From 5adce594e9ef519d1277a4ee9e8439a020a1fa82 Mon Sep 17 00:00:00 2001 From: Oliver King Date: Fri, 27 Oct 2023 10:25:15 -0500 Subject: [PATCH] remove limits --- pkg/manifests/fixtures/nginx/full.json | 20 +++++++++++++------ pkg/manifests/fixtures/nginx/internal.json | 20 +++++++++++++------ pkg/manifests/fixtures/nginx/kube-system.json | 20 +++++++++++++------ .../fixtures/nginx/no-ownership.json | 20 +++++++++++++------ .../nginx/optional-features-disabled.json | 20 +++++++++++++------ pkg/manifests/nginx.go | 18 +++++++++++------ 6 files changed, 82 insertions(+), 36 deletions(-) diff --git a/pkg/manifests/fixtures/nginx/full.json b/pkg/manifests/fixtures/nginx/full.json index e92a00be..ddc2272f 100644 --- a/pkg/manifests/fixtures/nginx/full.json +++ b/pkg/manifests/fixtures/nginx/full.json @@ -554,10 +554,6 @@ } ], "resources": { - "limits": { - "cpu": "1500m", - "memory": "512Mi" - }, "requests": { "cpu": "500m", "memory": "127Mi" @@ -633,7 +629,19 @@ "operator": "Exists" } ], - "priorityClassName": "system-node-critical" + "priorityClassName": "system-node-critical", + "topologySpreadConstraints": [ + { + "maxSkew": 1, + "topologyKey": "kubernetes.io/hostname", + "whenUnsatisfiable": "ScheduleAnyway", + "labelSelector": { + "matchLabels": { + "app": "nginx" + } + } + } + ] } }, "strategy": {}, @@ -732,7 +740,7 @@ }, "minReplicas": 2, "maxReplicas": 100, - "targetCPUUtilizationPercentage": 90 + "targetCPUUtilizationPercentage": 80 }, "status": { "currentReplicas": 0, diff --git a/pkg/manifests/fixtures/nginx/internal.json b/pkg/manifests/fixtures/nginx/internal.json index c490c1ed..f590790b 100644 --- a/pkg/manifests/fixtures/nginx/internal.json +++ b/pkg/manifests/fixtures/nginx/internal.json @@ -554,10 +554,6 @@ } ], "resources": { - "limits": { - "cpu": "1500m", - "memory": "512Mi" - }, "requests": { "cpu": "500m", "memory": "127Mi" @@ -633,7 +629,19 @@ "operator": "Exists" } ], - "priorityClassName": "system-node-critical" + "priorityClassName": "system-node-critical", + "topologySpreadConstraints": [ + { + "maxSkew": 1, + "topologyKey": "kubernetes.io/hostname", + "whenUnsatisfiable": "ScheduleAnyway", + "labelSelector": { + "matchLabels": { + "app": "nginx" + } + } + } + ] } }, "strategy": {}, @@ -732,7 +740,7 @@ }, "minReplicas": 2, "maxReplicas": 100, - "targetCPUUtilizationPercentage": 90 + "targetCPUUtilizationPercentage": 80 }, "status": { "currentReplicas": 0, diff --git a/pkg/manifests/fixtures/nginx/kube-system.json b/pkg/manifests/fixtures/nginx/kube-system.json index 09cf906f..5e118a62 100644 --- a/pkg/manifests/fixtures/nginx/kube-system.json +++ b/pkg/manifests/fixtures/nginx/kube-system.json @@ -476,10 +476,6 @@ } ], "resources": { - "limits": { - "cpu": "1500m", - "memory": "512Mi" - }, "requests": { "cpu": "500m", "memory": "127Mi" @@ -555,7 +551,19 @@ "operator": "Exists" } ], - "priorityClassName": "system-node-critical" + "priorityClassName": "system-node-critical", + "topologySpreadConstraints": [ + { + "maxSkew": 1, + "topologyKey": "kubernetes.io/hostname", + "whenUnsatisfiable": "ScheduleAnyway", + "labelSelector": { + "matchLabels": { + "app": "nginx" + } + } + } + ] } }, "strategy": {}, @@ -630,7 +638,7 @@ }, "minReplicas": 2, "maxReplicas": 100, - "targetCPUUtilizationPercentage": 90 + "targetCPUUtilizationPercentage": 80 }, "status": { "currentReplicas": 0, diff --git a/pkg/manifests/fixtures/nginx/no-ownership.json b/pkg/manifests/fixtures/nginx/no-ownership.json index 2751f177..95f744c3 100644 --- a/pkg/manifests/fixtures/nginx/no-ownership.json +++ b/pkg/manifests/fixtures/nginx/no-ownership.json @@ -490,10 +490,6 @@ } ], "resources": { - "limits": { - "cpu": "1500m", - "memory": "512Mi" - }, "requests": { "cpu": "500m", "memory": "127Mi" @@ -569,7 +565,19 @@ "operator": "Exists" } ], - "priorityClassName": "system-node-critical" + "priorityClassName": "system-node-critical", + "topologySpreadConstraints": [ + { + "maxSkew": 1, + "topologyKey": "kubernetes.io/hostname", + "whenUnsatisfiable": "ScheduleAnyway", + "labelSelector": { + "matchLabels": { + "app": "nginx" + } + } + } + ] } }, "strategy": {}, @@ -644,7 +652,7 @@ }, "minReplicas": 2, "maxReplicas": 100, - "targetCPUUtilizationPercentage": 90 + "targetCPUUtilizationPercentage": 80 }, "status": { "currentReplicas": 0, diff --git a/pkg/manifests/fixtures/nginx/optional-features-disabled.json b/pkg/manifests/fixtures/nginx/optional-features-disabled.json index 7c05a3a1..7305d3d3 100644 --- a/pkg/manifests/fixtures/nginx/optional-features-disabled.json +++ b/pkg/manifests/fixtures/nginx/optional-features-disabled.json @@ -489,10 +489,6 @@ } ], "resources": { - "limits": { - "cpu": "1500m", - "memory": "512Mi" - }, "requests": { "cpu": "500m", "memory": "127Mi" @@ -568,7 +564,19 @@ "operator": "Exists" } ], - "priorityClassName": "system-node-critical" + "priorityClassName": "system-node-critical", + "topologySpreadConstraints": [ + { + "maxSkew": 1, + "topologyKey": "kubernetes.io/hostname", + "whenUnsatisfiable": "ScheduleAnyway", + "labelSelector": { + "matchLabels": { + "app": "nginx" + } + } + } + ] } }, "strategy": {}, @@ -643,7 +651,7 @@ }, "minReplicas": 2, "maxReplicas": 100, - "targetCPUUtilizationPercentage": 90 + "targetCPUUtilizationPercentage": 80 }, "status": { "currentReplicas": 0, diff --git a/pkg/manifests/nginx.go b/pkg/manifests/nginx.go index 02463cba..2b0612fb 100644 --- a/pkg/manifests/nginx.go +++ b/pkg/manifests/nginx.go @@ -393,6 +393,8 @@ func newNginxIngressControllerDeployment(conf *config.Config, ingressConfig *Ngi podAnnotations[k] = v } + selector := &metav1.LabelSelector{MatchLabels: ingressConfig.PodLabels()} + return &appsv1.Deployment{ TypeMeta: metav1.TypeMeta{ Kind: "Deployment", @@ -405,13 +407,21 @@ func newNginxIngressControllerDeployment(conf *config.Config, ingressConfig *Ngi }, Spec: appsv1.DeploymentSpec{ RevisionHistoryLimit: util.Int32Ptr(2), - Selector: &metav1.LabelSelector{MatchLabels: ingressConfig.PodLabels()}, + Selector: selector, Template: corev1.PodTemplateSpec{ ObjectMeta: metav1.ObjectMeta{ Labels: ingressControllerPodLabels, Annotations: podAnnotations, }, Spec: *WithPreferSystemNodes(&corev1.PodSpec{ + TopologySpreadConstraints: []corev1.TopologySpreadConstraint{ + { + MaxSkew: 1, + TopologyKey: "kubernetes.io/hostname", // spread across nodes + WhenUnsatisfiable: corev1.ScheduleAnyway, + LabelSelector: selector, + }, + }, ServiceAccountName: ingressConfig.ResourceName, Containers: []corev1.Container{*withPodRefEnvVars(withTypicalReadinessProbe(10254, &corev1.Container{ Name: "controller", @@ -446,10 +456,6 @@ func newNginxIngressControllerDeployment(conf *config.Config, ingressConfig *Ngi corev1.ResourceCPU: resource.MustParse("500m"), corev1.ResourceMemory: resource.MustParse("127Mi"), }, - Limits: corev1.ResourceList{ - corev1.ResourceCPU: resource.MustParse("1500m"), - corev1.ResourceMemory: resource.MustParse("512Mi"), - }, }, }))}, }), @@ -517,7 +523,7 @@ func newNginxIngressControllerHPA(conf *config.Config, ingressConfig *NginxIngre }, MinReplicas: util.Int32Ptr(2), MaxReplicas: 100, - TargetCPUUtilizationPercentage: util.Int32Ptr(90), + TargetCPUUtilizationPercentage: util.Int32Ptr(80), }, } }