diff --git a/vertical-pod-autoscaler/README.md b/vertical-pod-autoscaler/README.md index f0fcd6094a6d..a9367dee91e7 100644 --- a/vertical-pod-autoscaler/README.md +++ b/vertical-pod-autoscaler/README.md @@ -112,6 +112,16 @@ in the `kube-system` namespace. It also generates and uploads a secret (a CA cert) used by VPA Admission Controller when communicating with the API server. +To print YAML contents with all resources that would be understood by +`kubectl diff|apply|...` commands, you can use + +``` +./hack/vpa-process-yamls.sh print +``` + +The output of that command won't include secret information generated by +[pkg/admission-controller/gencerts.sh](pkg/admission-controller/gencerts.sh) script. + ### Quick start After [installation](#installation) the system is ready to recommend and set @@ -275,7 +285,7 @@ VPA will set RAM request to 2 GB (following the resource policy) and RAM limit t be restarted. The pod may be recreated on a different node. * VPA does not evict pods which are not run under a controller. For such pods `Auto` mode is currently equivalent to `Initial`. -* Vertical Pod Autoscaler **should not be used with the [Horizontal Pod Autoscaler](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) (HPA) on CPU or memory** at this moment. +* Vertical Pod Autoscaler **should not be used with the [Horizontal Pod Autoscaler](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) (HPA) on CPU or memory** at this moment. However, you can use VPA with [HPA on custom and external metrics](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/#support-for-custom-metrics). * The VPA admission controller is an admission webhook. If you add other admission webhooks to you cluster, it is important to analyze how they interact and whether they may conflict @@ -283,7 +293,7 @@ VPA will set RAM request to 2 GB (following the resource policy) and RAM limit t * VPA reacts to most out-of-memory events, but not in all situations. * VPA performance has not been tested in large clusters. * VPA recommendation might exceed available resources (e.g. Node size, available - size, available quota) and cause **pods to go pending**. This can be partly + size, available quota) and cause **pods to go pending**. This can be partly addressed by using VPA together with [Cluster Autoscaler](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#basics). * Multiple VPA resources matching the same pod have undefined behavior. diff --git a/vertical-pod-autoscaler/hack/vpa-process-yamls.sh b/vertical-pod-autoscaler/hack/vpa-process-yamls.sh index 9173979d6816..95d19641786c 100755 --- a/vertical-pod-autoscaler/hack/vpa-process-yamls.sh +++ b/vertical-pod-autoscaler/hack/vpa-process-yamls.sh @@ -22,7 +22,8 @@ SCRIPT_ROOT=$(dirname ${BASH_SOURCE})/.. function print_help { echo "ERROR! Usage: vpa-process-yamls.sh []" - echo " should be either 'create' or 'delete'." + echo " should be either 'create', 'diff', 'print' or 'delete'." + echo "The 'print' action will print all resources that would be used by, e.g., 'kubectl diff'." echo " might be one of 'admission-controller', 'updater', 'recommender'." echo "If is set, only the deployment of that component will be processed," echo "otherwise all components and configs will be processed." @@ -40,9 +41,9 @@ fi ACTION=$1 COMPONENTS="vpa-v1-crd vpa-rbac updater-deployment recommender-deployment admission-controller-deployment" -if [ ${ACTION} == delete ]; then - COMPONENTS+=" vpa-beta2-crd" -fi +case ${ACTION} in +delete|diff|print) COMPONENTS+=" vpa-beta2-crd" ;; +esac if [ $# -gt 1 ]; then COMPONENTS="$2-deployment" @@ -57,6 +58,9 @@ for i in $COMPONENTS; do (bash ${SCRIPT_ROOT}/pkg/admission-controller/delete-webhook.sh || true) fi fi - ${SCRIPT_ROOT}/hack/vpa-process-yaml.sh ${SCRIPT_ROOT}/deploy/$i.yaml | kubectl ${ACTION} -f - || true + if [[ ${ACTION} == print ]]; then + ${SCRIPT_ROOT}/hack/vpa-process-yaml.sh ${SCRIPT_ROOT}/deploy/$i.yaml + else + ${SCRIPT_ROOT}/hack/vpa-process-yaml.sh ${SCRIPT_ROOT}/deploy/$i.yaml | kubectl ${ACTION} -f - || true + fi done -