From fed71ffaf6378563d19e17ef416630feb02568d8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Charles-Edouard=20Br=C3=A9t=C3=A9ch=C3=A9?= Date: Wed, 3 Jul 2024 16:44:28 +0200 Subject: [PATCH] feat: make reports breaker threshold configurable (#10596) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * feat: make reports breaker threshold configurable Signed-off-by: Charles-Edouard Brétéché * lower default threshold Signed-off-by: Charles-Edouard Brétéché * release notes Signed-off-by: Charles-Edouard Brétéché --------- Signed-off-by: Charles-Edouard Brétéché --- charts/kyverno/Chart.yaml | 2 ++ charts/kyverno/README.md | 3 ++- charts/kyverno/templates/_helpers.tpl | 3 +++ charts/kyverno/values.yaml | 5 ++++- config/install-latest-testing.yaml | 1 + 5 files changed, 12 insertions(+), 2 deletions(-) diff --git a/charts/kyverno/Chart.yaml b/charts/kyverno/Chart.yaml index afd9c68881..5cadccdc77 100644 --- a/charts/kyverno/Chart.yaml +++ b/charts/kyverno/Chart.yaml @@ -35,6 +35,8 @@ annotations: artifacthub.io/changes: | - kind: added description: Add a key to preserve configmap settings during upgrade + - kind: added + description: Make admission reports breaker threshold configurable dependencies: - name: grafana version: v0.0.0 diff --git a/charts/kyverno/README.md b/charts/kyverno/README.md index aa486ad0f5..3592aff4b8 100644 --- a/charts/kyverno/README.md +++ b/charts/kyverno/README.md @@ -355,7 +355,8 @@ The chart values are organised per component. | Key | Type | Default | Description | |-----|------|---------|-------------| -| admissionController.featuresOverride | object | `{}` | Overrides features defined at the root level | +| admissionController.featuresOverride | object | `{"admissionReports":{"backPressureThreshold":1000}}` | Overrides features defined at the root level | +| admissionController.featuresOverride.admissionReports.backPressureThreshold | int | `1000` | Max number of admission reports allowed in flight until the admission controller stops creating new ones | | admissionController.rbac.create | bool | `true` | Create RBAC resources | | admissionController.rbac.serviceAccount.name | string | `nil` | The ServiceAccount name | | admissionController.rbac.serviceAccount.annotations | object | `{}` | Annotations for the ServiceAccount | diff --git a/charts/kyverno/templates/_helpers.tpl b/charts/kyverno/templates/_helpers.tpl index ceafb762e6..36075edfd8 100644 --- a/charts/kyverno/templates/_helpers.tpl +++ b/charts/kyverno/templates/_helpers.tpl @@ -12,6 +12,9 @@ {{- $flags := list -}} {{- with .admissionReports -}} {{- $flags = append $flags (print "--admissionReports=" .enabled) -}} + {{- with .backPressureThreshold -}} + {{- $flags = append $flags (print "--maxAdmissionReports=" .) -}} + {{- end -}} {{- end -}} {{- with .aggregateReports -}} {{- $flags = append $flags (print "--aggregateReports=" .enabled) -}} diff --git a/charts/kyverno/values.yaml b/charts/kyverno/values.yaml index 0ce6ae34f4..ab908e73d5 100644 --- a/charts/kyverno/values.yaml +++ b/charts/kyverno/values.yaml @@ -931,7 +931,10 @@ cleanupJobs: admissionController: # -- Overrides features defined at the root level - featuresOverride: {} + featuresOverride: + admissionReports: + # -- Max number of admission reports allowed in flight until the admission controller stops creating new ones + backPressureThreshold: 1000 rbac: # -- Create RBAC resources diff --git a/config/install-latest-testing.yaml b/config/install-latest-testing.yaml index 07683002ed..34af439d27 100644 --- a/config/install-latest-testing.yaml +++ b/config/install-latest-testing.yaml @@ -44876,6 +44876,7 @@ spec: - --otelConfig=prometheus - --metricsPort=8000 - --admissionReports=true + - --maxAdmissionReports=1000 - --autoUpdateWebhooks=true - --enableConfigMapCaching=true - --enableDeferredLoading=true