From e30bfc1922defde60bf93b8addb77543d37078ae Mon Sep 17 00:00:00 2001 From: "fateh.ullah" Date: Mon, 10 Jun 2024 15:07:54 +0200 Subject: [PATCH 1/4] docs update with resource supervisor changes --- content/changelog.md | 9 ++ .../crds-api-reference/resource-supervisor.md | 139 ++++++++++++++++++ content/index.md | 2 +- .../tutorials/tenant/tenant-hibernation.md | 133 +++++++++++------ theme_override/mkdocs.yml | 1 + 5 files changed, 236 insertions(+), 48 deletions(-) create mode 100644 content/crds-api-reference/resource-supervisor.md diff --git a/content/changelog.md b/content/changelog.md index d4b9fdd4..8df1ce1c 100644 --- a/content/changelog.md +++ b/content/changelog.md @@ -2,6 +2,15 @@ ## v0.12.x +### v0.12.2x + +#### Enhanced + +- Added label selector support to Resource Supervisor to select many namespaces for hibernation. +- Added sleep support to Resource Supervisor. It will allow user to not provide any schedule on Resource Supervisor and selected namespaces will be put to sleep instantly +- Resource Supervisor Spec has been modified. `spec.hibernation` is now `spec.schedule`. `spec.namespaces` is changed from a list to an object which have labelSelector and list of namespaces. Look here for complete schema [Resource Supervisor](./crds-api-reference/resource-supervisor.md) +- Resource Supervisor Status is modified. We have changed the way we used to group sleeping applications. + ### v0.12.1 #### Fix diff --git a/content/crds-api-reference/resource-supervisor.md b/content/crds-api-reference/resource-supervisor.md new file mode 100644 index 00000000..ed73544f --- /dev/null +++ b/content/crds-api-reference/resource-supervisor.md @@ -0,0 +1,139 @@ +# Resource Supervisor + +Supports hibernation of `deployments` and `statefulsets` for given namespaces via names and/or label selectors. +If provided, it will update [AppProject](https://argo-cd.readthedocs.io/en/stable/user-guide/projects/#creating-projects) instance with [SyncWindow](https://argo-cd.readthedocs.io/en/stable/user-guide/sync_windows/) to deny sync to selected namespaces. + +Following namespaces will be ignored: + +- with annotation `"hibernation.stakater.com/exclude": "true"` +- whose name match with priviledged namespaces' regex specified in [IntegrationConfig](./integration-config.md) +- namespace where MTO is installed + +## Supported modes + +### Hibernation with cron schedule + +Applications will sleep and wakup at provided cron schedule + +```yaml +apiVersion: tenantoperator.stakater.com/v1beta1 +kind: ResourceSupervisor +metadata: + name: rs-example1 +spec: + argocd: + appProjects: [] + namespace: "" + namespaces: + labelSelector: + matchLabels: {} + matchExpressions: {} + names: + - bluesky-dev + schedule: + sleepSchedule: "10 * * * *" # sleep each hour at min 10 + wakeSchedule: "50 * * * *" # wakeup each hour at min 50 +``` + +### Sleep + +Applications will sleep instantly, and will wakeup when resource supervisor is deleted + +```yaml +apiVersion: tenantoperator.stakater.com/v1beta1 +kind: ResourceSupervisor +metadata: + name: rs-example2 +spec: + argocd: + appProjects: [] + namespace: "" + namespaces: + labelSelector: + matchLabels: {} + matchExpressions: {} + names: + - bluesky-dev + schedule: {} +``` + +### Sleep at given cron schedule + +Applications will sleep at provided cron schedule, and will wakeup when resource supervisor is deleted + +```yaml +apiVersion: tenantoperator.stakater.com/v1beta1 +kind: ResourceSupervisor +metadata: + name: rs-example3 +spec: + argocd: + appProjects: [] + namespace: "" + namespaces: + labelSelector: + matchLabels: {} + matchExpressions: {} + names: + - bluesky-dev + schedule: + sleepSchedule: "0 0 1 2 2025" # sleep on 1st February 2025 +``` + +## More examples + +### Example 1 + +labelSelector's `matchLabels` and `matchExpressions` is `AND` operation. Here is an example with it: + +```yaml +apiVersion: tenantoperator.stakater.com/v1beta1 +kind: ResourceSupervisor +metadata: + name: rs-example4 +spec: + argocd: + appProjects: [] + namespace: "" + namespaces: + labelSelector: + matchLabels: + stakater.com/current-tenant: bluesky + stakater.com/kind: dev + matchExpressions: + - { key: "private-sandbox", operator: In , values: ["true"] } + names: + - bluesky-staging + schedule: + sleepSchedule: "" +``` + +It will sleep `bluesky-staging` namespace, and all those which have the specified labels. + +### Example 2 + +If you provide Argo CD AppProject in spec, it will create syncWindow with `deny` policy + +```yaml +apiVersion: tenantoperator.stakater.com/v1beta1 +kind: ResourceSupervisor +metadata: + name: rs-example4 +spec: + argocd: + appProjects: + - dev-apps + - dev-apps2 + namespace: "customer-argocd-projects" + namespaces: + labelSelector: + matchLabels: {} + matchExpressions: {} + names: + - bluesky-staging + - bluesky-dev + schedule: + sleepSchedule: "" +``` + +It will sleep given namespaces, and create `deny` syncWindow on provided AppProjects diff --git a/content/index.md b/content/index.md index 0b09ec57..0f9c44d1 100644 --- a/content/index.md +++ b/content/index.md @@ -86,7 +86,7 @@ More details on [Showback](./explanation/console.md#showback) Multi Tenant Operator can downscale Deployments and StatefulSets in a tenant's Namespace according to a defined sleep schedule. The Deployments and StatefulSets are brought back to their required replicas according to the provided wake schedule. -More details on [Hibernation](./tutorials/tenant/tenant-hibernation.md#hibernating-a-tenant) +More details on [Hibernation](./tutorials/tenant/tenant-hibernation.md#hibernating-a-tenant) and [ResourceSupervisor](./crds-api-reference/resource-supervisor.md) ## Mattermost Multitenancy diff --git a/content/tutorials/tenant/tenant-hibernation.md b/content/tutorials/tenant/tenant-hibernation.md index 36b0a859..234e8117 100644 --- a/content/tutorials/tenant/tenant-hibernation.md +++ b/content/tutorials/tenant/tenant-hibernation.md @@ -5,7 +5,7 @@ Implementing hibernation for tenants' namespaces efficiently manages cluster res ## Configuring Hibernation for Tenant Namespaces You can manage workloads in your cluster with MTO by implementing a hibernation schedule for your tenants. -Hibernation downsizes the running Deployments and StatefulSets in a tenant’s namespace according to a defined cron schedule. You can set a hibernation schedule for your tenants by adding the ‘spec.hibernation’ field to the tenant's respective Custom Resource. +Hibernation downsizes the running `Deployments` and `StatefulSets` in a tenant’s namespace according to a defined cron schedule. You can set a hibernation schedule for your tenants by adding the ‘spec.hibernation’ field to the tenant's respective Custom Resource. ```yaml hibernation: @@ -18,22 +18,18 @@ hibernation: `spec.hibernation.wakeSchedule` accepts a cron expression indicating the time to wake the workloads in your tenant’s namespaces up. !!! note - Both sleep and wake schedules must be specified for your Hibernation schedule to be valid. + Both sleep and wake schedules must be specified for your tenant's hibernation schedule to be valid. Additionally, adding the `hibernation.stakater.com/exclude: 'true'` annotation to a namespace excludes it from hibernating. !!! note This is only true for hibernation applied via the Tenant Custom Resource, and does not apply for hibernation done by manually creating a ResourceSupervisor (details about that below). -!!! note - This will not wake up an already sleeping namespace before the wake schedule. - ## Resource Supervisor Adding a Hibernation Schedule to a Tenant creates an accompanying ResourceSupervisor Custom Resource. -The Resource Supervisor stores the Hibernation schedules and manages the current and previous states of all the applications, whether they are sleeping or awake. -When the sleep timer is activated, the Resource Supervisor controller stores the details of your applications (including the number of replicas, configurations, etc.) in the applications' namespaces and then puts your applications to sleep. When the wake timer is activated, the controller wakes up the applications using their stored details. +When the sleep timer is activated, the Resource Supervisor puts your applications to sleep and store their previous state. When the wake timer is activated, it uses the stored state to bring them back to running state. Enabling ArgoCD support for Tenants will also hibernate applications in the tenants' `appProjects`. @@ -41,21 +37,27 @@ Enabling ArgoCD support for Tenants will also hibernate applications in the tena apiVersion: tenantoperator.stakater.com/v1beta1 kind: ResourceSupervisor metadata: - name: sigma + name: sigma-tenant spec: argocd: appProjects: - - sigma + - sigma-tenant namespace: openshift-gitops - hibernation: + schedule: sleepSchedule: 42 * * * * wakeSchedule: 45 * * * * + namespaces: + labelSelector: + matchLabels: + stakater.com/current-tenant: sigma + matchExpressions: {} + names: - tenant-ns1 - tenant-ns2 ``` -> Currently, Hibernation is available only for StatefulSets and Deployments. +> Currently, Hibernation is available only for `StatefulSets` and `Deployments`. ### Manual creation of ResourceSupervisor @@ -81,10 +83,15 @@ spec: appProjects: - sample-app-project namespace: openshift-gitops - hibernation: + schedule: sleepSchedule: 42 * * * * wakeSchedule: 45 * * * * + namespaces: + labelSelector: + matchLabels: {} + matchExpressions: {} + names: - ns1 - ns2 ``` @@ -106,9 +113,10 @@ spec: hibernation: sleepSchedule: "0 20 * * 1-5" # Sleep at 8 PM on weekdays wakeSchedule: "0 8 * * 1-5" # Wake at 8 AM on weekdays - owners: - users: - - user@example.com + accessControl: + owners: + users: + - user@example.com quota: medium namespaces: withoutTenantPrefix: @@ -133,21 +141,31 @@ The ResourceSupervisor will look like this at 'running' time (as per the schedul apiVersion: tenantoperator.stakater.com/v1beta1 kind: ResourceSupervisor metadata: - name: example + finalizers: + - tenantoperator.stakater.com/resourcesupervisor + generation: 1 + name: sigma + ownerReferences: + - apiVersion: tenantoperator.stakater.com/v1beta3 + blockOwnerDeletion: true + controller: true + kind: Tenant + name: sigma spec: argocd: appProjects: [] - namespace: '' - hibernation: - sleepSchedule: 0 20 * * 1-5 - wakeSchedule: 0 8 * * 1-5 + namespace: "" namespaces: - - build + names: - stage + - build - dev + schedule: + sleepSchedule: 0 20 * * 1-5 + wakeSchedule: 0 8 * * 1-5 status: currentStatus: running - nextReconcileTime: '2022-10-12T20:00:00Z' + nextReconcileTime: "2024-06-10T20:00:00Z" ``` The ResourceSupervisor will look like this at 'sleeping' time (as per the schedule): @@ -161,24 +179,30 @@ spec: argocd: appProjects: [] namespace: '' - hibernation: + schedule: sleepSchedule: 0 20 * * 1-5 wakeSchedule: 0 8 * * 1-5 namespaces: - - build - - stage - - dev + labelSelector: + matchLabels: {} + matchExpressions: {} + names: + - build + - stage + - dev status: currentStatus: sleeping - nextReconcileTime: '2022-10-13T08:00:00Z' - sleepingApplications: - - Namespace: build - kind: Deployment - name: example + nextReconcileTime: '2024-06-11T08:00:00Z' + sleepingNamespaces: + - Namespace: build + sleepingApplications: + - kind: Deployment + name: Example replicas: 3 - - Namespace: stage - kind: Deployment - name: example + - Namespace: stage + sleepingApplications: + - kind: Deployment + name: Example replicas: 3 ``` @@ -193,18 +217,23 @@ spec: argocd: appProjects: [] namespace: '' - hibernation: + schedule: sleepSchedule: 0 20 * * 1-5 wakeSchedule: 0 8 * * 1-5 namespaces: - - stage - - dev + labelSelector: + matchLabels: {} + matchExpressions: {} + names: + - stage + - dev status: currentStatus: sleeping - nextReconcileTime: '2022-10-13T08:00:00Z' - sleepingApplications: - - Namespace: stage - kind: Deployment + nextReconcileTime: '2024-07-12T08:00:00Z' + sleepingNamespaces: + - Namespace: build + sleepingApplications: + - kind: Deployment name: example replicas: 3 ``` @@ -226,18 +255,28 @@ spec: appProjects: - test-app-project namespace: argocd-ns - hibernation: + schedule: sleepSchedule: 0 20 * * 1-5 wakeSchedule: 0 8 * * 1-5 namespaces: - - ns2 - - ns4 + labelSelector: + matchLabels: {} + matchExpressions: {} + names: + - ns2 + - ns4 status: currentStatus: sleeping nextReconcileTime: '2022-10-13T08:00:00Z' - sleepingApplications: - - Namespace: ns2 - kind: Deployment + sleepingNamespaces: + - Namespace: build + sleepingApplications: + - kind: Deployment + name: test-deployment + replicas: 3 + - kind: Deployment name: test-deployment replicas: 3 ``` + +For more info see [here](../../crds-api-reference/resource-supervisor.md) diff --git a/theme_override/mkdocs.yml b/theme_override/mkdocs.yml index 41eb1dfd..4bac0817 100644 --- a/theme_override/mkdocs.yml +++ b/theme_override/mkdocs.yml @@ -62,6 +62,7 @@ nav: - crds-api-reference/template.md - crds-api-reference/template-instance.md - crds-api-reference/template-group-instance.md + - crds-api-reference/resource-supervisor.md - changelog.md - eula.md - troubleshooting.md From 13c7a532cde0cb8cd1be78f7aa99a1e79456bd80 Mon Sep 17 00:00:00 2001 From: MuneebAijaz Date: Tue, 30 Jul 2024 10:59:31 +0500 Subject: [PATCH 2/4] spellings --- content/crds-api-reference/resource-supervisor.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/content/crds-api-reference/resource-supervisor.md b/content/crds-api-reference/resource-supervisor.md index ed73544f..aec952eb 100644 --- a/content/crds-api-reference/resource-supervisor.md +++ b/content/crds-api-reference/resource-supervisor.md @@ -32,12 +32,12 @@ spec: - bluesky-dev schedule: sleepSchedule: "10 * * * *" # sleep each hour at min 10 - wakeSchedule: "50 * * * *" # wakeup each hour at min 50 + wakeSchedule: "50 * * * *" # wake up each hour at min 50 ``` ### Sleep -Applications will sleep instantly, and will wakeup when resource supervisor is deleted +Applications will sleep instantly, and will wake up when resource supervisor is deleted ```yaml apiVersion: tenantoperator.stakater.com/v1beta1 @@ -59,7 +59,7 @@ spec: ### Sleep at given cron schedule -Applications will sleep at provided cron schedule, and will wakeup when resource supervisor is deleted +Applications will sleep at provided cron schedule, and will wake up when resource supervisor is deleted ```yaml apiVersion: tenantoperator.stakater.com/v1beta1 From 24f2cc4282139a66ce71ee157d83ecbc8c0eb8bf Mon Sep 17 00:00:00 2001 From: MuneebAijaz Date: Tue, 30 Jul 2024 11:02:36 +0500 Subject: [PATCH 3/4] spellings --- content/crds-api-reference/resource-supervisor.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/content/crds-api-reference/resource-supervisor.md b/content/crds-api-reference/resource-supervisor.md index aec952eb..b9dfebe5 100644 --- a/content/crds-api-reference/resource-supervisor.md +++ b/content/crds-api-reference/resource-supervisor.md @@ -6,14 +6,14 @@ If provided, it will update [AppProject](https://argo-cd.readthedocs.io/en/stabl Following namespaces will be ignored: - with annotation `"hibernation.stakater.com/exclude": "true"` -- whose name match with priviledged namespaces' regex specified in [IntegrationConfig](./integration-config.md) +- whose name match with privileged namespaces' regex specified in [IntegrationConfig](./integration-config.md) - namespace where MTO is installed ## Supported modes ### Hibernation with cron schedule -Applications will sleep and wakup at provided cron schedule +Applications will sleep and wake up at provided cron schedule ```yaml apiVersion: tenantoperator.stakater.com/v1beta1 @@ -112,7 +112,7 @@ It will sleep `bluesky-staging` namespace, and all those which have the specifie ### Example 2 -If you provide Argo CD AppProject in spec, it will create syncWindow with `deny` policy +If you provide Argo CD AppProject in spec, it will create `syncWindow` with `deny` policy ```yaml apiVersion: tenantoperator.stakater.com/v1beta1 @@ -136,4 +136,4 @@ spec: sleepSchedule: "" ``` -It will sleep given namespaces, and create `deny` syncWindow on provided AppProjects +It will sleep given namespaces, and create `deny` `syncWindow` on provided AppProjects From e9461e9d35b763642592618e6a10b4efdfdb7d9d Mon Sep 17 00:00:00 2001 From: MuneebAijaz Date: Tue, 30 Jul 2024 11:06:16 +0500 Subject: [PATCH 4/4] change order of crds --- theme_override/mkdocs.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/theme_override/mkdocs.yml b/theme_override/mkdocs.yml index 97dc0c96..91abb351 100644 --- a/theme_override/mkdocs.yml +++ b/theme_override/mkdocs.yml @@ -59,14 +59,14 @@ nav: - explanation/templated-metadata-values.md - explanation/multi-tenancy-vault.md - CRDs API Reference: - - crds-api-reference/extensions.md - - crds-api-reference/integration-config.md - crds-api-reference/quota.md - crds-api-reference/tenant.md + - crds-api-reference/integration-config.md + - crds-api-reference/resource-supervisor.md + - crds-api-reference/extensions.md - crds-api-reference/template.md - crds-api-reference/template-instance.md - crds-api-reference/template-group-instance.md - - crds-api-reference/resource-supervisor.md - changelog.md - eula.md - troubleshooting.md