diff --git a/README.md b/README.md index ce3d0a1e2..fee0431b6 100644 --- a/README.md +++ b/README.md @@ -434,14 +434,15 @@ If you don't have access to an external PostgreSQL service, the AWX operator can The following variables are customizable for the managed PostgreSQL service -| Name | Description | Default | -| --------------------------------------------- | --------------------------------------------- | --------------------------------- | -| postgres_image | Path of the image to pull | postgres:12 | -| postgres_init_container_resource_requirements | Database init container resource requirements | requests: {} | -| postgres_resource_requirements | PostgreSQL container resource requirements | requests: {} | -| postgres_storage_requirements | PostgreSQL container storage requirements | requests: {storage: 8Gi} | -| postgres_storage_class | PostgreSQL PV storage class | Empty string | -| postgres_data_path | PostgreSQL data path | `/var/lib/postgresql/data/pgdata` | +| Name | Description | Default | +| --------------------------------------------- | --------------------------------------------- | ---------------------------------- | +| postgres_image | Path of the image to pull | postgres:12 | +| postgres_init_container_resource_requirements | Database init container resource requirements | requests: {cpu: 10m, memory: 64Mi} | +| postgres_resource_requirements | PostgreSQL container resource requirements | requests: {cpu: 10m, memory: 64Mi} | +| postgres_storage_requirements | PostgreSQL container storage requirements | requests: {storage: 8Gi} | +| postgres_storage_class | PostgreSQL PV storage class | Empty string | +| postgres_data_path | PostgreSQL data path | `/var/lib/postgresql/data/pgdata` | +| postgres_priority_class | Priority class used for PostgreSQL pod | Empty string | Example of customization could be: @@ -541,11 +542,11 @@ Again, this is the most relaxed SCC that is provided by OpenShift, so be sure to The resource requirements for both, the task and the web containers are configurable - both the lower end (requests) and the upper end (limits). -| Name | Description | Default | -| -------------------------- | ------------------------------------------------ | ----------------------------------- | -| web_resource_requirements | Web container resource requirements | requests: {cpu: 1000m, memory: 2Gi} | -| task_resource_requirements | Task container resource requirements | requests: {cpu: 500m, memory: 1Gi} | -| ee_resource_requirements | EE control plane container resource requirements | requests: {cpu: 500m, memory: 1Gi} | +| Name | Description | Default | +| -------------------------- | ------------------------------------------------ | ------------------------------------ | +| web_resource_requirements | Web container resource requirements | requests: {cpu: 100m, memory: 128Mi} | +| task_resource_requirements | Task container resource requirements | requests: {cpu: 100m, memory: 128Mi} | +| ee_resource_requirements | EE control plane container resource requirements | requests: {cpu: 100m, memory: 128Mi} | Example of customization could be: @@ -555,27 +556,45 @@ spec: ... web_resource_requirements: requests: - cpu: 1000m + cpu: 250m memory: 2Gi limits: - cpu: 2000m + cpu: 1000m memory: 4Gi task_resource_requirements: requests: - cpu: 500m + cpu: 250m memory: 1Gi limits: - cpu: 1000m + cpu: 2000m memory: 2Gi ee_resource_requirements: requests: - cpu: 500m - memory: 1Gi + cpu: 250m + memory: 100Mi limits: - cpu: 1000m + cpu: 500m memory: 2Gi ``` +#### Priority Classes + +The AWX and Postgres pods can be assigned a custom PriorityClass to rank their importance compared to other pods in your cluster, which determines which pods get evicted first if resources are running low. +First, [create your PriorityClass](https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/#priorityclass) if needed. +Then set the name of your priority class to the control plane and postgres pods as shown below. + +```yaml +--- +apiVersion: awx.ansible.com/v1beta1 +kind: AWX +metadata: + name: awx-demo +spec: + ... + control_plane_priority_class: awx-demo-high-priority + postgres_priority_class: awx-demo-medium-priority +``` + #### Assigning AWX pods to specific nodes You can constrain the AWX pods created by the operator to run on a certain subset of nodes. `node_selector` and `postgres_selector` constrains diff --git a/config/crd/bases/awx.ansible.com_awxs.yaml b/config/crd/bases/awx.ansible.com_awxs.yaml index afff46b49..b4fe30929 100644 --- a/config/crd/bases/awx.ansible.com_awxs.yaml +++ b/config/crd/bases/awx.ansible.com_awxs.yaml @@ -165,6 +165,9 @@ spec: control_plane_ee_image: description: Registry path to the Execution Environment container image to use on control plane pods type: string + control_plane_priority_class: + description: Assign a preexisting priority class to the control plane pods + type: string ee_pull_credentials_secret: description: Secret where pull credentials for registered ees can be found type: string @@ -184,7 +187,7 @@ spec: type: array items: type: string - image_pull_secret: # deprecated + image_pull_secret: # deprecated description: (Deprecated) Image pull secret for app and database containers type: string task_resource_requirements: @@ -392,6 +395,9 @@ spec: postgres_storage_class: description: Storage class to use for the PostgreSQL PVC type: string + postgres_priority_class: + description: Assign a preexisting priority class to the postgres pod + type: string postgres_data_path: description: Path where the PostgreSQL data are located type: string diff --git a/molecule/default/templates/awx_cr_molecule.yml.j2 b/molecule/default/templates/awx_cr_molecule.yml.j2 index e7c411d7e..07df757a3 100644 --- a/molecule/default/templates/awx_cr_molecule.yml.j2 +++ b/molecule/default/templates/awx_cr_molecule.yml.j2 @@ -15,13 +15,15 @@ spec: kubernetes.io/ingress.class: nginx web_resource_requirements: requests: - cpu: 250m - memory: 128M + cpu: 100m + memory: 32M task_resource_requirements: requests: - cpu: 250m - memory: 128M + cpu: 100m + memory: 32M ee_resource_requirements: requests: cpu: 200m - memory: 64M + memory: 32M + postgres_resource_requirements: {} + postgres_init_container_resource_requirements: {} diff --git a/roles/installer/defaults/main.yml b/roles/installer/defaults/main.yml index 6e1537b3d..4197f554f 100644 --- a/roles/installer/defaults/main.yml +++ b/roles/installer/defaults/main.yml @@ -169,23 +169,25 @@ web_command: [] task_resource_requirements: requests: - cpu: 500m - memory: 1Gi + cpu: 100m + memory: 128Mi web_resource_requirements: requests: - cpu: 1000m - memory: 2Gi + cpu: 100m + memory: 128Mi ee_resource_requirements: requests: - cpu: 500m - memory: 1Gi + cpu: 100m + memory: 64Mi # Customize CSRF options csrf_cookie_secure: False session_cookie_secure: False +# Assign a preexisting priority class to the control plane pods +control_plane_priority_class: '' # Add extra environment variables to the AWX task/web containers. Specify as # literal block. E.g.: # task_extra_env: | @@ -226,8 +228,16 @@ postgres_tolerations: '' postgres_storage_requirements: requests: storage: 8Gi -postgres_init_container_resource_requirements: {} -postgres_resource_requirements: {} +postgres_resource_requirements: + requests: + cpu: 10m + memory: 64Mi +postgres_init_container_resource_requirements: + requests: + cpu: 10m + memory: 64Mi +# Assign a preexisting priority class to the postgres pod +postgres_priority_class: '' postgres_data_path: '/var/lib/postgresql/data/pgdata' # Persistence to the AWX project data folder diff --git a/roles/installer/templates/deployment.yaml.j2 b/roles/installer/templates/deployment.yaml.j2 index 3aff85649..955e3ae38 100644 --- a/roles/installer/templates/deployment.yaml.j2 +++ b/roles/installer/templates/deployment.yaml.j2 @@ -41,6 +41,9 @@ spec: {% for secret in image_pull_secrets %} - name: {{ secret }} {% endfor %} +{% endif %} +{% if control_plane_priority_class is defined %} + priorityClassName: '{{ control_plane_priority_class }}' {% endif %} initContainers: {% if bundle_ca_crt or projects_persistence|bool or init_container_extra_commands %} diff --git a/roles/installer/templates/postgres.yaml.j2 b/roles/installer/templates/postgres.yaml.j2 index 67d12f4cf..6caef41a5 100644 --- a/roles/installer/templates/postgres.yaml.j2 +++ b/roles/installer/templates/postgres.yaml.j2 @@ -41,6 +41,9 @@ spec: {% for secret in image_pull_secrets %} - name: {{ secret }} {% endfor %} +{% endif %} +{% if postgres_priority_class is defined %} + priorityClassName: '{{ postgres_priority_class }}' {% endif %} initContainers: - name: database-check