Skip to content
This repository has been archived by the owner on Feb 22, 2022. It is now read-only.

incubator/kube-downscaler - Expand configuration options for service account #23058

Closed
wants to merge 1 commit into from
Closed

incubator/kube-downscaler - Expand configuration options for service account #23058

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion incubator/kube-downscaler/Chart.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
name: kube-downscaler
apiVersion: v1
version: 0.5.0
version: 0.6.0
appVersion: 20.5.0
description: A Helm chart for kube-downscaler
home: https://github.com/hjacobs/kube-downscaler
Expand Down
49 changes: 26 additions & 23 deletions incubator/kube-downscaler/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -42,29 +42,32 @@ The command removes all the Kubernetes components associated with the chart and

The following tables lists the configurable parameters of the kube-downscaler chart and their default values.

| Parameter | Description | Default |
| ------------------------- | ---------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------- |
| `replicaCount` | Number of replicas to run | `1` |
| `name` | How to name resources created by this chart | `kube-downscaler` |
| `debug.enable` | Do you want to start the downscaler in debug mode | `false` |
| `namespace.active_in` | Which namespace does the downscaler scans for deployment/statefulsets to downscale (`''` equals all) | `''` |
| `interval` | Interval between scans, in seconds | `60` |
| `image.repository` | Downscaler container image repository | `hjacobs/kube-downscaler` |
| `image.tag` | Downscaler container image tag | `20.5.0` |
| `image.pullPolicy` | Downscaler container image pull policy | `IfNotPresent` |
| `nodeSelector` | Node labels for downscaler pod assignment | `{}` |
| `tolerations` | Downscaler pod toleration for taints | `[]` |
| `affinity` | Downscaler pod affinity | `{}` |
| `podAnnotations` | Annotations to be added to downscaler pod | `{}` |
| `podLabels` | Labels to be added to downscaler pod | `{}` |
| `resources` | Downscaler pod resource requests & limits | `{}` |
| `securityContext` | SecurityContext to apply to the downscaler pod | `{}` |
| `rbac.create` | If true, create & use RBAC resources | `true` |
| `rbac.serviceAccountName` | ServiceAccount downscaler will use (ignored if rbac.create=true) | `default` |
| `downscaleResources` | Resources the downscaler is allowed to manage | `[deployments, statefulsets, horizontalpodautoscalers, cronjobs]` |
| `excludedDeployments` | Deployments to exclude from the downscaler | `[]` |
| `excludedNamespaces` | Namespaces to exclude from the downscaler | `[]` |
| `extraArgs` | Add extra args to docker command | `[]` |
| Parameter | Description | Default |
| ---------------------------- | ------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------- |
| `replicaCount` | Number of replicas to run | `1` |
| `name` | How to name resources created by this chart | `kube-downscaler` |
| `debug.enable` | Do you want to start the downscaler in debug mode | `false` |
| `namespace.active_in` | Which namespace does the downscaler scans for deployment/statefulsets to downscale (`''` equals all) | `''` |
| `interval` | Interval between scans, in seconds | `60` |
| `image.repository` | Downscaler container image repository | `hjacobs/kube-downscaler` |
| `image.tag` | Downscaler container image tag | `20.5.0` |
| `image.pullPolicy` | Downscaler container image pull policy | `IfNotPresent` |
| `nodeSelector` | Node labels for downscaler pod assignment | `{}` |
| `tolerations` | Downscaler pod toleration for taints | `[]` |
| `affinity` | Downscaler pod affinity | `{}` |
| `podAnnotations` | Annotations to be added to downscaler pod | `{}` |
| `podLabels` | Labels to be added to downscaler pod | `{}` |
| `resources` | Downscaler pod resource requests & limits | `{}` |
| `securityContext` | SecurityContext to apply to the downscaler pod | `{}` |
| `rbac.create` | If true, create & use RBAC resources | `true` |
| `serviceAccount.create` | If true, create & use a ServiceAccount | `true` |
| `serviceAccount.name` | Custom ServiceAccount name | `""` |
| `serviceAccount.annotations` | Custom annotations for the ServiceAccount. Ignored if serviceAccount.create is false. | `{}` |
| `imagePullSecretsNames` | List of names for imagePullSecrets to use. | `[]` |
| `downscaleResources` | Resources the downscaler is allowed to manage | `[deployments, statefulsets, horizontalpodautoscalers, cronjobs]` |
| `excludedDeployments` | Deployments to exclude from the downscaler | `[]` |
| `excludedNamespaces` | Namespaces to exclude from the downscaler | `[]` |
| `extraArgs` | Add extra args to docker command | `[]` |

> **Tip**: You can use the default [values.yaml](values.yaml)

Expand Down
11 changes: 11 additions & 0 deletions incubator/kube-downscaler/templates/_helpers.tpl
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,3 +29,14 @@ Create chart name and version as used by the chart label.
{{- define "kube-downscaler.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
{{- end -}}

{{/*
Create the name of the service account to use
*/}}
{{- define "kube-downscaler.serviceAccountName" -}}
{{- if .Values.serviceAccount.create -}}
{{ default (include "kube-downscaler.fullname" .) .Values.serviceAccount.name }}
{{- else -}}
{{ default "default" .Values.serviceAccount.name }}
{{- end -}}
{{- end -}}
2 changes: 1 addition & 1 deletion incubator/kube-downscaler/templates/clusterrolebinding.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,6 @@ roleRef:
name: "{{ template "kube-downscaler.fullname" . }}"
subjects:
- kind: ServiceAccount
name: "{{ template "kube-downscaler.fullname" . }}"
name: {{ include "kube-downscaler.serviceAccountName" . }}
namespace: {{ .Release.Namespace }}
{{- end -}}
8 changes: 7 additions & 1 deletion incubator/kube-downscaler/templates/deployment.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,12 @@ spec:
{{- end }}
resources:
{{ toYaml .Values.resources | indent 12 }}
{{- with .Values.imagePullSecretsNames }}
imagePullSecrets:
{{- range $secretName := . }}
- name: {{ $secretName }}
{{- end }}
{{- end }}
{{- with .Values.securityContext }}
securityContext:
{{ toYaml . | indent 8 }}
Expand All @@ -68,4 +74,4 @@ spec:
tolerations:
{{ toYaml . | indent 8 }}
{{- end }}
serviceAccountName: {{ if .Values.rbac.create }}{{ template "kube-downscaler.fullname" . }}{{ else }}"{{ .Values.rbac.serviceAccountName }}"{{ end }}
serviceAccountName: {{ include "kube-downscaler.serviceAccountName" . }}
9 changes: 7 additions & 2 deletions incubator/kube-downscaler/templates/serviceaccount.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,11 +1,16 @@
{{ if .Values.rbac.create -}}
{{ if .Values.serviceAccount.create -}}
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ include "kube-downscaler.fullname" . }}
name: {{ include "kube-downscaler.serviceAccountName" . }}
namespace: {{ .Release.Namespace }}
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this line needed? 🤔 I would think it creates resources in the release namespace by default.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That's an ongoing discussion for about a year or so: helm/helm#5465
While in general helm is supposed to place items into the correct namespace, there are use-cases depending on namespace field to be present. I err on the side of caution here.

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🤷 fine; probably should be added to other resources for consistency, but I won't hold the PR based on this!

labels:
app.kubernetes.io/name: {{ include "kube-downscaler.name" . }}
helm.sh/chart: {{ include "kube-downscaler.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- with .Values.serviceAccount.annotations }}
annotations:
{{ toYaml . | indent 4 }}
{{- end}}
{{- end -}}
13 changes: 11 additions & 2 deletions incubator/kube-downscaler/values.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,14 +31,23 @@ interval: 60
rbac:
# If true, create & use RBAC resources
create: true
# Ignored if rbac.create is true
serviceAccountName: default

serviceAccount:
# If true, create & use a ServiceAccount
create: true
# If not set and create is true, a name is generated using the fullname template
name: ""
# Custom annotations for the ServiceAccount. Ignored if serviceAccount.create is false.
annotations: {}

image:
repository: hjacobs/kube-downscaler
tag: 20.5.0
pullPolicy: IfNotPresent

# Names of imagePullSecrets to use.
imagePullSecretsNames: []

resources:
limits: {}
requests: {}
Expand Down