diff --git a/.gitignore b/.gitignore index 1b9f0ec0..180486c4 100644 --- a/.gitignore +++ b/.gitignore @@ -2,3 +2,5 @@ *~ /vendor /adapter +deploy/addepar/certs/test +.idea diff --git a/deploy/Makefile b/deploy/Makefile new file mode 100644 index 00000000..e1573d12 --- /dev/null +++ b/deploy/Makefile @@ -0,0 +1,16 @@ +# Run in custom metrics namespace +deploy-adapter-local: + kubectl apply -f manifests/ + +# Run in custom metrics namespace +delete-adapter-local: + kubectl delete -f manifests/ + +namespace: + kubectl create namespace custom-metrics + +raw: + kubectl get --raw /apis/custom.metrics.k8s.io/v1beta1 + +shell: + kubectl run -it --rm --restart=Never alpine --image=alpine sh --limits="cpu=500m,memory=512Mi" diff --git a/deploy/addepar/certs/Makefile b/deploy/addepar/certs/Makefile new file mode 100644 index 00000000..cb693372 --- /dev/null +++ b/deploy/addepar/certs/Makefile @@ -0,0 +1,16 @@ +.PHONY: build clean deploy + +all: clean build deploy + +build: + $(shell cd test && ../gencerts.sh) + +clean: + rm -rf test + mkdir test + +deploy: + kubectl -n custom-metrics create -f test/cm-adapter-serving-certs.yaml + +delete: + kubectl -n custom-metrics delete -f test/cm-adapter-serving-certs.yaml diff --git a/deploy/addepar/certs/gencerts.sh b/deploy/addepar/certs/gencerts.sh new file mode 100755 index 00000000..17abb6b9 --- /dev/null +++ b/deploy/addepar/certs/gencerts.sh @@ -0,0 +1,37 @@ +#!/usr/bin/env bash +# exit immediately when a command fails +set -e +# only exit with zero if all commands of the pipeline exit successfully +set -o pipefail +# error on unset variables +set -u + +# Detect if we are on mac or should use GNU base64 options +case $(uname) in + Darwin) + b64_opts='-b=0' + ;; + *) + b64_opts='--wrap=0' +esac + +#go get -v -u github.com/cloudflare/cfssl/cmd/... + +export PURPOSE=metrics +openssl req -x509 -sha256 -new -nodes -days 365 -newkey rsa:2048 -keyout ${PURPOSE}-ca.key -out ${PURPOSE}-ca.crt -subj "/CN=ca" +echo '{"signing":{"default":{"expiry":"43800h","usages":["signing","key encipherment","'${PURPOSE}'"]}}}' > "${PURPOSE}-ca-config.json" + +export SERVICE_NAME=custom-metrics-apiserver +export ALT_NAMES='"custom-metrics-apiserver.monitoring","custom-metrics-apiserver.monitoring.svc"' +echo "{\"CN\":\"${SERVICE_NAME}\", \"hosts\": [${ALT_NAMES}], \"key\": {\"algo\": \"rsa\",\"size\": 2048}}" | \ + cfssl gencert -ca=metrics-ca.crt -ca-key=metrics-ca.key -config=metrics-ca-config.json - | cfssljson -bare apiserver + +cat <<-EOF > cm-adapter-serving-certs.yaml +apiVersion: v1 +kind: Secret +metadata: + name: cm-adapter-serving-certs +data: + serving.crt: $(base64 ${b64_opts} < apiserver.pem) + serving.key: $(base64 ${b64_opts} < apiserver-key.pem) +EOF diff --git a/deploy/addepar/prometheus/Makefile b/deploy/addepar/prometheus/Makefile new file mode 100644 index 00000000..2f772ede --- /dev/null +++ b/deploy/addepar/prometheus/Makefile @@ -0,0 +1,5 @@ +deploy: + kubectl create -n prom -f prometheus.yaml + +namespace: + kubectl create namespace prom diff --git a/deploy/addepar/prometheus/prometheus.yaml b/deploy/addepar/prometheus/prometheus.yaml new file mode 100644 index 00000000..f9df65f1 --- /dev/null +++ b/deploy/addepar/prometheus/prometheus.yaml @@ -0,0 +1,63 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: prometheus +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRole +metadata: + name: prometheus +rules: + - apiGroups: [""] + resources: + - nodes + - services + - endpoints + - pods + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: + - configmaps + verbs: ["get"] + - nonResourceURLs: ["/metrics"] + verbs: ["get"] +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRoleBinding +metadata: + name: prometheus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: prometheus +subjects: + - kind: ServiceAccount + name: prometheus + namespace: prom +--- +apiVersion: monitoring.coreos.com/v1 +kind: Prometheus +metadata: + name: prometheus +spec: + # Match all service monitors in all namespaces + serviceMonitorNamespaceSelector: {} + serviceMonitorSelector: {} + resources: + requests: + memory: 400Mi +--- +apiVersion: v1 +kind: Service +metadata: + name: prometheus +spec: + type: NodePort + ports: + - name: web + nodePort: 30900 + port: 9090 + protocol: TCP + targetPort: web + selector: + prometheus: prometheus diff --git a/deploy/addepar/sample-hpa/Makefile b/deploy/addepar/sample-hpa/Makefile new file mode 100644 index 00000000..995c5070 --- /dev/null +++ b/deploy/addepar/sample-hpa/Makefile @@ -0,0 +1,25 @@ +sample-app: + kubectl create -n default -f sample-app.deploy.yaml + kubectl create -n default -f sample-app.service.yaml + +delete-sample-app: + kubectl delete -n default -f sample-app.deploy.yaml + kubectl delete -n default -f sample-app.service.yaml + +monitor: + kubectl create -n default -f service-monitor.yaml + +hpa: + kubectl delete -f sample-app.hpa.yaml + kubectl create -f sample-app.hpa.yaml + +test: + kubectl get --raw "/apis/custom.metrics.k8s.io/v1beta1/namespaces/default/pods/*/http_requests?selector=app%3Dsample-app" + +get-ip: + kubectl get service sample-app -o jsonpath='{ .spec.clusterIP }' + +busybox: + # run wget -qO- IP_ADDRESS + kubectl run -it --rm --restart=Never busybox --image=gcr.io/google-containers/busybox sh + diff --git a/deploy/addepar/sample-hpa/sample-app.deploy.yaml b/deploy/addepar/sample-hpa/sample-app.deploy.yaml new file mode 100644 index 00000000..3a0ad13e --- /dev/null +++ b/deploy/addepar/sample-hpa/sample-app.deploy.yaml @@ -0,0 +1,22 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: sample-app + labels: + app: sample-app +spec: + replicas: 1 + selector: + matchLabels: + app: sample-app + template: + metadata: + labels: + app: sample-app + spec: + containers: + - image: luxas/autoscale-demo:v0.1.2 + name: metrics-provider + ports: + - name: http + containerPort: 8080 diff --git a/deploy/addepar/sample-hpa/sample-app.hpa.yaml b/deploy/addepar/sample-hpa/sample-app.hpa.yaml new file mode 100644 index 00000000..674ffbde --- /dev/null +++ b/deploy/addepar/sample-hpa/sample-app.hpa.yaml @@ -0,0 +1,24 @@ +kind: HorizontalPodAutoscaler +apiVersion: autoscaling/v2beta1 +metadata: + name: sample-app +spec: + scaleTargetRef: + # point the HPA at the sample application + # you created above + apiVersion: apps/v1 + kind: Deployment + name: sample-app + # autoscale between 1 and 10 replicas + minReplicas: 1 + maxReplicas: 10 + metrics: + # use a "Pods" metric, which takes the average of the + # given metric across all pods controlled by the autoscaling target + - type: Pods + pods: + # use the metric that you used above: pods/http_requests + metricName: http_requests + # target 500 milli-requests per second, + # which is 1 request every two seconds + targetAverageValue: 20m diff --git a/deploy/addepar/sample-hpa/sample-app.service.yaml b/deploy/addepar/sample-hpa/sample-app.service.yaml new file mode 100644 index 00000000..04710a8c --- /dev/null +++ b/deploy/addepar/sample-hpa/sample-app.service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + labels: + app: sample-app + name: sample-app +spec: + ports: + - name: http + port: 80 + protocol: TCP + targetPort: 8080 + selector: + app: sample-app + type: ClusterIP diff --git a/deploy/addepar/sample-hpa/service-monitor.yaml b/deploy/addepar/sample-hpa/service-monitor.yaml new file mode 100644 index 00000000..2b4b4efe --- /dev/null +++ b/deploy/addepar/sample-hpa/service-monitor.yaml @@ -0,0 +1,12 @@ +kind: ServiceMonitor +apiVersion: monitoring.coreos.com/v1 +metadata: + name: sample-app + labels: + app: sample-app +spec: + selector: + matchLabels: + app: sample-app + endpoints: + - port: http diff --git a/deploy/manifests/custom-metrics-apiserver-deployment.yaml b/deploy/manifests/custom-metrics-apiserver-deployment.yaml index 0fc61d79..2227585f 100644 --- a/deploy/manifests/custom-metrics-apiserver-deployment.yaml +++ b/deploy/manifests/custom-metrics-apiserver-deployment.yaml @@ -19,7 +19,8 @@ spec: serviceAccountName: custom-metrics-apiserver containers: - name: custom-metrics-apiserver - image: gcr.io/k8s-staging-prometheus-adapter-amd64 + image: gcr.io/k8s-staging-prometheus-adapter/prometheus-adapter-amd64 + imagePullPolicy: Never args: - --secure-port=6443 - --tls-cert-file=/var/run/serving-cert/serving.crt