Add resources requests/limits to oauth_proxy

[kacper-jackiewicz]

From what I am seeing there is no possibility to add Oauth proxy resources limits/requests in Jaeger CR.

In our cluster default limits/requests are set up to values which disable possibility of deployment. That enforces users to explicitly state required resources. In that case we will not be able to deploy Jaeger-Query with proxy through operator.

Could you make that configurable or set default values for resources for proxy container?

[pavolloffay]

The resources can be set on the query service, would be applying query resources to the proxy enough, or would you prefer having separate resources settings for the proxy?

[kacper-jackiewicz]

I would prefer separate resources settings just to able to explicitly state the resource quotas on oauth proxy. Under the ingress settings perhaps?

[pavolloffay]

IngressSpec already emdeds JaegerCommonSpec wich contains v1.ResourceRequirements.

[kacper-jackiewicz]

I've tried the CR with

  ingress:
    resources:
      requests:
        memory: '256Mi'
        cpu: '200m'
      limits:
        memory: '256Mi'
        cpu: '200m' 

but still proxy container ends up with:

          resources: {}

on query pod.

Shouldn't it be propagated to the Container object in inject/oauth-proxy.go ? Something like this:

return corev1.Container{
	Image: viper.GetString("openshift-oauth-proxy-image"),
	Name:  "oauth-proxy",
	Args:  args,
	VolumeMounts: []corev1.VolumeMount{{
		MountPath: "/etc/tls/private",
		Name:      service.GetTLSSecretNameForQueryService(jaeger),
	}},
	Ports: []corev1.ContainerPort{
		{
			ContainerPort: 8443,
			Name:          "public",
		},
	},
	**Resources: jaeger.Spec.Ingress.Resources,**
}

I am not Go developer so I am not sure if I am not missing something.

[pavolloffay]

I have checked the code, the resources are not being propagated to oauth sidecar. I think we could do that. What @jpkrohling thinks?

[objectiser]

This issue has been fixed by #410