Add values to configure API server ingress annotations and replicas w…

…ith optional autoscaling (#63) * feat: Add values to configure API server rate limits and replicas Signed-off-by: Eamonn Mansour <[email protected]> * refactor: Rename api value to apiServer for clarity Signed-off-by: Eamonn Mansour <[email protected]> * feat: Use ingress-based rate limiting defaulting to 1000 requests per second, set default API server replicas to 2 Signed-off-by: Eamonn Mansour <[email protected]> * feat: Add initial API pod autoscaler and associated values Signed-off-by: Eamonn Mansour <[email protected]> * chore: Disable autoscaling by default Signed-off-by: Eamonn Mansour <[email protected]> * fix: Remove unused environment variables Signed-off-by: Eamonn Mansour <[email protected]> --------- Signed-off-by: Eamonn Mansour <[email protected]>
galasa-dev · Dec 20, 2024 · c93b33c · c93b33c
1 parent 089be26
commit c93b33c
Show file tree

Hide file tree

Showing 5 changed files with 115 additions and 15 deletions.
diff --git a/charts/ecosystem/templates/api-bootstrap-ingress.yaml b/charts/ecosystem/templates/api-bootstrap-ingress.yaml
@@ -12,6 +12,9 @@ metadata:
     {{- with .Values.ingress.annotations }}
       {{- toYaml . | nindent 4 }}
     {{- end }}
+    {{- with .Values.apiServer.ingressAnnotations }}
+      {{- toYaml . | nindent 4 }}
+    {{- end }}
     nginx.ingress.kubernetes.io/rewrite-target: /bootstrap/external
 spec:
   ingressClassName: {{ .Values.ingress.ingressClassName }}

diff --git a/charts/ecosystem/templates/api-ingress.yaml b/charts/ecosystem/templates/api-ingress.yaml
@@ -12,6 +12,9 @@ metadata:
     {{- with .Values.ingress.annotations }}
       {{- toYaml . | nindent 4 }}
     {{- end }}
+    {{- with .Values.apiServer.ingressAnnotations }}
+      {{- toYaml . | nindent 4 }}
+    {{- end }}
     nginx.ingress.kubernetes.io/rewrite-target: /$2
 spec:
   ingressClassName: {{ .Values.ingress.ingressClassName }}

diff --git a/charts/ecosystem/templates/api-pod-autoscaler.yaml b/charts/ecosystem/templates/api-pod-autoscaler.yaml
@@ -0,0 +1,35 @@
+#
+# Copyright contributors to the Galasa project
+#
+# SPDX-License-Identifier: EPL-2.0
+#
+{{- if .Values.apiServer.autoscaling.enabled }}
+apiVersion: autoscaling/v2
+kind: HorizontalPodAutoscaler
+metadata:
+  name: {{ .Release.Name }}-api-hpa
+spec:
+  scaleTargetRef:
+    apiVersion: apps/v1
+    kind: Deployment
+    name: {{ .Release.Name }}-api
+  minReplicas: {{ .Values.apiServer.autoscaling.minReplicas }}
+  maxReplicas: {{ .Values.apiServer.autoscaling.maxReplicas }}
+  metrics:
+    {{- if .Values.apiServer.autoscaling.targetMemoryPercentageUsed }}
+    - type: Resource
+      resource:
+        name: memory
+        target:
+          type: Utilization
+          averageUtilization: {{ .Values.apiServer.autoscaling.targetMemoryPercentageUsed }}
+    {{- end }}
+    {{- if .Values.apiServer.autoscaling.targetCPUPercentageUsed }}
+    - type: Resource
+      resource:
+        name: cpu
+        target:
+          type: Utilization
+          averageUtilization: {{ .Values.apiServer.autoscaling.targetCPUPercentageUsed }}
+    {{- end }}
+{{- end }}
diff --git a/charts/ecosystem/templates/api.yaml b/charts/ecosystem/templates/api.yaml
@@ -11,7 +11,7 @@ metadata:
   labels:
     app: {{ .Release.Name }}-api
 spec:
-  replicas: 1
+  replicas: {{ .Values.apiServer.replicaCount }}
   strategy:
     type: Recreate
   selector:
@@ -118,7 +118,7 @@ spec:
         - name: GALASA_USERNAME_CLAIMS
           value: {{ join "," .Values.dex.usernameClaims | quote }}
         - name: GALASA_ALLOWED_ORIGINS
-          value: {{ join "," .Values.allowedOrigins | quote }}
+          value: {{ join "," .Values.apiServer.allowedOrigins | quote }}
         - name: GALASA_RAS_TOKEN
           valueFrom:
             secretKeyRef:
@@ -155,6 +155,9 @@ spec:
             port: 8080
           initialDelaySeconds: 5
           periodSeconds: 10
+        {{- with .Values.apiServer.resources }}
+        resources: {{- toYaml . | nindent 10 }}
+        {{- end }}
         volumeMounts:
         - name: bootstrap
           mountPath: /bootstrap.properties

diff --git a/charts/ecosystem/values.yaml b/charts/ecosystem/values.yaml
@@ -131,20 +131,76 @@ encryption:
   keysSecretName: ""
 #
 #
-# A list of origins that are allowed to receive responses from the Galasa API server.
-# To limit the origins to a set of domains, you can use a wildcard (*) value.
-#
-# For example, to allow all subdomains of example.com, you can use the following value:
-# allowedOrigins:
-#   - "*.example.com"
-#
-# By default, all origins are allowed.
-#
-allowedOrigins:
-  - "*"
+# Values to configure the API server
 #
+apiServer:
+  #
+  #
+  # The number of API server replicas to deploy. This value is overridden when autoscaling is enabled.
+  #
+  replicaCount: 2
+  #
+  #
+  # The requests and limits to apply to resources, like CPU and memory, that the API server container consumes.
+  # See https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ for details on resource management in Kubernetes Pods.
+  #
+  # For example, to assign 2 CPU cores and 512MB of memory to the API server, with a limit of up to 3 CPU cores and 1024MB of memory:
+  # resources:
+  #   requests:
+  #     cpu: "2"
+  #     memory: "512Mi"
+  #   limits:
+  #     cpu: "3"
+  #     memory: "1024Mi"
+  #
+  resources: {}
+  #
+  #
+  # Values to configure autoscaling for the API server. Important: Resource requests must be defined via the `resources` value in order
+  # for autoscaling to work properly.
+  #
+  autoscaling:
+    #
+    # Enables or disables autoscaling
+    enabled: false
+    #
+    # The minimum number of API server replicas that should be deployed
+    minReplicas: 1
+    #
+    # The maximum number of API server replicas that should be deployed
+    maxReplicas: 10
+    #
+    # The target percentage of CPU utilization to consider when autoscaling.
+    # For example: `targetCPU: "50"` indicates that the autoscaler may increase the number of replicas when CPU utilization
+    # exceeds 50%. Similarly, when CPU utilization drops below 50%, the autoscaler may decrease the number of replicas.
+    targetCPUPercentageUsed: "50"
+    #
+    # The target percentage of memory utilization to consider when autoscaling.
+    # For example: `targetMemory: "50"` indicates that the autoscaler may increase the number of replicas when memory utilization
+    # exceeds 50%. Similarly, when memory utilization drops below 50%, the autoscaler may decrease the number of replicas.
+    targetMemoryPercentageUsed: "50"
+  #
+  #
+  # The Kubernetes annotations to apply to the Galasa API server's ingress resource alongside the global annotations provided via the `ingress.annotations` value.
+  # By default, a rate limit of 1000 requests from a given IP per second is applied to the API server's ingress, using the nginx ingress controller.
+  #
+  ingressAnnotations:
+    nginx.ingress.kubernetes.io/limit-rps: "1000"
+  #
+  #
+  # A list of origins that are allowed to receive responses from the Galasa API server.
+  # To limit the origins to a set of domains, you can use a wildcard (*) value.
+  #
+  # For example, to allow all subdomains of example.com, you can use the following value:
+  # allowedOrigins:
+  #   - "*.example.com"
+  #
+  # By default, all origins are allowed.
+  #
+  allowedOrigins:
+    - "*"
 #
-# Values to enable and configure the use of ingress
+# Values to configure global settings applied to all ingresses
 # Note: The externalHostname value must be a valid DNS name for ingress to be used.
 #
 ingress:
@@ -161,7 +217,7 @@ ingress:
   # Optional - The name of the Secret containing root and intermediate CA certificates in a single .pem file.
   caCertSecretName: ""
 
-  # Annotations to be added to ingresses. For example:
+  # Annotations to be added to all ingresses. For example:
   # annotations:
   #   nginx.ingress.kubernetes.io/proxy-body-size: "0"
   #   nginx.ingress.kubernetes.io/ssl-redirect: "true"