From 66b2b450582593e93598fac80c8b3c29e8c8a944 Mon Sep 17 00:00:00 2001 From: Serge Logvinov Date: Wed, 5 May 2021 11:45:40 +0300 Subject: [PATCH] feat: add resources and use HTTPS checks in control plane pods - switch livenessProbe to ssl port - add request resources Signed-off-by: Serge Logvinov --- .../k8s/control_plane_static_pod.go | 29 ++++++++++++++++--- 1 file changed, 25 insertions(+), 4 deletions(-) diff --git a/internal/app/machined/pkg/controllers/k8s/control_plane_static_pod.go b/internal/app/machined/pkg/controllers/k8s/control_plane_static_pod.go index dda146e229..878538519b 100644 --- a/internal/app/machined/pkg/controllers/k8s/control_plane_static_pod.go +++ b/internal/app/machined/pkg/controllers/k8s/control_plane_static_pod.go @@ -16,6 +16,7 @@ import ( "github.com/cosi-project/runtime/pkg/resource" "github.com/cosi-project/runtime/pkg/state" v1 "k8s.io/api/core/v1" + apiresource "k8s.io/apimachinery/pkg/api/resource" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/util/intstr" @@ -261,6 +262,12 @@ func (ctrl *ControlPlaneStaticPodController) manageAPIServer(ctx context.Context ReadOnly: true, }, }, volumeMounts(cfg.ExtraVolumes)...), + Resources: v1.ResourceRequirements{ + Requests: v1.ResourceList{ + v1.ResourceCPU: apiresource.MustParse("200m"), + v1.ResourceMemory: apiresource.MustParse("512Mi"), + }, + }, }, }, HostNetwork: true, @@ -348,13 +355,20 @@ func (ctrl *ControlPlaneStaticPodController) manageControllerManager(ctx context LivenessProbe: &v1.Probe{ Handler: v1.Handler{ HTTPGet: &v1.HTTPGetAction{ - Path: "/healthz", - Port: intstr.FromInt(10252), + Path: "/healthz", + Port: intstr.FromInt(10257), + Scheme: v1.URISchemeHTTPS, }, }, InitialDelaySeconds: 15, TimeoutSeconds: 15, }, + Resources: v1.ResourceRequirements{ + Requests: v1.ResourceList{ + v1.ResourceCPU: apiresource.MustParse("50m"), + v1.ResourceMemory: apiresource.MustParse("256Mi"), + }, + }, }, }, HostNetwork: true, @@ -430,13 +444,20 @@ func (ctrl *ControlPlaneStaticPodController) manageScheduler(ctx context.Context LivenessProbe: &v1.Probe{ Handler: v1.Handler{ HTTPGet: &v1.HTTPGetAction{ - Path: "/healthz", - Port: intstr.FromInt(10251), + Path: "/healthz", + Port: intstr.FromInt(10259), + Scheme: v1.URISchemeHTTPS, }, }, InitialDelaySeconds: 15, TimeoutSeconds: 15, }, + Resources: v1.ResourceRequirements{ + Requests: v1.ResourceList{ + v1.ResourceCPU: apiresource.MustParse("10m"), + v1.ResourceMemory: apiresource.MustParse("64Mi"), + }, + }, }, }, HostNetwork: true,