi/livenessprobe
tag: v2.0.0
pullPolicy: Always

livenessProbe:
resources:
limits:
cpu: 100m
memory: 100Mi
requests:
cpu: 10m
memory: 20Mi

kubeletRootDir: /var/lib/kubelet
nodeSelector: {}
tolerations: []
Expand All @@ -24,14 +54,44 @@ windows:
repository: us.gcr.io/k8s-artifacts-prod/csi-secrets-store/driver
tag: v0.0.13
pullPolicy: IfNotPresent

driver:
resources:
limits:
cpu: 400m
memory: 400Mi
requests:
cpu: 50m
memory: 100Mi

registrarImage:
repository: mcr.microsoft.com/oss/kubernetes-csi/csi-node-driver-registrar
tag: v1.2.1-alpha.1-windows-1809-amd64
pullPolicy: Always
pullPolicy: IfNotPresent

registrar:
resources:
limits:
cpu: 200m
memory: 200Mi
requests:
cpu: 10m
memory: 20Mi

livenessProbeImage:
repository: mcr.microsoft.com/oss/kubernetes-csi/livenessprobe
tag: v2.0.1-alpha.1-windows-1809-amd64
pullPolicy: Always
pullPolicy: IfNotPresent

livenessProbe:
resources:
limits:
cpu: 200m
memory: 200Mi
requests:
cpu: 10m
memory: 20Mi

kubeletRootDir: C:\var\lib\kubelet
nodeSelector: {}
tolerations: []
Expand All @@ -58,3 +118,6 @@ syncSecret:
## A comma delimited list of key-value pairs of minimum provider versions
## e.g. provider1=0.0.2,provider2=0.0.3
minimumProviderVersions:

## ; delimited list of providers that support grpc for driver-provider [alpha]
grpcSupportedProviders:
21 changes: 21 additions & 0 deletions manifest_staging/deploy/secrets-store-csi-driver-windows.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,13 @@ spec:
mountPath: C:\csi
- name: registration-dir
mountPath: C:\registration
resources:
limits:
cpu: 200m
memory: 200Mi
requests:
cpu: 10m
memory: 20Mi
- name: secrets-store
image: us.gcr.io/k8s-artifacts-prod/csi-secrets-store/driver:v0.0.13
args:
Expand Down Expand Up @@ -71,6 +78,13 @@ spec:
initialDelaySeconds: 30
timeoutSeconds: 10
periodSeconds: 15
resources:
limits:
cpu: 400m
memory: 400Mi
requests:
cpu: 50m
memory: 100Mi
volumeMounts:
- name: plugin-dir
mountPath: C:\csi
Expand All @@ -89,6 +103,13 @@ spec:
volumeMounts:
- name: plugin-dir
mountPath: C:\csi
resources:
limits:
cpu: 200m
memory: 200Mi
requests:
cpu: 10m
memory: 20Mi
volumes:
- name: mountpoint-dir
hostPath:
Expand Down
21 changes: 21 additions & 0 deletions manifest_staging/deploy/secrets-store-csi-driver.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,6 +41,13 @@ spec:
mountPath: /csi
- name: registration-dir
mountPath: /registration
resources:
limits:
cpu: 100m
memory: 100Mi
requests:
cpu: 10m
memory: 20Mi
- name: secrets-store
image: us.gcr.io/k8s-artifacts-prod/csi-secrets-store/driver:v0.0.13
args:
Expand Down Expand Up @@ -80,6 +87,13 @@ spec:
mountPropagation: Bidirectional
- name: providers-dir
mountPath: /etc/kubernetes/secrets-store-csi-providers
resources:
limits:
cpu: 200m
memory: 200Mi
requests:
cpu: 50m
memory: 100Mi
- name: liveness-probe
image: quay.io/k8scsi/livenessprobe:v2.0.0
imagePullPolicy: Always
Expand All @@ -91,6 +105,13 @@ spec:
volumeMounts:
- name: plugin-dir
mountPath: /csi
resources:
limits:
cpu: 100m
memory: 100Mi
requests:
cpu: 10m
memory: 20Mi
volumes:
- name: mountpoint-dir
hostPath:
Expand Down

0 comments on commit 215c176

Please sign in to comment.