Skip to content
This repository has been archived by the owner on Sep 30, 2020. It is now read-only.

Cluster-autoscaler plugin #1576

Merged
merged 4 commits into from
May 13, 2019
Merged

Cluster-autoscaler plugin #1576

merged 4 commits into from
May 13, 2019

Conversation

Luke-Humphreys
Copy link
Contributor

What

A plugin for the cluster-autoscaler to allow more configuration.

Why

We needed to change the configuration of the autoscaler and thought it would be good to contribute a plugin back to the community.

Depends on

#1575

@k8s-ci-robot k8s-ci-robot added the cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. label Mar 26, 2019
@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
To fully approve this pull request, please assign additional approvers.
We suggest the following additional approver: redbaron

If they are not already assigned, you can assign the PR to them by writing /assign @redbaron in a comment when ready.

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added the size/L Denotes a PR that changes 100-499 lines, ignoring generated files. label Mar 26, 2019
@Luke-Humphreys
Copy link
Contributor Author

/assign @redbaron

dominicgunn
dominicgunn approved these changes Apr 8, 2019
View reviewed changes
Copy link
Contributor

@dominicgunn dominicgunn left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This feels useful, let's try and get it in!

@Luke-Humphreys
Copy link
Contributor Author

/assign @davidmccormick

@davidmccormick
Copy link
Contributor

/lgtm

@k8s-ci-robot k8s-ci-robot added the lgtm Indicates that a PR is ready to be merged. label Apr 8, 2019
@k8s-ci-robot
Copy link
Contributor

New changes are detected. LGTM label has been removed.

@k8s-ci-robot k8s-ci-robot removed the lgtm Indicates that a PR is ready to be merged. label Apr 8, 2019
@codecov-io
Copy link

Codecov Report

Merging #1576 into master will not change coverage.
The diff coverage is n/a.

Impacted file tree graph

@@          Coverage Diff           @@
##           master   #1576   +/-   ##
======================================
  Coverage    25.8%   25.8%           
======================================
  Files          98      98           
  Lines        5057    5057           
======================================
  Hits         1305    1305           
  Misses       3605    3605           
  Partials      147     147

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 5f14e23...8bcbb3d. Read the comment docs.

@davidmccormick
Copy link
Contributor

Thanks @Luke-Humphreys! It's great to see this functionality move into a plugin! 🎉

Given that the legacy non-plugin code is still active could you introduce some logic so that the two implementations do not clash with each other. We could add a warning on the old configuration that alerts the user that the legacy configuration is deprecated and will be removed in the next major release? If that proves complicated then perhaps you can disable the legacy code path when the plugin is enabled?

@davidmccormick davidmccormick added this to the v0.13.0 milestone Apr 10, 2019
@davidmccormick davidmccormick merged commit 623ae83 into kubernetes-retired:master May 13, 2019
davidmccormick added a commit that referenced this pull request May 16, 2019
@davidmccormick
Cluster-autoscaler plugin (#1576) (#1591)
b7c5e99 
* Adding cluster-autoscaler plugin

* Empty commit to trigger build
davidmccormick added a commit that referenced this pull request May 16, 2019
@davidmccormick
Master <- v0.14.x branch (#1592)
eb2ecb6 
* 0.14 release prep (#1590)

* Allow setting of kubernetes version through the build script not hidden away in the api package.

Update to k8s v1.13.5

Put the worker/kubelet and admin certs on the controllers.
Disabled apiserver insecure port 8080 - only https on 443 alllowed.

Configure controllers kubelet to do TLS bootstrapping same as workers (if >=1.14).

Update Networking Components (calico v3.6.1, flannel v0.11.0)

Enable PodPriority by default

Enable Metrics-server by default and remove heapster

Enable CoreDNS for Cluster DNS resolution

Refactor install-kube-system (group related manifests for clarity and deploy with single apply/delete for performance)

Update install-kube-system to clean up deprecated services and objects (.e.g. heapster)

Update Kiam to 3.2 - WARNING! Kiam Server Certificate now needs to be re-generated to include SAN "kiam-server" (previously was just kiam-server:443)

Remove Experminental Settings for TLSBootstrap, Pod Priority, NodeAuthorizer, PersistentVolumeClaimResize

Remove experimental Mutating and Validating Webhooks which are now enabled by default.

Update the node role label to node.kubernetes.io/role which is allowed by the NodeRestriction AdmissionController

* Update k8s version to v.1.14.1

* Reference the correct hyperkube image

* cherry pick kubelet configuration change

* Fix cluster dns setting

* Turn off serverTLSBootstrap by default because the csr's are not automatically signed

* Enable kubelet anonymous authentication but only allow Webhook authorization

Add RBAC objects to allow unauthenticated access to the kubelet's /healthz endpoint (so that cfn-signal can curl it without creds)

* Allow metrics-server to scrape kubelets with self-signed certificates

* update vendor

* Wrap apply-kube-aws-plugins into install-kube-system (so that we can do things after the plugin manifests and/or helm charts have been deployed)

* Update RBAC for Nodes to allow authenticated access to things like /logs to authenticated users

* Enable PodSecurityPolicies by default

Create core permissive policy for kube-system and optionally bind all SA's and Authenticated users to it if it is the only PSP present in the system

Remove deprecated DenyEscalatingExec admission controller in favour of using the PodSecurityPolicy controller

* Allow access to the kubelets for metrics scraping from worker nodes

* Add more calico crds that Typha wants to watch

* Add the old node labels back in

* Map Group system:nodes and User kube-worker to core permissive psp so that controller nodes can create mirror pods.

Remove writing kube-aws version to the motd - causing extended rolls just to update version number which is available on a tag anyway.

* Preserve multiple node roles in 0.14

* Correct broken default dashboard cpu resource

* Update kiam command line

* Fix for tiller not able to access kubelet

* Add localhost to kiam server cert

* Allow pass-through proxying to  all aws metadata values

* Correct regex

* Remove annoying request timeout

* Cluster-autoscaler plugin (#1576) (#1591)

* Adding cluster-autoscaler plugin

* Empty commit to trigger build
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@dominicgunn dominicgunn dominicgunn approved these changes

@cknowles cknowles Awaiting requested review from cknowles

@danielfm danielfm Awaiting requested review from danielfm

Assignees

@davidmccormick davidmccormick

Labels
cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. size/L Denotes a PR that changes 100-499 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@Luke-Humphreys @k8s-ci-robot @davidmccormick @codecov-io @dominicgunn @redbaron