From fcef94b93ff1f26397699d57bd26fabc1053a368 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Florian=20F=C3=BCrstenberg?= Date: Mon, 8 Jan 2024 21:10:37 +0100 Subject: [PATCH] fix(helm-charts): streamline new value for activating the priority class for node-critical pods MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Florian Fürstenberg --- deployment/helm/balloons/README.md | 2 +- deployment/helm/balloons/templates/daemonset.yaml | 2 +- deployment/helm/balloons/values.yaml | 9 +++++---- deployment/helm/memory-qos/README.md | 2 +- deployment/helm/memory-qos/templates/daemonset.yaml | 2 +- deployment/helm/memory-qos/values.yaml | 9 +++++---- deployment/helm/memtierd/README.md | 2 +- deployment/helm/memtierd/templates/daemonset.yaml | 2 +- deployment/helm/memtierd/values.yaml | 9 +++++---- deployment/helm/sgx-epc/README.md | 2 +- deployment/helm/sgx-epc/templates/daemonset.yaml | 2 +- deployment/helm/sgx-epc/values.yaml | 9 +++++---- deployment/helm/template/README.md | 2 +- deployment/helm/template/templates/daemonset.yaml | 2 +- deployment/helm/template/values.yaml | 9 +++++---- deployment/helm/topology-aware/README.md | 2 +- deployment/helm/topology-aware/templates/daemonset.yaml | 2 +- deployment/helm/topology-aware/values.yaml | 9 +++++---- 18 files changed, 42 insertions(+), 36 deletions(-) diff --git a/deployment/helm/balloons/README.md b/deployment/helm/balloons/README.md index c3b6dbce0..1de2f92a1 100644 --- a/deployment/helm/balloons/README.md +++ b/deployment/helm/balloons/README.md @@ -98,10 +98,10 @@ customize with their own values, along with the default values. | `hostPort` | 8891 | metrics port to expose on the host | | `config` | see [helm chart values](tree:/deployment/helm/balloons/values.yaml) for the default configuration | plugin configuration data | | `nri.patchRuntimeConfig` | false | enable NRI in containerd or CRI-O | -| `nri.setPodPriorityClassNodeCritical` | false | enable [marking Pod as node critical](https://kubernetes.io/docs/tasks/administer-cluster/guaranteed-scheduling-critical-addon-pods/#marking-pod-as-critical) | | `initImage.name` | [ghcr.io/containers/nri-plugins/config-manager](https://ghcr.io/containers/nri-plugins/config-manager) | init container image name | | `initImage.tag` | unstable | init container image tag | | `initImage.pullPolicy` | Always | init container image pull policy | | `tolerations` | [] | specify taint toleration key, operator and effect | | `affinity` | [] | specify node affinity | | `nodeSelector` | [] | specify node selector labels | +| `podPriorityClassNodeCritical` | false | enable [marking Pod as node critical](https://kubernetes.io/docs/tasks/administer-cluster/guaranteed-scheduling-critical-addon-pods/#marking-pod-as-critical) | diff --git a/deployment/helm/balloons/templates/daemonset.yaml b/deployment/helm/balloons/templates/daemonset.yaml index 21b83d8d2..121d0e1f1 100644 --- a/deployment/helm/balloons/templates/daemonset.yaml +++ b/deployment/helm/balloons/templates/daemonset.yaml @@ -87,7 +87,7 @@ spec: mountPath: /var/run/nri-resource-policy - name: nrisockets mountPath: /var/run/nri - {{- if .Values.nri.setPodPriorityClassNodeCritical }} + {{- if .Values.podPriorityClassNodeCritical }} priorityClassName: system-node-critical {{- end }} volumes: diff --git a/deployment/helm/balloons/values.yaml b/deployment/helm/balloons/values.yaml index 207c7a1f0..7a04a614f 100644 --- a/deployment/helm/balloons/values.yaml +++ b/deployment/helm/balloons/values.yaml @@ -42,10 +42,6 @@ resources: nri: patchRuntimeConfig: false - # NRI plugins should be considered as part of the container runtime. - # Therefore, adding the system-node-critical priority class to the DaemonSet, - # could mitigate potential risk in a running system under load. - setPodPriorityClassNodeCritical: false initContainerImage: name: ghcr.io/containers/nri-plugins/nri-config-manager @@ -82,3 +78,8 @@ nodeSelector: [] # # nodeSelector: # kubernetes.io/disk: "ssd" + +# NRI plugins should be considered as part of the container runtime. +# Therefore, adding the system-node-critical priority class to the DaemonSet, +# could mitigate potential risk in a running system under load. +podPriorityClassNodeCritical: false diff --git a/deployment/helm/memory-qos/README.md b/deployment/helm/memory-qos/README.md index a885b729b..b44b657e2 100644 --- a/deployment/helm/memory-qos/README.md +++ b/deployment/helm/memory-qos/README.md @@ -96,10 +96,10 @@ customize with their own values, along with the default values. | `resources.cpu` | 10m | cpu resources for the Pod | | `resources.memory` | 100Mi | memory qouta for the Pod | | `nri.patchRuntimeConfig` | false | enable NRI in containerd or CRI-O | -| `nri.setPodPriorityClassNodeCritical` | false | enable [marking Pod as node critical](https://kubernetes.io/docs/tasks/administer-cluster/guaranteed-scheduling-critical-addon-pods/#marking-pod-as-critical) | | `initImage.name` | [ghcr.io/containers/nri-plugins/config-manager](https://ghcr.io/containers/nri-plugins/config-manager) | init container image name | | `initImage.tag` | unstable | init container image tag | | `initImage.pullPolicy` | Always | init container image pull policy | | `tolerations` | [] | specify taint toleration key, operator and effect | | `affinity` | [] | specify node affinity | | `nodeSelector` | [] | specify node selector labels | +| `podPriorityClassNodeCritical` | false | enable [marking Pod as node critical](https://kubernetes.io/docs/tasks/administer-cluster/guaranteed-scheduling-critical-addon-pods/#marking-pod-as-critical) | diff --git a/deployment/helm/memory-qos/templates/daemonset.yaml b/deployment/helm/memory-qos/templates/daemonset.yaml index c62c1b28a..689d0e20c 100644 --- a/deployment/helm/memory-qos/templates/daemonset.yaml +++ b/deployment/helm/memory-qos/templates/daemonset.yaml @@ -62,7 +62,7 @@ spec: mountPath: /etc/nri/memory-qos - name: nrisockets mountPath: /var/run/nri - {{- if .Values.nri.setPodPriorityClassNodeCritical }} + {{- if .Values.podPriorityClassNodeCritical }} priorityClassName: system-node-critical {{- end }} volumes: diff --git a/deployment/helm/memory-qos/values.yaml b/deployment/helm/memory-qos/values.yaml index 87249ba39..2f4356cd6 100644 --- a/deployment/helm/memory-qos/values.yaml +++ b/deployment/helm/memory-qos/values.yaml @@ -14,10 +14,6 @@ resources: nri: patchRuntimeConfig: false - # NRI plugins should be considered as part of the container runtime. - # Therefore, adding the system-node-critical priority class to the DaemonSet, - # could mitigate potential risk in a running system under load. - setPodPriorityClassNodeCritical: false initContainerImage: name: ghcr.io/containers/nri-plugins/nri-config-manager @@ -54,3 +50,8 @@ nodeSelector: [] # # nodeSelector: # kubernetes.io/disk: "ssd" + +# NRI plugins should be considered as part of the container runtime. +# Therefore, adding the system-node-critical priority class to the DaemonSet, +# could mitigate potential risk in a running system under load. +podPriorityClassNodeCritical: false diff --git a/deployment/helm/memtierd/README.md b/deployment/helm/memtierd/README.md index af82a1476..ac33b68a6 100644 --- a/deployment/helm/memtierd/README.md +++ b/deployment/helm/memtierd/README.md @@ -96,10 +96,10 @@ customize with their own values, along with the default values. | `resources.memory` | 100Mi | memory qouta for the Pod | | `outputDir` | empty string | host directory for memtierd.output files | | `nri.patchRuntimeConfig` | false | enable NRI in containerd or CRI-O | -| `nri.setPodPriorityClassNodeCritical` | false | enable [marking Pod as node critical](https://kubernetes.io/docs/tasks/administer-cluster/guaranteed-scheduling-critical-addon-pods/#marking-pod-as-critical) | | `initImage.name` | [ghcr.io/containers/nri-plugins/config-manager](https://ghcr.io/containers/nri-plugins/config-manager) | init container image name | | `initImage.tag` | unstable | init container image tag | | `initImage.pullPolicy` | Always | init container image pull policy | | `tolerations` | [] | specify taint toleration key, operator and effect | | `affinity` | [] | specify node affinity | | `nodeSelector` | [] | specify node selector labels | +| `podPriorityClassNodeCritical` | false | enable [marking Pod as node critical](https://kubernetes.io/docs/tasks/administer-cluster/guaranteed-scheduling-critical-addon-pods/#marking-pod-as-critical) | diff --git a/deployment/helm/memtierd/templates/daemonset.yaml b/deployment/helm/memtierd/templates/daemonset.yaml index 232598f39..e01760a08 100644 --- a/deployment/helm/memtierd/templates/daemonset.yaml +++ b/deployment/helm/memtierd/templates/daemonset.yaml @@ -80,7 +80,7 @@ spec: - name: run-dir-vol mountPath: /run-dir {{- end }} - {{- if .Values.nri.setPodPriorityClassNodeCritical }} + {{- if .Values.podPriorityClassNodeCritical }} priorityClassName: system-node-critical {{- end }} volumes: diff --git a/deployment/helm/memtierd/values.yaml b/deployment/helm/memtierd/values.yaml index c0dd9017f..9ea235770 100644 --- a/deployment/helm/memtierd/values.yaml +++ b/deployment/helm/memtierd/values.yaml @@ -16,10 +16,6 @@ outputDir: "" nri: patchRuntimeConfig: false - # NRI plugins should be considered as part of the container runtime. - # Therefore, adding the system-node-critical priority class to the DaemonSet, - # could mitigate potential risk in a running system under load. - setPodPriorityClassNodeCritical: false initContainerImage: name: ghcr.io/containers/nri-plugins/nri-config-manager @@ -56,3 +52,8 @@ nodeSelector: [] # # nodeSelector: # kubernetes.io/disk: "ssd" + +# NRI plugins should be considered as part of the container runtime. +# Therefore, adding the system-node-critical priority class to the DaemonSet, +# could mitigate potential risk in a running system under load. +podPriorityClassNodeCritical: false diff --git a/deployment/helm/sgx-epc/README.md b/deployment/helm/sgx-epc/README.md index 576d4b575..339000c9d 100644 --- a/deployment/helm/sgx-epc/README.md +++ b/deployment/helm/sgx-epc/README.md @@ -96,7 +96,6 @@ customize with their own values, along with the default values. | `resources.cpu` | 25m | cpu resources for the Pod | | `resources.memory` | 100Mi | memory qouta for the Pod | | `nri.patchRuntimeConfig` | false | enable NRI in containerd or CRI-O | -| `nri.setPodPriorityClassNodeCritical` | false | enable [marking Pod as node critical](https://kubernetes.io/docs/tasks/administer-cluster/guaranteed-scheduling-critical-addon-pods/#marking-pod-as-critical) | | `initImage.name` | [ghcr.io/containers/nri-plugins/config-manager](https://ghcr.io/containers/nri-plugins/config-manager) | | init container image name | | `initImage.tag` | unstable | init container image tag | @@ -104,3 +103,4 @@ customize with their own values, along with the default values. | `tolerations` | [] | specify taint toleration key, operator and effect | | `affinity` | [] | specify node affinity | | `nodeSelector` | [] | specify node selector labels | +| `podPriorityClassNodeCritical` | false | enable [marking Pod as node critical](https://kubernetes.io/docs/tasks/administer-cluster/guaranteed-scheduling-critical-addon-pods/#marking-pod-as-critical) | diff --git a/deployment/helm/sgx-epc/templates/daemonset.yaml b/deployment/helm/sgx-epc/templates/daemonset.yaml index 25a5c6d8b..75b75e29b 100644 --- a/deployment/helm/sgx-epc/templates/daemonset.yaml +++ b/deployment/helm/sgx-epc/templates/daemonset.yaml @@ -58,7 +58,7 @@ spec: volumeMounts: - name: nrisockets mountPath: /var/run/nri - {{- if .Values.nri.setPodPriorityClassNodeCritical }} + {{- if .Values.podPriorityClassNodeCritical }} priorityClassName: system-node-critical {{- end }} volumes: diff --git a/deployment/helm/sgx-epc/values.yaml b/deployment/helm/sgx-epc/values.yaml index 5520bcd63..b9d2f5665 100644 --- a/deployment/helm/sgx-epc/values.yaml +++ b/deployment/helm/sgx-epc/values.yaml @@ -14,10 +14,6 @@ resources: nri: patchRuntimeConfig: false - # NRI plugins should be considered as part of the container runtime. - # Therefore, adding the system-node-critical priority class to the DaemonSet, - # could mitigate potential risk in a running system under load. - setPodPriorityClassNodeCritical: false initContainerImage: name: ghcr.io/containers/nri-plugins/nri-config-manager @@ -54,3 +50,8 @@ nodeSelector: [] # # nodeSelector: # kubernetes.io/disk: "ssd" + +# NRI plugins should be considered as part of the container runtime. +# Therefore, adding the system-node-critical priority class to the DaemonSet, +# could mitigate potential risk in a running system under load. +podPriorityClassNodeCritical: false diff --git a/deployment/helm/template/README.md b/deployment/helm/template/README.md index 86ff57019..2a56a6aa9 100644 --- a/deployment/helm/template/README.md +++ b/deployment/helm/template/README.md @@ -98,8 +98,8 @@ customize with their own values, along with the default values. | `hostPort` | 8891 | metrics port to expose on the host | | `config` | see [helm chart values](tree:/deployment/helm/template/values.yaml) for the default configuration | plugin configuration data | | `nri.patchRuntimeConfig` | false | enable NRI in containerd or CRI-O | -| `nri.setPodPriorityClassNodeCritical` | false | enable [marking Pod as node critical](https://kubernetes.io/docs/tasks/administer-cluster/guaranteed-scheduling-critical-addon-pods/#marking-pod-as-critical) | | `initImage.name` | [ghcr.io/containers/nri-plugins/config-manager](https://ghcr.io/containers/nri-plugins/config-manager) | init container image name | | `initImage.tag` | unstable | init container image tag | | `initImage.pullPolicy` | Always | init container image pull policy | | `tolerations` | [] | specify taint toleration key, operator and effect | +| `podPriorityClassNodeCritical` | false | enable [marking Pod as node critical](https://kubernetes.io/docs/tasks/administer-cluster/guaranteed-scheduling-critical-addon-pods/#marking-pod-as-critical) | diff --git a/deployment/helm/template/templates/daemonset.yaml b/deployment/helm/template/templates/daemonset.yaml index 25de1d499..d52b99e12 100644 --- a/deployment/helm/template/templates/daemonset.yaml +++ b/deployment/helm/template/templates/daemonset.yaml @@ -80,7 +80,7 @@ spec: mountPath: /var/run/nri-resource-policy - name: nrisockets mountPath: /var/run/nri - {{- if .Values.nri.setPodPriorityClassNodeCritical }} + {{- if .Values.podPriorityClassNodeCritical }} priorityClassName: system-node-critical {{- end }} volumes: diff --git a/deployment/helm/template/values.yaml b/deployment/helm/template/values.yaml index d3930810e..92027757f 100644 --- a/deployment/helm/template/values.yaml +++ b/deployment/helm/template/values.yaml @@ -30,10 +30,6 @@ resources: nri: patchRuntimeConfig: false - # NRI plugins should be considered as part of the container runtime. - # Therefore, adding the system-node-critical priority class to the DaemonSet, - # could mitigate potential risk in a running system under load. - setPodPriorityClassNodeCritical: false initContainerImage: name: ghcr.io/containers/nri-plugins/nri-config-manager @@ -49,3 +45,8 @@ tolerations: [] # - key: "node-role.kubernetes.io/control-plane" # operator: "Exists" # effect: "NoSchedule" + +# NRI plugins should be considered as part of the container runtime. +# Therefore, adding the system-node-critical priority class to the DaemonSet, +# could mitigate potential risk in a running system under load. +podPriorityClassNodeCritical: false diff --git a/deployment/helm/topology-aware/README.md b/deployment/helm/topology-aware/README.md index 1e3cbe7a9..e2fef4e70 100644 --- a/deployment/helm/topology-aware/README.md +++ b/deployment/helm/topology-aware/README.md @@ -99,10 +99,10 @@ customize with their own values, along with the default values. | `hostPort` | 8891 | metrics port to expose on the host | | `config` | see [helm chart values](tree:/deployment/helm/topology-aware/values.yaml) for the default configuration | plugin configuration data | | `nri.patchRuntimeConfig` | false | enable NRI in containerd or CRI-O | -| `nri.setPodPriorityClassNodeCritical` | false | enable [marking Pod as node critical](https://kubernetes.io/docs/tasks/administer-cluster/guaranteed-scheduling-critical-addon-pods/#marking-pod-as-critical) | | `initImage.name` | [ghcr.io/containers/nri-plugins/config-manager](https://ghcr.io/containers/nri-plugins/config-manager) | init container image name | | `initImage.tag` | unstable | init container image tag | | `initImage.pullPolicy` | Always | init container image pull policy | | `tolerations` | [] | specify taint toleration key, operator and effect | | `affinity` | [] | specify node affinity | | `nodeSelector` | [] | specify node selector labels | +| `podPriorityClassNodeCritical` | false | enable [marking Pod as node critical](https://kubernetes.io/docs/tasks/administer-cluster/guaranteed-scheduling-critical-addon-pods/#marking-pod-as-critical) | diff --git a/deployment/helm/topology-aware/templates/daemonset.yaml b/deployment/helm/topology-aware/templates/daemonset.yaml index 13508853a..4f70ff2a3 100644 --- a/deployment/helm/topology-aware/templates/daemonset.yaml +++ b/deployment/helm/topology-aware/templates/daemonset.yaml @@ -87,7 +87,7 @@ spec: mountPath: /var/run/nri-resource-policy - name: nrisockets mountPath: /var/run/nri - {{- if .Values.nri.setPodPriorityClassNodeCritical }} + {{- if .Values.podPriorityClassNodeCritical }} priorityClassName: system-node-critical {{- end }} volumes: diff --git a/deployment/helm/topology-aware/values.yaml b/deployment/helm/topology-aware/values.yaml index 0f3350096..192ddd30b 100644 --- a/deployment/helm/topology-aware/values.yaml +++ b/deployment/helm/topology-aware/values.yaml @@ -30,10 +30,6 @@ resources: nri: patchRuntimeConfig: false - # NRI plugins should be considered as part of the container runtime. - # Therefore, adding the system-node-critical priority class to the DaemonSet, - # could mitigate potential risk in a running system under load. - setPodPriorityClassNodeCritical: false initContainerImage: name: ghcr.io/containers/nri-plugins/nri-config-manager @@ -70,3 +66,8 @@ nodeSelector: [] # # nodeSelector: # kubernetes.io/disk: "ssd" + +# NRI plugins should be considered as part of the container runtime. +# Therefore, adding the system-node-critical priority class to the DaemonSet, +# could mitigate potential risk in a running system under load. +podPriorityClassNodeCritical: false