Skip to content

Commit 962ccca

Browse files
openshift-merge-bot[bot]openshift-merge-bot[bot]
authored
Merge pull request #34 from dgrisonnet/graceful-shutdown
OCPBUGS-39133: Add graceful shutdown flags
2 parents 5a66c4e + 07cb1ae commit 962ccca

File tree

2,878 files changed

+192479
-82325
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

2,878 files changed

+192479
-82325
lines changed

.github/workflows/gh-workflow-approve.yaml

+3
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,9 @@ on:
88
branches:
99
- master
1010

11+
permissions:
12+
contents: read
13+
1114
jobs:
1215
approve:
1316
name: Approve ok-to-test

.github/workflows/lint-test-chart.yaml

+11-8
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,9 @@ on:
66
- .github/workflows/lint-test-chart.yaml
77
- "charts/metrics-server/**"
88

9+
permissions:
10+
contents: read
11+
912
jobs:
1013
lint-test:
1114
name: Lint & Test
@@ -16,17 +19,17 @@ jobs:
1619
shell: bash
1720
steps:
1821
- name: Checkout
19-
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 #v4.1.1
22+
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #v4.1.7
2023
with:
2124
fetch-depth: 0
2225

2326
- name: Set-up Python
24-
uses: actions/setup-python@0a5c61591373683505ea898e09a3ea4f39ef2b9c # v5.0.0
27+
uses: actions/setup-python@39cd14951b08e74b54015e9e001cdefcf80e669f # v5.1.1
2528
with:
2629
python-version: "3.x"
2730

2831
- name: Set-up Helm
29-
uses: azure/setup-helm@5119fcb9089d432beecbf79bb2c7915207344b78 # v3.5
32+
uses: azure/setup-helm@fe7b79cd5ee1e45176fcad797de68ecaf3ca4814 # v4.2.0
3033
with:
3134
token: ${{ secrets.GITHUB_TOKEN }}
3235
version: latest
@@ -48,20 +51,20 @@ jobs:
4851
- name: Get chart version
4952
id: chart_version
5053
if: steps.changes.outputs.changed == 'true'
51-
uses: mikefarah/yq@dd648994340a5d03225d97abf19c9bf1086c3f07 # v4.40.5
54+
uses: mikefarah/yq@bbdd97482f2d439126582a59689eb1c855944955 # v4.44.3
5255
with:
5356
cmd: yq eval '.version' './charts/metrics-server/Chart.yaml'
5457

5558
- name: Get changelog entry
5659
if: steps.changes.outputs.changed == 'true'
57-
uses: mindsers/changelog-reader-action@b97ce03a10d9bdbb07beb491c76a5a01d78cd3ef # v2.2.2
60+
uses: mindsers/changelog-reader-action@32aa5b4c155d76c94e4ec883a223c947b2f02656 # v2.2.3
5861
with:
5962
path: charts/metrics-server/CHANGELOG.md
60-
version: ${{ steps.chart_version.outputs.version }}
63+
version: ${{ steps.chart_version.outputs.result }}
6164

6265
- name: Set-up Artifact Hub CLI
6366
if: steps.changes.outputs.changed == 'true'
64-
uses: action-stars/install-tool-from-github-release@b21a01813213cbbf482eeceda07ad03b41b754d1 # v0.2.1
67+
uses: action-stars/install-tool-from-github-release@ece2623611b240002e0dd73a0d685505733122f6 # v0.2.4
6568
with:
6669
github_token: ${{ github.token }}
6770
owner: artifacthub
@@ -80,7 +83,7 @@ jobs:
8083

8184
- name: Create Kind cluster
8285
if: steps.changes.outputs.changed == 'true'
83-
uses: helm/kind-action@dda0770415bac9fc20092cacbc54aa298604d140 # v1.8.0
86+
uses: helm/kind-action@0025e74a8c7512023d06dc019c617aa3cf561fde # v1.10.0
8487
with:
8588
wait: 120s
8689

.github/workflows/release-chart.yaml

+11-6
Original file line numberDiff line numberDiff line change
@@ -7,6 +7,9 @@ on:
77
paths:
88
- charts/metrics-server/Chart.yaml
99

10+
permissions:
11+
contents: read
12+
1013
jobs:
1114
release:
1215
name: Release
@@ -15,9 +18,11 @@ jobs:
1518
defaults:
1619
run:
1720
shell: bash
21+
permissions:
22+
contents: write
1823
steps:
1924
- name: Checkout
20-
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 #v4.1.1
25+
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #v4.1.7
2126
with:
2227
fetch-depth: 0
2328

@@ -28,13 +33,13 @@ jobs:
2833
2934
- name: Get chart version
3035
id: chart_version
31-
uses: mikefarah/yq@dd648994340a5d03225d97abf19c9bf1086c3f07 # v4.40.5
36+
uses: mikefarah/yq@bbdd97482f2d439126582a59689eb1c855944955 # v4.44.3
3237
with:
3338
cmd: yq eval '.version' './charts/metrics-server/Chart.yaml'
3439

3540
- name: Get chart app version
3641
id: chart_app_version
37-
uses: mikefarah/yq@dd648994340a5d03225d97abf19c9bf1086c3f07 # v4.40.5
42+
uses: mikefarah/yq@bbdd97482f2d439126582a59689eb1c855944955 # v4.44.3
3843
with:
3944
cmd: yq eval '.appVersion' './charts/metrics-server/Chart.yaml'
4045

@@ -60,18 +65,18 @@ jobs:
6065
6166
- name: Set-up Helm
6267
if: steps.check_can_release.outputs.continue == 'true'
63-
uses: azure/setup-helm@5119fcb9089d432beecbf79bb2c7915207344b78 # v3.5
68+
uses: azure/setup-helm@fe7b79cd5ee1e45176fcad797de68ecaf3ca4814 # v4.2.0
6469
with:
6570
token: ${{ secrets.GITHUB_TOKEN }}
6671
version: latest
6772

6873
- name: Get CHANGELOG entry
6974
id: changelog_reader
7075
if: steps.check_can_release.outputs.continue == 'true'
71-
uses: mindsers/changelog-reader-action@b97ce03a10d9bdbb07beb491c76a5a01d78cd3ef # v2.2.2
76+
uses: mindsers/changelog-reader-action@32aa5b4c155d76c94e4ec883a223c947b2f02656 # v2.2.3
7277
with:
7378
path: charts/metrics-server/CHANGELOG.md
74-
version: ${{ steps.chart_version.outputs.version }}
79+
version: ${{ steps.chart_version.outputs.result }}
7580

7681
- name: Create release notes
7782
if: steps.check_can_release.outputs.continue == 'true'

.github/workflows/release.yaml

+8-3
Original file line numberDiff line numberDiff line change
@@ -5,20 +5,25 @@ on:
55
types:
66
- published
77

8+
permissions:
9+
contents: read
10+
811
jobs:
912
build:
1013
name: build
1114
runs-on: ubuntu-latest
1215
defaults:
1316
run:
1417
shell: bash
18+
permissions:
19+
contents: write
1520
steps:
1621
- name: Checkout
17-
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 #v4.1.1
22+
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #v4.1.7
1823
- name: Build manifests
1924
run: make release-manifests
2025
- name: Release manifests
21-
uses: softprops/action-gh-release@de2c0eb89ae2a093876385947365aca7b0e5f844 # v0.1.15
26+
uses: softprops/action-gh-release@c062e08bd532815e2082a85e87e3ef29c3e6d191 # v0.1.15
2227
with:
2328
files: |
2429
_output/components.yaml
@@ -27,7 +32,7 @@ jobs:
2732
- name: Build binaries
2833
run: make build-all
2934
- name: Release binaries
30-
uses: softprops/action-gh-release@de2c0eb89ae2a093876385947365aca7b0e5f844 # v0.1.15
35+
uses: softprops/action-gh-release@c062e08bd532815e2082a85e87e3ef29c3e6d191 # v0.1.15
3136
with:
3237
files: |
3338
_output/metrics-server-*

Makefile

+12-13
Original file line numberDiff line numberDiff line change
@@ -170,29 +170,28 @@ test-image: container
170170

171171
.PHONY: test-image-all
172172
test-image-all:
173-
@for arch in $(ALL_ARCHITECTURES); do ARCH=$${arch} $(MAKE) test-image; done
173+
@set -e;for arch in $(ALL_ARCHITECTURES); do ARCH=$${arch} $(MAKE) test-image; done
174174

175175
# E2e tests
176176
# -----------
177177

178178
.PHONY: test-e2e
179-
test-e2e: test-e2e-1.29
179+
test-e2e: test-e2e-1.31
180180

181181
.PHONY: test-e2e-all
182-
test-e2e-all: test-e2e-1.29 test-e2e-1.28 test-e2e-1.27
182+
test-e2e-all: test-e2e-1.31 test-e2e-1.30 test-e2e-1.29
183183

184-
.PHONY: test-e2e-1.29
185-
test-e2e-1.29:
186-
NODE_IMAGE=kindest/node:v1.29.0@sha256:eaa1450915475849a73a9227b8f201df25e55e268e5d619312131292e324d570 KIND_CONFIG="${PWD}/test/kind-config-with-sidecar-containers.yaml" ./test/test-e2e.sh
187-
188-
.PHONY: test-e2e-1.28
189-
test-e2e-1.28:
190-
NODE_IMAGE=kindest/node:v1.28.0@sha256:b7a4cad12c197af3ba43202d3efe03246b3f0793f162afb40a33c923952d5b31 KIND_CONFIG="${PWD}/test/kind-config-with-sidecar-containers.yaml" ./test/test-e2e.sh
184+
.PHONY: test-e2e-1.31
185+
test-e2e-1.31:
186+
NODE_IMAGE=kindest/node:v1.31.0@sha256:53df588e04085fd41ae12de0c3fe4c72f7013bba32a20e7325357a1ac94ba865 KIND_CONFIG="${PWD}/test/kind-config-with-sidecar-containers.yaml" ./test/test-e2e.sh
191187

192-
.PHONY: test-e2e-1.27
193-
test-e2e-1.27:
194-
NODE_IMAGE=kindest/node:v1.27.3@sha256:3966ac761ae0136263ffdb6cfd4db23ef8a83cba8a463690e98317add2c9ba72 ./test/test-e2e.sh
188+
.PHONY: test-e2e-1.30
189+
test-e2e-1.30:
190+
NODE_IMAGE=kindest/node:v1.30.4@sha256:976ea815844d5fa93be213437e3ff5754cd599b040946b5cca43ca45c2047114 KIND_CONFIG="${PWD}/test/kind-config-with-sidecar-containers.yaml" ./test/test-e2e.sh
195191

192+
.PHONY: test-e2e-1.29
193+
test-e2e-1.29:
194+
NODE_IMAGE=kindest/node:v1.29.8@sha256:d46b7aa29567e93b27f7531d258c372e829d7224b25e3fc6ffdefed12476d3aa KIND_CONFIG="${PWD}/test/kind-config-with-sidecar-containers.yaml" ./test/test-e2e.sh
196195

197196
.PHONY: test-e2e-ha
198197
test-e2e-ha:

README.md

+5-3
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,8 @@ Metrics Server collects resource metrics from Kubelets and exposes them in Kuber
77
for use by [Horizontal Pod Autoscaler] and [Vertical Pod Autoscaler]. Metrics API can also be accessed by `kubectl top`,
88
making it easier to debug autoscaling pipelines.
99

10-
Metrics Server is not meant for non-autoscaling purposes. For example, don't use it to forward metrics to monitoring solutions, or as a source of monitoring solution metrics. In such cases please collect metrics from Kubelet `/metrics/resource` endpoint directly.
10+
> [!CAUTION]
11+
> Metrics Server is meant only for autoscaling purposes. For example, don't use it to forward metrics to monitoring solutions, or as a source of monitoring solution metrics. In such cases please collect metrics from Kubelet `/metrics/resource` endpoint directly.
1112
1213
Metrics Server offers:
1314

@@ -33,7 +34,7 @@ Don't use Metrics Server when you need:
3334
- An accurate source of resource usage metrics
3435
- Horizontal autoscaling based on other resources than CPU/Memory
3536

36-
For unsupported use cases, check out full monitoring solutions like Prometheus.
37+
For unsupported use cases, check out full monitoring solutions like [Prometheus](https://github.com/prometheus/prometheus).
3738

3839
[Horizontal Autoscaling]: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/
3940
[Vertical Autoscaling]: https://github.com/kubernetes/autoscaler/tree/master/vertical-pod-autoscaler/
@@ -93,7 +94,8 @@ On Kubernetes v1.19-1.21:
9394
kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/high-availability.yaml
9495
```
9596

96-
Note that this configuration **requires** having a cluster with at least 2 nodes on which Metrics Server can be scheduled.
97+
>[!NOTE]
98+
> This configuration **requires** having a cluster with at least 2 nodes on which Metrics Server can be scheduled.
9799
98100
Also, to maximize the efficiency of this highly available configuration, it is **recommended** to add the `--enable-aggregator-routing=true` CLI flag to the kube-apiserver so that requests sent to Metrics Server are load balanced between the 2 instances.
99101

charts/metrics-server/CHANGELOG.md

+9
Original file line numberDiff line numberDiff line change
@@ -14,11 +14,20 @@
1414

1515
## [UNRELEASED]
1616

17+
### Fixed
18+
19+
- Fixed nanny's RoleBinding which contained a hard-coded namespace instead of the Helm's release namespace. ([#1479](https://github.com/kubernetes-sigs/metrics-server/pull/1479)) _@
20+
the-technat_
21+
22+
- ### Changed
23+
- Updated the _addonResizer_ OCI image to [1.8.21](https://github.com/kubernetes/autoscaler/releases/tag/addon-resizer-1.8.21). _@jimmy-ungerman_
24+
1725
## [3.12.1] - TBC
1826

1927
### Changed
2028

2129
- Updated the _Metrics Server_ OCI image to [v0.7.1](https://github.com/kubernetes-sigs/metrics-server/releases/tag/v0.7.1). ([#1461](https://github.com/kubernetes-sigs/metrics-server/pull/1461)) _@stevehipwell_
30+
- Changed `Deployment` templating to ignore `schedulerName` when value is empty. ([#1475](https://github.com/kubernetes-sigs/metrics-server/pull/1475)) _@senges_
2231

2332
## [3.12.0] - 2024-02-07
2433

charts/metrics-server/README.md

+2-2
Original file line numberDiff line numberDiff line change
@@ -33,7 +33,7 @@ The following table lists the configurable parameters of the _Metrics Server_ ch
3333
| `serviceAccount.name` | Service account to be used. If not set and `serviceAccount.create` is `true`, a name is generated using the full name template. | `nil` |
3434
| `serviceAccount.secrets` | The list of secrets mountable by this service account. See <https://kubernetes.io/docs/reference/labels-annotations-taints/#enforce-mountable-secrets> | `[]` |
3535
| `rbac.create` | If `true`, create the RBAC resources. | `true` |
36-
| `rbac.pspEnabled` | If `true`, create a pod security policy resource. | `false` |
36+
| `rbac.pspEnabled` | If `true`, create a pod security policy resource, unless Kubernetes version is 1.25 or later. | `false` |
3737
| `apiService.create` | If `true`, create the `v1beta1.metrics.k8s.io` API service. You typically want this enabled! If you disable API service creation you have to manage it outside of this chart for e.g horizontal pod autoscaling to work with this release. | `true` |
3838
| `apiService.annotations` | Annotations to add to the API service | `{}` |
3939
| `apiService.insecureSkipTLSVerify` | Specifies whether to skip TLS verification (NOTE: this setting is not a proxy for the `--kubelet-insecure-tls` metrics-server flag) | `true` |
@@ -63,7 +63,7 @@ The following table lists the configurable parameters of the _Metrics Server_ ch
6363
| `addonResizer.enabled` | If `true`, run the addon-resizer as a sidecar to automatically scale resource requests with cluster size. | `false` |
6464
| `addonResizer.securityContext` | Security context for the _metrics_server_container. | _See values.yaml |
6565
| `addonResizer.image.repository` | addon-resizer image repository | `registry.k8s.io/autoscaling/addon-resizer` |
66-
| `addonResizer.image.tag` | addon-resizer image tag | `1.8.19` |
66+
| `addonResizer.image.tag` | addon-resizer image tag | `1.8.21` |
6767
| `addonResizer.resources` | Resource requests and limits for the _nanny_ container. | `{ requests: { cpu: 40m, memory: 25Mi }, limits: { cpu: 40m, memory: 25Mi } }` |
6868
| `addonResizer.nanny.cpu` | The base CPU requirement. | `0m` |
6969
| `addonResizer.nanny.extraCPU` | The amount of CPU to add per node. | `1m` |

charts/metrics-server/templates/deployment.yaml

+3-1
Original file line numberDiff line numberDiff line change
@@ -33,7 +33,9 @@ spec:
3333
{{- toYaml . | nindent 8 }}
3434
{{- end }}
3535
spec:
36-
schedulerName: {{ .Values.schedulerName }}
36+
{{- with .Values.schedulerName }}
37+
schedulerName: {{ . }}
38+
{{- end }}
3739
{{- with .Values.imagePullSecrets }}
3840
imagePullSecrets:
3941
{{- toYaml . | nindent 8 }}

charts/metrics-server/templates/psp.yaml

+1-1
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
{{- if .Values.rbac.pspEnabled }}
1+
{{- if and (.Values.rbac.pspEnabled) (semverCompare "<1.25-0" .Capabilities.KubeVersion.GitVersion) }}
22
apiVersion: policy/v1beta1
33
kind: PodSecurityPolicy
44
metadata:

charts/metrics-server/templates/rolebinding-nanny.yaml

+1-1
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,7 @@ apiVersion: rbac.authorization.k8s.io/v1
44
kind: RoleBinding
55
metadata:
66
name: {{ printf "%s-nanny" (include "metrics-server.fullname" .) }}
7-
namespace: kube-system
7+
namespace: {{ .Release.Namespace }}
88
labels:
99
{{- include "metrics-server.labels" . | nindent 4 }}
1010
roleRef:

charts/metrics-server/values.yaml

+2-1
Original file line numberDiff line numberDiff line change
@@ -29,6 +29,7 @@ serviceAccount:
2929
rbac:
3030
# Specifies whether RBAC resources should be created
3131
create: true
32+
# Note: PodSecurityPolicy will not be created when Kubernetes version is 1.25 or later.
3233
pspEnabled: false
3334

3435
apiService:
@@ -129,7 +130,7 @@ addonResizer:
129130
enabled: false
130131
image:
131132
repository: registry.k8s.io/autoscaling/addon-resizer
132-
tag: 1.8.20
133+
tag: 1.8.21
133134
securityContext:
134135
allowPrivilegeEscalation: false
135136
readOnlyRootFilesystem: true

0 commit comments

Comments
 (0)