Skip to content

Commit

Permalink
Adding pod anti-affinity
Browse files Browse the repository at this point in the history
  • Loading branch information
Samuel Dumont committed Aug 7, 2020
1 parent 1c39fcd commit 25c7e0f
Show file tree
Hide file tree
Showing 4 changed files with 141 additions and 6 deletions.
52 changes: 52 additions & 0 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -93,6 +93,8 @@ However, you have to be consistent across variables, you cannot mix styles.
| namespace | The namespace where this deployment will live. Must exists. | `string` | n/a | yes |
| node\_affinity | Definition of the node affinity. See below | `any` | `{}` | no |
| node\_selector | Map of labels and values for node selection | `map(string)` | `{}` | no |
| pod\_affinity | Definition of the pod affinity. See below | `any` | `{}` | no |
| pod\_anti\_affinity | Definition of the pod anti-affinity. See below | `any` | `{}` | no |
| ports | Map of ports to expose, and associated settings. | `any` | `{}` | no |
| readiness\_probes | Map of readiness probes per container. Pass the regular terraform object as is : https://www.terraform.io/docs/providers/kubernetes/r/deployment.html#readiness_probe-1 | `any` | n/a | yes |
| replicas | Amount of replicas | `number` | `1` | no |
Expand Down Expand Up @@ -280,6 +282,56 @@ node_affinity = {
}
```

### Pod (anti-)affinity

This block allows to define pod (anti-)affinity. You can see the settings here : https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/deployment#pod_affinity

We cannot pass blocks as is so you have to create a map from it (aka adding the `=` sign)

```hcl
pod_affinity = {
required_during_scheduling_ignored_during_execution = [
{
label_selector = {
match_labels = {
"foo" = "bar"
}
match_expressions = [
{
key = "security"
operator = "In"
values = ["S1"]
}
]
}
namespaces = ["kube-system"]
topology_key = "failure-domain.beta.kubernetes.io/zone"
}
]
preferred_during_scheduling_ignored_during_execution = [
{
weight = 1
pod_affinity_term = {
label_selector = {
match_labels = {
"foo" = "bar"
}
match_expressions = [
{
key = "security"
operator = "In"
values = ["S1"]
}
]
}
namespaces = ["kube-system"]
topology_key = "failure-domain.beta.kubernetes.io/zone"
}
}
]
}
```

### Horizontal pod autoscaler

Allows to enable the horizontal pod autoscaler. Settings are self explanatory.
Expand Down
46 changes: 46 additions & 0 deletions deployment.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -129,6 +129,52 @@ resource "kubernetes_deployment" "container" {
}
}
}

dynamic "pod_anti_affinity" {
for_each = length(var.pod_anti_affinity) > 0 ? ["pod_anti_affinity"] : []
content {
dynamic "preferred_during_scheduling_ignored_during_execution" {
for_each = { for v in lookup(var.pod_anti_affinity, "preferred_during_scheduling_ignored_during_execution", []) : uuid() => v }
content {
weight = preferred_during_scheduling_ignored_during_execution.value["weight"]
pod_affinity_term {
namespaces = lookup(preferred_during_scheduling_ignored_during_execution.value["pod_affinity_term"], "namespaces", [])
topology_key = lookup(preferred_during_scheduling_ignored_during_execution.value["pod_affinity_term"], "topology_key", "")
label_selector {
match_labels = lookup(preferred_during_scheduling_ignored_during_execution.value["pod_affinity_term"]["label_selector"], "match_labels", {})
dynamic "match_expressions" {
for_each = { for v in lookup(preferred_during_scheduling_ignored_during_execution.value["pod_affinity_term"]["label_selector"], "match_expressions", []) : uuid() => v }
content {
key = match_expressions.value["key"]
operator = match_expressions.value["operator"]
values = lookup(match_expressions.value, "values", [])
}
}
}
}
}
}
dynamic "required_during_scheduling_ignored_during_execution" {
for_each = { for v in lookup(var.pod_anti_affinity, "required_during_scheduling_ignored_during_execution", []) : uuid() => v }
content {
label_selector {
match_labels = lookup(required_during_scheduling_ignored_during_execution.value["label_selector"], "match_labels", {})
dynamic "match_expressions" {
for_each = { for v in lookup(required_during_scheduling_ignored_during_execution.value["label_selector"], "match_expressions", []) : uuid() => v }
content {
key = match_expressions.value["key"]
operator = match_expressions.value["operator"]
values = lookup(match_expressions.value, "values", [])
}
}
}
namespaces = lookup(required_during_scheduling_ignored_during_execution.value, "namespaces", [])
topology_key = lookup(required_during_scheduling_ignored_during_execution.value, "topology_key", "")
}
}
}
}

}

automount_service_account_token = true
Expand Down
43 changes: 40 additions & 3 deletions doc.tfvars
View file
Original file line number Diff line number Diff line change
Expand Up @@ -116,8 +116,7 @@ pod_affinity = {
{
key = "security"
operator = "In"
values = [
"S1"]
values = ["S1"]
}
]
}
Expand All @@ -129,7 +128,45 @@ pod_affinity = {
}

pod_anti_affinity = {

required_during_scheduling_ignored_during_execution = [
{
label_selector = {
match_labels = {
"foo" = "bar"
}
match_expressions = [
{
key = "security"
operator = "In"
values = ["S1"]
}
]
}
namespaces = ["kube-system"]
topology_key = "failure-domain.beta.kubernetes.io/zone"
}
]
preferred_during_scheduling_ignored_during_execution = [
{
weight = 1
pod_affinity_term = {
label_selector = {
match_labels = {
"foo" = "bar"
}
match_expressions = [
{
key = "security"
operator = "In"
values = ["S1"]
}
]
}
namespaces = ["kube-system"]
topology_key = "failure-domain.beta.kubernetes.io/zone"
}
}
]
}

environment_variables_from_secret = {
Expand Down
6 changes: 3 additions & 3 deletions test/terraform_apply_destroy_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -365,8 +365,8 @@ func TestApplyAndDestroyWithPlentyOfValues(t *testing.T) {
options.Vars["node_selector"] = map[string]interface{}{
"kubernetes.io/os": "linux",
}
/*
options.Vars["pod_affinity"] = map[string]interface{}{

options.Vars["pod_anti_affinity"] = map[string]interface{}{
"preferred_during_scheduling_ignored_during_execution": []interface{}{
map[string]interface{}{
"weight": 10,
Expand Down Expand Up @@ -401,7 +401,7 @@ func TestApplyAndDestroyWithPlentyOfValues(t *testing.T) {
},
},
}
*/

defer terraform.Destroy(t, options)
_, err = terraform.InitAndApplyE(t, options)
assert.NoError(t, err)
Expand Down

0 comments on commit 25c7e0f

Please sign in to comment.