From 60515303d1d25c6eec72e840a4b9ee858e36576a Mon Sep 17 00:00:00 2001 From: Frank Hamand Date: Mon, 30 Oct 2023 15:55:24 +0000 Subject: [PATCH 1/5] Add topology spread constraint snippet to all deployments --- charts/posthog/Chart.yaml | 2 +- .../templates/_snippet-plugins-deployment.tpl | 1 + .../_snippet-topologySpreadConstraints.tpl | 36 +++++++++++++++++++ .../posthog/templates/decide-deployment.yaml | 1 + .../posthog/templates/events-deployment.yaml | 1 + .../templates/pgbouncer-deployment.yaml | 1 + .../templates/pgbouncer-read-deployment.yaml | 1 + .../templates/recordings-deployment.yaml | 1 + .../temporal-py-worker-deployment.yaml | 1 + charts/posthog/templates/web-deployment.yaml | 1 + .../posthog/templates/worker-deployment.yaml | 1 + charts/posthog/values.yaml | 4 +++ 12 files changed, 50 insertions(+), 1 deletion(-) create mode 100644 charts/posthog/templates/_snippet-topologySpreadConstraints.tpl diff --git a/charts/posthog/Chart.yaml b/charts/posthog/Chart.yaml index 373b7effe..7b63cb552 100644 --- a/charts/posthog/Chart.yaml +++ b/charts/posthog/Chart.yaml @@ -11,7 +11,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. -version: 30.32.0 +version: 30.33.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. diff --git a/charts/posthog/templates/_snippet-plugins-deployment.tpl b/charts/posthog/templates/_snippet-plugins-deployment.tpl index 27652612b..27b7864bb 100644 --- a/charts/posthog/templates/_snippet-plugins-deployment.tpl +++ b/charts/posthog/templates/_snippet-plugins-deployment.tpl @@ -44,6 +44,7 @@ spec: {{- end }} spec: serviceAccountName: {{ template "posthog.serviceAccountName" .root }} + {{- include "_snippet-topologySpreadConstraints" . | nindent 6 }} {{- if .params.affinity }} affinity: diff --git a/charts/posthog/templates/_snippet-topologySpreadConstraints.tpl b/charts/posthog/templates/_snippet-topologySpreadConstraints.tpl new file mode 100644 index 000000000..9673358cc --- /dev/null +++ b/charts/posthog/templates/_snippet-topologySpreadConstraints.tpl @@ -0,0 +1,36 @@ +{{/* Common topologySpreadConstraints definition */}} +{{/* + matchLabelsKeys are the set of unique pod labels for which the constraints are applied + any missing labels are ignored. + + pod-template-hash is added automatically by deployments and is unique for each rollout. + Including this means we don't get out of sync on rollouts as it ignores the locations + of existing pods that will be terminated after the rollout is finished. + */}} +{{- define "_snippet-selectors" -}} +labelSelector: + matchLabels: {} +matchLabelKeys: +- pod-template-hash +- app +- release +- role +- app.kubernetes.io/name +- app.kubernetes.io/instance +{{- end }} +{{- define "_snippet-topologySpreadConstraints" }} +{{- if .Values.includeDefaultTopologySpreadConstraints }} +topologySpreadConstraints: +- maxSkew: 1 + minDomains: 3 + topologyKey: topology.kubernetes.io/zone + whenUnsatisfiable: DoNotSchedule + nodeTaintsPolicy: Honor + {{- include "_snippet-selectors" . | nindent 2 }} +- maxSkew: 3 + topologyKey: kubernetes.io/hostname + whenUnsatisfiable: ScheduleAnyway + nodeTaintsPolicy: Honor + {{- include "_snippet-selectors" . | nindent 2 }} +{{- end }} +{{- end }} diff --git a/charts/posthog/templates/decide-deployment.yaml b/charts/posthog/templates/decide-deployment.yaml index e7eb7f9f0..09b10b4e3 100644 --- a/charts/posthog/templates/decide-deployment.yaml +++ b/charts/posthog/templates/decide-deployment.yaml @@ -41,6 +41,7 @@ spec: spec: terminationGracePeriodSeconds: {{ include "snippet.web-deployments.terminationGracePeriodSeconds" . }} serviceAccountName: {{ template "posthog.serviceAccountName" . }} + {{- include "_snippet-topologySpreadConstraints" . | nindent 6 }} {{- if .Values.web.affinity }} affinity: diff --git a/charts/posthog/templates/events-deployment.yaml b/charts/posthog/templates/events-deployment.yaml index eba51d62b..697a8fcd4 100644 --- a/charts/posthog/templates/events-deployment.yaml +++ b/charts/posthog/templates/events-deployment.yaml @@ -41,6 +41,7 @@ spec: spec: terminationGracePeriodSeconds: {{ include "snippet.web-deployments.terminationGracePeriodSeconds" . }} serviceAccountName: {{ template "posthog.serviceAccountName" . }} + {{- include "_snippet-topologySpreadConstraints" . | nindent 6 }} {{- if .Values.web.affinity }} affinity: diff --git a/charts/posthog/templates/pgbouncer-deployment.yaml b/charts/posthog/templates/pgbouncer-deployment.yaml index c59abaa14..ce2579dee 100644 --- a/charts/posthog/templates/pgbouncer-deployment.yaml +++ b/charts/posthog/templates/pgbouncer-deployment.yaml @@ -42,6 +42,7 @@ spec: terminationGracePeriodSeconds: 65 serviceAccountName: {{ template "posthog.serviceAccountName" . }} + {{- include "_snippet-topologySpreadConstraints" . | nindent 6 }} {{- if .Values.pgbouncer.affinity }} affinity: {{ toYaml .Values.pgbouncer.affinity | nindent 8 }} diff --git a/charts/posthog/templates/pgbouncer-read-deployment.yaml b/charts/posthog/templates/pgbouncer-read-deployment.yaml index 6260b6887..e27951b7c 100644 --- a/charts/posthog/templates/pgbouncer-read-deployment.yaml +++ b/charts/posthog/templates/pgbouncer-read-deployment.yaml @@ -42,6 +42,7 @@ spec: terminationGracePeriodSeconds: 65 serviceAccountName: {{ template "posthog.serviceAccountName" . }} + {{- include "_snippet-topologySpreadConstraints" . | nindent 6 }} {{- if .Values.pgbouncerRead.affinity }} affinity: {{ toYaml .Values.pgbouncerRead.affinity | nindent 8 }} diff --git a/charts/posthog/templates/recordings-deployment.yaml b/charts/posthog/templates/recordings-deployment.yaml index 375e7b0fa..1f9569671 100644 --- a/charts/posthog/templates/recordings-deployment.yaml +++ b/charts/posthog/templates/recordings-deployment.yaml @@ -41,6 +41,7 @@ spec: spec: terminationGracePeriodSeconds: {{ include "snippet.web-deployments.terminationGracePeriodSeconds" . }} serviceAccountName: {{ template "posthog.serviceAccountName" . }} + {{- include "_snippet-topologySpreadConstraints" . | nindent 6 }} {{- if .Values.web.affinity }} affinity: diff --git a/charts/posthog/templates/temporal-py-worker-deployment.yaml b/charts/posthog/templates/temporal-py-worker-deployment.yaml index c3583575d..30a9253df 100644 --- a/charts/posthog/templates/temporal-py-worker-deployment.yaml +++ b/charts/posthog/templates/temporal-py-worker-deployment.yaml @@ -35,6 +35,7 @@ spec: spec: terminationGracePeriodSeconds: {{ .Values.temporalPyWorker.terminationGracePeriodSeconds }} serviceAccountName: {{ template "posthog.serviceAccountName" . }} + {{- include "_snippet-topologySpreadConstraints" . | nindent 6 }} {{- if .Values.temporalPyWorker.affinity }} affinity: diff --git a/charts/posthog/templates/web-deployment.yaml b/charts/posthog/templates/web-deployment.yaml index ba1306e1d..74939d5dc 100644 --- a/charts/posthog/templates/web-deployment.yaml +++ b/charts/posthog/templates/web-deployment.yaml @@ -41,6 +41,7 @@ spec: spec: terminationGracePeriodSeconds: {{ include "snippet.web-deployments.terminationGracePeriodSeconds" . }} serviceAccountName: {{ template "posthog.serviceAccountName" . }} + {{- include "_snippet-topologySpreadConstraints" . | nindent 6 }} {{- if .Values.web.affinity }} affinity: diff --git a/charts/posthog/templates/worker-deployment.yaml b/charts/posthog/templates/worker-deployment.yaml index a5669ad89..137517184 100644 --- a/charts/posthog/templates/worker-deployment.yaml +++ b/charts/posthog/templates/worker-deployment.yaml @@ -40,6 +40,7 @@ spec: {{- end }} spec: serviceAccountName: {{ template "posthog.serviceAccountName" . }} + {{- include "_snippet-topologySpreadConstraints" . | nindent 6 }} {{- if .Values.worker.affinity }} affinity: diff --git a/charts/posthog/values.yaml b/charts/posthog/values.yaml index 83640446e..0293a1a8a 100644 --- a/charts/posthog/values.yaml +++ b/charts/posthog/values.yaml @@ -3396,3 +3396,7 @@ busybox: # -- Kubernetes cluster domain name clusterDomain: cluster.local + +# Whether to set a topologySpreadConstraint on all deployments +# to balance pods between availability zones and nodes +includeDefaultTopologySpreadConstraints: false From fdda70bf8f2bd82a06382fc1f7b2da3dcf992af0 Mon Sep 17 00:00:00 2001 From: Frank Hamand Date: Mon, 30 Oct 2023 16:03:21 +0000 Subject: [PATCH 2/5] Add test --- .../tests/_topologySpreadConstraints.yaml | 42 +++++++++++++++++++ 1 file changed, 42 insertions(+) create mode 100644 charts/posthog/tests/_topologySpreadConstraints.yaml diff --git a/charts/posthog/tests/_topologySpreadConstraints.yaml b/charts/posthog/tests/_topologySpreadConstraints.yaml new file mode 100644 index 000000000..cdf47a661 --- /dev/null +++ b/charts/posthog/tests/_topologySpreadConstraints.yaml @@ -0,0 +1,42 @@ +suite: _topologySpreadConstraints +templates: + - templates/plugins-deployment.yaml + - templates/web-deployment.yaml + - templates/worker-deployment.yaml + +tests: + - it: spec.template.spec.topologySpreadConstraints should be empty by default + templates: + - templates/plugins-deployment.yaml + - templates/web-deployment.yaml + - templates/worker-deployment.yaml + set: + cloud: local + asserts: + - hasDocuments: + count: 1 + - isEmpty: + path: spec.template.spec.topologySpreadConstraints + - it: spec.template.spec.topologySpreadConstraints should exist if includeDefaultTopologySpreadConstraints is set + templates: + - templates/plugins-deployment.yaml + - templates/web-deployment.yaml + - templates/worker-deployment.yaml + set: + cloud: local + includeDefaultTopologySpreadConstraints: true + asserts: + - hasDocuments: + count: 1 + - contains: + path: spec.template.spec.topologySpreadConstraints[0] + content: + topologyKey: topology.kubernetes.io/zone + maxSkew: 1 + whenUnsatisfiable: DoNotSchedule + - contains: + path: spec.template.spec.topologySpreadConstraints[1] + content: + topologyKey: topology.kubernetes.io/hostname + maxSkew: 3 + whenUnsatisfiable: ScheduleAnyway From 42b6a25375984c4dbaddff43da5b0dc5533d6783 Mon Sep 17 00:00:00 2001 From: Frank Hamand Date: Mon, 30 Oct 2023 16:08:39 +0000 Subject: [PATCH 3/5] default to false --- charts/posthog/templates/_snippet-topologySpreadConstraints.tpl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/posthog/templates/_snippet-topologySpreadConstraints.tpl b/charts/posthog/templates/_snippet-topologySpreadConstraints.tpl index 9673358cc..17a3af033 100644 --- a/charts/posthog/templates/_snippet-topologySpreadConstraints.tpl +++ b/charts/posthog/templates/_snippet-topologySpreadConstraints.tpl @@ -19,7 +19,7 @@ matchLabelKeys: - app.kubernetes.io/instance {{- end }} {{- define "_snippet-topologySpreadConstraints" }} -{{- if .Values.includeDefaultTopologySpreadConstraints }} +{{- if (.Values.includeDefaultTopologySpreadConstraints | default false) }} topologySpreadConstraints: - maxSkew: 1 minDomains: 3 From f37c58d2f240b52f3c0969aa455e648ce399b4d9 Mon Sep 17 00:00:00 2001 From: Frank Hamand Date: Mon, 30 Oct 2023 16:10:37 +0000 Subject: [PATCH 4/5] fix root in snippet --- charts/posthog/templates/_snippet-plugins-deployment.tpl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/posthog/templates/_snippet-plugins-deployment.tpl b/charts/posthog/templates/_snippet-plugins-deployment.tpl index 27b7864bb..d9544da03 100644 --- a/charts/posthog/templates/_snippet-plugins-deployment.tpl +++ b/charts/posthog/templates/_snippet-plugins-deployment.tpl @@ -44,7 +44,7 @@ spec: {{- end }} spec: serviceAccountName: {{ template "posthog.serviceAccountName" .root }} - {{- include "_snippet-topologySpreadConstraints" . | nindent 6 }} + {{- include "_snippet-topologySpreadConstraints" .root | nindent 6 }} {{- if .params.affinity }} affinity: From 7d3515e8e1b785ae259303fc621ba3239f696358 Mon Sep 17 00:00:00 2001 From: Frank Hamand Date: Mon, 30 Oct 2023 16:25:38 +0000 Subject: [PATCH 5/5] Fix missing template --- charts/posthog/tests/_topologySpreadConstraints.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/charts/posthog/tests/_topologySpreadConstraints.yaml b/charts/posthog/tests/_topologySpreadConstraints.yaml index cdf47a661..988ecfb6b 100644 --- a/charts/posthog/tests/_topologySpreadConstraints.yaml +++ b/charts/posthog/tests/_topologySpreadConstraints.yaml @@ -3,7 +3,8 @@ templates: - templates/plugins-deployment.yaml - templates/web-deployment.yaml - templates/worker-deployment.yaml - + # NOTE: we need to include this as it is required by the other templates + - templates/secrets.yaml tests: - it: spec.template.spec.topologySpreadConstraints should be empty by default templates: