diff --git a/Dockerfile b/Dockerfile
index 5d3e571..8174050 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,4 +1,4 @@
-FROM alpine:3.17
+FROM alpine:3.19
RUN apk add yq curl --no-cache
diff --git a/charts/cluster-overprovisioner/Chart.yaml b/charts/cluster-overprovisioner/Chart.yaml
index c22b730..22de66e 100644
--- a/charts/cluster-overprovisioner/Chart.yaml
+++ b/charts/cluster-overprovisioner/Chart.yaml
@@ -2,8 +2,8 @@ apiVersion: v2
name: cluster-overprovisioner
description: Helm chart, that enables scheduled scaling of a target resource, intended to be add overprovisioning to an autoscaling k8s cluster.
type: application
-version: 0.7.0
-appVersion: "1.16.0"
+version: 0.8.0
+appVersion: "1.8.9"
keywords:
- cluster-autoscaler
- overprovisioning
diff --git a/charts/cluster-overprovisioner/README.md b/charts/cluster-overprovisioner/README.md
index 3df1ec1..c7af0ea 100644
--- a/charts/cluster-overprovisioner/README.md
+++ b/charts/cluster-overprovisioner/README.md
@@ -1,4 +1,5 @@
# cluster-overprovisioner
+
Helm chart, that enables scheduled scaling of a target resource, intended to be add overprovisioning to an autoscaling k8s cluster.
## Use the Chart
@@ -15,115 +16,111 @@ helm install my-release codecentric/cluster-overprovisioner
## Configure CPA
The cluster-proportional autoscaler deployed with this chart is configured using configmaps. It comes with a dummy default configuration:
+
```yaml
-ladder:
- {
- "nodesToReplicas":
- [
- [0, 1], # if you have up to 4 nodes, scale resource to 1 replica
- [5, 2], # if you have less than 10 nodes but more than 4, scale resource to 2 replica
- [10, 3] # if more than 11 nodes, scale resource to 3 replica
- ]
- }
+ladder: { "nodesToReplicas": [
+ [0, 1], # if you have up to 4 nodes, scale resource to 1 replica
+ [5, 2], # if you have less than 10 nodes but more than 4, scale resource to 2 replica
+ [10, 3], # if more than 11 nodes, scale resource to 3 replica
+ ] }
```
+
Please adapt this config to your needs.
Please see the [cluster-proportional-autoscaler](https://github.com/kubernetes-sigs/cluster-proportional-autoscaler#control-patterns-and-configmap-formats) docs for more information on the individual modes.
### configure-schedules
+
If you need time-dependent configuration, you can use the `schedules`:
+
```yaml
schedules:
-- name: night
- cronTimeExpression: "0 16 * * 1-5" # disable overprovisioning Monday - Friday from 6pm
- config:
- ladder:
- {
- "nodesToReplicas":
- [
- [0, 0]
- ]
- }
+ - name: night
+ cronTimeExpression: "0 16 * * 1-5" # disable overprovisioning Monday - Friday from 6pm
+ timeZone: America/New_York # specify timeZone for Cronjob (k8s >= 1.27)
+ config:
+ ladder: { "nodesToReplicas": [[0, 0]] }
```
For every schedule a cronjob is created, that replaces the active config with the config from the schedule.
## Values
-| Key | Type | Default | Description |
-|-----|------|---------|-------------|
-| cpa.affinity | object | `{}` | PodAffinity of the cpa Pod |
-| cpa.extraArgs[0] | string | `"--logtostderr=true"`
`"--v=2"` | Additional args for the cpa (refer to [cluster-proportional-autoscaler/README.md](https://github.com/kubernetes-sigs/cluster-proportional-autoscaler#readme) for more information) |
-| cpa.fullnameOverride | string | `""` | |
-| cpa.image.pullPolicy | string | `"IfNotPresent"` | ImagePullPolicy |
-| cpa.image.repository | string | `"freddyfroehlich/cpa-dirty"` | Name of the image to be used for cpa (\/\) |
-| cpa.image.tag | string | `"latest"` | Docker tag |
-| cpa.imagePullSecrets | list | `[]` | PullSecrets, if pulling from a private registry |
-| cpa.nameOverride | string | `""` | |
-| cpa.nodeSelector | object | `{}` | NodeSelector of the cpa Pod |
-| cpa.podAnnotations | object | `{}` | Annotations to add to the cpa Pod |
-| cpa.podSecurityContext.fsGroup | int | `1000` | |
-| cpa.podSecurityContext.runAsGroup | int | `1000` | |
-| cpa.podSecurityContext.runAsUser | int | `1000` | |
-| cpa.rbac.create | bool | `true` | Specifies whether RBAC-Ressources should be created |
-| cpa.rbac.podSecurityPolicy.enabled | bool | `false` | Specifies whether a PSP should be created |
-| cpa.resources.limits.cpu | string | `"100m"` | CPU Limit for cpa-Pod |
-| cpa.resources.limits.memory | string | `"128Mi"` | Memory Limit for cpa-Pod |
-| cpa.securityContext.allowPrivilegeEscalation | bool | `false` | Allow privilege escalation |
-| cpa.securityContext.capabilities.drop[0] | string | `"ALL"` | Capabilities to drop |
-| cpa.securityContext.privileged | bool | `false` | Run pod privileged |
-| cpa.securityContext.readOnlyRootFilesystem | bool | `true` | Mount FS read-only |
-| cpa.securityContext.runAsNonRoot | bool | `true` | Run pod as non-root user |
-| cpa.serviceAccount.create | bool | `true` | Specifies whether a service account should be created |
-| cpa.serviceAccount.annotations | object | `{}` | Annotations to add to the service account |
-| cpa.serviceAccount.automountServiceAccountToken | bool | `true` | Mount ServiceAccount-Token (true, because cpa accesses kube-api) |
-| cpa.serviceAccount.name | string | `""` | Name of the Service Account to use |
-| cpa.target.name | string | `Defaults to the op-deployment, if enabled.` | Name of the scalable-resource, that should be scaled by the cpa. Must be in form of `/` |
-| cpa.target.namespace | string | `Default to the op-namespace, if enabled.` | Namespace of the target resource |
-| cpa.tolerations | list | `[]` | Tolerations of the cpa Pod |
-| op.enabled | bool | `true` | Specifies, whether the default overprovisioning Deployment should be used. |
-| op.affinity | object | `{}` | PodAffinity of the cpa Pod |
-| op.fullnameOverride | string | `""` | |
-| op.image.pullPolicy | string | `"IfNotPresent"` | ImagePullPolicy |
-| op.image.repository | string | `"k8s.gcr.io/pause"` | Image of the overprovisioning deployment |
-| op.image.tag | string | `"3.2"` | Docker tag |
-| op.imagePullSecrets | list | `[]` | PullSecrets, if pulling from a private registry |
-| op.nameOverride | string | `""` | |
-| op.nodeSelector | object | `{}` | NodeSelector of op Pod |
-| op.podAnnotations | object | `{}` | Annotations to add to the op Pod |
-| op.podSecurityContext.fsGroup | int | `1000` | |
-| op.podSecurityContext.runAsGroup | int | `1000` | |
-| op.podSecurityContext.runAsUser | int | `1000` | |
-| op.priorityClasses.default.enabled | bool | `false` | Specifies, whether a default priorityClass should be created |
-| op.priorityClasses.default.name | string | `"default"` | Name of the default priorityClass |
-| op.priorityClasses.default.value | int | `0` | Priority of the default priorityClass |
-| op.priorityClasses.overprovision.name | string | `"overprovision"` | Name of the overprovisioning priorityClass |
-| op.priorityClasses.overprovision.value | int | `-1` | Priority of the default priorityClass (intended to by lower than `op.priorityClasses.default.value`) |
-| op.rbac.podSecurityPolicy.enabled | bool | `false` | Specifies whether a PSP should be created |
-| op.resources | object | `{}` | Resource-information for the op Deployment |
-| op.securityContext.allowPrivilegeEscalation | bool | `false` | Allow privilege escalation |
-| op.securityContext.capabilities.drop[0] | string | `"ALL"` | `"ALL"` | Capabilities to drop |
-| op.securityContext.privileged | bool | `false` | Run pod privileged |
-| op.securityContext.readOnlyRootFilesystem | bool | `true` | Mount FS read-only |
-| op.securityContext.runAsNonRoot | bool | `true` | Run pod as non-root user |
-| op.serviceAccount.create | bool | `true` | Specifies whether a service account should be created |
-| op.serviceAccount.annotations | object | `{}` | Mount ServiceAccount-Token (true, because cpa accesses kube-api)|
-| op.serviceAccount.automountServiceAccountToken | bool | `false` | Annotations to add to the service account |
-| op.serviceAccount.name | string | `""` | Name of the Service Account to use |
-| op.tolerations | list | `[]` | Tolerations of the cpa Pod |
-| op.topologySpreadConstraints | list | `[]` | topologySpreadConstraints of the op Pod |
-| cronJob.failedJobsHistoryLimit | int | `1` | Specifies, how many failed Jobs should be kept |
-| cronJob.image.pullPolicy | string | `"Always"` | ImagePullPolicy |
-| cronJob.image.repository | string | `"ghcr.io/codecentric/cluster-overprovisioner-helper"` | Image used to executed the cronjob |
-| cronJob.image.tag | string | `"latest"` | Docker tag |
-| cronJob.successfulJobsHistoryLimit | int | `1` | Specifies, how many successfull Jobs should be kept |
-| defaultConfig | `{}` | Please refer to [default-config](#default) | Config to be used as the default config (see [cpa-config](#configure-cpa)) |
-| schedules | [] | Please refer to [scheduler-config](#configure-schedules) | Configure a list of schedules, that used be created |
-----------------------------------------------
+| Key | Type | Default | Description |
+| ----------------------------------------------- | ------ | -------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------- |
+| cpa.affinity | object | `{}` | PodAffinity of the cpa Pod |
+| cpa.extraArgs[0] | string | `"--logtostderr=true"`
`"--v=2"` | Additional args for the cpa (refer to [cluster-proportional-autoscaler/README.md](https://github.com/kubernetes-sigs/cluster-proportional-autoscaler#readme) for more information) |
+| cpa.fullnameOverride | string | `""` | |
+| cpa.image.pullPolicy | string | `"IfNotPresent"` | ImagePullPolicy |
+| cpa.image.repository | string | `"freddyfroehlich/cpa-dirty"` | Name of the image to be used for cpa (\/\) |
+| cpa.image.tag | string | `"latest"` | Docker tag |
+| cpa.imagePullSecrets | list | `[]` | PullSecrets, if pulling from a private registry |
+| cpa.nameOverride | string | `""` | |
+| cpa.nodeSelector | object | `{}` | NodeSelector of the cpa Pod |
+| cpa.podAnnotations | object | `{}` | Annotations to add to the cpa Pod |
+| cpa.podSecurityContext.fsGroup | int | `1000` | |
+| cpa.podSecurityContext.runAsGroup | int | `1000` | |
+| cpa.podSecurityContext.runAsUser | int | `1000` | |
+| cpa.rbac.create | bool | `true` | Specifies whether RBAC-Ressources should be created |
+| cpa.rbac.podSecurityPolicy.enabled | bool | `false` | Specifies whether a PSP should be created |
+| cpa.resources.limits.cpu | string | `"100m"` | CPU Limit for cpa-Pod |
+| cpa.resources.limits.memory | string | `"128Mi"` | Memory Limit for cpa-Pod |
+| cpa.securityContext.allowPrivilegeEscalation | bool | `false` | Allow privilege escalation |
+| cpa.securityContext.capabilities.drop[0] | string | `"ALL"` | Capabilities to drop |
+| cpa.securityContext.privileged | bool | `false` | Run pod privileged |
+| cpa.securityContext.readOnlyRootFilesystem | bool | `true` | Mount FS read-only |
+| cpa.securityContext.runAsNonRoot | bool | `true` | Run pod as non-root user |
+| cpa.serviceAccount.create | bool | `true` | Specifies whether a service account should be created |
+| cpa.serviceAccount.annotations | object | `{}` | Annotations to add to the service account |
+| cpa.serviceAccount.automountServiceAccountToken | bool | `true` | Mount ServiceAccount-Token (true, because cpa accesses kube-api) |
+| cpa.serviceAccount.name | string | `""` | Name of the Service Account to use |
+| cpa.target.name | string | `Defaults to the op-deployment, if enabled.` | Name of the scalable-resource, that should be scaled by the cpa. Must be in form of `/` |
+| cpa.target.namespace | string | `Default to the op-namespace, if enabled.` | Namespace of the target resource |
+| cpa.tolerations | list | `[]` | Tolerations of the cpa Pod |
+| op.enabled | bool | `true` | Specifies, whether the default overprovisioning Deployment should be used. |
+| op.affinity | object | `{}` | PodAffinity of the cpa Pod |
+| op.fullnameOverride | string | `""` | |
+| op.image.pullPolicy | string | `"IfNotPresent"` | ImagePullPolicy |
+| op.image.repository | string | `"k8s.gcr.io/pause"` | Image of the overprovisioning deployment |
+| op.image.tag | string | `"3.2"` | Docker tag |
+| op.imagePullSecrets | list | `[]` | PullSecrets, if pulling from a private registry |
+| op.nameOverride | string | `""` | |
+| op.nodeSelector | object | `{}` | NodeSelector of op Pod |
+| op.podAnnotations | object | `{}` | Annotations to add to the op Pod |
+| op.podSecurityContext.fsGroup | int | `1000` | |
+| op.podSecurityContext.runAsGroup | int | `1000` | |
+| op.podSecurityContext.runAsUser | int | `1000` | |
+| op.priorityClasses.default.enabled | bool | `false` | Specifies, whether a default priorityClass should be created |
+| op.priorityClasses.default.name | string | `"default"` | Name of the default priorityClass |
+| op.priorityClasses.default.value | int | `0` | Priority of the default priorityClass |
+| op.priorityClasses.overprovision.name | string | `"overprovision"` | Name of the overprovisioning priorityClass |
+| op.priorityClasses.overprovision.value | int | `-1` | Priority of the default priorityClass (intended to by lower than `op.priorityClasses.default.value`) |
+| op.rbac.podSecurityPolicy.enabled | bool | `false` | Specifies whether a PSP should be created |
+| op.resources | object | `{}` | Resource-information for the op Deployment |
+| op.securityContext.allowPrivilegeEscalation | bool | `false` | Allow privilege escalation |
+| op.securityContext.capabilities.drop[0] | string | `"ALL"` | `"ALL"` | Capabilities to drop |
+| op.securityContext.privileged | bool | `false` | Run pod privileged |
+| op.securityContext.readOnlyRootFilesystem | bool | `true` | Mount FS read-only |
+| op.securityContext.runAsNonRoot | bool | `true` | Run pod as non-root user |
+| op.serviceAccount.create | bool | `true` | Specifies whether a service account should be created |
+| op.serviceAccount.annotations | object | `{}` | Mount ServiceAccount-Token (true, because cpa accesses kube-api) |
+| op.serviceAccount.automountServiceAccountToken | bool | `false` | Annotations to add to the service account |
+| op.serviceAccount.name | string | `""` | Name of the Service Account to use |
+| op.tolerations | list | `[]` | Tolerations of the cpa Pod |
+| op.topologySpreadConstraints | list | `[]` | topologySpreadConstraints of the op Pod |
+| cronJob.failedJobsHistoryLimit | int | `1` | Specifies, how many failed Jobs should be kept |
+| cronJob.image.pullPolicy | string | `"Always"` | ImagePullPolicy |
+| cronJob.image.repository | string | `"ghcr.io/codecentric/cluster-overprovisioner-helper"` | Image used to executed the cronjob |
+| cronJob.image.tag | string | `"latest"` | Docker tag |
+| cronJob.successfulJobsHistoryLimit | int | `1` | Specifies, how many successfull Jobs should be kept |
+| defaultConfig | `{}` | Please refer to [default-config](#default) | Config to be used as the default config (see [cpa-config](#configure-cpa)) |
+| schedules | [] | Please refer to [scheduler-config](#configure-schedules) | Configure a list of schedules, that used be created |
+
+---
## Maintainers
-| Name | Email |
-| ---- | ------ |
-| tielou | thilo@wobker.co |
+| Name | Email |
+| ---------- | ---------------------------------- |
+| tielou | thilo@wobker.co |
| grieshaber | freddy.grieshaber+github@gmail.com |
diff --git a/charts/cluster-overprovisioner/templates/cpa-configmap.yaml b/charts/cluster-overprovisioner/templates/cpa-configmap.yaml
index 8c19cb0..7d74e43 100644
--- a/charts/cluster-overprovisioner/templates/cpa-configmap.yaml
+++ b/charts/cluster-overprovisioner/templates/cpa-configmap.yaml
@@ -14,7 +14,7 @@ data:
{{- end }}
---
{{- $labels := include "cluster-overprovisioner.cpa.labels" . -}}
-{{- $namespace := .Values.Namespace -}}
+{{- $namespace := .Release.Namespace -}}
{{- range $schedule := .Values.schedules }}
{{- if ne (len $schedule.config) 1 }}
{{ fail (printf "%s%s." "You need to specify exactly one config for schedule " $schedule.name) }}
@@ -32,7 +32,7 @@ data:
---
{{- end }}
{{- $labels := include "cluster-overprovisioner.labels" . -}}
-{{- $namespace := .Values.Namespace -}}
+{{- $namespace := .Release.Namespace -}}
{{- range $schedule := .Values.schedules }}
apiVersion: v1
kind: ConfigMap
diff --git a/charts/cluster-overprovisioner/templates/cpa-cronjob.yaml b/charts/cluster-overprovisioner/templates/cpa-cronjob.yaml
index a9597f9..7b3543d 100644
--- a/charts/cluster-overprovisioner/templates/cpa-cronjob.yaml
+++ b/charts/cluster-overprovisioner/templates/cpa-cronjob.yaml
@@ -14,6 +14,9 @@ metadata:
spec:
failedJobsHistoryLimit: {{ $failedJobsHistoryLimit }}
successfulJobsHistoryLimit: {{ $successfulJobsHistoryLimit }}
+ {{- if $schedule.timeZone }}
+ timeZone: {{ $schedule.timeZone | quote }}
+ {{- end }}
schedule: {{ $schedule.cronTimeExpression | quote }}
jobTemplate:
spec:
@@ -44,5 +47,18 @@ spec:
defaultMode: 0777
- name: tmp
emptyDir: {}
+ {{- with $.Values.cpa.nodeSelector }}
+ nodeSelector:
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ {{- with $.Values.cpa.affinity }}
+ affinity:
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ {{- with $.Values.cpa.tolerations }}
+ tolerations:
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+
---
{{- end }}
diff --git a/charts/cluster-overprovisioner/values.yaml b/charts/cluster-overprovisioner/values.yaml
index 2320dcf..07c0f83 100644
--- a/charts/cluster-overprovisioner/values.yaml
+++ b/charts/cluster-overprovisioner/values.yaml
@@ -3,9 +3,9 @@
# Declare variables to be passed into your templates.
cpa:
image:
- repository: k8s.gcr.io/cpa/cluster-proportional-autoscaler
+ repository: registry.k8s.io/cpa/cluster-proportional-autoscaler
pullPolicy: IfNotPresent
- tag: 1.8.5
+ tag: v1.8.9
extraArgs:
- --logtostderr=true
@@ -158,13 +158,14 @@ defaultConfig:
# If you want to use the schedule-feature, specify as many schedules as you want.
# Example of a schedule:
# - name: night
-# cronTimeExpression: "0 16 * * 1-5" # disable overprovisioning Monday - Friday from 6pm
-# config:
-# ladder:
-# {
-# "nodesToReplicas":
-# [
-# [0, 0]
-# ]
-# }
+# cronTimeExpression: "0 16 * * 1-5" # disable overprovisioning Monday - Friday from 6pm
+# timeZone: America/New_York # https://en.wikipedia.org/wiki/List_of_tz_database_time_zones
+# config:
+# ladder:
+# {
+# "nodesToReplicas":
+# [
+# [0, 0]
+# ]
+# }
schedules: []