chore/deployment: add resources requests and limits for helm and Kust…

…omize Signed-off-by: TessaIO <[email protected]>
kubernetes-sigs · Mar 16, 2024 · bbb5a3d · bbb5a3d
1 parent 0132544
commit bbb5a3d
Show file tree

Hide file tree

Showing 6 changed files with 60 additions and 48 deletions.
diff --git a/deployment/base/gc/gc.yaml b/deployment/base/gc/gc.yaml
@@ -19,6 +19,13 @@ spec:
         - name: nfd-gc
           image: gcr.io/k8s-staging-nfd/node-feature-discovery:master
           imagePullPolicy: Always
+          resources:
+            limits:
+              cpu: 300m
+              memory: 1Gi
+            requests:
+              cpu: 100m
+              memory: 128Mi
           command:
             - "nfd-gc"
           ports:

diff --git a/deployment/base/master/master-deployment.yaml b/deployment/base/master/master-deployment.yaml
@@ -21,6 +21,13 @@ spec:
         - name: nfd-master
           image: gcr.io/k8s-staging-nfd/node-feature-discovery:master
           imagePullPolicy: Always
+          resources:
+            limits:
+              cpu: 300m
+              memory: 1Gi
+            requests:
+              cpu: 100m
+              memory: 128Mi
           livenessProbe:
             grpc:
               port: 8082

diff --git a/deployment/base/topologyupdater-daemonset/topologyupdater-daemonset.yaml b/deployment/base/topologyupdater-daemonset/topologyupdater-daemonset.yaml
@@ -22,6 +22,13 @@ spec:
           command:
             - "nfd-topology-updater"
           args: []
+          resources:
+            limits:
+              cpu: 300m
+              memory: 1Gi
+            requests:
+              cpu: 100m
+              memory: 128Mi
           ports:
             - name: metrics
               containerPort: 8081
diff --git a/deployment/base/worker-daemonset/worker-daemonset.yaml b/deployment/base/worker-daemonset/worker-daemonset.yaml
@@ -21,6 +21,13 @@ spec:
           imagePullPolicy: Always
           command:
             - "nfd-worker"
+          resources:
+            limits:
+              cpu: 300m
+              memory: 1Gi
+            requests:
+              cpu: 100m
+              memory: 128Mi
           args:
             - "-server=nfd-master:8080"
           ports:

diff --git a/deployment/helm/node-feature-discovery/values.yaml b/deployment/helm/node-feature-discovery/values.yaml
@@ -94,17 +94,13 @@ master:
     type: ClusterIP
     port: 8080
 
-  resources: {}
-    # We usually recommend not to specify default resources and to leave this as a conscious
-    # choice for the user. This also increases chances charts run on environments with little
-    # resources, such as Minikube. If you do want to specify resources, uncomment the following
-    # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
-    # limits:
-    #   cpu: 100m
-    #   memory: 128Mi
-    # requests:
-    #   cpu: 100m
-    #   memory: 128Mi
+  resources:
+    limits:
+      cpu: 300m
+      memory: 1Gi
+    requests:
+      cpu: 100m
+      memory: 128Mi
 
   nodeSelector: {}
 
@@ -411,17 +407,13 @@ worker:
   # Does not work on systems without /usr/src AND a read-only /usr, such as Talos
   mountUsrSrc: false
 
-  resources: {}
-    # We usually recommend not to specify default resources and to leave this as a conscious
-    # choice for the user. This also increases chances charts run on environments with little
-    # resources, such as Minikube. If you do want to specify resources, uncomment the following
-    # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
-    # limits:
-    #   cpu: 100m
-    #   memory: 128Mi
-    # requests:
-    #   cpu: 100m
-    #   memory: 128Mi
+  resources:
+    limits:
+      cpu: 300m
+      memory: 1Gi
+    requests:
+      cpu: 100m
+      memory: 128Mi
 
   nodeSelector: {}
 
@@ -469,17 +461,13 @@ topologyUpdater:
     readOnlyRootFilesystem: true
     runAsUser: 0
 
-  resources: {}
-    # We usually recommend not to specify default resources and to leave this as a conscious
-    # choice for the user. This also increases chances charts run on environments with little
-    # resources, such as Minikube. If you do want to specify resources, uncomment the following
-    # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
-    # limits:
-    #   cpu: 100m
-    #   memory: 128Mi
-    # requests:
-    #   cpu: 100m
-    #   memory: 128Mi
+  resources:
+    limits:
+      cpu: 300m
+      memory: 1Gi
+    requests:
+      cpu: 100m
+      memory: 128Mi
 
   nodeSelector: {}
   tolerations: []
@@ -503,17 +491,13 @@ gc:
 
   podSecurityContext: {}
 
-  resources: {}
-    # We usually recommend not to specify default resources and to leave this as a conscious
-    # choice for the user. This also increases chances charts run on environments with little
-    # resources, such as Minikube. If you do want to specify resources, uncomment the following
-    # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
-    # limits:
-    #   cpu: 100m
-    #   memory: 128Mi
-    # requests:
-    #   cpu: 100m
-    #   memory: 128Mi
+  resources:
+    limits:
+      cpu: 300m
+      memory: 1Gi
+    requests:
+      cpu: 100m
+      memory: 128Mi
 
   metricsPort: 8081
 

diff --git a/docs/deployment/helm.md b/docs/deployment/helm.md
@@ -132,7 +132,7 @@ API's you need to install the prometheus operator in your cluster.
 | `master.service.type`      | string  | ClusterIP                               | NFD master service type. **NOTE**: this parameter is related to the deprecated gRPC API and will be removed with it in a future release |
 | `master.service.port`      | integer | 8080                                    | NFD master service port. **NOTE**: this parameter is related to the deprecated gRPC API and will be removed with it in a future release |
 | `master.resources`         | dict    | {}                                      | NFD master pod [resources management](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) |
-| `master.nodeSelector`      | dict    | {}                                      | NFD master pod [node selector](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector) |
+| `master.nodeSelector`      | dict    | {limits: {cpu: 300m, memory: 1Gi}, requests: {cpu: 100m, memory: 128Mi}} | NFD master pod [node selector](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector) |
 | `master.tolerations`       | dict    | _Scheduling to master node is disabled_ | NFD master pod [tolerations](https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/) |
 | `master.annotations`       | dict    | {}                                      | NFD master pod [annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) |
 | `master.affinity`          | dict    |                                         | NFD master pod required [node affinity](https://kubernetes.io/docs/tasks/configure-pod-container/assign-pods-nodes-using-node-affinity/) |
@@ -155,7 +155,7 @@ API's you need to install the prometheus operator in your cluster.
 | `worker.serviceAccount.name`      | string |         | The name of the service account to use for nfd-worker. If not set and create is true, a name is generated using the fullname template (suffixed with `-worker`)                                        |
 | `worker.rbac.create`              | bool   | true    | Specifies whether to create [RBAC][rbac] configuration for nfd-worker                                                                                                                                 |
 | `worker.mountUsrSrc`              | bool   | false   | Specifies whether to allow users to mount the hostpath /user/src. Does not work on systems without /usr/src AND a read-only /usr                                                                      |
-| `worker.resources`                | dict   | {}      | NFD worker pod [resources management](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/)                                                                             |
+| `worker.resources`                | dict   | {limits: {cpu: 300m, memory: 1Gi}, requests: {cpu: 100m, memory: 128Mi}}      | NFD worker pod [resources management](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/)                                                                             |
 | `worker.nodeSelector`             | dict   | {}      | NFD worker pod [node selector](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector)                                                                                |
 | `worker.tolerations`              | dict   | {}      | NFD worker pod [node tolerations](https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/)                                                                                     |
 | `worker.priorityClassName`        | string |         | NFD worker pod [priority class](https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/)                                                                                    |
@@ -180,7 +180,7 @@ API's you need to install the prometheus operator in your cluster.
 | `topologyUpdater.watchNamespace`              | string | `*`              | Namespace to watch pods, `*` for all namespaces                                                                                                                                                       |
 | `topologyUpdater.podSecurityContext`          | dict   | {}               | [PodSecurityContext](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) holds pod-level security attributes and common container settings |
 | `topologyUpdater.securityContext`             | dict   | {}               | Container [security settings](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container)                                                    |
-| `topologyUpdater.resources`                   | dict   | {}               | Topology updater pod [resources management](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/)                                                                           |
+| `topologyUpdater.resources`                   | dict   | {limits: {cpu: 300m, memory: 1Gi}, requests: {cpu: 100m, memory: 128Mi}}               | Topology updater pod [resources management](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/)                                                                           |
 | `topologyUpdater.nodeSelector`                | dict   | {}               | Topology updater pod [node selector](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector)                                                                           |
 | `topologyUpdater.tolerations`                 | dict   | {}               | Topology updater pod [node tolerations](https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/)                                                                                |
 | `topologyUpdater.annotations`                 | dict   | {}               | Topology updater pod [annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/)                                                                                    |
@@ -202,7 +202,7 @@ API's you need to install the prometheus operator in your cluster.
 | `gc.rbac.create`                      | bool   | true    | Specifies whether to create [RBAC][rbac] configuration for garbage collector                                                         |
 | `gc.interval`                         | string | 1h      | Time between periodic garbage collector runs                                                                                          |
 | `gc.podSecurityContext`               | dict   | {}      | [PodSecurityContext](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) holds pod-level security attributes and common container settings |
-| `gc.resources`                        | dict   | {}      | Garbage collector pod [resources management](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/)         |
+| `gc.resources`                        | dict   | {limits: {cpu: 300m, memory: 1Gi}, requests: {cpu: 100m, memory: 128Mi}}      | Garbage collector pod [resources management](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/)         |
 | `gc.metricsPort`                      | integer | 8081   | Port on which to serve Prometheus metrics                                                                                            |
 | `gc.nodeSelector`                     | dict   | {}      | Garbage collector pod [node selector](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector)         |
 | `gc.tolerations`                      | dict   | {}      | Garbage collector pod [node tolerations](https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/)              |