Skip to content

Commit 215c176

Browse files
k8s-ci-robotk8s-ci-robot
authored
Merge pull request #312 from aramase/set-resource-limits
chore: set resource limits in deploy and charts
2 parents cd8c6a7 + cb0792f commit 215c176

File tree

6 files changed

+144
-2
lines changed

6 files changed

+144
-2
lines changed

manifest_staging/charts/secrets-store-csi-driver/README.md

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -26,6 +26,7 @@ The following table lists the configurable parameters of the csi-secrets-store-p
2626
| `linux.image.repository` | Linux image repository | `us.gcr.io/k8s-artifacts-prod/csi-secrets-store/driver` |
2727
| `linux.image.pullPolicy` | Linux image pull policy | `Always` |
2828
| `linux.image.tag` | Linux image tag | `v0.0.13` |
29+
| `linux.driver.resources` | The resource request/limits for the linux secrets-store container image | `limits: 200m CPU, 200Mi; requests: 50m CPU, 100Mi` |
2930
| `linux.enabled` | Install secrets store csi driver on linux nodes | true |
3031
| `linux.kubeletRootDir` | Configure the kubelet root dir | `/var/lib/kubelet` |
3132
| `linux.nodeSelector` | Node Selector for the daemonset on linux nodes | `{}` |
@@ -34,13 +35,16 @@ The following table lists the configurable parameters of the csi-secrets-store-p
3435
| `linux.registrarImage.repository` | Linux node-driver-registrar image repository | `quay.io/k8scsi/csi-node-driver-registrar` |
3536
| `linux.registrarImage.pullPolicy` | Linux node-driver-registrar image pull policy | `Always` |
3637
| `linux.registrarImage.tag` | Linux node-driver-registrar image tag | `v1.2.0` |
38+
| `linux.registrar.resources` | The resource request/limits for the linux node-driver-registrar container image | `limits: 100m CPU, 100Mi; requests: 10m CPU, 20Mi` |
3739
| `linux.livenessProbeImage.repository` | Linux liveness-probe image repository | `quay.io/k8scsi/livenessprobe` |
3840
| `linux.livenessProbeImage.pullPolicy` | Linux liveness-probe image pull policy | `Always` |
3941
| `linux.livenessProbeImage.tag` | Linux liveness-probe image tag | `v2.0.0` |
42+
| `linux.livenessProbe.resources` | The resource request/limits for the linux liveness-probe container image | `limits: 100m CPU, 100Mi; requests: 10m CPU, 20Mi` |
4043
| `linux.env` | Environment variables to be passed for the daemonset on linux nodes | `[]` |
4144
| `windows.image.repository` | Windows image repository | `us.gcr.io/k8s-artifacts-prod/csi-secrets-store/driver` |
4245
| `windows.image.pullPolicy` | Windows image pull policy | `IfNotPresent` |
4346
| `windows.image.tag` | Windows image tag | `v0.0.13` |
47+
| `windows.driver.resources` | The resource request/limits for the windows secrets-store container image | `limits: 400m CPU, 400Mi; requests: 50m CPU, 100Mi` |
4448
| `windows.enabled` | Install secrets store csi driver on windows nodes | false |
4549
| `windows.kubeletRootDir` | Configure the kubelet root dir | `C:\var\lib\kubelet` |
4650
| `windows.nodeSelector` | Node Selector for the daemonset on windows nodes | `{}` |
@@ -49,13 +53,16 @@ The following table lists the configurable parameters of the csi-secrets-store-p
4953
| `windows.registrarImage.repository` | Windows node-driver-registrar image repository | `mcr.microsoft.com/oss/kubernetes-csi/csi-node-driver-registrar` |
5054
| `windows.registrarImage.pullPolicy` | Windows node-driver-registrar image pull policy | `Always` |
5155
| `windows.registrarImage.tag` | Windows node-driver-registrar image tag | `v1.2.1-alpha.1-windows-1809-amd64` |
56+
| `windows.registrar.resources` | The resource request/limits for the windows node-driver-registrar container image | `limits: 200m CPU, 200Mi; requests: 10m CPU, 20Mi` |
5257
| `windows.livenessProbeImage.repository` | Windows liveness-probe image repository | `mcr.microsoft.com/oss/kubernetes-csi/livenessprobe` |
5358
| `windows.livenessProbeImage.pullPolicy` | Windows liveness-probe image pull policy | `Always` |
5459
| `windows.livenessProbeImage.tag` | Windows liveness-probe image tag | `v2.0.1-alpha.1-windows-1809-amd64` |
60+
| `windows.livenessProbe.resources` | The resource request/limits for the windows liveness-probe container image | `limits: 200m CPU, 200Mi; requests: 10m CPU, 20Mi` |
5561
| `windows.env` | Environment variables to be passed for the daemonset on windows nodes | `[]` |
5662
| `logLevel.debug` | Enable debug logging | true |
5763
| `livenessProbe.port` | Liveness probe port | `9808` |
5864
| `livenessProbe.logLevel` | Liveness probe container logging verbosity level | `2` |
5965
| `rbac.install` | Install default rbac roles and bindings | true |
6066
| `syncSecret.enabled` | Enable rbac roles and bindings required for syncing to Kubernetes native secrets (the default will change to false after v0.0.14) | true |
6167
| `minimumProviderVersions` | A comma delimited list of key-value pairs of minimum provider versions with driver | `""` |
68+
| `grpcSupportedProviders` | A `;` delimited list of providers that support grpc for driver-provider [alpha] | `""` |

manifest_staging/charts/secrets-store-csi-driver/templates/secrets-store-csi-driver-windows.yaml

Lines changed: 15 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -42,6 +42,10 @@ spec:
4242
mountPath: C:\csi
4343
- name: registration-dir
4444
mountPath: C:\registration
45+
{{- with .Values.windows.registrar.resources }}
46+
resources:
47+
{{ toYaml . | indent 12 }}
48+
{{- end }}
4549
- name: secrets-store
4650
image: "{{ .Values.windows.image.repository }}:{{ .Values.windows.image.tag }}"
4751
args:
@@ -52,6 +56,9 @@ spec:
5256
{{- if and (semverCompare ">= v0.0.9-0" .Values.windows.image.tag) .Values.minimumProviderVersions }}
5357
- "--min-provider-version={{ .Values.minimumProviderVersions }}"
5458
{{- end }}
59+
{{- if and (semverCompare ">= v0.0.14-0" .Values.linux.image.tag) .Values.grpcSupportedProviders }}
60+
- "--grpc-supported-providers={{ .Values.grpcSupportedProviders }}"
61+
{{- end }}
5562
- "--metrics-addr={{ .Values.windows.metricsAddr }}"
5663
env:
5764
{{- with .Values.windows.env }}
@@ -89,6 +96,10 @@ spec:
8996
mountPropagation: Bidirectional
9097
- name: providers-dir
9198
mountPath: C:\k\secrets-store-csi-providers
99+
{{- with .Values.windows.driver.resources }}
100+
resources:
101+
{{ toYaml . | indent 12 }}
102+
{{- end }}
92103
{{- if semverCompare ">= v0.0.9-0" .Values.windows.image.tag }}
93104
- name: liveness-probe
94105
image: "{{ .Values.windows.livenessProbeImage.repository }}:{{ .Values.windows.livenessProbeImage.tag }}"
@@ -100,6 +111,10 @@ spec:
100111
volumeMounts:
101112
- name: plugin-dir
102113
mountPath: C:\csi
114+
{{- with .Values.windows.livenessProbe.resources }}
115+
resources:
116+
{{ toYaml . | indent 12 }}
117+
{{- end }}
103118
{{- end }}
104119
volumes:
105120
- name: mountpoint-dir

manifest_staging/charts/secrets-store-csi-driver/templates/secrets-store-csi-driver.yaml

Lines changed: 15 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -44,6 +44,10 @@ spec:
4444
mountPath: /csi
4545
- name: registration-dir
4646
mountPath: /registration
47+
{{- with .Values.linux.registrar.resources }}
48+
resources:
49+
{{ toYaml . | indent 12 }}
50+
{{- end }}
4751
- name: secrets-store
4852
image: "{{ .Values.linux.image.repository }}:{{ .Values.linux.image.tag }}"
4953
args:
@@ -54,6 +58,9 @@ spec:
5458
{{- if and (semverCompare ">= v0.0.8-0" .Values.linux.image.tag) .Values.minimumProviderVersions }}
5559
- "--min-provider-version={{ .Values.minimumProviderVersions }}"
5660
{{- end }}
61+
{{- if and (semverCompare ">= v0.0.14-0" .Values.linux.image.tag) .Values.grpcSupportedProviders }}
62+
- "--grpc-supported-providers={{ .Values.grpcSupportedProviders }}"
63+
{{- end }}
5764
- "--metrics-addr={{ .Values.linux.metricsAddr }}"
5865
env:
5966
{{- with .Values.linux.env }}
@@ -91,6 +98,10 @@ spec:
9198
mountPropagation: Bidirectional
9299
- name: providers-dir
93100
mountPath: /etc/kubernetes/secrets-store-csi-providers
101+
{{- with .Values.linux.driver.resources }}
102+
resources:
103+
{{ toYaml . | indent 12 }}
104+
{{- end }}
94105
{{- if semverCompare ">= v0.0.8-0" .Values.linux.image.tag }}
95106
- name: liveness-probe
96107
image: "{{ .Values.linux.livenessProbeImage.repository }}:{{ .Values.linux.livenessProbeImage.tag }}"
@@ -103,6 +114,10 @@ spec:
103114
volumeMounts:
104115
- name: plugin-dir
105116
mountPath: /csi
117+
{{- with .Values.linux.livenessProbe.resources }}
118+
resources:
119+
{{ toYaml . | indent 12 }}
120+
{{- end }}
106121
{{- end }}
107122
volumes:
108123
- name: mountpoint-dir

manifest_staging/charts/secrets-store-csi-driver/values.yaml

Lines changed: 65 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -4,14 +4,44 @@ linux:
44
repository: us.gcr.io/k8s-artifacts-prod/csi-secrets-store/driver
55
tag: v0.0.13
66
pullPolicy: Always
7+
8+
driver:
9+
resources:
10+
limits:
11+
cpu: 200m
12+
memory: 200Mi
13+
requests:
14+
cpu: 50m
15+
memory: 100Mi
16+
717
registrarImage:
818
repository: quay.io/k8scsi/csi-node-driver-registrar
919
tag: v1.2.0
1020
pullPolicy: Always
21+
22+
registrar:
23+
resources:
24+
limits:
25+
cpu: 100m
26+
memory: 100Mi
27+
requests:
28+
cpu: 10m
29+
memory: 20Mi
30+
1131
livenessProbeImage:
1232
repository: quay.io/k8scsi/livenessprobe
1333
tag: v2.0.0
1434
pullPolicy: Always
35+
36+
livenessProbe:
37+
resources:
38+
limits:
39+
cpu: 100m
40+
memory: 100Mi
41+
requests:
42+
cpu: 10m
43+
memory: 20Mi
44+
1545
kubeletRootDir: /var/lib/kubelet
1646
nodeSelector: {}
1747
tolerations: []
@@ -24,14 +54,44 @@ windows:
2454
repository: us.gcr.io/k8s-artifacts-prod/csi-secrets-store/driver
2555
tag: v0.0.13
2656
pullPolicy: IfNotPresent
57+
58+
driver:
59+
resources:
60+
limits:
61+
cpu: 400m
62+
memory: 400Mi
63+
requests:
64+
cpu: 50m
65+
memory: 100Mi
66+
2767
registrarImage:
2868
repository: mcr.microsoft.com/oss/kubernetes-csi/csi-node-driver-registrar
2969
tag: v1.2.1-alpha.1-windows-1809-amd64
30-
pullPolicy: Always
70+
pullPolicy: IfNotPresent
71+
72+
registrar:
73+
resources:
74+
limits:
75+
cpu: 200m
76+
memory: 200Mi
77+
requests:
78+
cpu: 10m
79+
memory: 20Mi
80+
3181
livenessProbeImage:
3282
repository: mcr.microsoft.com/oss/kubernetes-csi/livenessprobe
3383
tag: v2.0.1-alpha.1-windows-1809-amd64
34-
pullPolicy: Always
84+
pullPolicy: IfNotPresent
85+
86+
livenessProbe:
87+
resources:
88+
limits:
89+
cpu: 200m
90+
memory: 200Mi
91+
requests:
92+
cpu: 10m
93+
memory: 20Mi
94+
3595
kubeletRootDir: C:\var\lib\kubelet
3696
nodeSelector: {}
3797
tolerations: []
@@ -58,3 +118,6 @@ syncSecret:
58118
## A comma delimited list of key-value pairs of minimum provider versions
59119
## e.g. provider1=0.0.2,provider2=0.0.3
60120
minimumProviderVersions:
121+
122+
## ; delimited list of providers that support grpc for driver-provider [alpha]
123+
grpcSupportedProviders:

manifest_staging/deploy/secrets-store-csi-driver-windows.yaml

Lines changed: 21 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -40,6 +40,13 @@ spec:
4040
mountPath: C:\csi
4141
- name: registration-dir
4242
mountPath: C:\registration
43+
resources:
44+
limits:
45+
cpu: 200m
46+
memory: 200Mi
47+
requests:
48+
cpu: 10m
49+
memory: 20Mi
4350
- name: secrets-store
4451
image: us.gcr.io/k8s-artifacts-prod/csi-secrets-store/driver:v0.0.13
4552
args:
@@ -71,6 +78,13 @@ spec:
7178
initialDelaySeconds: 30
7279
timeoutSeconds: 10
7380
periodSeconds: 15
81+
resources:
82+
limits:
83+
cpu: 400m
84+
memory: 400Mi
85+
requests:
86+
cpu: 50m
87+
memory: 100Mi
7488
volumeMounts:
7589
- name: plugin-dir
7690
mountPath: C:\csi
@@ -89,6 +103,13 @@ spec:
89103
volumeMounts:
90104
- name: plugin-dir
91105
mountPath: C:\csi
106+
resources:
107+
limits:
108+
cpu: 200m
109+
memory: 200Mi
110+
requests:
111+
cpu: 10m
112+
memory: 20Mi
92113
volumes:
93114
- name: mountpoint-dir
94115
hostPath:

manifest_staging/deploy/secrets-store-csi-driver.yaml

Lines changed: 21 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -41,6 +41,13 @@ spec:
4141
mountPath: /csi
4242
- name: registration-dir
4343
mountPath: /registration
44+
resources:
45+
limits:
46+
cpu: 100m
47+
memory: 100Mi
48+
requests:
49+
cpu: 10m
50+
memory: 20Mi
4451
- name: secrets-store
4552
image: us.gcr.io/k8s-artifacts-prod/csi-secrets-store/driver:v0.0.13
4653
args:
@@ -80,6 +87,13 @@ spec:
8087
mountPropagation: Bidirectional
8188
- name: providers-dir
8289
mountPath: /etc/kubernetes/secrets-store-csi-providers
90+
resources:
91+
limits:
92+
cpu: 200m
93+
memory: 200Mi
94+
requests:
95+
cpu: 50m
96+
memory: 100Mi
8397
- name: liveness-probe
8498
image: quay.io/k8scsi/livenessprobe:v2.0.0
8599
imagePullPolicy: Always
@@ -91,6 +105,13 @@ spec:
91105
volumeMounts:
92106
- name: plugin-dir
93107
mountPath: /csi
108+
resources:
109+
limits:
110+
cpu: 100m
111+
memory: 100Mi
112+
requests:
113+
cpu: 10m
114+
memory: 20Mi
94115
volumes:
95116
- name: mountpoint-dir
96117
hostPath:

0 commit comments

Comments
 (0)