From 2941ddb7f5f597b11547d8fa8c10c72506d55006 Mon Sep 17 00:00:00 2001 From: Eugene Glotov Date: Tue, 12 Nov 2019 21:00:23 +0200 Subject: [PATCH] Support Dashboard replicas (#2899) (#3633) This PR makes possible to increase the amount of web dashboard replicas. Follows up #2899 Signed-off-by: Eugene Glotov --- charts/linkerd2/README.md | 133 +++++++++++++++-------------- charts/linkerd2/templates/web.yaml | 2 +- charts/linkerd2/values.yaml | 4 + cli/cmd/install_test.go | 3 + pkg/charts/values.go | 6 ++ pkg/charts/values_test.go | 4 + 6 files changed, 85 insertions(+), 67 deletions(-) diff --git a/charts/linkerd2/README.md b/charts/linkerd2/README.md index ac0d16a9c..a17f0e317 100644 --- a/charts/linkerd2/README.md +++ b/charts/linkerd2/README.md @@ -82,72 +82,73 @@ helm install \ The following table lists the configurable parameters of the Linkerd2 chart and their default values. -| Parameter | Description | Default | -|--------------------------------------|-------------------------------------------------------------------------------------------------|-------------------------------| -|`ClusterDomain` | Kubernetes DNS Domain name to use | `cluster.local`| -|`EnableH2Upgrade` | Allow proxies to perform transparent HTTP/2 upgrading |`true`| -|`ImagePullPolicy` | Docker image pull policy |`IfNotPresent`| -|`LinkerdVersion` | Control plane version |`stable-2.5.0`| -|`Namespace` | Control plane namespace |`linkerd`| -|`OmitWebhookSideEffects` | Omit the `sideEffects` flag in the webhook manifests |`false`| -|`WebhookFailurePolicy` | Failure policy for the proxy injector |`Ignore`| -|`ControllerImage` | Docker image for the controller, tap and identity components |`gcr.io/linkerd-io/controller`| -|`ControllerLogLevel` | Log level for the control plane components |`info`| -|`ControllerReplicas` | Number of replicas for each control plane pod |`1`| -|`ControllerUID` | User ID for the control plane components |`2103`| -|`Identity.Issuer.ClockSkewAllowance` | Amount of time to allow for clock skew within a Linkerd cluster |`20s`| -|`Identity.Issuer.Scheme` | Which scheme is used for the identity issuer secret format |`linkerd.io/tls`| -|`Identity.Issuer.CrtExpiry` | Expiration timestamp for the issuer certificate. It must be provided during install || -|`Identity.Issuer.CrtExpiryAnnotation` | Annotation used to identity the issuer certificate expiration timestamp. Do not edit. |`linkerd.io/identity-issuer-expiry`| -|`Identity.Issuer.IssuanceLifeTime` | Amount of time for which the Identity issuer should certify identity |`86400s`| -|`Identity.Issuer.TLS.CrtPEM` | Issuer certificate (ECDSA). It must be provided during install. || -|`Identity.Issuer.TLS.KeyPEM` | Key for the issuer certificate (ECDSA). It must be provided during install. || -|`Identity.TrustAnchorsPEM` | Trust root certificate (ECDSA). It must be provided during install. || -|`Identity.TrustDomain` | Trust domain used for identity |`cluster.local`| -|`GrafanaImage` | Docker image for the Grafana container |`gcr.io/linkerd-io/grafana`| -|`DisableHeartBeat` | Set to true to not start the heartbeat cronjob |`false`| -|`HeartbeatSchedule` | Config for the heartbeat cronjob |`0 0 * * *`| -|`PrometheusImage` | Docker image for the Prometheus container |`prom/prometheus:v2.11.1`| -|`PrometheusLogLevel` | Log level for Prometheus |`info`| -|`Proxy.EnableExternalProfiles` | Enable service profiles for non-Kubernetes services |`false`| -|`Proxy.Image.Name` | Docker image for the proxy |`gcr.io/linkerd-io/proxy`| -|`Proxy.Image.PullPolicy` | Pull policy for the proxy container Docker image |`IfNotPresent`| -|`Proxy.Image.Version` | Tag for the proxy container Docker image |`stable-2.5.0`| -|`Proxy.LogLevel` | Log level for the proxy |`warn,linkerd2_proxy=info`| -|`Proxy.Ports.Admin` | Admin port for the proxy container |`4191`| -|`Proxy.Ports.Control` | Control port for the proxy container |`4190`| -|`Proxy.Ports.Inbound` | Inbound port for the proxy container |`4143`| -|`Proxy.Ports.Outbound` | Outbound port for the proxy container |`4140`| -|`Proxy.Resources.CPU.Limit` | Maximum amount of CPU units that the proxy can use || -|`Proxy.Resources.CPU.Request` | Amount of CPU units that the proxy requests || -|`Proxy.Resources.Memory.Limit` | Maximum amount of memory that the proxy can use || -|`Proxy.Resources.Memory.Request` | Amount of memory that the proxy requests || -|`Proxy.Trace.CollectorSvcAccount` | Service account associated with the Trace collector instance || -|`Proxy.Trace.CollectorSvcAddr` | Collector Service address for the proxies to send Trace Data || -|`Proxy.UID` | User id under which the proxy runs |`2102`| -|`ProxyInit.IgnoreInboundPorts` | Inbound ports the proxy should ignore || -|`ProxyInit.IgnoreOutboundPorts` | Outbound ports the proxy should ignore || -|`ProxyInit.Image.Name` | Docker image for the proxy-init container |`gcr.io/linkerd-io/proxy-init`| -|`ProxyInit.Image.PullPolicy` | Pull policy for the proxy-init container Docker image |`IfNotPresent`| -|`ProxyInit.Image.Version` | Tag for the proxy-init container Docker image |`v1.1.0`| -|`ProxyInit.Resources.CPU.Limit` | Maximum amount of CPU units that the proxy-init container can use |`100m`| -|`ProxyInit.Resources.CPU.Request` | Amount of CPU units that the proxy-init container requests |`10m`| -|`ProxyInit.Resources.Memory.Limit` | Maximum amount of memory that the proxy-init container can use |`50Mi`| -|`ProxyInit.Resources.Memory.Request` | Amount of memory that the proxy-init container requests |`10Mi`| -|`ProxyInjector.CrtPEM` | Certificate for the proxy injector. If not provided then Helm will generate one. || -|`ProxyInjector.KeyPEM` | Certificate key for the proxy injector. If not provided then Helm will generate one. || -|`ProfileValidator.CrtPEM` | Certificate for the service profile validator. If not provided then Helm will generate one. || -|`ProfileValidator.KeyPEM` | Certificate key for the service profile validator. If not provided then Helm will generate one. || -|`Tap.CrtPEM` | Certificate for the Tap component. If not provided then Helm will generate one. || -|`Tap.KeyPEM` | Certificate key for Tap component. If not provided then Helm will generate one. || -|`WebImage` | Docker image for the web container |`gcr.io/linkerd-io/web`| -|`CreatedByAnnotation` | Annotation label for the proxy create. Do not edit. |`linkerd.io/created-by`| -|`ProxyInjectAnnotation` | Annotation label to signal injection. Do not edit. || -|`ProxyInjectDisabled` | Annotation value to disable injection. Do not edit. |`disabled`| -|`ControllerComponentLabel` | Control plane label. Do not edit |`linkerd.io/control-plane-component`| -|`ControllerNamespaceLabel` | Control plane label. Do not edit |`linkerd.io/control-plane-component`| -|`LinkerdNamespaceLabel` | Control plane label. Do not edit |`linkerd.io/control-plane-component`| -|`InstallNamespace` | Set to false when installing Linkerd in a custom namespace. See the [Linkerd documentation](https://linkerd.io/2/tasks/install-helm/#customizing-the-namespace) for more information.|`true`| +| Parameter | Description | Default | +|:--------------------------------------|:--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|:-------------------------------------| +| `ClusterDomain` | Kubernetes DNS Domain name to use | `cluster.local` | +| `EnableH2Upgrade` | Allow proxies to perform transparent HTTP/2 upgrading | `true` | +| `ImagePullPolicy` | Docker image pull policy | `IfNotPresent` | +| `LinkerdVersion` | Control plane version | `stable-2.5.0` | +| `Namespace` | Control plane namespace | `linkerd` | +| `OmitWebhookSideEffects` | Omit the `sideEffects` flag in the webhook manifests | `false` | +| `WebhookFailurePolicy` | Failure policy for the proxy injector | `Ignore` | +| `ControllerImage` | Docker image for the controller, tap and identity components | `gcr.io/linkerd-io/controller` | +| `ControllerLogLevel` | Log level for the control plane components | `info` | +| `ControllerReplicas` | Number of replicas for each control plane pod | `1` | +| `ControllerUID` | User ID for the control plane components | `2103` | +| `Identity.Issuer.ClockSkewAllowance` | Amount of time to allow for clock skew within a Linkerd cluster | `20s` | +| `Dashboard.Replicas` | Number of replicas of dashboard | `1` | +| `Identity.Issuer.Scheme` | Which scheme is used for the identity issuer secret format | `linkerd.io/tls` | +| `Identity.Issuer.CrtExpiry` | Expiration timestamp for the issuer certificate. It must be provided during install || +| `Identity.Issuer.CrtExpiryAnnotation` | Annotation used to identity the issuer certificate expiration timestamp. Do not edit. | `linkerd.io/identity-issuer-expiry` | +| `Identity.Issuer.IssuanceLifeTime` | Amount of time for which the Identity issuer should certify identity | `86400s` | +| `Identity.Issuer.TLS.CrtPEM` | Issuer certificate (ECDSA). It must be provided during install. || +| `Identity.Issuer.TLS.KeyPEM` | Key for the issuer certificate (ECDSA). It must be provided during install. || +| `Identity.TrustAnchorsPEM` | Trust root certificate (ECDSA). It must be provided during install. || +| `Identity.TrustDomain` | Trust domain used for identity | `cluster.local` | +| `GrafanaImage` | Docker image for the Grafana container | `gcr.io/linkerd-io/grafana` | +| `DisableHeartBeat` | Set to true to not start the heartbeat cronjob | `false` | +| `HeartbeatSchedule` | Config for the heartbeat cronjob | `0 0 * * *` | +| `PrometheusImage` | Docker image for the Prometheus container | `prom/prometheus:v2.11.1` | +| `PrometheusLogLevel` | Log level for Prometheus | `info` | +| `Proxy.EnableExternalProfiles` | Enable service profiles for non-Kubernetes services | `false` | +| `Proxy.Image.Name` | Docker image for the proxy | `gcr.io/linkerd-io/proxy` | +| `Proxy.Image.PullPolicy` | Pull policy for the proxy container Docker image | `IfNotPresent` | +| `Proxy.Image.Version` | Tag for the proxy container Docker image | `stable-2.5.0` | +| `Proxy.LogLevel` | Log level for the proxy | `warn,linkerd2_proxy=info` | +| `Proxy.Ports.Admin` | Admin port for the proxy container | `4191` | +| `Proxy.Ports.Control` | Control port for the proxy container | `4190` | +| `Proxy.Ports.Inbound` | Inbound port for the proxy container | `4143` | +| `Proxy.Ports.Outbound` | Outbound port for the proxy container | `4140` | +| `Proxy.Resources.CPU.Limit` | Maximum amount of CPU units that the proxy can use || +| `Proxy.Resources.CPU.Request` | Amount of CPU units that the proxy requests || +| `Proxy.Resources.Memory.Limit` | Maximum amount of memory that the proxy can use || +| `Proxy.Resources.Memory.Request` | Amount of memory that the proxy requests || +| `Proxy.Trace.CollectorSvcAccount` | Service account associated with the Trace collector instance || +| `Proxy.Trace.CollectorSvcAddr` | Collector Service address for the proxies to send Trace Data || +| `Proxy.UID` | User id under which the proxy runs | `2102` | +| `ProxyInit.IgnoreInboundPorts` | Inbound ports the proxy should ignore || +| `ProxyInit.IgnoreOutboundPorts` | Outbound ports the proxy should ignore || +| `ProxyInit.Image.Name` | Docker image for the proxy-init container | `gcr.io/linkerd-io/proxy-init` | +| `ProxyInit.Image.PullPolicy` | Pull policy for the proxy-init container Docker image | `IfNotPresent` | +| `ProxyInit.Image.Version` | Tag for the proxy-init container Docker image | `v1.1.0` | +| `ProxyInit.Resources.CPU.Limit` | Maximum amount of CPU units that the proxy-init container can use | `100m` | +| `ProxyInit.Resources.CPU.Request` | Amount of CPU units that the proxy-init container requests | `10m` | +| `ProxyInit.Resources.Memory.Limit` | Maximum amount of memory that the proxy-init container can use | `50Mi` | +| `ProxyInit.Resources.Memory.Request` | Amount of memory that the proxy-init container requests | `10Mi` | +| `ProxyInjector.CrtPEM` | Certificate for the proxy injector. If not provided then Helm will generate one. || +| `ProxyInjector.KeyPEM` | Certificate key for the proxy injector. If not provided then Helm will generate one. || +| `ProfileValidator.CrtPEM` | Certificate for the service profile validator. If not provided then Helm will generate one. || +| `ProfileValidator.KeyPEM` | Certificate key for the service profile validator. If not provided then Helm will generate one. || +| `Tap.CrtPEM` | Certificate for the Tap component. If not provided then Helm will generate one. || +| `Tap.KeyPEM` | Certificate key for Tap component. If not provided then Helm will generate one. || +| `WebImage` | Docker image for the web container | `gcr.io/linkerd-io/web` | +| `CreatedByAnnotation` | Annotation label for the proxy create. Do not edit. | `linkerd.io/created-by` | +| `ProxyInjectAnnotation` | Annotation label to signal injection. Do not edit. || +| `ProxyInjectDisabled` | Annotation value to disable injection. Do not edit. | `disabled` | +| `ControllerComponentLabel` | Control plane label. Do not edit | `linkerd.io/control-plane-component` | +| `ControllerNamespaceLabel` | Control plane label. Do not edit | `linkerd.io/control-plane-component` | +| `LinkerdNamespaceLabel` | Control plane label. Do not edit | `linkerd.io/control-plane-component` | +| `InstallNamespace` | Set to false when installing Linkerd in a custom namespace. See the [Linkerd documentation](https://linkerd.io/2/tasks/install-helm/#customizing-the-namespace) for more information. | `true` | ## Get involved diff --git a/charts/linkerd2/templates/web.yaml b/charts/linkerd2/templates/web.yaml index bc8944b74..f4d7c9f40 100644 --- a/charts/linkerd2/templates/web.yaml +++ b/charts/linkerd2/templates/web.yaml @@ -40,7 +40,7 @@ metadata: name: linkerd-web namespace: {{.Namespace}} spec: - replicas: 1 + replicas: {{.Dashboard.Replicas}} selector: matchLabels: {{.ControllerComponentLabel}}: web diff --git a/charts/linkerd2/values.yaml b/charts/linkerd2/values.yaml index 1ce0d212a..3fbc2e7e1 100644 --- a/charts/linkerd2/values.yaml +++ b/charts/linkerd2/values.yaml @@ -19,6 +19,10 @@ ControllerLogLevel: &controller_log_level info ControllerReplicas: 1 ControllerUID: 2103 +# web dashboard configuration +Dashboard: + Replicas: 1 + # identity configuration Identity: Issuer: diff --git a/cli/cmd/install_test.go b/cli/cmd/install_test.go index 68b1a0c74..ee141a578 100644 --- a/cli/cmd/install_test.go +++ b/cli/cmd/install_test.go @@ -119,6 +119,9 @@ func TestRender(t *testing.T) { }, }, }, + Dashboard: &charts.Dashboard{ + Replicas: 1, + }, } haOptions, err := testInstallOptions() diff --git a/pkg/charts/values.go b/pkg/charts/values.go index b255023f7..6bb75f718 100644 --- a/pkg/charts/values.go +++ b/pkg/charts/values.go @@ -52,6 +52,7 @@ type ( InstallNamespace bool ControlPlaneTracing bool Configs ConfigJSONs + Dashboard *Dashboard Identity *Identity ProxyInjector *ProxyInjector ProfileValidator *ProfileValidator @@ -147,6 +148,11 @@ type ( Memory Constraints } + // Dashboard has the Helm variables for the web dashboard + Dashboard struct { + Replicas int32 + } + // Identity contains the fields to set the identity variables in the proxy // sidecar container Identity struct { diff --git a/pkg/charts/values_test.go b/pkg/charts/values_test.go index dc2c87289..a8edc892e 100644 --- a/pkg/charts/values_test.go +++ b/pkg/charts/values_test.go @@ -50,6 +50,10 @@ func TestNewValues(t *testing.T) { "beta.kubernetes.io/os": "linux", }, + Dashboard: &Dashboard{ + Replicas: 1, + }, + Identity: &Identity{ TrustDomain: "cluster.local", Issuer: &Issuer{