{{ with .ClusterAutoscaler }} # Sourced from https://github.com/kubernetes/autoscaler/ --- # Source: cluster-autoscaler/templates/pdb.yaml {{ if IsKubernetesGTE "1.23" }} apiVersion: policy/v1 {{ else }} apiVersion: policy/v1beta1 {{ end }} kind: PodDisruptionBudget metadata: labels: app.kubernetes.io/name: "cluster-autoscaler" k8s-addon: cluster-autoscaler.addons.k8s.io k8s-app: cluster-autoscaler name: cluster-autoscaler namespace: kube-system spec: selector: matchLabels: k8s-app: cluster-autoscaler maxUnavailable: 1 --- # Source: cluster-autoscaler/templates/serviceaccount.yaml apiVersion: v1 kind: ServiceAccount metadata: labels: app.kubernetes.io/name: "cluster-autoscaler" k8s-addon: cluster-autoscaler.addons.k8s.io k8s-app: cluster-autoscaler name: cluster-autoscaler namespace: kube-system automountServiceAccountToken: true --- # Source: cluster-autoscaler/templates/clusterrole.yaml apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: labels: app.kubernetes.io/name: "cluster-autoscaler" k8s-addon: cluster-autoscaler.addons.k8s.io k8s-app: cluster-autoscaler name: cluster-autoscaler rules: - apiGroups: - "" resources: - events - endpoints verbs: - create - patch - apiGroups: - "" resources: - pods/eviction verbs: - create - apiGroups: - "" resources: - pods/status verbs: - update - apiGroups: - "" resources: - endpoints resourceNames: - cluster-autoscaler verbs: - get - update - apiGroups: - "" resources: - nodes verbs: - watch - list - get - update - apiGroups: - "" resources: - namespaces - pods - services - replicationcontrollers - persistentvolumeclaims - persistentvolumes verbs: - watch - list - get - apiGroups: - batch resources: - jobs - cronjobs verbs: - watch - list - get - apiGroups: - batch - extensions resources: - jobs verbs: - get - list - patch - watch - apiGroups: - extensions resources: - replicasets - daemonsets verbs: - watch - list - get - apiGroups: - policy resources: - poddisruptionbudgets verbs: - watch - list - apiGroups: - apps resources: - daemonsets - replicasets - statefulsets verbs: - watch - list - get - apiGroups: - storage.k8s.io resources: - storageclasses - csinodes - csidrivers - csistoragecapacities verbs: - watch - list - get - apiGroups: - "" resources: - configmaps verbs: - list - watch - apiGroups: - coordination.k8s.io resources: - leases verbs: - create - apiGroups: - coordination.k8s.io resourceNames: - cluster-autoscaler resources: - leases verbs: - get - update --- # Source: cluster-autoscaler/templates/clusterrolebinding.yaml apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: labels: app.kubernetes.io/name: "cluster-autoscaler" k8s-addon: cluster-autoscaler.addons.k8s.io k8s-app: cluster-autoscaler name: cluster-autoscaler roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: cluster-autoscaler subjects: - kind: ServiceAccount name: cluster-autoscaler namespace: kube-system --- # Source: cluster-autoscaler/templates/role.yaml apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: labels: app.kubernetes.io/name: "cluster-autoscaler" k8s-addon: cluster-autoscaler.addons.k8s.io k8s-app: cluster-autoscaler name: cluster-autoscaler namespace: kube-system rules: - apiGroups: - "" resources: - configmaps verbs: - create - apiGroups: - "" resources: - configmaps resourceNames: - cluster-autoscaler-status verbs: - delete - get - update --- # Source: cluster-autoscaler/templates/rolebinding.yaml apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: labels: app.kubernetes.io/name: "cluster-autoscaler" k8s-addon: cluster-autoscaler.addons.k8s.io k8s-app: cluster-autoscaler name: cluster-autoscaler namespace: kube-system roleRef: apiGroup: rbac.authorization.k8s.io kind: Role name: cluster-autoscaler subjects: - kind: ServiceAccount name: cluster-autoscaler namespace: kube-system --- # Source: cluster-autoscaler/templates/service.yaml apiVersion: v1 kind: Service metadata: labels: app.kubernetes.io/name: "cluster-autoscaler" k8s-addon: cluster-autoscaler.addons.k8s.io k8s-app: cluster-autoscaler name: cluster-autoscaler namespace: kube-system spec: ports: - port: 8085 protocol: TCP targetPort: 8085 name: http selector: app.kubernetes.io/name: "cluster-autoscaler" type: "ClusterIP" --- {{- if and (eq .Expander "priority") CreateClusterAutoscalerPriorityConfig }} # Source: cluster-autoscaler/templates/priotity-expander-configmap.yaml apiVersion: v1 kind: ConfigMap metadata: name: cluster-autoscaler-priority-expander namespace: kube-system labels: app.kubernetes.io/name: "cluster-autoscaler" k8s-addon: cluster-autoscaler.addons.k8s.io k8s-app: cluster-autoscaler data: priorities: |- {{- ClusterAutoscalerPriorities | ToYAML | nindent 4 }} {{ end }} --- # Source: cluster-autoscaler/templates/deployment.yaml apiVersion: apps/v1 kind: Deployment metadata: labels: app.kubernetes.io/name: "cluster-autoscaler" k8s-addon: cluster-autoscaler.addons.k8s.io k8s-app: cluster-autoscaler name: cluster-autoscaler namespace: kube-system spec: replicas: {{ ControlPlaneControllerReplicas true }} selector: matchLabels: app: cluster-autoscaler {{ if not (and UseServiceAccountExternalPermissions (IsKubernetesGTE "1.24")) }} strategy: type: RollingUpdate rollingUpdate: maxSurge: 0 {{ end }} template: metadata: annotations: prometheus.io/port: "8085" prometheus.io/scrape: "true" {{- range $key, $value := .PodAnnotations }} {{ $key }}: "{{ $value }}" {{- end }} labels: app: cluster-autoscaler k8s-addon: cluster-autoscaler.addons.k8s.io k8s-app: cluster-autoscaler app.kubernetes.io/name: "cluster-autoscaler" spec: nodeSelector: null affinity: nodeAffinity: {{ if not UseServiceAccountExternalPermissions }} requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: node-role.kubernetes.io/control-plane operator: Exists - matchExpressions: - key: node-role.kubernetes.io/master operator: Exists {{ else }} preferredDuringSchedulingIgnoredDuringExecution: - weight: 1 preference: matchExpressions: - key: node-role.kubernetes.io/spot-worker operator: DoesNotExist {{ end }} priorityClassName: "system-cluster-critical" dnsPolicy: "ClusterFirst" containers: - name: cluster-autoscaler image: "{{ .Image }}" imagePullPolicy: "IfNotPresent" command: - ./cluster-autoscaler - --balance-similar-node-groups={{ .BalanceSimilarNodeGroups }} - --cloud-provider={{ GetCloudProvider }} {{ if (eq GetCloudProvider "aws") }} - --aws-use-static-instance-list={{ .AWSUseStaticInstanceList }} {{ end }} - --expander={{ .Expander }} {{ range $nodeGroup := GetClusterAutoscalerNodeGroups }} - --nodes={{ $nodeGroup.MinSize }}:{{ $nodeGroup.MaxSize }}:{{ $nodeGroup.Other }} {{ end }} - --scale-down-utilization-threshold={{ .ScaleDownUtilizationThreshold }} - --skip-nodes-with-local-storage={{ .SkipNodesWithLocalStorage }} - --skip-nodes-with-system-pods={{ .SkipNodesWithSystemPods }} - --scale-down-delay-after-add={{ .ScaleDownDelayAfterAdd }} - --scale-down-unneeded-time={{ .ScaleDownUnneededTime }} - --scale-down-unready-time={{ .ScaleDownUnreadyTime }} - --new-pod-scale-up-delay={{ .NewPodScaleUpDelay }} - --max-node-provision-time={{ .MaxNodeProvisionTime }} - --cordon-node-before-terminating={{ WithDefaultBool .CordonNodeBeforeTerminating true }} - --logtostderr=true - --stderrthreshold=info - --v=4 {{ if (eq GetCloudProvider "aws") }} env: - name: AWS_REGION value: "{{ Region }}" {{ end }} livenessProbe: failureThreshold: 3 httpGet: path: /health-check port: http scheme: HTTP periodSeconds: 10 successThreshold: 1 timeoutSeconds: 1 ports: - containerPort: 8085 name: http protocol: TCP resources: requests: cpu: {{ or .CPURequest "100m"}} memory: {{ or .MemoryRequest "300Mi"}} serviceAccountName: cluster-autoscaler {{ if not UseServiceAccountExternalPermissions }} hostNetwork: true tolerations: - operator: "Exists" key: node-role.kubernetes.io/control-plane - operator: "Exists" key: node-role.kubernetes.io/master {{ end }} topologySpreadConstraints: - maxSkew: 1 topologyKey: "topology.kubernetes.io/zone" whenUnsatisfiable: ScheduleAnyway labelSelector: matchLabels: app: cluster-autoscaler - maxSkew: 1 topologyKey: "kubernetes.io/hostname" whenUnsatisfiable: DoNotSchedule labelSelector: matchLabels: app: cluster-autoscaler {{ end }}