From ee58783e0cbbca5d5400a029b286e1f96d307def Mon Sep 17 00:00:00 2001 From: Jari Kolehmainen Date: Wed, 30 Jan 2019 12:26:59 +0200 Subject: [PATCH 1/3] pharos-cluster-critical priority class --- addons/cert-manager/resources/20-deployment.yml.erb | 1 + addons/helm/resources/deployment.yml.erb | 3 ++- addons/host-upgrades/resources/50-daemonset.yml.erb | 1 + addons/ingress-nginx/resources/daemonset.yml.erb | 1 + lib/pharos/cluster_manager.rb | 1 + lib/pharos/phases/configure_priority_classes.rb | 13 +++++++++++++ .../priority_classes/pharos-cluster-critical.yml | 7 +++++++ 7 files changed, 26 insertions(+), 1 deletion(-) create mode 100644 lib/pharos/phases/configure_priority_classes.rb create mode 100644 lib/pharos/resources/priority_classes/pharos-cluster-critical.yml diff --git a/addons/cert-manager/resources/20-deployment.yml.erb b/addons/cert-manager/resources/20-deployment.yml.erb index 5aa28634e..0213c6a89 100644 --- a/addons/cert-manager/resources/20-deployment.yml.erb +++ b/addons/cert-manager/resources/20-deployment.yml.erb @@ -11,6 +11,7 @@ spec: app: cert-manager spec: serviceAccountName: cert-manager + priorityClassName: pharos-cluster-critical containers: - name: cert-manager image: "<%= image_repository %>/cert-manager-controller:v<%= version %>" diff --git a/addons/helm/resources/deployment.yml.erb b/addons/helm/resources/deployment.yml.erb index 2faa4b226..9e875f98e 100644 --- a/addons/helm/resources/deployment.yml.erb +++ b/addons/helm/resources/deployment.yml.erb @@ -40,4 +40,5 @@ spec: resources: requests: memory: 32Mi - serviceAccountName: tiller \ No newline at end of file + serviceAccountName: tiller + priorityClassName: pharos-cluster-critical diff --git a/addons/host-upgrades/resources/50-daemonset.yml.erb b/addons/host-upgrades/resources/50-daemonset.yml.erb index 0fdf70925..dd53e5fd6 100644 --- a/addons/host-upgrades/resources/50-daemonset.yml.erb +++ b/addons/host-upgrades/resources/50-daemonset.yml.erb @@ -14,6 +14,7 @@ spec: app: host-upgrades spec: serviceAccountName: host-upgrades + priorityClassName: pharos-cluster-critical containers: - name: host-upgrades image: "<%= image_repository %>/pharos-host-upgrades:<%= version %>" diff --git a/addons/ingress-nginx/resources/daemonset.yml.erb b/addons/ingress-nginx/resources/daemonset.yml.erb index 9767f7475..e4839c02f 100644 --- a/addons/ingress-nginx/resources/daemonset.yml.erb +++ b/addons/ingress-nginx/resources/daemonset.yml.erb @@ -24,6 +24,7 @@ spec: <%- end -%> <%- end -%> serviceAccountName: nginx-ingress-serviceaccount + priorityClassName: pharos-cluster-critical hostNetwork: true <%- unless config.tolerations.empty? -%> tolerations: diff --git a/lib/pharos/cluster_manager.rb b/lib/pharos/cluster_manager.rb index 94cee8f25..94cb0b409 100644 --- a/lib/pharos/cluster_manager.rb +++ b/lib/pharos/cluster_manager.rb @@ -100,6 +100,7 @@ def apply_phases # master is now configured and can be used apply_phase(Phases::LoadClusterConfiguration, [master_hosts.first], master: master_hosts.first) # configure essential services + apply_phase(Phases::ConfigurePriorityClasses, [master_hosts.first], master: master_hosts.first) apply_phase(Phases::ConfigurePSP, [master_hosts.first], master: master_hosts.first) apply_phase(Phases::ConfigureDNS, [master_hosts.first], master: master_hosts.first) apply_phase(Phases::ConfigureWeave, [master_hosts.first], master: master_hosts.first) if config.network.provider == 'weave' diff --git a/lib/pharos/phases/configure_priority_classes.rb b/lib/pharos/phases/configure_priority_classes.rb new file mode 100644 index 000000000..948027099 --- /dev/null +++ b/lib/pharos/phases/configure_priority_classes.rb @@ -0,0 +1,13 @@ +# frozen_string_literal: true + +module Pharos + module Phases + class ConfigurePriorityClasses < Pharos::Phase + title "Configure priority classes" + + def call + apply_stack('priority_classes') + end + end + end +end diff --git a/lib/pharos/resources/priority_classes/pharos-cluster-critical.yml b/lib/pharos/resources/priority_classes/pharos-cluster-critical.yml new file mode 100644 index 000000000..d48687b58 --- /dev/null +++ b/lib/pharos/resources/priority_classes/pharos-cluster-critical.yml @@ -0,0 +1,7 @@ +apiVersion: scheduling.k8s.io/v1beta1 +kind: PriorityClass +metadata: + name: pharos-cluster-critical +value: 1000000000 +globalDefault: false +description: "This priority class should be used for cluster critical services outside of kube-system." From 17a00dedaf5dd0c5cd3ce9fddaa7493125c58e5c Mon Sep 17 00:00:00 2001 From: Jari Kolehmainen Date: Wed, 30 Jan 2019 13:48:38 +0200 Subject: [PATCH 2/3] remove from tiller --- addons/helm/resources/deployment.yml.erb | 1 - 1 file changed, 1 deletion(-) diff --git a/addons/helm/resources/deployment.yml.erb b/addons/helm/resources/deployment.yml.erb index 9e875f98e..b26f4a17e 100644 --- a/addons/helm/resources/deployment.yml.erb +++ b/addons/helm/resources/deployment.yml.erb @@ -41,4 +41,3 @@ spec: requests: memory: 32Mi serviceAccountName: tiller - priorityClassName: pharos-cluster-critical From b82457b2e9449b1fe68c0cf3365872d1209f0a1d Mon Sep 17 00:00:00 2001 From: Jari Kolehmainen Date: Wed, 30 Jan 2019 14:26:00 +0200 Subject: [PATCH 3/3] remove from cert-manager --- addons/cert-manager/resources/20-deployment.yml.erb | 1 - 1 file changed, 1 deletion(-) diff --git a/addons/cert-manager/resources/20-deployment.yml.erb b/addons/cert-manager/resources/20-deployment.yml.erb index 0213c6a89..5aa28634e 100644 --- a/addons/cert-manager/resources/20-deployment.yml.erb +++ b/addons/cert-manager/resources/20-deployment.yml.erb @@ -11,7 +11,6 @@ spec: app: cert-manager spec: serviceAccountName: cert-manager - priorityClassName: pharos-cluster-critical containers: - name: cert-manager image: "<%= image_repository %>/cert-manager-controller:v<%= version %>"