Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

New Feature: Use KubeDownscaler Without Cluster Wide Access (Namespaced Access) #73

Merged
merged 27 commits into from
Jul 22, 2024
Merged

New Feature: Use KubeDownscaler Without Cluster Wide Access (Namespaced Access) #73

merged 27 commits into from
Jul 22, 2024

Conversation

samuel-esp
Copy link
Collaborator

@samuel-esp samuel-esp commented Jul 20, 2024
edited
Loading

Motivation

This Pull Request will enable users use KubeDownscaler Without Cluster Wide Access (Namespaced Access).

Changes

Python Code:

  • --namespace argument will now accept a list of string
  • Introduced constrianed_downscaler variable that will be automatically set to true if --namespace arg is specified
  • --namespace and --exclude-namespaces are now mutually exclusive, --namespace will take precedence and override --exclude-namespaces.
  • --namespace and --admission-controller are now mutually exclusive, the user will still be able to downscale jobs natively as specified inside pull request Scale Jobs Natively (Without Admission Controllers) #71
  • If --namespace arg is specified, the Kubernetes API Server will receive different API Calls that don't target Cluster Wide operations
  • Added 403 and 404 error handling to API Calls
  • refactored unit tests

Docs:

  • Explained how to use KubeDownscaler without cluster wide access (installation and recommendations on how to set parameters and which mode to choose)

Helm Chart

  • Introduced 2 parameters inside values.yaml (constrainedDownscaler, constrainedNamespaces). The first one is boolean value and the second one is a list of namespaces where the KubeDownscaler can operate
  • Added error handling if user specifies constrainedDownscaler without constrainedNamespaces
  • If constrainedDownscaler is true the Helm Chart will deploy a set of Roles and RoleBindings instead of a single ClusterRole and ClusterRoleBinding. This will setup the needed communications to use Constrained Mode
  • Added {{ .Release.Namespace }} to Deployment, ConfigMap and ServiceAccount, in order to help the user to configure a differrent namespace for installation

Tests done

  • Unit tests
  • Built and Used local image

TODO

  • I've assigned myself to this PR

samuel-esp added 27 commits July 15, 2024 17:56
@samuel-esp
facilitates backward compatibility
dad0a67
@samuel-esp
docs refactoring
d49c23d
@samuel-esp
refactored chart to include constrainted-namespace installation
0832427
@samuel-esp
refactored chart to include constrainted-namespace installation
c69f8aa
@samuel-esp
added constrainted downscaler arg inside code
265a6f2
@samuel-esp
Merge remote-tracking branch 'origin/namespace-only-access' into name…
b0ce1cf 
…space-only-access

# Conflicts:
#	chart/templates/rbac.yaml
@samuel-esp
refactor --namespace argument to be able to handle a list of strings
86946d9
@samuel-esp
refactore autoscale_jobs function
0b4e784
@samuel-esp
--namespace object could be only be used with constrainted_downscaler…
9ef5495 
… api calls. rbac refactored to only include namespaced resources
@samuel-esp
fixed constraintedNamesapce test namespaces inside values.yaml
2a16604
@samuel-esp
added try-except to better log RBAC errors
6c06b03
@samuel-esp
helm chart will automaticall add --constrainted-downscaler arg if con…
390bb41 
…straintedDownscaler value is set to true
@samuel-esp
added tests
0ee4cb2
@samuel-esp
added log to inform user that using --namespace argument will deactiv…
80b98ea 
…ate --exclude-namespaces
@samuel-esp
added error handling inside scaler.py
80144cc
@samuel-esp
refactored namespace argument to namespaces to clarify the variable c…
d730de7 
…ould contain more than 1 element, refactored helm chart
@samuel-esp
refactored docs
933b250
@samuel-esp
refactored migrate from codeberg docs section
5d44776
@samuel-esp
removed --constrainted-downscaler argument to better help user config…
e96167d 
…urations
@samuel-esp
refactored docs
0863dc4
@samuel-esp
refactored docs
4940501
@samuel-esp
refactored docs and constrained variable name
24afced
@samuel-esp
refactored docs
f45cb9f
@samuel-esp
added release namespace inside helm chart (deplyoment, configmap and …
be14f32 
…serviceaccount)
@samuel-esp
refactored variable names inside helm chart
3ed48df
@samuel-esp
refactored variable names inside docs
4ca61fa
@samuel-esp
improved 403 error handling, changed log.error to log.warning
974f8cc
@samuel-esp samuel-esp mentioned this pull request Jul 20, 2024
Closed
@JTaeuber JTaeuber added enhancement New feature or request feature labels Jul 22, 2024
JTaeuber
JTaeuber approved these changes Jul 22, 2024
View reviewed changes
Copy link
Member

@JTaeuber JTaeuber left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@JTaeuber JTaeuber merged commit c217f31 into caas-team:main Jul 22, 2024
1 check passed
JTaeuber pushed a commit that referenced this pull request Jul 22, 2024
@samuel-esp @JTaeuber
New Feature: Use KubeDownscaler Without Cluster Wide Access (Namespac…
24b2468 
…ed Access) (#73)

* facilitates backward compatibility

* docs refactoring

* refactored chart to include constrainted-namespace installation

* refactored chart to include constrainted-namespace installation

* added constrainted downscaler arg inside code

* refactor --namespace argument to be able to handle a list of strings

* refactore autoscale_jobs function

* --namespace object could be only be used with constrainted_downscaler api calls. rbac refactored to only include namespaced resources

* fixed constraintedNamesapce test namespaces inside values.yaml

* added try-except to better log RBAC errors

* helm chart will automaticall add --constrainted-downscaler arg if constraintedDownscaler value is set to true

* added tests

* added log to inform user that using --namespace argument will deactivate --exclude-namespaces

* added error handling inside scaler.py

* refactored namespace argument to namespaces to clarify the variable could contain more than 1 element, refactored helm chart

* refactored docs

* refactored migrate from codeberg docs section

* removed --constrainted-downscaler argument to better help user configurations

* refactored docs

* refactored docs

* refactored docs and constrained variable name

* refactored docs

* added release namespace inside helm chart (deplyoment, configmap and serviceaccount)

* refactored variable names inside helm chart

* refactored variable names inside docs

* improved 403 error handling, changed log.error to log.warning
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@JTaeuber JTaeuber JTaeuber approved these changes

@Fovty Fovty Awaiting requested review from Fovty Fovty is a code owner

@jonathan-mayer jonathan-mayer Awaiting requested review from jonathan-mayer jonathan-mayer is a code owner

Assignees

@samuel-esp samuel-esp

Labels
enhancement New feature or request feature
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@samuel-esp @JTaeuber