openstack
/
magnum
Code Issues Proposed changes

Add resource requests for system components 

Set resource requests for system pods to
guarantee at least some amount of resources.
This prevents them from being starved of
CPU/memory when running alongside resource
intensive workloads in the cluster and
gives them a higher quality of service class.

metrics-server:
  100m/200Mi recommended for up to 100 node clusters.
  https://github.com/kubernetes-sigs/metrics-server#scaling

openstack-cloud-controller-manager:
  200m CPU taken from example manifests.

kubernetes-dashboard:
  100m/100Mi taken from helm chart defaults.
  heapster:
    100m/128Mi taken from helm chart defaults.
  influxdb:
    100m/256Mi taken from influx helm chart defaults.
  grafana (for influxdb):
    100m/200Mi same as monitoring grafana.

ingress-traefik:
  100m/50Mi taken from helm chart defaults.

cluster-autoscaler:
  100m/300Mi taken from helm chart defaults.

csi-cinder-nodeplugin:
  25m CPU on both containers to ensure
  Burstable QoS class.

csi-cinder-controllerplugin:
  20m CPU on all containers to ensure
  Burstable QoS class.

tiller-deploy:
  25m CPU to ensure it can always handle
  the readiness probe.

octavia-ingress-controller:
  50m CPU, just a guess really.

Story: 2008825
Task: 42290
Change-Id: Ifcd764c00d7046744ba63609078cc6c5d02fdc1c
This commit is contained in:
Thomas George Hartland 2021-04-15 12:26:14 +02:00
parent bfffeca927
commit b619b070e0
8 changed files with 61 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
magnum/drivers/common/templates/kubernetes/fragments/enable-auto-scaling.sh
View File

@ -148,6 +148,10 @@ spec:
- --scale-down-unneeded-time=10m
- --scale-down-delay-after-failure=3m
- --scale-down-delay-after-add=10m
resources:
requests:
cpu: 100m
memory: 300Mi
ports:
- containerPort: 8085
name: metrics

21
magnum/drivers/common/templates/kubernetes/fragments/enable-cinder-csi.sh
View File

@ -262,6 +262,9 @@ spec:
- "--v=5"
- "--csi-address=\$(ADDRESS)"
- "--timeout=3m"
resources:
requests:
cpu: 20m
env:
- name: ADDRESS
value: /var/lib/csi/sockets/pluginproxy/csi.sock
@ -274,6 +277,9 @@ spec:
args:
- "--csi-address=\$(ADDRESS)"
- "--timeout=3m"
resources:
requests:
cpu: 20m
env:
- name: ADDRESS
value: /var/lib/csi/sockets/pluginproxy/csi.sock
@ -285,6 +291,9 @@ spec:
image: ${CONTAINER_INFRA_PREFIX:-quay.io/k8scsi/}csi-snapshotter:${CSI_SNAPSHOTTER_TAG}
args:
- "--csi-address=\$(ADDRESS)"
resources:
requests:
cpu: 20m
env:
- name: ADDRESS
value: /var/lib/csi/sockets/pluginproxy/csi.sock
@ -297,6 +306,9 @@ spec:
args:
- "--v=5"
- "--csi-address=\$(ADDRESS)"
resources:
requests:
cpu: 20m
env:
- name: ADDRESS
value: /var/lib/csi/sockets/pluginproxy/csi.sock
@ -312,6 +324,9 @@ spec:
- "--endpoint=\$(CSI_ENDPOINT)"
- "--cloud-config=\$(CLOUD_CONFIG)"
- "--cluster=\$(CLUSTER_NAME)"
resources:
requests:
cpu: 20m
env:
- name: NODE_ID
valueFrom:
@ -399,6 +414,9 @@ spec:
args:
- "--csi-address=\$(ADDRESS)"
- "--kubelet-registration-path=\$(DRIVER_REG_SOCK_PATH)"
resources:
requests:
cpu: 25m
lifecycle:
preStop:
exec:
@ -430,6 +448,9 @@ spec:
- "--nodeid=\$(NODE_ID)"
- "--endpoint=\$(CSI_ENDPOINT)"
- "--cloud-config=\$(CLOUD_CONFIG)"
resources:
requests:
cpu: 25m
env:
- name: NODE_ID
valueFrom:

4
magnum/drivers/common/templates/kubernetes/fragments/enable-helm-tiller.sh
View File

@ -130,7 +130,9 @@ spec:
port: 44135
initialDelaySeconds: 1
timeoutSeconds: 1
resources: {}
resources:
requests:
cpu: 25m
volumeMounts:
- mountPath: /etc/certs
name: tiller-certs

3
magnum/drivers/common/templates/kubernetes/fragments/enable-ingress-octavia.sh
View File

@ -89,6 +89,9 @@ spec:
args:
- /bin/octavia-ingress-controller
- --config=/etc/config/octavia-ingress-controller-config.yaml
resources:
requests:
cpu: 50m
volumeMounts:
- mountPath: /etc/kubernetes
name: kubernetes-config

4
magnum/drivers/common/templates/kubernetes/fragments/enable-ingress-traefik.sh
View File

@ -69,6 +69,10 @@ spec:
containers:
- image: ${CONTAINER_INFRA_PREFIX:-docker.io/}traefik:${TRAEFIK_INGRESS_CONTROLLER_TAG}
name: ingress-traefik-backend
resources:
requests:
cpu: 100m
memory: 50Mi
ports:
- name: http
containerPort: 80

3
magnum/drivers/common/templates/kubernetes/fragments/kube-apiserver-to-kubelet-role.sh
View File

@ -363,6 +363,9 @@ spec:
- --cluster-name=${CLUSTER_UUID}
- --use-service-account-credentials=true
- --bind-address=127.0.0.1
resources:
requests:
cpu: 200m
volumeMounts:
- name: cloudconfig
mountPath: /etc/kubernetes

19
magnum/drivers/common/templates/kubernetes/fragments/kube-dashboard-service.sh
View File

@ -216,6 +216,10 @@ spec:
# If not specified, Dashboard will attempt to auto discover the API server and connect
# to it. Uncomment only if the default does not work.
# - --apiserver-host=http://my-address:port
resources:
requests:
cpu: 100m
memory: 100Mi
volumeMounts:
- name: kubernetes-dashboard-certs
mountPath: /certs
@ -292,6 +296,9 @@ spec:
ports:
- containerPort: 8000
protocol: TCP
resources:
requests:
cpu: 50m
livenessProbe:
httpGet:
scheme: HTTP
@ -354,6 +361,10 @@ spec:
containers:
- name: influxdb
image: ${INFLUX_IMAGE}
resources:
requests:
cpu: 100m
memory: 256Mi
volumeMounts:
- mountPath: /data
name: influxdb-storage
@ -405,6 +416,10 @@ spec:
containers:
- name: grafana
image: ${GRAFANA_IMAGE}
resources:
requests:
cpu: 100m
memory: 200Mi
ports:
- containerPort: 3000
protocol: TCP
@ -508,6 +523,10 @@ spec:
command:
- /heapster
- --source=kubernetes:https://kubernetes.default?insecure=false&useServiceAccount=true&kubeletPort=10250&kubeletHttps=true
resources:
requests:
cpu: 100m
memory: 128Mi
${INFLUX_SINK}
---
apiVersion: v1

4
magnum/drivers/common/templates/kubernetes/helm/metrics-server.sh
View File

@ -20,6 +20,10 @@ EOF
metrics-server:
image:
repository: ${CONTAINER_INFRA_PREFIX:-gcr.io/google_containers/}metrics-server-${ARCH}
resources:
requests:
cpu: 100m
memory: 200Mi
args:
- --kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname
EOF