From 96c4d70cc1c10e6837e97ca69e123d48d117a6f1 Mon Sep 17 00:00:00 2001 From: Ani Argjiri Date: Wed, 9 Oct 2024 15:41:33 +0200 Subject: [PATCH] Revert "fix: versions (#1749)" This reverts commit 4ad18c001ba351840c969ab61889172de82f080f. --- .../templates/tekton-tasks/buildpacks.yaml | 13 +- .../templates/tekton-tasks/git-clone.yaml | 13 +- .../team-ns/templates/tekton-tasks/grype.yaml | 11 +- .../templates/tekton-tasks/kaniko.yaml | 11 +- .../deployment-tekton-events-controller.yaml | 8 +- ...eployment-tekton-pipelines-controller.yaml | 8 +- ...ent-tekton-pipelines-remote-resolvers.yaml | 8 +- .../deployment-tekton-pipelines-webhook.yaml | 8 +- charts/tekton-pipelines/values.yaml | 20 +- core.yaml | 2 - helmfile.d/helmfile-60.teams.yaml | 4 - helmfile.d/snippets/defaults.yaml | 195 +++++++------ .../env/apps/ingress-nginx-platform.yaml | 6 - tests/fixtures/env/apps/otel.yaml | 19 +- .../apps/prometheus-blackbox-exporter.yaml | 18 -- tests/fixtures/env/teams.yaml | 115 -------- values-changes.yaml | 36 --- values-schema.yaml | 268 +----------------- values/argocd/argocd.gotmpl | 14 +- values/ingress-nginx/ingress-nginx.gotmpl | 4 +- values/istio-operator/istio-operator.gotmpl | 3 - values/jaeger-operator/jaeger-operator.gotmpl | 18 ++ values/otel-operator/otel-operator-raw.gotmpl | 5 - .../prometheus-blackbox-exporter.gotmpl | 16 +- .../prometheus-operator-team.gotmpl | 11 +- .../tekton-dashboard-teams.gotmpl | 2 + .../tekton-pipelines/tekton-pipelines.gotmpl | 8 +- values/tempo/tempo.gotmpl | 4 - versions.yaml | 6 +- 29 files changed, 237 insertions(+), 617 deletions(-) delete mode 100644 tests/fixtures/env/apps/prometheus-blackbox-exporter.yaml diff --git a/charts/team-ns/templates/tekton-tasks/buildpacks.yaml b/charts/team-ns/templates/tekton-tasks/buildpacks.yaml index 9e89a5b432..b9a80b4f34 100644 --- a/charts/team-ns/templates/tekton-tasks/buildpacks.yaml +++ b/charts/team-ns/templates/tekton-tasks/buildpacks.yaml @@ -1,5 +1,3 @@ -{{- $v := .Values }} -{{- range $v.resources }} apiVersion: tekton.dev/v1 kind: Task metadata: @@ -87,7 +85,13 @@ spec: env: - name: CNB_PLATFORM_API value: "0.9" - computeResources: {{- $v.resources.buildpacksTask | toYaml | nindent 6 }} + computeResources: + limits: + cpu: "2" + memory: 2Gi + requests: + cpu: 500m + memory: 512Mi steps: - name: prepare computeResources: {} @@ -197,5 +201,4 @@ spec: - name: empty-dir emptyDir: {} - name: layers-dir - emptyDir: {} -{{- end }} \ No newline at end of file + emptyDir: {} \ No newline at end of file diff --git a/charts/team-ns/templates/tekton-tasks/git-clone.yaml b/charts/team-ns/templates/tekton-tasks/git-clone.yaml index dbef667321..9e8f1c5a8f 100644 --- a/charts/team-ns/templates/tekton-tasks/git-clone.yaml +++ b/charts/team-ns/templates/tekton-tasks/git-clone.yaml @@ -1,5 +1,3 @@ -{{- $v := .Values }} -{{- range $v.resources }} apiVersion: tekton.dev/v1 kind: Task metadata: @@ -14,7 +12,13 @@ metadata: tekton.dev/platforms: "linux/amd64,linux/s390x,linux/ppc64le,linux/arm64" spec: stepTemplate: - computeResources: {{- $v.resources.gitcloneTask | toYaml | nindent 6 }} + computeResources: + limits: + cpu: "2" + memory: 2Gi + requests: + cpu: 500m + memory: 512Mi description: >- These Tasks are Git tasks to work with repositories used by other tasks in your Pipeline. @@ -255,5 +259,4 @@ spec: RESULT_COMMITTER_DATE="$(git log -1 --pretty=%ct)" printf "%s" "${RESULT_COMMITTER_DATE}" > "$(results.committer-date.path)" printf "%s" "${RESULT_SHA}" > "$(results.commit.path)" - printf "%s" "${PARAM_URL}" > "$(results.url.path)" -{{- end }} \ No newline at end of file + printf "%s" "${PARAM_URL}" > "$(results.url.path)" \ No newline at end of file diff --git a/charts/team-ns/templates/tekton-tasks/grype.yaml b/charts/team-ns/templates/tekton-tasks/grype.yaml index 7af77b7219..2284b5985f 100644 --- a/charts/team-ns/templates/tekton-tasks/grype.yaml +++ b/charts/team-ns/templates/tekton-tasks/grype.yaml @@ -1,5 +1,3 @@ -{{- $v := .Values }} -{{- range $v.resources }} apiVersion: tekton.dev/v1 kind: Task metadata: @@ -14,7 +12,13 @@ metadata: tekton.dev/platforms: "linux/amd64,linux/arm64,linux/ppc64le,linux/390x" spec: stepTemplate: - computeResources: {{- $v.resources.grypeTask | toYaml | nindent 6 }} + computeResources: + limits: + cpu: "2" + memory: 2Gi + requests: + cpu: 500m + memory: 512Mi description: >- A vulnerability scanner for container images and filesystems. Works with Syft, the powerful SBOM (software bill of materials) tool for container images and filesystems. @@ -43,4 +47,3 @@ spec: - "ALL" seccompProfile: type: RuntimeDefault -{{- end }} diff --git a/charts/team-ns/templates/tekton-tasks/kaniko.yaml b/charts/team-ns/templates/tekton-tasks/kaniko.yaml index 325b9e040d..038c14a9c3 100644 --- a/charts/team-ns/templates/tekton-tasks/kaniko.yaml +++ b/charts/team-ns/templates/tekton-tasks/kaniko.yaml @@ -1,5 +1,3 @@ -{{- $v := .Values }} -{{- range $v.resources }} apiVersion: tekton.dev/v1 kind: Task metadata: @@ -14,7 +12,13 @@ metadata: tekton.dev/platforms: "linux/amd64,linux/arm64,linux/ppc64le" spec: stepTemplate: - computeResources: {{- $v.resources.kanikoTask | toYaml | nindent 6 }} + computeResources: + limits: + cpu: "2" + memory: 2Gi + requests: + cpu: 500m + memory: 512Mi description: >- This Task builds a simple Dockerfile with kaniko and pushes to a registry. This Task stores the image name and digest as results, allowing Tekton Chains to pick up @@ -76,4 +80,3 @@ spec: set -e image="$(params.IMAGE)" echo -n "${image}" | tee "$(results.IMAGE_URL.path)" -{{- end }} \ No newline at end of file diff --git a/charts/tekton-pipelines/templates/deployment-tekton-events-controller.yaml b/charts/tekton-pipelines/templates/deployment-tekton-events-controller.yaml index 26dead707d..c0ba6d9112 100644 --- a/charts/tekton-pipelines/templates/deployment-tekton-events-controller.yaml +++ b/charts/tekton-pipelines/templates/deployment-tekton-events-controller.yaml @@ -63,7 +63,13 @@ spec: - name: tekton-events-controller image: {{ .Values.events.deployment.image }} args: [] - resources: {{- toYaml .Values.events.resources | nindent 12 }} + resources: + requests: + cpu: 100m + memory: 100Mi + limits: + cpu: 1000m + memory: 1000Mi volumeMounts: - name: config-logging mountPath: /etc/config-logging diff --git a/charts/tekton-pipelines/templates/deployment-tekton-pipelines-controller.yaml b/charts/tekton-pipelines/templates/deployment-tekton-pipelines-controller.yaml index 6af4390c21..efb629cf72 100644 --- a/charts/tekton-pipelines/templates/deployment-tekton-pipelines-controller.yaml +++ b/charts/tekton-pipelines/templates/deployment-tekton-pipelines-controller.yaml @@ -122,7 +122,13 @@ spec: runAsNonRoot: true seccompProfile: type: RuntimeDefault - resources: {{- toYaml .Values.controller.resources | nindent 12 }} + resources: + requests: + cpu: 100m + memory: 100Mi + limits: + cpu: 1000m + memory: 1000Mi ports: - name: metrics containerPort: 9090 diff --git a/charts/tekton-pipelines/templates/deployment-tekton-pipelines-remote-resolvers.yaml b/charts/tekton-pipelines/templates/deployment-tekton-pipelines-remote-resolvers.yaml index 9ba478663d..fb542d5fe5 100644 --- a/charts/tekton-pipelines/templates/deployment-tekton-pipelines-remote-resolvers.yaml +++ b/charts/tekton-pipelines/templates/deployment-tekton-pipelines-remote-resolvers.yaml @@ -64,7 +64,13 @@ spec: containers: - name: controller image: {{ .Values.remoteresolver.deployment.image }} - resources: {{- toYaml .Values.controller.resources | nindent 12 }} + resources: + requests: + cpu: 100m + memory: 100Mi + limits: + cpu: 1000m + memory: 2Gi ports: - name: metrics containerPort: 9090 diff --git a/charts/tekton-pipelines/templates/deployment-tekton-pipelines-webhook.yaml b/charts/tekton-pipelines/templates/deployment-tekton-pipelines-webhook.yaml index 73ff465386..ede6b365b7 100644 --- a/charts/tekton-pipelines/templates/deployment-tekton-pipelines-webhook.yaml +++ b/charts/tekton-pipelines/templates/deployment-tekton-pipelines-webhook.yaml @@ -78,7 +78,13 @@ spec: # and substituted here. image: {{ .Values.webhook.deployment.image }} # Resource request required for autoscaler to take any action for a metric - resources: {{- toYaml .Values.events.resources | nindent 12 }} + resources: + requests: + cpu: 100m + memory: 100Mi + limits: + cpu: 500m + memory: 500Mi env: - name: SYSTEM_NAMESPACE valueFrom: diff --git a/charts/tekton-pipelines/values.yaml b/charts/tekton-pipelines/values.yaml index dd018d4097..66928a987e 100644 --- a/charts/tekton-pipelines/values.yaml +++ b/charts/tekton-pipelines/values.yaml @@ -20,7 +20,13 @@ controller: - windows tolerations: [] nodeSelector: {} - resources: {} + resources: + requests: + cpu: 100m + memory: 100Mi + limits: + cpu: 1000m + memory: 1000Mi # Values for tekton-pipelines-webhook webhook: deployment: @@ -42,7 +48,6 @@ webhook: - windows tolerations: [] nodeSelector: {} - resources: {} # Values to amend tekton-pipelines-remote-resolvers remoteresolver: deployment: @@ -50,9 +55,14 @@ remoteresolver: affinity: {} tolerations: [] nodeSelector: {} - resources: {} + resources: + requests: + cpu: 100m + memory: 100Mi + limits: + cpu: 1000m + memory: 1000Mi events: deployment: - image: gcr.io/tekton-releases/github.com/tektoncd/pipeline/cmd/events:v0.53.0@sha256:340e1edd0783bdb86e396ef53499f068a42da1986a1d806ab652b448869637bd - resources: {} \ No newline at end of file + image: gcr.io/tekton-releases/github.com/tektoncd/pipeline/cmd/events:v0.53.0@sha256:340e1edd0783bdb86e396ef53499f068a42da1986a1d806ab652b448869637bd \ No newline at end of file diff --git a/core.yaml b/core.yaml index 4c387fc995..1b5e675408 100644 --- a/core.yaml +++ b/core.yaml @@ -3,7 +3,6 @@ k8s: namespaces: - name: argocd app: argocd - disableIstioInjection: true - name: cert-manager disableIstioInjection: true - name: cnpg-system @@ -110,7 +109,6 @@ k8s: - name: velero app: velero disablePolicyChecks: true - disableIstioInjection: true - name: otomi-pipelines app: tekton disableIstioInjection: true diff --git a/helmfile.d/helmfile-60.teams.yaml b/helmfile.d/helmfile-60.teams.yaml index d288e15085..8f207f1bf7 100644 --- a/helmfile.d/helmfile-60.teams.yaml +++ b/helmfile.d/helmfile-60.teams.yaml @@ -39,7 +39,6 @@ releases: pipeline: otomi-task-teams values: - ../values/tekton-dashboard/tekton-dashboard-teams.gotmpl - - resources: {{- $team.resources.tektonDashboard | toYaml | nindent 10 }} - name: prometheus-{{ $teamId }} installed: {{ or ($team | get "managedMonitoring.grafana" false) ($team | get "managedMonitoring.alertmanager" false) }} namespace: team-{{ $teamId }} @@ -58,7 +57,6 @@ releases: namespaceOverride: null alertmanagerSpec: externalUrl: "https://alertmanager-{{ $teamId }}.{{ $domain }}" - resources: {{- $team.resources.alertmanager | toYaml | nindent 14 }} podMetadata: annotations: sidecar.istio.io/inject: "true" @@ -79,14 +77,12 @@ releases: namespaceOverride: null # team-{{ $teamId }} nameOverride: {{ $teamId }}-po-grafana fullnameOverride: {{ $teamId }}-po-grafana - resources: {{- $team.resources.grafana | toYaml | nindent 12 }} grafana.ini: "auth.generic_oauth": role_attribute_path: contains(groups[*], 'admin') && 'Admin' || contains(groups[*], 'team-admin') && 'Admin' || contains(groups[*], 'team-{{ $teamId }}') && 'Editor'{{ if not ($team | get "managedMonitoring.private" false) }} || 'Viewer'{{- end }} server: root_url: https://grafana-{{ $teamId }}.{{ $domain }} sidecar: - resources: {{- $team.resources.grafanaSidecar | toYaml | nindent 14 }} datasources: defaultDatasourceEnabled: false dashboards: diff --git a/helmfile.d/snippets/defaults.yaml b/helmfile.d/snippets/defaults.yaml index d2eab31f72..086575d219 100644 --- a/helmfile.d/snippets/defaults.yaml +++ b/helmfile.d/snippets/defaults.yaml @@ -8,6 +8,13 @@ environments: alertmanager: enabled: false resources: + alertmanagerTeams: + requests: + cpu: 10m + memory: 64Mi + limits: + cpu: 200m + memory: 256Mi alertmanager: requests: cpu: 10m @@ -18,13 +25,13 @@ environments: _rawValues: {} argocd: applicationSet: - replicas: 2 + replicas: 1 controller: - replicas: 2 + replicas: 1 autoscaling: repoServer: enabled: true - minReplicas: 2 + minReplicas: 1 maxReplicas: 5 targetCPUUtilizationPercentage: 80 targetMemoryUtilizationPercentage: 80 @@ -37,7 +44,7 @@ environments: resources: controller: requests: - cpu: 200m + cpu: 500m memory: 1Gi limits: cpu: "2" @@ -52,7 +59,7 @@ environments: repo: requests: cpu: 100m - memory: 640M + memory: 512M limits: cpu: "1" memory: 1Gi @@ -73,13 +80,13 @@ environments: notifications: requests: cpu: 50m - memory: 160M + memory: 64M limits: cpu: "1" memory: 1Gi imageUpdater: requests: - memory: 160Mi + memory: 50Mi cpu: 50m limits: memory: 1Gi @@ -115,7 +122,7 @@ environments: memory: 64Mi limits: cpu: 100m - memory: 256Mi + memory: 256Mi _rawValues: {} cnpg: resources: @@ -141,7 +148,7 @@ environments: memory: 128Mi requests: memory: 64Mi - cpu: 10m + cpu: 10m falco: enabled: false driver: ebpf @@ -301,21 +308,21 @@ environments: memory: 1Gi requests: cpu: 100m - memory: 256Mi + memory: 128Mi memcached: limits: cpu: 250m memory: 256Mi requests: - cpu: 10m + cpu: 100m memory: 128Mi memcachedMetrics: limits: cpu: 200m memory: 128M requests: - cpu: 10m - memory: 16M + cpu: 50m + memory: 64M init: limits: cpu: 400m @@ -333,6 +340,13 @@ environments: limits: cpu: "1" memory: 1Gi + grafanaTeams: + requests: + cpu: 10m + memory: 128Mi + limits: + cpu: "1" + memory: 1Gi sidecar: limits: cpu: 500m @@ -340,6 +354,13 @@ environments: requests: cpu: 10m memory: 128Mi + sidecarTeams: + limits: + cpu: 500m + memory: 256Mi + requests: + cpu: 10m + memory: 128Mi _rawValues: {} harbor: enabled: false @@ -351,49 +372,49 @@ environments: resources: chartmuseum: requests: - cpu: 20m + cpu: 10m memory: 56Mi limits: cpu: 500m memory: 512Mi core: requests: - cpu: 20m + cpu: 10m memory: 128Mi limits: cpu: 500m memory: 512Mi jobservice: requests: - cpu: 20m - memory: 128Mi + cpu: 10m + memory: 32Mi limits: cpu: 500m memory: 512Mi portal: requests: - cpu: 20m - memory: 128Mi + cpu: 10m + memory: 32Mi limits: cpu: 500m memory: 512Mi redis: requests: - cpu: 20m + cpu: 100m memory: 128Mi limits: cpu: 500m memory: 512Mi registry: requests: - cpu: 20m + cpu: 10m memory: 32Mi limits: cpu: 500m memory: 256Mi registryController: requests: - cpu: 20m + cpu: 10m memory: 32Mi limits: cpu: 500m @@ -408,7 +429,7 @@ environments: nginx: requests: memory: 32Mi - cpu: 20m + cpu: 10m limits: memory: 512Mi cpu: 200m @@ -421,8 +442,6 @@ environments: enabled: true minReplicas: 2 maxReplicas: 10 - targetCPUUtilizationPercentage: 80 - targetMemoryUtilizationPercentage: 80 modsecurity: enabled: false block: false @@ -436,7 +455,7 @@ environments: controller: requests: cpu: 100m - memory: 384Mi + memory: 256Mi limits: cpu: "2" memory: 2Gi @@ -472,16 +491,9 @@ environments: egressGateway: enabled: false resources: - operator: - limits: - cpu: 200m - memory: 256Mi - requests: - cpu: 20m - memory: 128Mi proxy: requests: - cpu: 5m + cpu: 20m memory: 80Mi limits: cpu: "1" @@ -503,7 +515,7 @@ environments: pilot: requests: cpu: 100m - memory: 192Mi + memory: 128Mi limits: cpu: "2" memory: 2Gi @@ -514,10 +526,31 @@ environments: operator: limits: cpu: 500m - memory: 1Gi + memory: 128Mi + requests: + cpu: 100m + memory: 128Mi + agent: + limits: + cpu: 100m + memory: 128Mi + requests: + cpu: 10m + memory: 32Mi + collector: + limits: + cpu: 100m + memory: 128Mi requests: + cpu: 10m + memory: 32Mi + ingester: + limits: cpu: 100m memory: 128Mi + requests: + cpu: 10m + memory: 32Mi jaeger: limits: cpu: "1" @@ -532,18 +565,18 @@ environments: resources: keycloak: requests: - cpu: 100m - memory: 640Mi + cpu: 200m + memory: 512Mi limits: cpu: "2" memory: 2Gi operator: requests: cpu: 100m - memory: 336Mi + memory: 128Mi limits: cpu: "1" - memory: 1Gi + memory: 512Mi idp: alias: otomi-idp clientID: otomi @@ -634,21 +667,7 @@ environments: pipelinesRemoteresolver: requests: cpu: 100m - memory: 128Mi - limits: - cpu: "1" - memory: 1Gi - pipelinesEvents: - requests: - cpu: 100m - memory: 128Mi - limits: - cpu: "1" - memory: 1Gi - pipelinesWebhook: - requests: - cpu: 100m - memory: 144Mi + memory: 100Mi limits: cpu: "1" memory: 1Gi @@ -701,7 +720,7 @@ environments: querier: requests: cpu: 50m - memory: 144Mi + memory: 64Mi limits: cpu: 200m memory: 256Mi @@ -725,7 +744,7 @@ environments: memory: 32Mi requests: cpu: 50m - memory: 16Mi + memory: 16Mi persistence: ingester: size: 20Gi @@ -875,7 +894,7 @@ environments: memory: 128Mi limits: cpu: "1" - memory: 1Gi + memory: 512Mi _rawValues: {} apl-gitea-operator: resources: @@ -885,7 +904,7 @@ environments: memory: 128Mi limits: cpu: "1" - memory: 1Gi + memory: 512Mi _rawValues: {} apl-keycloak-operator: resources: @@ -895,35 +914,20 @@ environments: memory: 128Mi limits: cpu: "1" - memory: 1Gi + memory: 512Mi _rawValues: {} promtail: enabled: false resources: requests: - cpu: 50m - memory: 160Mi + cpu: 200m + memory: 256Mi limits: cpu: "1" - memory: 1Gi + memory: 512Mi _rawValues: {} prometheus-blackbox-exporter: _rawValues: {} - resources: - blackboxExporter: - requests: - cpu: 50m - memory: 50Mi - limits: - cpu: 250m - memory: 300Mi - sentinel: - requests: - cpu: 100m - memory: 32Mi - limits: - cpu: 200m - memory: 128Mi prometheus: enabled: false disabledRules: @@ -947,8 +951,8 @@ environments: memory: 128Mi prometheus: requests: - cpu: 100m - memory: 2Gi + cpu: 50m + memory: 1Gi limits: cpu: '3' memory: 3Gi @@ -968,15 +972,15 @@ environments: memory: 256Mi thanosSidecar: requests: - cpu: 10m + cpu: 50m memory: 64Mi limits: cpu: "1" - memory: 512Mi + memory: 256Mi prometheusConfigReloader: requests: cpu: 10m - memory: 24Mi + memory: 32Mi limits: cpu: 100m memory: 128Mi @@ -985,11 +989,6 @@ environments: enabled: false collector: mode: deployment - autoscaler: - minReplicas: 2 - maxReplicas: 5 - targetCPUUtilizationPercentage: 80 - targetMemoryUtilizationPercentage: 80 attributes: - k8s.pod.name - k8s.pod.uid @@ -1002,24 +1001,24 @@ environments: resources: collector: requests: - cpu: 50m - memory: 256Mi + cpu: 100m + memory: 128Mi limits: cpu: "1" memory: 1Gi manager: requests: cpu: 50m - memory: 64Mi + memory: 32Mi limits: - cpu: 500m + cpu: 200m memory: 512Mi kubeRBACProxy: requests: cpu: 50m - memory: 32Mi + memory: 64Mi limits: - cpu: 200m + cpu: 500m memory: 128Mi _rawValues: {} sealed-secrets: @@ -1090,7 +1089,7 @@ environments: autoscaling: ingester: enabled: false - minReplicas: 2 + minReplicas: 1 maxReplicas: 3 targetCPUUtilizationPercentage: 80 targetMemoryUtilizationPercentage: 80 @@ -1175,7 +1174,7 @@ environments: operator: requests: cpu: 10m - memory: 512Mi + memory: 256Mi limits: cpu: "1" memory: 1Gi @@ -1211,7 +1210,7 @@ environments: memory: 1Gi requests: cpu: 50m - memory: 512Mi + memory: 128Mi harbor: size: 5Gi replicas: 2 @@ -1234,7 +1233,7 @@ environments: memory: 1Gi requests: cpu: 50m - memory: 256Mi + memory: 128Mi obj: provider: type: disabled diff --git a/tests/fixtures/env/apps/ingress-nginx-platform.yaml b/tests/fixtures/env/apps/ingress-nginx-platform.yaml index 77c8fe44b3..18c71d4119 100644 --- a/tests/fixtures/env/apps/ingress-nginx-platform.yaml +++ b/tests/fixtures/env/apps/ingress-nginx-platform.yaml @@ -19,9 +19,3 @@ apps: requests: cpu: 100m memory: 192Mi - autoscaling: - enabled: true - maxReplicas: 10 - minReplicas: 1 - targetCPUUtilizationPercentage: 80 - targetMemoryUtilizationPercentage: 80 diff --git a/tests/fixtures/env/apps/otel.yaml b/tests/fixtures/env/apps/otel.yaml index 7182eb1c7e..2b96e10e87 100644 --- a/tests/fixtures/env/apps/otel.yaml +++ b/tests/fixtures/env/apps/otel.yaml @@ -3,18 +3,13 @@ apps: enabled: true collector: mode: deployment - autoscaler: - minReplicas: 2 - maxReplicas: 6 - targetCPUUtilizationPercentage: 80 - targetMemoryUtilizationPercentage: 80 - attributes: - - k8s.pod.name - - k8s.pod.uid - - k8s.deployment.name - - k8s.namespace.name - - k8s.node.name - - k8s.pod.start_time + attributes: + - k8s.pod.name + - k8s.pod.uid + - k8s.deployment.name + - k8s.namespace.name + - k8s.node.name + - k8s.pod.start_time operator: replicaCount: 1 resources: diff --git a/tests/fixtures/env/apps/prometheus-blackbox-exporter.yaml b/tests/fixtures/env/apps/prometheus-blackbox-exporter.yaml deleted file mode 100644 index ba381353d7..0000000000 --- a/tests/fixtures/env/apps/prometheus-blackbox-exporter.yaml +++ /dev/null @@ -1,18 +0,0 @@ -apps: - prometheus-blackbox-exporter: - _rawValues: {} - resources: - blackboxExporter: - requests: - cpu: 50m - memory: 50Mi - limits: - cpu: 250m - memory: 300Mi - sentinel: - requests: - cpu: 100m - memory: 32Mi - limits: - cpu: 200m - memory: 128Mi diff --git a/tests/fixtures/env/teams.yaml b/tests/fixtures/env/teams.yaml index 3c9c45dbc9..57a0146ee0 100644 --- a/tests/fixtures/env/teams.yaml +++ b/tests/fixtures/env/teams.yaml @@ -41,64 +41,6 @@ teamConfig: - alerts policies: - edit policies - resources: - alertmanager: - requests: - cpu: 100m - memory: 64Mi - limits: - cpu: 200m - memory: 256Mi - grafana: - requests: - cpu: 10m - memory: 128Mi - limits: - cpu: '1' - memory: 1Gi - grafanaSidecar: - limits: - cpu: 500m - memory: 256Mi - requests: - cpu: 10m - memory: 128Mi - buildpacksTask: - limits: - cpu: '10' - memory: 2Gi - requests: - cpu: 500m - memory: 512Mi - gitcloneTask: - limits: - cpu: '2' - memory: 2Gi - requests: - cpu: 500m - memory: 512Mi - grypeTask: - limits: - cpu: '2' - memory: 2Gi - requests: - cpu: 500m - memory: 512Mi - kanikoTask: - limits: - cpu: '2' - memory: 2Gi - requests: - cpu: 500m - memory: 512Mi - tektonDashboard: - limits: - cpu: 101m - memory: 128Mi - requests: - cpu: 10m - memory: 64Mi - dev: id: dev managedMonitoring: @@ -110,60 +52,3 @@ teamConfig: - downloadCertificateAuthority policies: - edit policies - resources: - alertmanager: - requests: - cpu: 10m - memory: 64Mi - limits: - cpu: 200m - memory: 256Mi - grafana: - requests: - cpu: 10m - memory: 128Mi - limits: - cpu: '1' - memory: 1Gi - grafanaSidecar: - limits: - cpu: 500m - memory: 256Mi - requests: - cpu: 10m - memory: 128Mi - buildpacksTask: - limits: - cpu: '2' - memory: 2Gi - requests: - cpu: 500m - memory: 512Mi - gitcloneTask: - limits: - cpu: '2' - memory: 2Gi - requests: - cpu: 500m - memory: 512Mi - grypeTask: - limits: - cpu: '2' - memory: 2Gi - requests: - cpu: 500m - memory: 512Mi - kanikoTask: - limits: - cpu: '2' - memory: 2Gi - requests: - cpu: 500m - memory: 512Mi - tektonDashboard: - limits: - cpu: 1000m - memory: 188Mi - requests: - cpu: 10m - memory: 64Mi diff --git a/values-changes.yaml b/values-changes.yaml index 787406d684..11d4ddbf82 100644 --- a/values-changes.yaml +++ b/values-changes.yaml @@ -299,42 +299,6 @@ changes: - 'apps.cert-manager.resources': 'apps.cert-manager.resources.certManager' - 'apps.alertmanager.resources': 'apps.alertmanager.resources.alertmanager' - 'apps.istio.global.proxy.resources': 'apps.istio.resources.proxy' - - 'apps.alertmanager.resources.alertmanagerTeams': 'teamConfig.{team}.resources.alertmanager' deletions: - 'teamConfig.{team}.managedMonitoring.prometheus' - 'apps.grafana.resources.downloadDashboards' - - 'apps.grafana.resources.grafanaTeams' - - 'apps.grafana.resources.sidecarTeams' - additions: - - 'teamConfig.{team}.resources.alertmanager.requests.cpu': 10m - - 'teamConfig.{team}.resources.alertmanager.requests.memory': 64Mi - - 'teamConfig.{team}.resources.alertmanager.limits.cpu': 200m - - 'teamConfig.{team}.resources.alertmanager.limits.memory': 256Mi - - 'teamConfig.{team}.resources.grafana.requests.cpu': 10m - - 'teamConfig.{team}.resources.grafana.requests.memory': 128Mi - - 'teamConfig.{team}.resources.grafana.limits.cpu': '1' - - 'teamConfig.{team}.resources.grafana.limits.memory': 1Gi - - 'teamConfig.{team}.resources.buildpacksTask.requests.cpu': 200m - - 'teamConfig.{team}.resources.buildpacksTask.requests.memory': 128Mi - - 'teamConfig.{team}.resources.buildpacksTask.limits.cpu': '2' - - 'teamConfig.{team}.resources.buildpacksTask.limits.memory': 2Gi - - 'teamConfig.{team}.resources.gitcloneTask.requests.cpu': 200m - - 'teamConfig.{team}.resources.gitcloneTask.requests.memory': 128Mi - - 'teamConfig.{team}.resources.gitcloneTask.limits.cpu': '2' - - 'teamConfig.{team}.resources.gitcloneTask.limits.memory': 2Gi - - 'teamConfig.{team}.resources.grypeTask.requests.cpu': 200m - - 'teamConfig.{team}.resources.grypeTask.requests.memory': 128Mi - - 'teamConfig.{team}.resources.grypeTask.limits.cpu': '2' - - 'teamConfig.{team}.resources.grypeTask.limits.memory': 2Gi - - 'teamConfig.{team}.resources.kanikoTask.requests.cpu': 200m - - 'teamConfig.{team}.resources.kanikoTask.requests.memory': 128Mi - - 'teamConfig.{team}.resources.kanikoTask.limits.cpu': '2' - - 'teamConfig.{team}.resources.kanikoTask.limits.memory': 2Gi - - 'teamConfig.{team}.resources.tektonDashboard.requests.cpu': 10m - - 'teamConfig.{team}.resources.tektonDashboard.requests.memory': 64Mi - - 'teamConfig.{team}.resources.tektonDashboard.limits.cpu': 100m - - 'teamConfig.{team}.resources.tektonDashboard.limits.memory': 128Mi - - 'teamConfig.{team}.resources.grafanaSidecar.requests.cpu': 10m - - 'teamConfig.{team}.resources.grafanaSidecar.requests.memory': 128Mi - - 'teamConfig.{team}.resources.grafanaSidecar.limits.cpu': 200m - - 'teamConfig.{team}.resources.grafanaSidecar.limits.memory': 256Mi diff --git a/values-schema.yaml b/values-schema.yaml index ea8aa7d4cc..51e73f5e42 100644 --- a/values-schema.yaml +++ b/values-schema.yaml @@ -427,23 +427,7 @@ definitions: type: string default: '0.01' autoscaling: - additionalProperties: false - properties: - enabled: - default: true - type: boolean - maxReplicas: - type: integer - default: 10 - minReplicas: - type: integer - default: 1 - targetCPUUtilizationPercentage: - type: integer - default: 80 - targetMemoryUtilizationPercentage: - type: integer - default: 80 + $ref: '#/definitions/autoscalingEnabled' maxBodySize: type: string default: 1024m @@ -1144,224 +1128,6 @@ definitions: private: type: boolean default: false - resources: - properties: - alertmanager: - additionalProperties: false - properties: - requests: - additionalProperties: false - properties: - cpu: - $ref: '#/definitions/cpuQuantity' - default: 10m - memory: - $ref: '#/definitions/memoryQuantity' - default: 64Mi - required: - - cpu - - memory - limits: - additionalProperties: false - properties: - cpu: - $ref: '#/definitions/cpuQuantity' - default: 200m - memory: - $ref: '#/definitions/memoryQuantity' - default: 256Mi - required: - - cpu - - memory - grafana: - additionalProperties: false - properties: - requests: - additionalProperties: false - properties: - cpu: - $ref: '#/definitions/cpuQuantity' - default: 10m - memory: - $ref: '#/definitions/memoryQuantity' - default: 128Mi - required: - - cpu - - memory - limits: - additionalProperties: false - properties: - cpu: - $ref: '#/definitions/cpuQuantity' - default: '1' - memory: - $ref: '#/definitions/memoryQuantity' - default: 1Gi - required: - - cpu - - memory - buildpacksTask: - additionalProperties: false - properties: - requests: - additionalProperties: false - properties: - cpu: - $ref: '#/definitions/cpuQuantity' - default: 200m - memory: - $ref: '#/definitions/memoryQuantity' - default: 128Mi - required: - - cpu - - memory - limits: - additionalProperties: false - properties: - cpu: - $ref: '#/definitions/cpuQuantity' - default: '2' - memory: - $ref: '#/definitions/memoryQuantity' - default: 2Gi - required: - - cpu - - memory - gitcloneTask: - additionalProperties: false - properties: - requests: - additionalProperties: false - properties: - cpu: - $ref: '#/definitions/cpuQuantity' - default: 200m - memory: - $ref: '#/definitions/memoryQuantity' - default: 128Mi - required: - - cpu - - memory - limits: - additionalProperties: false - properties: - cpu: - $ref: '#/definitions/cpuQuantity' - default: '2' - memory: - $ref: '#/definitions/memoryQuantity' - default: 2Gi - required: - - cpu - - memory - grypeTask: - additionalProperties: false - properties: - requests: - additionalProperties: false - properties: - cpu: - $ref: '#/definitions/cpuQuantity' - default: 200m - memory: - $ref: '#/definitions/memoryQuantity' - default: 128Mi - required: - - cpu - - memory - limits: - additionalProperties: false - properties: - cpu: - $ref: '#/definitions/cpuQuantity' - default: '2' - memory: - $ref: '#/definitions/memoryQuantity' - default: 2Gi - required: - - cpu - - memory - kanikoTask: - additionalProperties: false - properties: - requests: - additionalProperties: false - properties: - cpu: - $ref: '#/definitions/cpuQuantity' - default: 200m - memory: - $ref: '#/definitions/memoryQuantity' - default: 128Mi - required: - - cpu - - memory - limits: - additionalProperties: false - properties: - cpu: - $ref: '#/definitions/cpuQuantity' - default: '2' - memory: - $ref: '#/definitions/memoryQuantity' - default: 2Gi - required: - - cpu - - memory - tektonDashboard: - additionalProperties: false - properties: - requests: - additionalProperties: false - properties: - cpu: - $ref: '#/definitions/cpuQuantity' - default: 10m - memory: - $ref: '#/definitions/memoryQuantity' - default: 64Mi - required: - - cpu - - memory - limits: - additionalProperties: false - properties: - cpu: - $ref: '#/definitions/cpuQuantity' - default: '100m' - memory: - $ref: '#/definitions/memoryQuantity' - default: 128Mi - required: - - cpu - - memory - grafanaSidecar: - additionalProperties: false - properties: - requests: - additionalProperties: false - properties: - cpu: - $ref: '#/definitions/cpuQuantity' - default: 10m - memory: - $ref: '#/definitions/memoryQuantity' - default: 128Mi - required: - - cpu - - memory - limits: - additionalProperties: false - properties: - cpu: - $ref: '#/definitions/cpuQuantity' - default: 200m - memory: - $ref: '#/definitions/memoryQuantity' - default: 256Mi - required: - - cpu - - memory networkPolicy: ingressPrivate: title: Enable filtering of ingress traffic inside the cluster @@ -1703,6 +1469,8 @@ properties: $ref: '#/definitions/imageSimple' resources: properties: + alertmanagerTeams: + $ref: '#/definitions/resources' alertmanger: $ref: '#/definitions/resources' argocd: @@ -2027,6 +1795,10 @@ properties: $ref: '#/definitions/resources' sidecar: $ref: '#/definitions/resources' + grafanaTeams: + $ref: '#/definitions/resources' + sidecarTeams: + $ref: '#/definitions/resources' harbor: additionalProperties: false properties: @@ -2167,8 +1939,6 @@ properties: $ref: '#/definitions/resources' proxy: $ref: '#/definitions/resources' - operator: - $ref: '#/definitions/resources' jaeger: additionalProperties: false properties: @@ -2178,6 +1948,12 @@ properties: resources: operator: $ref: '#/definitions/resources' + agent: + $ref: '#/definitions/resources' + collector: + $ref: '#/definitions/resources' + ingester: + $ref: '#/definitions/resources' jaeger: $ref: '#/definitions/resources' _rawValues: @@ -2357,10 +2133,6 @@ properties: $ref: '#/definitions/resources' pipelinesRemoteresolver: $ref: '#/definitions/resources' - pipelinesEvents: - $ref: '#/definitions/resources' - pipelinesWebhook: - $ref: '#/definitions/resources' triggersInterceptors: $ref: '#/definitions/resources' triggersController: @@ -2814,20 +2586,6 @@ properties: - deployment - daemonset - statefulset - autoscaler: - properties: - maxReplicas: - type: integer - default: 5 - minReplicas: - type: integer - default: 2 - targetCPUUtilizationPercentage: - type: integer - default: 80 - targetMemoryUtilizationPercentage: - type: integer - default: 80 attributes: type: array title: Kubernetes Attributes diff --git a/values/argocd/argocd.gotmpl b/values/argocd/argocd.gotmpl index 6b2b6c49c8..def02851e6 100644 --- a/values/argocd/argocd.gotmpl +++ b/values/argocd/argocd.gotmpl @@ -11,12 +11,7 @@ global: {{- end }} # ApplicationSet Controller applicationSet: - replicas: {{ $a.applicationSet.replicas }} - pdb: - enabled: true - labels: - app.kubernetes.io/component: applicationset-controller - minAvailable: 1 + replicas: {{ $a.applicationSet.replicas }} resources: {{- $a.resources.applicationSet | toYaml | nindent 4 }} metrics: enabled: true @@ -27,12 +22,7 @@ applicationSet: # Application Controller controller: - replicas: {{ $a.controller.replicas }} - pdb: - enabled: true - labels: - app.kubernetes.io/component: application-controller - minAvailable: 1 + replicas: {{ $a.controller.replicas }} resources: {{- $a.resources.controller | toYaml | nindent 4 }} metrics: enabled: true diff --git a/values/ingress-nginx/ingress-nginx.gotmpl b/values/ingress-nginx/ingress-nginx.gotmpl index 7d5f2f69c6..07be08ea5a 100644 --- a/values/ingress-nginx/ingress-nginx.gotmpl +++ b/values/ingress-nginx/ingress-nginx.gotmpl @@ -43,8 +43,8 @@ controller: enabled: {{ $n.autoscaling.enabled }} minReplicas: {{ $n.autoscaling.minReplicas }} maxReplicas: {{ $n.autoscaling.maxReplicas }} - targetCPUUtilizationPercentage: {{ $n.autoscaling.targetCPUUtilizationPercentage }} - targetMemoryUtilizationPercentage: {{ $n.autoscaling.targetMemoryUtilizationPercentage }} + targetCPUUtilizationPercentage: 60 + targetMemoryUtilizationPercentage: 75 priorityClassName: otomi-critical extraArgs: v: 3 diff --git a/values/istio-operator/istio-operator.gotmpl b/values/istio-operator/istio-operator.gotmpl index 9394893298..9abfec6278 100644 --- a/values/istio-operator/istio-operator.gotmpl +++ b/values/istio-operator/istio-operator.gotmpl @@ -5,9 +5,6 @@ hub: istio operatorNamespace: istio-operator -operator: - resources: {{- $i.resources.operator | toYaml | nindent 6 }} - {{- with .Values.otomi | get "globalPullSecret" nil }} imagePullSecrets: - otomi-pullsecret-global diff --git a/values/jaeger-operator/jaeger-operator.gotmpl b/values/jaeger-operator/jaeger-operator.gotmpl index 7348a3f80d..a4612777a9 100644 --- a/values/jaeger-operator/jaeger-operator.gotmpl +++ b/values/jaeger-operator/jaeger-operator.gotmpl @@ -10,8 +10,26 @@ jaeger: options: query: base-path: /jaeger + agent: + resources: {{- $j.resources.agent | toYaml | nindent 8 }} + securityContext: + runAsNonRoot: true + runAsUser: 1000 + sidecarSecurityContext: + runAsNonRoot: true + runAsUser: 1000 annotations: sidecar.istio.io/inject: "true" + collector: + resources: {{- $j.resources.collector | toYaml | nindent 8 }} + securityContext: + runAsNonRoot: true + runAsUser: 1000 + ingester: + resources: {{- $j.resources.ingester | toYaml | nindent 8 }} + securityContext: + runAsNonRoot: true + runAsUser: 1000 ingress: enabled: false resources: {{- $j.resources.jaeger | toYaml | nindent 6 }} diff --git a/values/otel-operator/otel-operator-raw.gotmpl b/values/otel-operator/otel-operator-raw.gotmpl index fcadfdae5a..da7201e1e5 100644 --- a/values/otel-operator/otel-operator-raw.gotmpl +++ b/values/otel-operator/otel-operator-raw.gotmpl @@ -74,11 +74,6 @@ resources: - jaeger {{- end }} mode: {{ $o.collector.mode }} - autoscaler: - minReplicas: {{ $o.collector.autoscaler.minReplicas }} - maxReplicas: {{ $o.collector.autoscaler.maxReplicas }} - targetCPUUtilization: {{ $o.collector.autoscaler.targetCPUUtilizationPercentage }} - targetMemoryUtilization: {{ $o.collector.autoscaler.targetMemoryUtilizationPercentage }} resources: {{- $o.resources.collector | toYaml | nindent 8 }} - apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole diff --git a/values/prometheus-blackbox-exporter/prometheus-blackbox-exporter.gotmpl b/values/prometheus-blackbox-exporter/prometheus-blackbox-exporter.gotmpl index 7e4d500d6a..c5ef5ed8ee 100644 --- a/values/prometheus-blackbox-exporter/prometheus-blackbox-exporter.gotmpl +++ b/values/prometheus-blackbox-exporter/prometheus-blackbox-exporter.gotmpl @@ -7,10 +7,22 @@ persistence: size: 1Gi usePassword: false -resources: {{- $pbe.resources.blackboxExporter | toYaml | nindent 4 }} +resources: + requests: + cpu: 50m + memory: 50Mi + limits: + cpu: 250m + memory: 300Mi sentinel: - resources: {{- $pbe.resources.sentinel | toYaml | nindent 6 }} + resources: + requests: + cpu: 100m + memory: 32Mi + limits: + cpu: 200m + memory: 128Mi config: modules: diff --git a/values/prometheus-operator/prometheus-operator-team.gotmpl b/values/prometheus-operator/prometheus-operator-team.gotmpl index 0a64a6ad92..2e296cfc73 100644 --- a/values/prometheus-operator/prometheus-operator-team.gotmpl +++ b/values/prometheus-operator/prometheus-operator-team.gotmpl @@ -59,13 +59,12 @@ grafana: enabled: false defaultDashboardsEnabled: false plugins: [] + resources: {{- $g.resources.grafanaTeams | toYaml | nindent 4 }} + sidecar: + resources: {{- $g.resources.sidecarTeams | toYaml | nindent 6 }} alertmanager: serviceMonitor: selfMonitor: false - -prometheus: - thanosService: - enabled: false - thanosServiceMonitor: - enabled: false \ No newline at end of file + alertmanagerSpec: + resources: {{- $a.resources.alertmanagerTeams | toYaml | nindent 6 }} diff --git a/values/tekton-dashboard/tekton-dashboard-teams.gotmpl b/values/tekton-dashboard/tekton-dashboard-teams.gotmpl index 6573c6f674..5b58683648 100644 --- a/values/tekton-dashboard/tekton-dashboard-teams.gotmpl +++ b/values/tekton-dashboard/tekton-dashboard-teams.gotmpl @@ -2,6 +2,8 @@ {{- $v := .Values }} {{- $t := $v.apps.tekton }} +resources: {{- $t.resources.dashboard | toYaml | nindent 2 }} + teamId: {{ $teamId }} args: diff --git a/values/tekton-pipelines/tekton-pipelines.gotmpl b/values/tekton-pipelines/tekton-pipelines.gotmpl index e1dd749abc..911e033d4b 100644 --- a/values/tekton-pipelines/tekton-pipelines.gotmpl +++ b/values/tekton-pipelines/tekton-pipelines.gotmpl @@ -5,10 +5,4 @@ controller: resources: {{- $t.resources.pipelinesController | toYaml | nindent 4 }} remoteresolver: - resources: {{- $t.resources.pipelinesRemoteresolver | toYaml | nindent 4 }} - -events: - resources: {{- $t.resources.pipelinesEvents | toYaml | nindent 4 }} - -webhook: - resources: {{- $t.resources.pipelinesWebhook | toYaml | nindent 4 }} \ No newline at end of file + resources: {{- $t.resources.pipelinesRemoteresolver | toYaml | nindent 4 }} \ No newline at end of file diff --git a/values/tempo/tempo.gotmpl b/values/tempo/tempo.gotmpl index ea8e8ca120..943ac0f66a 100644 --- a/values/tempo/tempo.gotmpl +++ b/values/tempo/tempo.gotmpl @@ -6,7 +6,6 @@ fullnameOverride: tempo ingester: - replicas: {{ $t.autoscaling.ingester.minReplicas }} resources: {{- $t.resources.ingester | toYaml | nindent 4 }} autoscaling: enabled: {{ $t.autoscaling.ingester.enabled }} @@ -22,7 +21,6 @@ ingester: {{- end }} distributor: - replicas: {{ $t.autoscaling.distributor.minReplicas }} resources: {{- $t.resources.distributor | toYaml | nindent 4 }} autoscaling: enabled: {{ $t.autoscaling.distributor.enabled }} @@ -40,7 +38,6 @@ compactor: resources: {{- $t.resources.compactor | toYaml | nindent 4 }} querier: - replicas: {{ $t.autoscaling.querier.minReplicas }} resources: {{- $t.resources.querier | toYaml | nindent 4 }} autoscaling: enabled: {{ $t.autoscaling.querier.enabled }} @@ -50,7 +47,6 @@ querier: targetMemoryUtilizationPercentage: {{ $t.autoscaling.querier.targetMemoryUtilizationPercentage }} queryFrontend: - replicas: {{ $t.autoscaling.queryFrontend.minReplicas }} resources: {{- $t.resources.queryFrontend | toYaml | nindent 4 }} autoscaling: enabled: {{ $t.autoscaling.queryFrontend.enabled }} diff --git a/versions.yaml b/versions.yaml index a0c76f6307..363880183f 100644 --- a/versions.yaml +++ b/versions.yaml @@ -1,4 +1,4 @@ -api: main -console: main -tasks: main +api: APL-132-prometheus-ha +console: APL-132-prometheus-ha +tasks: 3.2.0 tools: 2.7.0