diff --git a/_apps/vertical-pod-autoscaler.yaml b/_apps/vertical-pod-autoscaler.yaml deleted file mode 100644 index 96b5cc4..0000000 --- a/_apps/vertical-pod-autoscaler.yaml +++ /dev/null @@ -1,23 +0,0 @@ -apiVersion: argoproj.io/v1alpha1 -kind: Application -metadata: - name: vertical-pod-autoscaler - namespace: argocd - finalizers: - - resources-finalizer.argocd.argoproj.io -spec: - destination: - namespace: kube-system - server: https://kubernetes.default.svc - project: system - source: - path: kube-system/vertical-pod-autoscaler - repoURL: https://git.tbrnt.ch/tobru/gitops-tbrnt.git - targetRevision: HEAD - ignoreDifferences: - - group: apiextensions.k8s.io - kind: CustomResourceDefinition - name: verticalpodautoscalers.autoscaling.k8s.io - jsonPointers: - - /spec/validation/openAPIV3Schema - diff --git a/kube-system/vertical-pod-autoscaler/README.md b/kube-system/vertical-pod-autoscaler/README.md deleted file mode 100644 index effaaad..0000000 --- a/kube-system/vertical-pod-autoscaler/README.md +++ /dev/null @@ -1,9 +0,0 @@ -# VPA - -This one runs in `kube-system` - -## YAMLs - -wget https://raw.githubusercontent.com/kubernetes/autoscaler/master/vertical-pod-autoscaler/deploy/recommender-deployment.yaml -wget https://raw.githubusercontent.com/kubernetes/autoscaler/master/vertical-pod-autoscaler/deploy/vpa-beta2-crd.yaml -wget https://raw.githubusercontent.com/kubernetes/autoscaler/master/vertical-pod-autoscaler/deploy/vpa-rbac.yaml diff --git a/kube-system/vertical-pod-autoscaler/recommender-deployment.yaml b/kube-system/vertical-pod-autoscaler/recommender-deployment.yaml deleted file mode 100644 index 67db9a1..0000000 --- a/kube-system/vertical-pod-autoscaler/recommender-deployment.yaml +++ /dev/null @@ -1,39 +0,0 @@ ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: vpa-recommender - namespace: kube-system ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: vpa-recommender - namespace: kube-system -spec: - replicas: 1 - selector: - matchLabels: - app: vpa-recommender - template: - metadata: - labels: - app: vpa-recommender - spec: - serviceAccountName: vpa-recommender - securityContext: - runAsNonRoot: true - runAsUser: 65534 # nobody - containers: - - name: recommender - image: us.gcr.io/k8s-artifacts-prod/autoscaling/vpa-recommender:0.9.2 - imagePullPolicy: Always - resources: - limits: - cpu: 200m - memory: 1000Mi - requests: - cpu: 50m - memory: 500Mi - ports: - - containerPort: 8080 diff --git a/kube-system/vertical-pod-autoscaler/vpa-rbac.yaml b/kube-system/vertical-pod-autoscaler/vpa-rbac.yaml deleted file mode 100644 index dd54f25..0000000 --- a/kube-system/vertical-pod-autoscaler/vpa-rbac.yaml +++ /dev/null @@ -1,323 +0,0 @@ ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: system:metrics-reader -rules: - - apiGroups: - - "metrics.k8s.io" - resources: - - pods - verbs: - - get - - list ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: system:vpa-actor -rules: - - apiGroups: - - "" - resources: - - pods - - nodes - - limitranges - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - events - verbs: - - get - - list - - watch - - create - - apiGroups: - - "poc.autoscaling.k8s.io" - resources: - - verticalpodautoscalers - verbs: - - get - - list - - watch - - patch - - apiGroups: - - "autoscaling.k8s.io" - resources: - - verticalpodautoscalers - verbs: - - get - - list - - watch - - patch ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: system:vpa-checkpoint-actor -rules: - - apiGroups: - - "poc.autoscaling.k8s.io" - resources: - - verticalpodautoscalercheckpoints - verbs: - - get - - list - - watch - - create - - patch - - delete - - apiGroups: - - "autoscaling.k8s.io" - resources: - - verticalpodautoscalercheckpoints - verbs: - - get - - list - - watch - - create - - patch - - delete - - apiGroups: - - "" - resources: - - namespaces - verbs: - - get - - list ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: system:evictioner -rules: - - apiGroups: - - "apps" - - "extensions" - resources: - - replicasets - verbs: - - get - - apiGroups: - - "" - resources: - - pods/eviction - verbs: - - create ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: system:metrics-reader -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: system:metrics-reader -subjects: - - kind: ServiceAccount - name: vpa-recommender - namespace: kube-system ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: system:vpa-actor -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: system:vpa-actor -subjects: - - kind: ServiceAccount - name: vpa-recommender - namespace: kube-system - - kind: ServiceAccount - name: vpa-updater - namespace: kube-system ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: system:vpa-checkpoint-actor -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: system:vpa-checkpoint-actor -subjects: - - kind: ServiceAccount - name: vpa-recommender - namespace: kube-system ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: system:vpa-target-reader -rules: - - apiGroups: - - '*' - resources: - - '*/scale' - verbs: - - get - - watch - - apiGroups: - - "" - resources: - - replicationcontrollers - verbs: - - get - - list - - watch - - apiGroups: - - apps - resources: - - daemonsets - - deployments - - replicasets - - statefulsets - verbs: - - get - - list - - watch - - apiGroups: - - batch - resources: - - jobs - - cronjobs - verbs: - - get - - list - - watch ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: system:vpa-target-reader-binding -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: system:vpa-target-reader -subjects: - - kind: ServiceAccount - name: vpa-recommender - namespace: kube-system - - kind: ServiceAccount - name: vpa-admission-controller - namespace: kube-system - - kind: ServiceAccount - name: vpa-updater - namespace: kube-system ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: system:vpa-evictionter-binding -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: system:evictioner -subjects: - - kind: ServiceAccount - name: vpa-updater - namespace: kube-system ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: vpa-admission-controller - namespace: kube-system ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: system:vpa-admission-controller -rules: - - apiGroups: - - "" - resources: - - pods - - configmaps - - nodes - - limitranges - verbs: - - get - - list - - watch - - apiGroups: - - "admissionregistration.k8s.io" - resources: - - mutatingwebhookconfigurations - verbs: - - create - - delete - - get - - list - - apiGroups: - - "poc.autoscaling.k8s.io" - resources: - - verticalpodautoscalers - verbs: - - get - - list - - watch - - apiGroups: - - "autoscaling.k8s.io" - resources: - - verticalpodautoscalers - verbs: - - get - - list - - watch - - apiGroups: - - "coordination.k8s.io" - resources: - - leases - verbs: - - create - - update - - get - - list - - watch ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: system:vpa-admission-controller -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: system:vpa-admission-controller -subjects: - - kind: ServiceAccount - name: vpa-admission-controller - namespace: kube-system ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: system:vpa-status-reader -rules: - - apiGroups: - - "coordination.k8s.io" - resources: - - leases - verbs: - - get - - list - - watch ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: system:vpa-status-reader-binding -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: system:vpa-status-reader -subjects: - - kind: ServiceAccount - name: vpa-updater - namespace: kube-system diff --git a/kube-system/vertical-pod-autoscaler/vpa-v1-crd.yaml b/kube-system/vertical-pod-autoscaler/vpa-v1-crd.yaml deleted file mode 100644 index 560b9b0..0000000 --- a/kube-system/vertical-pod-autoscaler/vpa-v1-crd.yaml +++ /dev/null @@ -1,92 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: verticalpodautoscalers.autoscaling.k8s.io - annotations: - "api-approved.kubernetes.io": "https://github.com/kubernetes/kubernetes/pull/63797" -spec: - group: autoscaling.k8s.io - scope: Namespaced - names: - plural: verticalpodautoscalers - singular: verticalpodautoscaler - kind: VerticalPodAutoscaler - shortNames: - - vpa - version: v1beta1 - versions: - - name: v1beta1 - served: false - storage: false - - name: v1beta2 - served: true - storage: true - - name: v1 - served: true - storage: false - validation: - # openAPIV3Schema is the schema for validating custom objects. - openAPIV3Schema: - type: object - properties: - spec: - type: object - required: [] - properties: - targetRef: - type: object - updatePolicy: - type: object - properties: - updateMode: - type: string - resourcePolicy: - type: object - properties: - containerPolicies: - type: array - items: - type: object - properties: - containerName: - type: string - mode: - type: string - enum: ["Auto", "Off"] - minAllowed: - type: object - maxAllowed: - type: object - controlledResources: - type: array - items: - type: string - enum: ["cpu", "memory"] ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: verticalpodautoscalercheckpoints.autoscaling.k8s.io - annotations: - "api-approved.kubernetes.io": "https://github.com/kubernetes/kubernetes/pull/63797" -spec: - group: autoscaling.k8s.io - scope: Namespaced - names: - plural: verticalpodautoscalercheckpoints - singular: verticalpodautoscalercheckpoint - kind: VerticalPodAutoscalerCheckpoint - shortNames: - - vpacheckpoint - version: v1beta1 - versions: - - name: v1beta1 - served: false - storage: false - - name: v1beta2 - served: true - storage: true - - name: v1 - served: true - storage: false