diff --git a/jsonnet/kube-prometheus/ksm-autoscaler/ksm-autoscaler.libsonnet b/jsonnet/kube-prometheus/ksm-autoscaler/ksm-autoscaler.libsonnet
index 1fed631ded7d73d74342a8711b7e4bcef6aa18a4..88154ac1039d84d9f2e41cf1818c5a680702d2f3 100644
--- a/jsonnet/kube-prometheus/ksm-autoscaler/ksm-autoscaler.libsonnet
+++ b/jsonnet/kube-prometheus/ksm-autoscaler/ksm-autoscaler.libsonnet
@@ -1,14 +1,7 @@
-local k = import 'github.com/ksonnet/ksonnet-lib/ksonnet.beta.4/k.libsonnet';
-
{
_config+:: {
- versions+:: {
- clusterVerticalAutoscaler: "v0.8.1"
- },
-
- imageRepos+:: {
- clusterVerticalAutoscaler: 'gcr.io/google_containers/cpvpa-amd64'
- },
+ versions+:: { clusterVerticalAutoscaler: '0.8.1' },
+ imageRepos+:: { clusterVerticalAutoscaler: 'gcr.io/google_containers/cpvpa-amd64' },
kubeStateMetrics+:: {
stepCPU: '1m',
@@ -16,103 +9,120 @@ local k = import 'github.com/ksonnet/ksonnet-lib/ksonnet.beta.4/k.libsonnet';
},
},
ksmAutoscaler+:: {
- clusterRole:
- local clusterRole = k.rbac.v1.clusterRole;
- local rulesType = clusterRole.rulesType;
-
- local rules = [
- rulesType.new() +
- rulesType.withApiGroups(['']) +
- rulesType.withResources([
- 'nodes',
- ]) +
- rulesType.withVerbs(['list', 'watch']),
- ];
+ clusterRole: {
+ apiVersion: 'rbac.authorization.k8s.io/v1',
+ kind: 'ClusterRole',
+ metadata: { name: 'ksm-autoscaler' },
+ rules: [{
+ apiGroups: [''],
+ resources: ['nodes'],
+ verbs: ['list', 'watch'],
+ }],
+ },
- clusterRole.new() +
- clusterRole.mixin.metadata.withName('ksm-autoscaler') +
- clusterRole.withRules(rules),
+ clusterRoleBinding: {
+ apiVersion: 'rbac.authorization.k8s.io/v1',
+ kind: 'ClusterRoleBinding',
+ metadata: { name: 'ksm-autoscaler' },
+ roleRef: {
+ apiGroup: 'rbac.authorization.k8s.io',
+ kind: 'ClusterRole',
+ name: 'ksm-autoscaler',
+ },
+ subjects: [{ kind: 'ServiceAccount', name: 'ksm-autoscaler', namespace: $._config.namespace }],
+ },
- clusterRoleBinding:
- local clusterRoleBinding = k.rbac.v1.clusterRoleBinding;
+ roleBinding: {
+ apiVersion: 'rbac.authorization.k8s.io/v1',
+ kind: 'RoleBinding',
+ metadata: {
+ name: 'ksm-autoscaler',
+ namespace: $._config.namespace,
+ },
+ roleRef: {
+ apiGroup: 'rbac.authorization.k8s.io',
+ kind: 'Role',
+ name: 'ksm-autoscaler',
+ },
+ subjects: [{ kind: 'ServiceAccount', name: 'ksm-autoscaler' }],
+ },
- clusterRoleBinding.new() +
- clusterRoleBinding.mixin.metadata.withName('ksm-autoscaler') +
- clusterRoleBinding.mixin.roleRef.withApiGroup('rbac.authorization.k8s.io') +
- clusterRoleBinding.mixin.roleRef.withName('ksm-autoscaler') +
- clusterRoleBinding.mixin.roleRef.mixinInstance({ kind: 'ClusterRole' }) +
- clusterRoleBinding.withSubjects([{ kind: 'ServiceAccount', name: 'ksm-autoscaler', namespace: $._config.namespace }]),
+ role: {
+ apiVersion: 'rbac.authorization.k8s.io/v1',
+ kind: 'Role',
+ metadata: {
+ name: 'ksm-autoscaler',
+ namespace: $._config.namespace,
+ },
+ rules: [
+ {
+ apiGroups: ['extensions'],
+ resources: ['deployments'],
+ verbs: ['patch'],
+ resourceNames: ['kube-state-metrics'],
+ },
+ {
+ apiGroups: ['apps'],
+ resources: ['deployments'],
+ verbs: ['patch'],
+ resourceNames: ['kube-state-metrics'],
+ },
+ ],
+ },
- roleBinding:
- local roleBinding = k.rbac.v1.roleBinding;
-
- roleBinding.new() +
- roleBinding.mixin.metadata.withName('ksm-autoscaler') +
- roleBinding.mixin.metadata.withNamespace($._config.namespace) +
- roleBinding.mixin.roleRef.withApiGroup('rbac.authorization.k8s.io') +
- roleBinding.mixin.roleRef.withName('ksm-autoscaler') +
- roleBinding.mixin.roleRef.mixinInstance({ kind: 'Role' }) +
- roleBinding.withSubjects([{ kind: 'ServiceAccount', name: 'ksm-autoscaler' }]),
+ serviceAccount: {
+ apiVersion: 'v1',
+ kind: 'ServiceAccount',
+ metadata: {
+ name: 'ksm-autoscaler',
+ namespace: $._config.namespace,
+ },
+ },
- role:
- local role = k.rbac.v1.role;
- local rulesType = role.rulesType;
-
- local extensionsRule = rulesType.new() +
- rulesType.withApiGroups(['extensions']) +
- rulesType.withResources([
- 'deployments',
- ]) +
- rulesType.withVerbs(['patch']) +
- rulesType.withResourceNames(['kube-state-metrics']);
-
- local appsRule = rulesType.new() +
- rulesType.withApiGroups(['apps']) +
- rulesType.withResources([
- 'deployments',
- ]) +
- rulesType.withVerbs(['patch']) +
- rulesType.withResourceNames(['kube-state-metrics']);
-
- local rules = [extensionsRule, appsRule];
-
- role.new() +
- role.mixin.metadata.withName('ksm-autoscaler') +
- role.mixin.metadata.withNamespace($._config.namespace) +
- role.withRules(rules),
-
- serviceAccount:
- local serviceAccount = k.core.v1.serviceAccount;
-
- serviceAccount.new('ksm-autoscaler') +
- serviceAccount.mixin.metadata.withNamespace($._config.namespace),
deployment:
- local deployment = k.apps.v1.deployment;
- local container = deployment.mixin.spec.template.spec.containersType;
- local podSelector = deployment.mixin.spec.template.spec.selectorType;
local podLabels = { app: 'ksm-autoscaler' };
-
- local kubeStateMetricsAutoscaler =
- container.new('ksm-autoscaler', $._config.imageRepos.clusterVerticalAutoscaler + ':' + $._config.versions.clusterVerticalAutoscaler) +
- container.withArgs([
+ local c = {
+ name: 'ksm-autoscaler',
+ image: $._config.imageRepos.clusterVerticalAutoscaler + ':v' + $._config.versions.clusterVerticalAutoscaler,
+ args: [
'/cpvpa',
'--target=deployment/kube-state-metrics',
'--namespace=' + $._config.namespace,
'--logtostderr=true',
'--poll-period-seconds=10',
- '--default-config={"kube-state-metrics":{"requests":{"cpu":{"base":"' + $._config.kubeStateMetrics.baseCPU + '","step":"' + $._config.kubeStateMetrics.stepCPU + '","nodesPerStep":1},"memory":{"base":"' + $._config.kubeStateMetrics.baseMemory + '","step":"' + $._config.kubeStateMetrics.stepMemory + '","nodesPerStep":1}},"limits":{"cpu":{"base":"' + $._config.kubeStateMetrics.baseCPU + '","step":"' + $._config.kubeStateMetrics.stepCPU + '","nodesPerStep":1},"memory":{"base":"' + $._config.kubeStateMetrics.baseMemory + '","step":"' + $._config.kubeStateMetrics.stepMemory + '","nodesPerStep":1}}}}'
- ]) +
- container.mixin.resources.withRequests({cpu: '20m', memory: '10Mi'});
-
- local c = [kubeStateMetricsAutoscaler];
-
- deployment.new('ksm-autoscaler', 1, c, podLabels) +
- deployment.mixin.metadata.withNamespace($._config.namespace) +
- deployment.mixin.metadata.withLabels(podLabels) +
- deployment.mixin.spec.selector.withMatchLabels(podLabels) +
- deployment.mixin.spec.template.spec.withNodeSelector({ 'kubernetes.io/os': 'linux' }) +
- deployment.mixin.spec.template.spec.securityContext.withRunAsNonRoot(true) +
- deployment.mixin.spec.template.spec.securityContext.withRunAsUser(65534) +
- deployment.mixin.spec.template.spec.withServiceAccountName('ksm-autoscaler'),
+ '--default-config={"kube-state-metrics":{"requests":{"cpu":{"base":"' + $._config.kubeStateMetrics.baseCPU + '","step":"' + $._config.kubeStateMetrics.stepCPU + '","nodesPerStep":1},"memory":{"base":"' + $._config.kubeStateMetrics.baseMemory + '","step":"' + $._config.kubeStateMetrics.stepMemory + '","nodesPerStep":1}},"limits":{"cpu":{"base":"' + $._config.kubeStateMetrics.baseCPU + '","step":"' + $._config.kubeStateMetrics.stepCPU + '","nodesPerStep":1},"memory":{"base":"' + $._config.kubeStateMetrics.baseMemory + '","step":"' + $._config.kubeStateMetrics.stepMemory + '","nodesPerStep":1}}}}',
+ ],
+ resources: {
+ requests: { cpu: '20m', memory: '10Mi' },
+ },
+ };
+
+ {
+ apiVersion: 'apps/v1',
+ kind: 'Deployment',
+ metadata: {
+ name: 'ksm-autoscaler',
+ namespace: $._config.namespace,
+ labels: podLabels,
+ },
+ spec: {
+ replicas: 1,
+ selector: { matchLabels: podLabels },
+ template: {
+ metadata: {
+ labels: podLabels,
+ },
+ spec: {
+ containers: [c],
+ serviceAccount: 'ksm-autoscaler',
+ nodeSelector: { 'kubernetes.io/os': 'linux' },
+ securityContext: {
+ runAsNonRoot: true,
+ runAsUser: 65534,
+ },
+ },
+ },
+ },
+ },
},
}