From 974f14c091b83e32660d2c988f9a568f7ca46bd0 Mon Sep 17 00:00:00 2001 From: Christian Kreuzberger Date: Fri, 8 Jul 2022 13:41:28 +0200 Subject: [PATCH 1/3] feat: Allow changing emptyDir sizeLimit Signed-off-by: Christian Kreuzberger --- chart/README.md | 1 + chart/templates/configmap.yaml | 1 + chart/templates/deployment.yaml | 5 +++++ chart/values.yaml | 1 + cmd/job-executor-service/main.go | 3 +++ docs/FEATURES.md | 5 +++++ pkg/k8sutils/job.go | 4 ++-- 7 files changed, 18 insertions(+), 2 deletions(-) diff --git a/chart/README.md b/chart/README.md index f7522956..ddb0c8e3 100644 --- a/chart/README.md +++ b/chart/README.md @@ -31,6 +31,7 @@ The following table lists the configurable parameters of the job-executor-servic | `jobConfig.labels` | Additional labels that are added to all kubernetes jobs | `{}` | | `jobConfig.networkPolicy.enabled` | Enable a network policy for jobs such that they can not access blocked networks defined in blockCIDRS | `false` | | `jobConfig.networkPolicy.blockCIDRs` | A list of networks that should not be accessible from jobs | `false` | +| `jobConfig.emptyDirSizeLimit` | Size Limit of emptyDirs created for jobs | `"20Mi"` | | `remoteControlPlane.autoDetect.enabled` | Enables auto detection of a Keptn installation | `false` | | `remoteControlPlane.autoDetect.namespace` | Namespace which should be used by the auto-detection | `""` | | `remoteControlPlane.api.protocol` | Used protocol (http, https | `"https"` | diff --git a/chart/templates/configmap.yaml b/chart/templates/configmap.yaml index ec79ed9f..315a02cd 100644 --- a/chart/templates/configmap.yaml +++ b/chart/templates/configmap.yaml @@ -4,6 +4,7 @@ metadata: name: job-service-config data: job_namespace: "{{ .Release.Namespace }}" + job_emptydir_sizelimit: "{{ .Values.jobConfig.emptyDirSizeLimit | default "20Mi" }}" init_container_image: "{{ .Values.jobexecutorserviceinitcontainer.image.repository }}:{{ .Values.jobexecutorserviceinitcontainer.image.tag | default .Chart.AppVersion }}" default_resource_limits_cpu: "1" default_resource_limits_memory: "512Mi" diff --git a/chart/templates/deployment.yaml b/chart/templates/deployment.yaml index 1149f617..4cc06bce 100644 --- a/chart/templates/deployment.yaml +++ b/chart/templates/deployment.yaml @@ -58,6 +58,11 @@ spec: configMapKeyRef: name: job-service-config key: job_namespace + - name: JOB_EMPTYDIR_SIZELIMIT + valueFrom: + configMapKeyRef: + name: job-service-config + key: job_emptydir_sizelimit - name: INIT_CONTAINER_IMAGE valueFrom: configMapKeyRef: diff --git a/chart/values.yaml b/chart/values.yaml index 053fbc0a..8009e127 100644 --- a/chart/values.yaml +++ b/chart/values.yaml @@ -84,6 +84,7 @@ jobConfig: # "172.16.0.0/12", # "192.168.0.0/16" ] + emptyDirSizeLimit: "20Mi" # Size Limit for emptyDirs for each job (/keptn - containing resources) imagePullSecrets: [ ] # Secrets to use for container registry credentials diff --git a/cmd/job-executor-service/main.go b/cmd/job-executor-service/main.go index 5f1f64f2..9c688df4 100644 --- a/cmd/job-executor-service/main.go +++ b/cmd/job-executor-service/main.go @@ -38,6 +38,8 @@ type envConfig struct { ConfigurationServiceURL string `envconfig:"CONFIGURATION_SERVICE" default:""` // The k8s namespace the job will run in JobNamespace string `envconfig:"JOB_NAMESPACE" required:"true"` + // Kubernetes Empty Dir Size Limit for every job (default: "20Mi") + JobEmtpyDirVolumeSizeLimit string `envconfig:"JOB_EMPTYDIR_SIZELIMIT" default:"20Mi"` // The token of the keptn API KeptnAPIToken string `envconfig:"KEPTN_API_TOKEN"` // The init container image to use @@ -130,6 +132,7 @@ func processKeptnCloudEvent(ctx context.Context, event cloudevents.Event, allowL DefaultPodSecurityContext: DefaultPodSecurityContext, AllowPrivilegedJobs: env.AllowPrivilegedJobs, JobLabels: JobLabels, + JobEmtpyDirVolumeSizeLimit: env.JobEmtpyDirVolumeSizeLimit, TaskDeadlineSeconds: TaskDeadlineSecondsPtr, JesDeploymentName: env.FullDeploymentName, }, diff --git a/docs/FEATURES.md b/docs/FEATURES.md index 6db15263..e5cb39d7 100644 --- a/docs/FEATURES.md +++ b/docs/FEATURES.md @@ -332,6 +332,11 @@ args: - /keptn/locust/basic.py ``` +#### Increase Volume Size for files + +By default, `/keptn` reserves `"20Mi"` (20 Mebibyte) as part of an `emptyDir`. This value can be modified at your own +risk by setting the Helm Value `jobConfig.emptyDirSizeLimit`, e.g., `--set jobConfig.emptyDirSizeLimit=50Mi`. + ### Silent mode Actions can be run in silent mode, meaning no `.started/.finished` events will be sent by the job-executor-service. This diff --git a/pkg/k8sutils/job.go b/pkg/k8sutils/job.go index cf00d0d8..a2fb7ef4 100644 --- a/pkg/k8sutils/job.go +++ b/pkg/k8sutils/job.go @@ -75,6 +75,7 @@ type JobSettings struct { AllowPrivilegedJobs bool TaskDeadlineSeconds *int64 JobLabels map[string]string + JobEmtpyDirVolumeSizeLimit string JesDeploymentName string } @@ -116,8 +117,7 @@ func (k8s *K8sImpl) CreateK8sJob( // TODO configure from outside: jobVolumeMountPath := "/keptn" - // TODO configure from outside: - quantity := resource.MustParse("20Mi") + quantity := resource.MustParse(jobSettings.JobEmtpyDirVolumeSizeLimit) jobResourceRequirements := jobSettings.DefaultResourceRequirements if task.Resources != nil { From f4073cc37a14bf0ffe2fff4b5448ac9a4b35e2a8 Mon Sep 17 00:00:00 2001 From: Christian Kreuzberger Date: Fri, 8 Jul 2022 13:50:36 +0200 Subject: [PATCH 2/3] added test Signed-off-by: Christian Kreuzberger --- pkg/k8sutils/job_test.go | 62 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 62 insertions(+) diff --git a/pkg/k8sutils/job_test.go b/pkg/k8sutils/job_test.go index b7baea46..a636123d 100644 --- a/pkg/k8sutils/job_test.go +++ b/pkg/k8sutils/job_test.go @@ -489,6 +489,68 @@ func TestSetEmptyNamespace(t *testing.T) { assert.Equal(t, job.Namespace, namespace, "Could not find container in namespace %s", namespace) } +func TestSetEmptyDirSizeLimit(t *testing.T) { + jobName := "test-job-3" + + eventData := keptnv2.EventData{ + Project: "sockshop", + Stage: "dev", + Service: "carts", + } + + customEmptyDirSizeLimit := "52Mi" + + var eventAsInterface interface{} + json.Unmarshal([]byte(testTriggeredEvent), &eventAsInterface) + + k8sClientSet := k8sfake.NewSimpleClientset() + + k8s := K8sImpl{ + clientset: k8sClientSet, + } + + err := k8s.CreateK8sJob( + jobName, + JobDetails{ + Action: &config.Action{ + Name: jobName, + }, + Task: &config.Task{ + Name: jobName, + Image: "alpine", + Cmd: []string{"ls"}, + }, + ActionIndex: 0, + TaskIndex: 0, + JobConfigHash: "", + }, + &eventData, JobSettings{ + JobNamespace: testNamespace, + DefaultResourceRequirements: &corev1.ResourceRequirements{ + Limits: make(corev1.ResourceList), + Requests: make(corev1.ResourceList), + }, + DefaultPodSecurityContext: new(corev1.PodSecurityContext), + DefaultSecurityContext: new(corev1.SecurityContext), + JobEmtpyDirVolumeSizeLimit: customEmptyDirSizeLimit, + }, eventAsInterface, testNamespace, + ) + + require.NoError(t, err) + + job, err := k8sClientSet.BatchV1().Jobs(testNamespace).Get(context.TODO(), jobName, metav1.GetOptions{}) + require.NoError(t, err) + + var volume *corev1.Volume + + require.NotNil(t, job.Spec.Template.Spec.Volumes) + volume = &job.Spec.Template.Spec.Volumes[0] + + require.NotNil(t, volume.EmptyDir) + + assert.Equal(t, volume.EmptyDir.SizeLimit.String(), customEmptyDirSizeLimit) +} + func TestImagePullPolicy(t *testing.T) { tests := []struct { From a4ea06ad2882166d08d805aa757a4fc7478e38a4 Mon Sep 17 00:00:00 2001 From: Christian Kreuzberger Date: Fri, 8 Jul 2022 14:30:39 +0200 Subject: [PATCH 3/3] fix unit test Signed-off-by: Christian Kreuzberger --- pkg/k8sutils/job.go | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/pkg/k8sutils/job.go b/pkg/k8sutils/job.go index a2fb7ef4..ae983ae4 100644 --- a/pkg/k8sutils/job.go +++ b/pkg/k8sutils/job.go @@ -117,7 +117,10 @@ func (k8s *K8sImpl) CreateK8sJob( // TODO configure from outside: jobVolumeMountPath := "/keptn" - quantity := resource.MustParse(jobSettings.JobEmtpyDirVolumeSizeLimit) + quantity := resource.MustParse("20Mi") + if jobSettings.JobEmtpyDirVolumeSizeLimit != "" { + quantity = resource.MustParse(jobSettings.JobEmtpyDirVolumeSizeLimit) + } jobResourceRequirements := jobSettings.DefaultResourceRequirements if task.Resources != nil {