EBS-CSI version bump, reduce ArgoCD concurrency to reduce load spikes, sync from 180s to 300s

This commit is contained in:
Stefan Reimer 2020-08-15 23:37:45 +01:00
parent 7be12de4e8
commit 6f981eabc0
10 changed files with 68 additions and 41 deletions

View File

@ -1,7 +1,7 @@
apiVersion: v2 apiVersion: v2
description: KubeZero ArgoCD Helm chart to install ArgoCD itself and the KubeZero ArgoCD Application description: KubeZero ArgoCD Helm chart to install ArgoCD itself and the KubeZero ArgoCD Application
name: kubezero-argo-cd name: kubezero-argo-cd
version: 0.3.11 version: 0.3.13
home: https://kubezero.com home: https://kubezero.com
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
keywords: keywords:

View File

@ -2,7 +2,7 @@ kubezero-argo-cd
================ ================
KubeZero ArgoCD Helm chart to install ArgoCD itself and the KubeZero ArgoCD Application KubeZero ArgoCD Helm chart to install ArgoCD itself and the KubeZero ArgoCD Application
Current chart version is `0.3.9` Current chart version is `0.3.13`
Source code can be found [here](https://kubezero.com) Source code can be found [here](https://kubezero.com)
@ -17,6 +17,9 @@ Source code can be found [here](https://kubezero.com)
| Key | Type | Default | Description | | Key | Type | Default | Description |
|-----|------|---------|-------------| |-----|------|---------|-------------|
| argo-cd.controller.args.appResyncPeriod | string | `"300"` | |
| argo-cd.controller.args.operationProcessors | string | `"1"` | |
| argo-cd.controller.args.statusProcessors | string | `"2"` | |
| argo-cd.controller.nodeSelector."node-role.kubernetes.io/master" | string | `""` | | | argo-cd.controller.nodeSelector."node-role.kubernetes.io/master" | string | `""` | |
| argo-cd.controller.tolerations[0].effect | string | `"NoSchedule"` | | | argo-cd.controller.tolerations[0].effect | string | `"NoSchedule"` | |
| argo-cd.controller.tolerations[0].key | string | `"node-role.kubernetes.io/master"` | | | argo-cd.controller.tolerations[0].key | string | `"node-role.kubernetes.io/master"` | |
@ -31,6 +34,7 @@ Source code can be found [here](https://kubezero.com)
| argo-cd.repoServer.nodeSelector."node-role.kubernetes.io/master" | string | `""` | | | argo-cd.repoServer.nodeSelector."node-role.kubernetes.io/master" | string | `""` | |
| argo-cd.repoServer.tolerations[0].effect | string | `"NoSchedule"` | | | argo-cd.repoServer.tolerations[0].effect | string | `"NoSchedule"` | |
| argo-cd.repoServer.tolerations[0].key | string | `"node-role.kubernetes.io/master"` | | | argo-cd.repoServer.tolerations[0].key | string | `"node-role.kubernetes.io/master"` | |
| argo-cd.server.config."resource.customizations" | string | `"cert-manager.io/Certificate:\n # Lua script for customizing the health status assessment\n health.lua: |\n hs = {}\n if obj.status ~= nil then\n if obj.status.conditions ~= nil then\n for i, condition in ipairs(obj.status.conditions) do\n if condition.type == \"Ready\" and condition.status == \"False\" then\n hs.status = \"Degraded\"\n hs.message = condition.message\n return hs\n end\n if condition.type == \"Ready\" and condition.status == \"True\" then\n hs.status = \"Healthy\"\n hs.message = condition.message\n return hs\n end\n end\n end\n end\n hs.status = \"Progressing\"\n hs.message = \"Waiting for certificate\"\n return hs\n"` | |
| argo-cd.server.config.url | string | `"argocd.example.com"` | ArgoCD hostname to be exposed via Istio | | argo-cd.server.config.url | string | `"argocd.example.com"` | ArgoCD hostname to be exposed via Istio |
| argo-cd.server.extraArgs[0] | string | `"--insecure"` | | | argo-cd.server.extraArgs[0] | string | `"--insecure"` | |
| argo-cd.server.nodeSelector."node-role.kubernetes.io/master" | string | `""` | | | argo-cd.server.nodeSelector."node-role.kubernetes.io/master" | string | `""` | |
@ -41,3 +45,6 @@ Source code can be found [here](https://kubezero.com)
| kubezero.global.defaultSource.pathPrefix | string | `""` | optional path prefix within repoURL to support eg. remote subtrees | | kubezero.global.defaultSource.pathPrefix | string | `""` | optional path prefix within repoURL to support eg. remote subtrees |
| kubezero.global.defaultSource.repoURL | string | `"https://github.com/zero-down-time/kubezero"` | default repository for argocd applications | | kubezero.global.defaultSource.repoURL | string | `"https://github.com/zero-down-time/kubezero"` | default repository for argocd applications |
| kubezero.global.defaultSource.targetRevision | string | `"HEAD"` | default tracking of repoURL | | kubezero.global.defaultSource.targetRevision | string | `"HEAD"` | default tracking of repoURL |
## Resources
- https://argoproj.github.io/argo-cd/operator-manual/metrics/

View File

@ -0,0 +1,13 @@
{{ template "chart.header" . }}
{{ template "chart.description" . }}
{{ template "chart.versionLine" . }}
{{ template "chart.sourceLinkLine" . }}
{{ template "chart.requirementsSection" . }}
{{ template "chart.valuesSection" . }}
## Resources
- https://argoproj.github.io/argo-cd/operator-manual/metrics/

View File

@ -26,6 +26,11 @@ argo-cd:
# Run Argo on the controllers # Run Argo on the controllers
controller: controller:
args:
statusProcessors: "2"
operationProcessors: "1"
appResyncPeriod: "300"
nodeSelector: nodeSelector:
node-role.kubernetes.io/master: "" node-role.kubernetes.io/master: ""
tolerations: tolerations:
@ -44,30 +49,30 @@ argo-cd:
# argo-cd.server.config.url -- ArgoCD hostname to be exposed via Istio # argo-cd.server.config.url -- ArgoCD hostname to be exposed via Istio
url: argocd.example.com url: argocd.example.com
resource.customizations: | resource.customizations: |
cert-manager.io/Certificate: cert-manager.io/Certificate:
# Lua script for customizing the health status assessment # Lua script for customizing the health status assessment
health.lua: | health.lua: |
hs = {} hs = {}
if obj.status ~= nil then if obj.status ~= nil then
if obj.status.conditions ~= nil then if obj.status.conditions ~= nil then
for i, condition in ipairs(obj.status.conditions) do for i, condition in ipairs(obj.status.conditions) do
if condition.type == "Ready" and condition.status == "False" then if condition.type == "Ready" and condition.status == "False" then
hs.status = "Degraded" hs.status = "Degraded"
hs.message = condition.message hs.message = condition.message
return hs return hs
end end
if condition.type == "Ready" and condition.status == "True" then if condition.type == "Ready" and condition.status == "True" then
hs.status = "Healthy" hs.status = "Healthy"
hs.message = condition.message hs.message = condition.message
return hs return hs
end
end
end end
end end
end hs.status = "Progressing"
end hs.message = "Waiting for certificate"
hs.status = "Progressing" return hs
hs.message = "Waiting for certificate"
return hs
# Rename former https port to grpc, works with istio + insecure # Rename former https port to grpc, works with istio + insecure
service: service:

View File

@ -2,7 +2,7 @@ apiVersion: v2
name: kubezero-aws-ebs-csi-driver name: kubezero-aws-ebs-csi-driver
description: KubeZero Umbrella Chart for aws-ebs-csi-driver description: KubeZero Umbrella Chart for aws-ebs-csi-driver
type: application type: application
version: 0.3.0 version: 0.3.1
appVersion: 0.6.0 appVersion: 0.6.0
home: https://kubezero.com home: https://kubezero.com
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png

View File

@ -2,7 +2,7 @@ kubezero-aws-ebs-csi-driver
=========================== ===========================
KubeZero Umbrella Chart for aws-ebs-csi-driver KubeZero Umbrella Chart for aws-ebs-csi-driver
Current chart version is `0.3.0` Current chart version is `0.3.1`
Source code can be found [here](https://kubezero.com) Source code can be found [here](https://kubezero.com)

View File

@ -1,16 +1,16 @@
apiVersion: v1 apiVersion: v1
appVersion: "0.6.0" appVersion: 0.6.0
name: aws-ebs-csi-driver
description: A Helm chart for AWS EBS CSI Driver description: A Helm chart for AWS EBS CSI Driver
version: 0.5.0
kubeVersion: ">=1.13.0-0"
home: https://github.com/kubernetes-sigs/aws-ebs-csi-driver home: https://github.com/kubernetes-sigs/aws-ebs-csi-driver
sources:
- https://github.com/kubernetes-sigs/aws-ebs-csi-driver
keywords: keywords:
- aws - aws
- ebs - ebs
- csi - csi
kubeVersion: '>=1.13.0-0'
maintainers: maintainers:
- name: leakingtapan - email: chengpan@amazon.com
email: chengpan@amazon.com name: leakingtapan
name: aws-ebs-csi-driver
sources:
- https://github.com/kubernetes-sigs/aws-ebs-csi-driver
version: 0.5.0

View File

@ -6,7 +6,7 @@ replicaCount: 2
image: image:
repository: amazon/aws-ebs-csi-driver repository: amazon/aws-ebs-csi-driver
tag: "v0.5.0" tag: "v0.6.0"
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
sidecars: sidecars:

View File

@ -41,6 +41,7 @@ By default all access to the meta-data service is blocked, expect for:
| kiam.agent.image.tag | string | `"v3.6"` | | | kiam.agent.image.tag | string | `"v3.6"` | |
| kiam.agent.log.level | string | `"warn"` | | | kiam.agent.log.level | string | `"warn"` | |
| kiam.agent.prometheus.servicemonitor.enabled | bool | `false` | | | kiam.agent.prometheus.servicemonitor.enabled | bool | `false` | |
| kiam.agent.prometheus.servicemonitor.interval | string | `"30s"` | |
| kiam.agent.prometheus.servicemonitor.labels.release | string | `"metrics"` | | | kiam.agent.prometheus.servicemonitor.labels.release | string | `"metrics"` | |
| kiam.agent.sslCertHostPath | string | `"/etc/ssl/certs"` | | | kiam.agent.sslCertHostPath | string | `"/etc/ssl/certs"` | |
| kiam.agent.tlsCerts.caFileName | string | `"ca.crt"` | | | kiam.agent.tlsCerts.caFileName | string | `"ca.crt"` | |
@ -58,6 +59,7 @@ By default all access to the meta-data service is blocked, expect for:
| kiam.server.log.level | string | `"warn"` | | | kiam.server.log.level | string | `"warn"` | |
| kiam.server.nodeSelector."node-role.kubernetes.io/master" | string | `""` | | | kiam.server.nodeSelector."node-role.kubernetes.io/master" | string | `""` | |
| kiam.server.prometheus.servicemonitor.enabled | bool | `false` | | | kiam.server.prometheus.servicemonitor.enabled | bool | `false` | |
| kiam.server.prometheus.servicemonitor.interval | string | `"30s"` | |
| kiam.server.prometheus.servicemonitor.labels.release | string | `"metrics"` | | | kiam.server.prometheus.servicemonitor.labels.release | string | `"metrics"` | |
| kiam.server.service.port | int | `6444` | | | kiam.server.service.port | int | `6444` | |
| kiam.server.service.targetPort | int | `6444` | | | kiam.server.service.targetPort | int | `6444` | |
@ -79,5 +81,5 @@ By default all access to the meta-data service is blocked, expect for:
## Resources ## Resources
- https://github.com/uswitch/kiam - https://github.com/uswitch/kiam
- https://www.bluematador.com/blog/iam-access-in-kubernetes-kube2iam-vs-kiam - https://www.bluematador.com/blog/iam-access-in-kubernetes-kube2iam-vs-kiam
- [Grafana Dashboard](https://raw.githubusercontent.com/uswitch/kiam/master/docs/dashboard-prom.json)
![Kiam overview](./kiam_architecure.png) ![Kiam overview](./kiam_architecure.png)

View File

@ -2,7 +2,7 @@ kubezero-logging
================ ================
KubeZero Umbrella Chart for complete EFK stack KubeZero Umbrella Chart for complete EFK stack
Current chart version is `0.0.2` Current chart version is `0.1.0`
Source code can be found [here](https://kubezero.com) Source code can be found [here](https://kubezero.com)
@ -42,7 +42,7 @@ Source code can be found [here](https://kubezero.com)
| Key | Type | Default | Description | | Key | Type | Default | Description |
|-----|------|---------|-------------| |-----|------|---------|-------------|
| es.elastic_password | string | `""` | | | elastic_password | string | `""` | |
| es.nodeSets | list | `[]` | | | es.nodeSets | list | `[]` | |
| es.prometheus | bool | `false` | | | es.prometheus | bool | `false` | |
| es.s3Snapshot.enabled | bool | `false` | | | es.s3Snapshot.enabled | bool | `false` | |