Skip to content
This repository was archived by the owner on Mar 31, 2023. It is now read-only.

[Scalability] Enable Horizontal Pod Autoscaler (HPA) for Alcor deployment #679

Open
kevin-zhonghao wants to merge 15 commits into
base: master
Choose a base branch
from
Open

[Scalability] Enable Horizontal Pod Autoscaler (HPA) for Alcor deployment #679

Show file tree
Hide file tree
Changes from 10 commits
Commits
Show all changes
15 commits
Select commit Hold shift + click to select a range
24b9b76
commit message
kevin-zhonghao Oct 7, 2020
08ec421
Merge branch 'master' of https://github.com/futurewei-cloud/alcor int…
kevin-zhonghao Oct 7, 2020
598f3aa
Merge pull request #10 from futurewei-cloud/master
kevin-zhonghao May 27, 2021
3f44da0
Merge pull request #11 from futurewei-cloud/master
kevin-zhonghao Jun 2, 2021
72f9591
Merge pull request #12 from futurewei-cloud/master
kevin-zhonghao Jun 15, 2021
c26c1b2
Merge pull request #13 from futurewei-cloud/master
kevin-zhonghao Jun 29, 2021
ed7a10e
Merge pull request #14 from futurewei-cloud/master
kevin-zhonghao Jul 7, 2021
f4097e1
Merge pull request #15 from futurewei-cloud/master
kevin-zhonghao Aug 15, 2021
1485704
update
kevin-zhonghao Aug 15, 2021
29ea149
update
kevin-zhonghao Aug 25, 2021
7e92e06
Merge pull request #16 from futurewei-cloud/master
kevin-zhonghao Sep 11, 2021
2c5e59c
Merge branch 'new_master' of https://github.com/kevin-zhonghao/alcor …
kevin-zhonghao Sep 11, 2021
dabc518
update
kevin-zhonghao Sep 11, 2021
ff6d28c
Merge pull request #17 from futurewei-cloud/master
kevin-zhonghao Sep 23, 2021
7420d5e
Merge branch 'new_master' of https://github.com/kevin-zhonghao/alcor …
kevin-zhonghao Sep 23, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
208 changes: 208 additions & 0 deletions kubernetes/services/metrics-server.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,208 @@
# Metrics Server has specific requirements for cluster and network configuration. These requirements aren't the default for all cluster distributions. Please ensure that your cluster distribution supports these requirements before using Metrics Server:

# 1. Metrics Server must be reachable from kube-apiserver by container IP address (or node IP if hostNetwork is enabled).

# 2. The kube-apiserver must enable an aggregation layer.

# 3. Nodes must have Webhook authentication and authorization enabled.

# 4. Kubelet certificate needs to be signed by cluster Certificate Authority (or disable certificate validation by passing --kubelet-insecure-tls to Metrics Server)

# 5. Container runtime must implement a container metrics RPCs (or have cAdvisor support)

# Please look at the link https://github.com/kubernetes-sigs/metrics-server#requirements for reference

# Latest Metrics Server release can be installed by running:
# kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
labels:
k8s-app: metrics-server
name: metrics-server
namespace: kube-system
---
Comment on lines +19 to +24
Copy link
Copy Markdown
Contributor

@xieus xieus Aug 16, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@kevin-zhonghao Kevin, where are those metrics stored? Is it possible to visualize those metrics somethere?

Copy link
Copy Markdown
Contributor Author

@kevin-zhonghao kevin-zhonghao Aug 16, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@xieus Metrics Server collects resource metrics from Kubelets and exposes them in Kubernetes apiserver through Metrics API for use by Horizontal Pod Autoscaler. It is not used to store any data, it is more likely an API to get current resource usage status

Copy link
Copy Markdown
Contributor

@cj-chung cj-chung Aug 16, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@kevin-zhonghao @xieus Is that similar to Elastic's Meatricbeat? https://www.elastic.co/blog/kubernetes-observability-tutorial-k8s-metrics-collection-and-analysis

Copy link
Copy Markdown
Contributor Author

@kevin-zhonghao kevin-zhonghao Aug 16, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@cj-chung A little similar. In general, we don't use metrics-server as monitoring solution or as a source of monitoring solution metrics. Currently it is just used by HPA.

apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
k8s-app: metrics-server
rbac.authorization.k8s.io/aggregate-to-admin: "true"
rbac.authorization.k8s.io/aggregate-to-edit: "true"
rbac.authorization.k8s.io/aggregate-to-view: "true"
name: system:aggregated-metrics-reader
rules:
- apiGroups:
- metrics.k8s.io
resources:
- pods
- nodes
verbs:
- get
- list
- watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
k8s-app: metrics-server
name: system:metrics-server
rules:
- apiGroups:
- ""
resources:
- pods
- nodes
- nodes/stats
- namespaces
- configmaps
verbs:
- get
- list
- watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
labels:
k8s-app: metrics-server
name: metrics-server-auth-reader
namespace: kube-system
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: extension-apiserver-authentication-reader
subjects:
- kind: ServiceAccount
name: metrics-server
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
labels:
k8s-app: metrics-server
name: metrics-server:system:auth-delegator
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: system:auth-delegator
subjects:
- kind: ServiceAccount
name: metrics-server
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
labels:
k8s-app: metrics-server
name: system:metrics-server
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: system:metrics-server
subjects:
- kind: ServiceAccount
name: metrics-server
namespace: kube-system
---
apiVersion: v1
kind: Service
metadata:
labels:
k8s-app: metrics-server
name: metrics-server
namespace: kube-system
spec:
ports:
- name: https
port: 443
protocol: TCP
targetPort: https
selector:
k8s-app: metrics-server
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
k8s-app: metrics-server
name: metrics-server
namespace: kube-system
spec:
selector:
matchLabels:
k8s-app: metrics-server
strategy:
rollingUpdate:
maxUnavailable: 0
template:
metadata:
labels:
k8s-app: metrics-server
spec:
containers:
- args:
- --cert-dir=/tmp
- --secure-port=443
- --kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname
- --kubelet-use-node-status-port
- --metric-resolution=15s
image: k8s.gcr.io/metrics-server/metrics-server:v0.5.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 3
httpGet:
path: /livez
port: https
scheme: HTTPS
periodSeconds: 10
name: metrics-server
ports:
- containerPort: 443
name: https
protocol: TCP
readinessProbe:
failureThreshold: 3
httpGet:
path: /readyz
port: https
scheme: HTTPS
initialDelaySeconds: 20
periodSeconds: 10
resources:
requests:
cpu: 100m
memory: 200Mi
securityContext:
readOnlyRootFilesystem: true
runAsNonRoot: true
runAsUser: 1000
volumeMounts:
- mountPath: /tmp
name: tmp-dir
nodeSelector:
kubernetes.io/os: linux
priorityClassName: system-cluster-critical
serviceAccountName: metrics-server
volumes:
- emptyDir: {}
name: tmp-dir
---
apiVersion: apiregistration.k8s.io/v1
kind: APIService
metadata:
labels:
k8s-app: metrics-server
name: v1beta1.metrics.k8s.io
spec:
group: metrics.k8s.io
groupPriorityMinimum: 100
insecureSkipTLSVerify: true
service:
name: metrics-server
namespace: kube-system
version: v1beta1
versionPriority: 100
65 changes: 65 additions & 0 deletions kubernetes/services/subnet_manager_hpa.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,65 @@
apiVersion: autoscaling/v2beta1
kind: HorizontalPodAutoscaler
metadata:
name: subnetmanager-hpa
spec:
scaleTargetRef:
apiVersion: apps/v1
kind: Deployment
name: subnetmanager
# if minReplicas is less than Deployment replicas value, it may cause scale down
minReplicas: 5
maxReplicas: 10
metrics:
# Set the average usage rate of the cpu, scale up if it exceeds 50
- type: Resource
resource:
name: cpu
target:
type: AverageUtilization
averageUtilization: 50
# The average data volume per second reaches 1000 for scaling up
# - type: Pods
# pods:
# metric:
# name: packets-per-second
# target:
# type: AverageValue
# averageValue: 1k

# The value is derived from Ingress "main-route", scale up when the number of requests per second in Ingress reaches 2000
# - type: Object
# object:
# metric:
# name: requests-per-second
# describedObject:
# apiVersion: networking.k8s.io/v1beta1
# kind: Ingress
# name: main-route
# target:
# kind: Value
# value: 10k

# HPA's current status data
status:
observedGeneration: 1
lastScaleTime: <some-time>
currentReplicas: 1
desiredReplicas: 1
currentMetrics:
- type: Resource
resource:
name: cpu
current:
averageUtilization: 0
averageValue: 0
# - type: Object
# object:
# metric:
# name: requests-per-second
# describedObject:
# apiVersion: networking.k8s.io/v1beta1
# kind: Ingress
# name: main-route
# current:
# value: 10k
85 changes: 85 additions & 0 deletions kubernetes/services/vpc_manager_hpa.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,85 @@
apiVersion: autoscaling/v2beta1
kind: HorizontalPodAutoscaler
metadata:
name: vpcmanager-hpa
spec:
scaleTargetRef:
apiVersion: apps/v1
kind: Deployment
name: vpcmanager
# if minReplicas is less than Deployment replicas value, it may cause scale down
minReplicas: 5
maxReplicas: 10
behavior:
scaleDown:
# Indicates that the stability window considers the expected state of the past (here within 300 sec) to prevent expansion and contraction
stabilizationWindowSeconds: 300
policies:
- type: Percent
value: 100
periodSeconds: 15
Copy link
Copy Markdown
Contributor

@xieus xieus Aug 27, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Does periodSeconds mean the time interval to check the percentage number?

Copy link
Copy Markdown
Contributor Author

@kevin-zhonghao kevin-zhonghao Aug 27, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Does periodSeconds mean the time interval to check the percentage number?

Not really, periodSeconds: 15 above means it can reduce pods by up to 100% in 15 seconds.

# The autoscaler will choose the strategy that affects the minimum number of Pods
selectPolicy: Min
scaleUp:
stabilizationWindowSeconds: 0
Copy link
Copy Markdown
Contributor

@xieus xieus Aug 27, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The value of stabilizationWindowSeconds differs in the ScaleUp and ScaleDown policies. Is it the best practice to set stabilizationWindowSeconds = 0? Does 0 meaning that the autoscaler will always respond to changes immediately?

Copy link
Copy Markdown
Contributor Author

@kevin-zhonghao kevin-zhonghao Aug 27, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The stabilization window is used to restrict the flapping of replicas when the metrics used for scaling keep fluctuating.
When the metrics indicate that the target should be scaled down the algorithm looks into previously computed desired states and uses the highest value from the specified interval.

For example,
here we set up
'scaleup:
stabilizationWindowSeconds: 0'

It should scale up the pods immediately if need.

and we set up
'scaledown:
stabilizationWindowSeconds: 300'

When current metrics indicate that we could scale down the pods, HPA will consider the state of past within 300 seconds to determine if we can scale down now.

policies:
- type: Percent
value: 100
periodSeconds: 15
- type: Pods
value: 4
periodSeconds: 15
selectPolicy: Max
metrics:
# Set the average usage rate of the cpu, scale up if it exceeds 50
- type: Resource
resource:
name: cpu
target:
type: AverageUtilization
averageUtilization: 50
# The average data volume per second reaches 1000 for scaling up
# - type: Pods
# pods:
# metric:
# name: packets-per-second
# target:
# type: AverageValue
# averageValue: 1k

# The value is derived from Ingress "main-route", scale up when the number of requests per second in Ingress reaches 2000
# - type: Object
# object:
# metric:
# name: requests-per-second
# describedObject:
# apiVersion: networking.k8s.io/v1beta1
# kind: Ingress
# name: main-route
# target:
# kind: Value
# value: 10k

# HPA's current status data
status:
observedGeneration: 1
lastScaleTime: <some-time>
currentReplicas: 1
desiredReplicas: 1
currentMetrics:
- type: Resource
resource:
name: cpu
current:
averageUtilization: 0
averageValue: 0
# - type: Object
# object:
# metric:
# name: requests-per-second
# describedObject:
# apiVersion: networking.k8s.io/v1beta1
# kind: Ingress
# name: main-route
# current:
# value: 10k
16 changes: 16 additions & 0 deletions ...es/vpc_manager/src/main/java/com/futurewei/alcor/vpcmanager/controller/VpcController.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -429,4 +429,20 @@ public VpcWebJson deleteSubnetIdInVpcState(@PathVariable String projectid, @Path
return new VpcWebJson(inVpcState);

}

@RequestMapping(
method = GET,
value = {"/hpatest"})
@DurationStatistics
public double hpaTest() throws Exception {

double res = 0.001;

for (int i = 0; i < 100000; i ++) {
res += res * res;
}

return res;

}
}