Skip to content

Commit

Permalink
Merge pull request #31 from datarootsio/issue_21_affinity
Browse files Browse the repository at this point in the history 
Affinity (node, pod)
  • Loading branch information
@sam-dumont
sam-dumont authored Aug 7, 2020
2 parents c4dbe09 + 25c7e0f commit 8c648c0
Show file tree
Hide file tree
Showing 5 changed files with 443 additions and 0 deletions.
94 changes: 94 additions & 0 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -91,7 +91,10 @@ However, you have to be consistent across variables, you cannot mix styles.
| max_unavailable | Maximum number of pods that can be unavailable during update. | `string` | `25%` | no |
| name | The name of the deployment. Will be used for all other resources | `string` | n/a | yes |
| namespace | The namespace where this deployment will live. Must exists. | `string` | n/a | yes |
| node\_affinity | Definition of the node affinity. See below | `any` | `{}` | no |
| node\_selector | Map of labels and values for node selection | `map(string)` | `{}` | no |
| pod\_affinity | Definition of the pod affinity. See below | `any` | `{}` | no |
| pod\_anti\_affinity | Definition of the pod anti-affinity. See below | `any` | `{}` | no |
| ports | Map of ports to expose, and associated settings. | `any` | `{}` | no |
| readiness\_probes | Map of readiness probes per container. Pass the regular terraform object as is : https://www.terraform.io/docs/providers/kubernetes/r/deployment.html#readiness_probe-1 | `any` | n/a | yes |
| replicas | Amount of replicas | `number` | `1` | no |
Expand Down Expand Up @@ -238,6 +241,97 @@ readiness_probes = {
}
```

### Node affinity

This block allows to define node affinity of the pod. You can see the settings here : https://www.terraform.io/docs/providers/kubernetes/r/deployment.html#affinity-1

We cannot pass blocks as is so you have to create a map from it (aka adding the `=` sign)

```hcl
node_affinity = {
required_during_scheduling_ignored_during_execution = [
{
node_selector_term = [
{
match_expressions = [
{
key = "kubernetes.io/os"
operator = "In"
values = [
"linux"]
}
]
}
]
}
]
preferred_during_scheduling_ignored_during_execution = [
{
weight = 1
preference = {
match_expressions = [
{
key = "kubernetes.io/os"
operator = "In"
values = ["linux"]
}
]
}
}
]
}
```

### Pod (anti-)affinity

This block allows to define pod (anti-)affinity. You can see the settings here : https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/deployment#pod_affinity

We cannot pass blocks as is so you have to create a map from it (aka adding the `=` sign)

```hcl
pod_affinity = {
required_during_scheduling_ignored_during_execution = [
{
label_selector = {
match_labels = {
"foo" = "bar"
}
match_expressions = [
{
key = "security"
operator = "In"
values = ["S1"]
}
]
}
namespaces = ["kube-system"]
topology_key = "failure-domain.beta.kubernetes.io/zone"
}
]
preferred_during_scheduling_ignored_during_execution = [
{
weight = 1
pod_affinity_term = {
label_selector = {
match_labels = {
"foo" = "bar"
}
match_expressions = [
{
key = "security"
operator = "In"
values = ["S1"]
}
]
}
namespaces = ["kube-system"]
topology_key = "failure-domain.beta.kubernetes.io/zone"
}
}
]
}
```

### Horizontal pod autoscaler

Allows to enable the horizontal pod autoscaler. Settings are self explanatory.
Expand Down
132 changes: 132 additions & 0 deletions deployment.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,6 +45,138 @@ resource "kubernetes_deployment" "container" {
}
}

affinity {
dynamic "node_affinity" {
for_each = length(var.node_affinity) > 0 ? ["node_affinity"] : []
content {
dynamic "preferred_during_scheduling_ignored_during_execution" {
for_each = { for v in lookup(var.node_affinity, "preferred_during_scheduling_ignored_during_execution", []) : uuid() => v }
content {
weight = preferred_during_scheduling_ignored_during_execution.value["weight"]
preference {
dynamic "match_expressions" {
for_each = { for v in lookup(preferred_during_scheduling_ignored_during_execution.value["preference"], "match_expressions", []) : uuid() => v }
content {
key = match_expressions.value["key"]
operator = match_expressions.value["operator"]
values = lookup(match_expressions.value, "values", [])
}
}
}
}
}
dynamic "required_during_scheduling_ignored_during_execution" {
for_each = { for v in lookup(var.node_affinity, "required_during_scheduling_ignored_during_execution", []) : uuid() => v }
content {
dynamic "node_selector_term" {
for_each = { for v in lookup(required_during_scheduling_ignored_during_execution.value, "node_selector_term", []) : uuid() => v }
content {
dynamic "match_expressions" {
for_each = { for v in lookup(node_selector_term.value, "match_expressions", []) : uuid() => v }
content {
key = match_expressions.value["key"]
operator = match_expressions.value["operator"]
values = lookup(match_expressions.value, "values", [])
}
}
}
}
}
}
}
}
dynamic "pod_affinity" {
for_each = length(var.pod_affinity) > 0 ? ["pod_affinity"] : []
content {
dynamic "preferred_during_scheduling_ignored_during_execution" {
for_each = { for v in lookup(var.pod_affinity, "preferred_during_scheduling_ignored_during_execution", []) : uuid() => v }
content {
weight = preferred_during_scheduling_ignored_during_execution.value["weight"]
pod_affinity_term {
namespaces = lookup(preferred_during_scheduling_ignored_during_execution.value["pod_affinity_term"], "namespaces", [])
topology_key = lookup(preferred_during_scheduling_ignored_during_execution.value["pod_affinity_term"], "topology_key", "")
label_selector {
match_labels = lookup(preferred_during_scheduling_ignored_during_execution.value["pod_affinity_term"]["label_selector"], "match_labels", {})
dynamic "match_expressions" {
for_each = { for v in lookup(preferred_during_scheduling_ignored_during_execution.value["pod_affinity_term"]["label_selector"], "match_expressions", []) : uuid() => v }
content {
key = match_expressions.value["key"]
operator = match_expressions.value["operator"]
values = lookup(match_expressions.value, "values", [])
}
}
}
}
}
}
dynamic "required_during_scheduling_ignored_during_execution" {
for_each = { for v in lookup(var.pod_affinity, "required_during_scheduling_ignored_during_execution", []) : uuid() => v }
content {
label_selector {
match_labels = lookup(required_during_scheduling_ignored_during_execution.value["label_selector"], "match_labels", {})
dynamic "match_expressions" {
for_each = { for v in lookup(required_during_scheduling_ignored_during_execution.value["label_selector"], "match_expressions", []) : uuid() => v }
content {
key = match_expressions.value["key"]
operator = match_expressions.value["operator"]
values = lookup(match_expressions.value, "values", [])
}
}
}
namespaces = lookup(required_during_scheduling_ignored_during_execution.value, "namespaces", [])
topology_key = lookup(required_during_scheduling_ignored_during_execution.value, "topology_key", "")
}
}
}
}

dynamic "pod_anti_affinity" {
for_each = length(var.pod_anti_affinity) > 0 ? ["pod_anti_affinity"] : []
content {
dynamic "preferred_during_scheduling_ignored_during_execution" {
for_each = { for v in lookup(var.pod_anti_affinity, "preferred_during_scheduling_ignored_during_execution", []) : uuid() => v }
content {
weight = preferred_during_scheduling_ignored_during_execution.value["weight"]
pod_affinity_term {
namespaces = lookup(preferred_during_scheduling_ignored_during_execution.value["pod_affinity_term"], "namespaces", [])
topology_key = lookup(preferred_during_scheduling_ignored_during_execution.value["pod_affinity_term"], "topology_key", "")
label_selector {
match_labels = lookup(preferred_during_scheduling_ignored_during_execution.value["pod_affinity_term"]["label_selector"], "match_labels", {})
dynamic "match_expressions" {
for_each = { for v in lookup(preferred_during_scheduling_ignored_during_execution.value["pod_affinity_term"]["label_selector"], "match_expressions", []) : uuid() => v }
content {
key = match_expressions.value["key"]
operator = match_expressions.value["operator"]
values = lookup(match_expressions.value, "values", [])
}
}
}
}
}
}
dynamic "required_during_scheduling_ignored_during_execution" {
for_each = { for v in lookup(var.pod_anti_affinity, "required_during_scheduling_ignored_during_execution", []) : uuid() => v }
content {
label_selector {
match_labels = lookup(required_during_scheduling_ignored_during_execution.value["label_selector"], "match_labels", {})
dynamic "match_expressions" {
for_each = { for v in lookup(required_during_scheduling_ignored_during_execution.value["label_selector"], "match_expressions", []) : uuid() => v }
content {
key = match_expressions.value["key"]
operator = match_expressions.value["operator"]
values = lookup(match_expressions.value, "values", [])
}
}
}
namespaces = lookup(required_during_scheduling_ignored_during_execution.value, "namespaces", [])
topology_key = lookup(required_during_scheduling_ignored_during_execution.value, "topology_key", "")
}
}
}
}

}

automount_service_account_token = true

service_account_name = kubernetes_service_account.serviceaccount.metadata.0.name
Expand Down
116 changes: 116 additions & 0 deletions doc.tfvars
View file
Original file line number Diff line number Diff line change
Expand Up @@ -53,6 +53,122 @@ max_surge = "50%"

max_unavailable = "50%"

node_affinity = {
required_during_scheduling_ignored_during_execution = [
{
node_selector_term = [
{
match_expressions = [
{
key = "kubernetes.io/os"
operator = "In"
values = ["linux"]
}
]
}
]
}
]
preferred_during_scheduling_ignored_during_execution = [
{
weight = 1
preference = {
match_expressions = [
{
key = "kubernetes.io/os"
operator = "In"
values = ["linux"]
}
]
}
}
]
}

pod_affinity = {
required_during_scheduling_ignored_during_execution = [
{
label_selector = {
match_labels = {
"foo" = "bar"
}
match_expressions = [
{
key = "security"
operator = "In"
values = ["S1"]
}
]
}
namespaces = ["kube-system"]
topology_key = "failure-domain.beta.kubernetes.io/zone"
}
]
preferred_during_scheduling_ignored_during_execution = [
{
weight = 1
pod_affinity_term = {
label_selector = {
match_labels = {
"foo" = "bar"
}
match_expressions = [
{
key = "security"
operator = "In"
values = ["S1"]
}
]
}
namespaces = ["kube-system"]
topology_key = "failure-domain.beta.kubernetes.io/zone"
}
}
]
}

pod_anti_affinity = {
required_during_scheduling_ignored_during_execution = [
{
label_selector = {
match_labels = {
"foo" = "bar"
}
match_expressions = [
{
key = "security"
operator = "In"
values = ["S1"]
}
]
}
namespaces = ["kube-system"]
topology_key = "failure-domain.beta.kubernetes.io/zone"
}
]
preferred_during_scheduling_ignored_during_execution = [
{
weight = 1
pod_affinity_term = {
label_selector = {
match_labels = {
"foo" = "bar"
}
match_expressions = [
{
key = "security"
operator = "In"
values = ["S1"]
}
]
}
namespaces = ["kube-system"]
topology_key = "failure-domain.beta.kubernetes.io/zone"
}
}
]
}

environment_variables_from_secret = {
"container-a" = {
"FOO_SECRET" = {
Expand Down
Loading

0 comments on commit 8c648c0

Please sign in to comment.