diff --git a/addons/applicationautoscaling-chart/Chart.yaml b/addons/applicationautoscaling-chart/Chart.yaml index d07ef0e0e..5c6eec21e 100644 --- a/addons/applicationautoscaling-chart/Chart.yaml +++ b/addons/applicationautoscaling-chart/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v1 name: applicationautoscaling-chart description: A Helm chart for the ACK service controller for AWS Auto Scaling (AutoScaling) -version: 1.0.8 -appVersion: 1.0.8 +version: 1.3.0 +appVersion: 1.3.0 home: https://github.com/aws-controllers-k8s/applicationautoscaling-controller icon: https://raw.githubusercontent.com/aws/eks-charts/master/docs/logo/aws.png sources: diff --git a/addons/applicationautoscaling-chart/crds/applicationautoscaling.services.k8s.aws_scalabletargets.yaml b/addons/applicationautoscaling-chart/crds/applicationautoscaling.services.k8s.aws_scalabletargets.yaml index 42baa994a..d5d7a031e 100644 --- a/addons/applicationautoscaling-chart/crds/applicationautoscaling.services.k8s.aws_scalabletargets.yaml +++ b/addons/applicationautoscaling-chart/crds/applicationautoscaling.services.k8s.aws_scalabletargets.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.9.2 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.19.0 name: scalabletargets.applicationautoscaling.services.k8s.aws spec: group: applicationautoscaling.services.k8s.aws @@ -21,156 +20,263 @@ spec: description: ScalableTarget is the Schema for the ScalableTargets API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: "ScalableTargetSpec defines the desired state of ScalableTarget. - \n Represents a scalable target." + description: |- + ScalableTargetSpec defines the desired state of ScalableTarget. + + Represents a scalable target. properties: maxCapacity: - description: "The maximum value that you plan to scale out to. When - a scaling policy is in effect, Application Auto Scaling can scale - out (expand) as needed to the maximum capacity limit in response - to changing demand. This property is required when registering a - new scalable target. \n Although you can specify a large maximum - capacity, note that service quotas may impose lower limits. Each - service has its own default quotas for the maximum capacity of the - resource. If you want to specify a higher limit, you can request - an increase. For more information, consult the documentation for - that service. For information about the default quotas for each - service, see Service Endpoints and Quotas (https://docs.aws.amazon.com/general/latest/gr/aws-service-information.html) - in the Amazon Web Services General Reference." + description: |- + The maximum value that you plan to scale out to. When a scaling policy is + in effect, Application Auto Scaling can scale out (expand) as needed to the + maximum capacity limit in response to changing demand. This property is required + when registering a new scalable target. + + Although you can specify a large maximum capacity, note that service quotas + might impose lower limits. Each service has its own default quotas for the + maximum capacity of the resource. If you want to specify a higher limit, + you can request an increase. For more information, consult the documentation + for that service. For information about the default quotas for each service, + see Service endpoints and quotas (https://docs.aws.amazon.com/general/latest/gr/aws-service-information.html) + in the Amazon Web Services General Reference. format: int64 type: integer minCapacity: - description: "The minimum value that you plan to scale in to. When - a scaling policy is in effect, Application Auto Scaling can scale - in (contract) as needed to the minimum capacity limit in response - to changing demand. This property is required when registering a - new scalable target. \n For certain resources, the minimum value - allowed is 0. This includes Lambda provisioned concurrency, Spot - Fleet, ECS services, Aurora DB clusters, EMR clusters, and custom - resources. For all other resources, the minimum value allowed is - 1." + description: |- + The minimum value that you plan to scale in to. When a scaling policy is + in effect, Application Auto Scaling can scale in (contract) as needed to + the minimum capacity limit in response to changing demand. This property + is required when registering a new scalable target. + + For the following resources, the minimum value allowed is 0. + + - AppStream 2.0 fleets + + - Aurora DB clusters + + - ECS services + + - EMR clusters + + - Lambda provisioned concurrency + + - SageMaker endpoint variants + + - SageMaker inference components + + - SageMaker serverless endpoint provisioned concurrency + + - Spot Fleets + + - custom resources + + It's strongly recommended that you specify a value greater than 0. A value + greater than 0 means that data points are continuously reported to CloudWatch + that scaling policies can use to scale on a metric like average CPU utilization. + + For all other resources, the minimum allowed value depends on the type of + resource that you are using. If you provide a value that is lower than what + a resource can accept, an error occurs. In which case, the error message + will provide the minimum value that the resource can accept. format: int64 type: integer resourceID: - description: "The identifier of the resource that is associated with - the scalable target. This string consists of the resource type and - unique identifier. \n - ECS service - The resource type is service - and the unique identifier is the cluster name and service name. - Example: service/default/sample-webapp. \n - Spot Fleet - The resource - type is spot-fleet-request and the unique identifier is the Spot - Fleet request ID. Example: spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE. - \n - EMR cluster - The resource type is instancegroup and the unique - identifier is the cluster ID and instance group ID. Example: instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0. - \n - AppStream 2.0 fleet - The resource type is fleet and the unique - identifier is the fleet name. Example: fleet/sample-fleet. \n - - DynamoDB table - The resource type is table and the unique identifier - is the table name. Example: table/my-table. \n - DynamoDB global - secondary index - The resource type is index and the unique identifier - is the index name. Example: table/my-table/index/my-table-index. - \n - Aurora DB cluster - The resource type is cluster and the unique - identifier is the cluster name. Example: cluster:my-db-cluster. - \n - SageMaker endpoint variant - The resource type is variant and - the unique identifier is the resource ID. Example: endpoint/my-end-point/variant/KMeansClustering. - \n - Custom resources are not supported with a resource type. This - parameter must specify the OutputValue from the CloudFormation template - stack used to access the resources. The unique identifier is defined - by the service provider. More information is available in our GitHub - repository (https://github.com/aws/aws-auto-scaling-custom-resource). - \n - Amazon Comprehend document classification endpoint - The resource - type and unique identifier are specified using the endpoint ARN. - Example: arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE. - \n - Amazon Comprehend entity recognizer endpoint - The resource - type and unique identifier are specified using the endpoint ARN. - Example: arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE. - \n - Lambda provisioned concurrency - The resource type is function - and the unique identifier is the function name with a function version - or alias name suffix that is not $LATEST. Example: function:my-function:prod - or function:my-function:1. \n - Amazon Keyspaces table - The resource - type is table and the unique identifier is the table name. Example: - keyspace/mykeyspace/table/mytable. \n - Amazon MSK cluster - The - resource type and unique identifier are specified using the cluster - ARN. Example: arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5. - \n - Amazon ElastiCache replication group - The resource type is - replication-group and the unique identifier is the replication group - name. Example: replication-group/mycluster. \n - Neptune cluster - - The resource type is cluster and the unique identifier is the - cluster name. Example: cluster:mycluster." + description: |- + The identifier of the resource that is associated with the scalable target. + This string consists of the resource type and unique identifier. + + - ECS service - The resource type is service and the unique identifier + is the cluster name and service name. Example: service/my-cluster/my-service. + + - Spot Fleet - The resource type is spot-fleet-request and the unique + identifier is the Spot Fleet request ID. Example: spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE. + + - EMR cluster - The resource type is instancegroup and the unique identifier + is the cluster ID and instance group ID. Example: instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0. + + - AppStream 2.0 fleet - The resource type is fleet and the unique identifier + is the fleet name. Example: fleet/sample-fleet. + + - DynamoDB table - The resource type is table and the unique identifier + is the table name. Example: table/my-table. + + - DynamoDB global secondary index - The resource type is index and the + unique identifier is the index name. Example: table/my-table/index/my-table-index. + + - Aurora DB cluster - The resource type is cluster and the unique identifier + is the cluster name. Example: cluster:my-db-cluster. + + - SageMaker endpoint variant - The resource type is variant and the unique + identifier is the resource ID. Example: endpoint/my-end-point/variant/KMeansClustering. + + - Custom resources are not supported with a resource type. This parameter + must specify the OutputValue from the CloudFormation template stack used + to access the resources. The unique identifier is defined by the service + provider. More information is available in our GitHub repository (https://github.com/aws/aws-auto-scaling-custom-resource). + + - Amazon Comprehend document classification endpoint - The resource type + and unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE. + + - Amazon Comprehend entity recognizer endpoint - The resource type and + unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE. + + - Lambda provisioned concurrency - The resource type is function and the + unique identifier is the function name with a function version or alias + name suffix that is not $LATEST. Example: function:my-function:prod or + function:my-function:1. + + - Amazon Keyspaces table - The resource type is table and the unique identifier + is the table name. Example: keyspace/mykeyspace/table/mytable. + + - Amazon MSK cluster - The resource type and unique identifier are specified + using the cluster ARN. Example: arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5. + + - Amazon ElastiCache replication group - The resource type is replication-group + and the unique identifier is the replication group name. Example: replication-group/mycluster. + + - Neptune cluster - The resource type is cluster and the unique identifier + is the cluster name. Example: cluster:mycluster. + + - SageMaker serverless endpoint - The resource type is variant and the + unique identifier is the resource ID. Example: endpoint/my-end-point/variant/KMeansClustering. + + - SageMaker inference component - The resource type is inference-component + and the unique identifier is the resource ID. Example: inference-component/my-inference-component. + + - Pool of WorkSpaces - The resource type is workspacespool and the unique + identifier is the pool ID. Example: workspacespool/wspool-123456. + + Regex Pattern: `^[\u0020-\uD7FF\uE000-\uFFFD\uD800\uDC00-\uDBFF\uDFFF\r\n\t]*$` type: string roleARN: - description: "This parameter is required for services that do not - support service-linked roles (such as Amazon EMR), and it must specify - the ARN of an IAM role that allows Application Auto Scaling to modify - the scalable target on your behalf. \n If the service supports service-linked - roles, Application Auto Scaling uses a service-linked role, which - it creates if it does not yet exist. For more information, see Application - Auto Scaling IAM roles (https://docs.aws.amazon.com/autoscaling/application/userguide/security_iam_service-with-iam.html#security_iam_service-with-iam-roles)." + description: |- + This parameter is required for services that do not support service-linked + roles (such as Amazon EMR), and it must specify the ARN of an IAM role that + allows Application Auto Scaling to modify the scalable target on your behalf. + + If the service supports service-linked roles, Application Auto Scaling uses + a service-linked role, which it creates if it does not yet exist. For more + information, see How Application Auto Scaling works with IAM (https://docs.aws.amazon.com/autoscaling/application/userguide/security_iam_service-with-iam.html). + + Regex Pattern: `^[\u0020-\uD7FF\uE000-\uFFFD\uD800\uDC00-\uDBFF\uDFFF\r\n\t]*$` type: string scalableDimension: - description: "The scalable dimension associated with the scalable - target. This string consists of the service namespace, resource - type, and scaling property. \n - ecs:service:DesiredCount - The - desired task count of an ECS service. \n - elasticmapreduce:instancegroup:InstanceCount - - The instance count of an EMR Instance Group. \n - ec2:spot-fleet-request:TargetCapacity - - The target capacity of a Spot Fleet. \n - appstream:fleet:DesiredCapacity - - The desired capacity of an AppStream 2.0 fleet. \n - dynamodb:table:ReadCapacityUnits - - The provisioned read capacity for a DynamoDB table. \n - dynamodb:table:WriteCapacityUnits - - The provisioned write capacity for a DynamoDB table. \n - dynamodb:index:ReadCapacityUnits - - The provisioned read capacity for a DynamoDB global secondary - index. \n - dynamodb:index:WriteCapacityUnits - The provisioned - write capacity for a DynamoDB global secondary index. \n - rds:cluster:ReadReplicaCount - - The count of Aurora Replicas in an Aurora DB cluster. Available - for Aurora MySQL-compatible edition and Aurora PostgreSQL-compatible - edition. \n - sagemaker:variant:DesiredInstanceCount - The number - of EC2 instances for an SageMaker model endpoint variant. \n - custom-resource:ResourceType:Property - - The scalable dimension for a custom resource provided by your - own application or service. \n - comprehend:document-classifier-endpoint:DesiredInferenceUnits - - The number of inference units for an Amazon Comprehend document - classification endpoint. \n - comprehend:entity-recognizer-endpoint:DesiredInferenceUnits - - The number of inference units for an Amazon Comprehend entity - recognizer endpoint. \n - lambda:function:ProvisionedConcurrency - - The provisioned concurrency for a Lambda function. \n - cassandra:table:ReadCapacityUnits - - The provisioned read capacity for an Amazon Keyspaces table. \n - - cassandra:table:WriteCapacityUnits - The provisioned write capacity - for an Amazon Keyspaces table. \n - kafka:broker-storage:VolumeSize - - The provisioned volume size (in GiB) for brokers in an Amazon - MSK cluster. \n - elasticache:replication-group:NodeGroups - The - number of node groups for an Amazon ElastiCache replication group. - \n - elasticache:replication-group:Replicas - The number of replicas - per node group for an Amazon ElastiCache replication group. \n - - neptune:cluster:ReadReplicaCount - The count of read replicas in - an Amazon Neptune DB cluster." + description: |- + The scalable dimension associated with the scalable target. This string consists + of the service namespace, resource type, and scaling property. + + - ecs:service:DesiredCount - The task count of an ECS service. + + - elasticmapreduce:instancegroup:InstanceCount - The instance count of + an EMR Instance Group. + + - ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot + Fleet. + + - appstream:fleet:DesiredCapacity - The capacity of an AppStream 2.0 fleet. + + - dynamodb:table:ReadCapacityUnits - The provisioned read capacity for + a DynamoDB table. + + - dynamodb:table:WriteCapacityUnits - The provisioned write capacity for + a DynamoDB table. + + - dynamodb:index:ReadCapacityUnits - The provisioned read capacity for + a DynamoDB global secondary index. + + - dynamodb:index:WriteCapacityUnits - The provisioned write capacity for + a DynamoDB global secondary index. + + - rds:cluster:ReadReplicaCount - The count of Aurora Replicas in an Aurora + DB cluster. Available for Aurora MySQL-compatible edition and Aurora PostgreSQL-compatible + edition. + + - sagemaker:variant:DesiredInstanceCount - The number of EC2 instances + for a SageMaker model endpoint variant. + + - custom-resource:ResourceType:Property - The scalable dimension for a + custom resource provided by your own application or service. + + - comprehend:document-classifier-endpoint:DesiredInferenceUnits - The + number of inference units for an Amazon Comprehend document classification + endpoint. + + - comprehend:entity-recognizer-endpoint:DesiredInferenceUnits - The number + of inference units for an Amazon Comprehend entity recognizer endpoint. + + - lambda:function:ProvisionedConcurrency - The provisioned concurrency + for a Lambda function. + + - cassandra:table:ReadCapacityUnits - The provisioned read capacity for + an Amazon Keyspaces table. + + - cassandra:table:WriteCapacityUnits - The provisioned write capacity + for an Amazon Keyspaces table. + + - kafka:broker-storage:VolumeSize - The provisioned volume size (in GiB) + for brokers in an Amazon MSK cluster. + + - elasticache:replication-group:NodeGroups - The number of node groups + for an Amazon ElastiCache replication group. + + - elasticache:replication-group:Replicas - The number of replicas per + node group for an Amazon ElastiCache replication group. + + - neptune:cluster:ReadReplicaCount - The count of read replicas in an + Amazon Neptune DB cluster. + + - sagemaker:variant:DesiredProvisionedConcurrency - The provisioned concurrency + for a SageMaker serverless endpoint. + + - sagemaker:inference-component:DesiredCopyCount - The number of copies + across an endpoint for a SageMaker inference component. + + - workspaces:workspacespool:DesiredUserSessions - The number of user sessions + for the WorkSpaces in the pool. type: string serviceNamespace: - description: The namespace of the Amazon Web Services service that - provides the resource. For a resource provided by your own application - or service, use custom-resource instead. + description: |- + The namespace of the Amazon Web Services service that provides the resource. + For a resource provided by your own application or service, use custom-resource + instead. type: string suspendedState: - description: "An embedded object that contains attributes and attribute - values that are used to suspend and resume automatic scaling. Setting - the value of an attribute to true suspends the specified scaling - activities. Setting it to false (default) resumes the specified - scaling activities. \n Suspension Outcomes \n - For DynamicScalingInSuspended, - while a suspension is in effect, all scale-in activities that are - triggered by a scaling policy are suspended. \n - For DynamicScalingOutSuspended, - while a suspension is in effect, all scale-out activities that are - triggered by a scaling policy are suspended. \n - For ScheduledScalingSuspended, - while a suspension is in effect, all scaling activities that involve - scheduled actions are suspended. \n For more information, see Suspending - and resuming scaling (https://docs.aws.amazon.com/autoscaling/application/userguide/application-auto-scaling-suspend-resume-scaling.html) - in the Application Auto Scaling User Guide." + description: |- + An embedded object that contains attributes and attribute values that are + used to suspend and resume automatic scaling. Setting the value of an attribute + to true suspends the specified scaling activities. Setting it to false (default) + resumes the specified scaling activities. + + Suspension Outcomes + + - For DynamicScalingInSuspended, while a suspension is in effect, all + scale-in activities that are triggered by a scaling policy are suspended. + + - For DynamicScalingOutSuspended, while a suspension is in effect, all + scale-out activities that are triggered by a scaling policy are suspended. + + - For ScheduledScalingSuspended, while a suspension is in effect, all + scaling activities that involve scheduled actions are suspended. + + For more information, see Suspend and resume scaling (https://docs.aws.amazon.com/autoscaling/application/userguide/application-auto-scaling-suspend-resume-scaling.html) + in the Application Auto Scaling User Guide. properties: dynamicScalingInSuspended: type: boolean @@ -188,24 +294,29 @@ spec: description: ScalableTargetStatus defines the observed state of ScalableTarget properties: ackResourceMetadata: - description: All CRs managed by ACK have a common `Status.ACKResourceMetadata` - member that is used to contain resource sync state, account ownership, + description: |- + All CRs managed by ACK have a common `Status.ACKResourceMetadata` member + that is used to contain resource sync state, account ownership, constructed ARN for the resource properties: arn: - description: 'ARN is the Amazon Resource Name for the resource. - This is a globally-unique identifier and is set only by the - ACK service controller once the controller has orchestrated - the creation of the resource OR when it has verified that an - "adopted" resource (a resource where the ARN annotation was - set by the Kubernetes user on the CR) exists and matches the - supplied CR''s Spec field values. TODO(vijat@): Find a better - strategy for resources that do not have ARN in CreateOutputResponse - https://github.com/aws/aws-controllers-k8s/issues/270' + description: |- + ARN is the Amazon Resource Name for the resource. This is a + globally-unique identifier and is set only by the ACK service controller + once the controller has orchestrated the creation of the resource OR + when it has verified that an "adopted" resource (a resource where the + ARN annotation was set by the Kubernetes user on the CR) exists and + matches the supplied CR's Spec field values. + https://github.com/aws/aws-controllers-k8s/issues/270 type: string ownerAccountID: - description: OwnerAccountID is the AWS Account ID of the account - that owns the backend AWS service API resource. + description: |- + OwnerAccountID is the AWS Account ID of the account that owns the + backend AWS service API resource. + type: string + partition: + description: Partition is the AWS partition in which the resource + exists or will exist type: string region: description: Region is the AWS region in which the resource exists @@ -216,14 +327,16 @@ spec: - region type: object conditions: - description: All CRS managed by ACK have a common `Status.Conditions` - member that contains a collection of `ackv1alpha1.Condition` objects - that describe the various terminal states of the CR and its backend - AWS service API resource + description: |- + All CRs managed by ACK have a common `Status.Conditions` member that + contains a collection of `ackv1alpha1.Condition` objects that describe + the various terminal states of the CR and its backend AWS service API + resource items: - description: Condition is the common struct used by all CRDs managed - by ACK service controllers to indicate terminal states of the - CR and its backend AWS service API resource + description: |- + Condition is the common struct used by all CRDs managed by ACK service + controllers to indicate terminal states of the CR and its backend AWS + service API resource properties: lastTransitionTime: description: Last time the condition transitioned from one status diff --git a/addons/applicationautoscaling-chart/crds/applicationautoscaling.services.k8s.aws_scalingpolicies.yaml b/addons/applicationautoscaling-chart/crds/applicationautoscaling.services.k8s.aws_scalingpolicies.yaml index 7433e17c8..89add0bd4 100644 --- a/addons/applicationautoscaling-chart/crds/applicationautoscaling.services.k8s.aws_scalingpolicies.yaml +++ b/addons/applicationautoscaling-chart/crds/applicationautoscaling.services.k8s.aws_scalingpolicies.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.9.2 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.19.0 name: scalingpolicies.applicationautoscaling.services.k8s.aws spec: group: applicationautoscaling.services.k8s.aws @@ -21,123 +20,213 @@ spec: description: ScalingPolicy is the Schema for the ScalingPolicies API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: "ScalingPolicySpec defines the desired state of ScalingPolicy. - \n Represents a scaling policy to use with Application Auto Scaling. - \n For more information about configuring scaling policies for a specific - service, see Getting started with Application Auto Scaling (https://docs.aws.amazon.com/autoscaling/application/userguide/getting-started.html) - in the Application Auto Scaling User Guide." + description: |- + ScalingPolicySpec defines the desired state of ScalingPolicy. + + Represents a scaling policy to use with Application Auto Scaling. + + For more information about configuring scaling policies for a specific service, + see Amazon Web Services services that you can use with Application Auto Scaling + (https://docs.aws.amazon.com/autoscaling/application/userguide/integrated-services-list.html) + in the Application Auto Scaling User Guide. properties: policyName: - description: The name of the scaling policy. + description: |- + The name of the scaling policy. + + You cannot change the name of a scaling policy, but you can delete the original + scaling policy and create a new scaling policy with the same settings and + a different name. + + Regex Pattern: `^\p{Print}+$` type: string policyType: - description: "The policy type. This parameter is required if you are - creating a scaling policy. \n The following policy types are supported: - \n # TargetTrackingScaling—Not supported for Amazon EMR \n StepScaling—Not - supported for DynamoDB, Amazon Comprehend, Lambda, Amazon Keyspaces, - Amazon MSK, Amazon ElastiCache, or Neptune. \n For more information, - see Target tracking scaling policies (https://docs.aws.amazon.com/autoscaling/application/userguide/application-auto-scaling-target-tracking.html) + description: |- + The scaling policy type. This parameter is required if you are creating a + scaling policy. + + The following policy types are supported: + + TargetTrackingScaling—Not supported for Amazon EMR. + + StepScaling—Not supported for DynamoDB, Amazon Comprehend, Lambda, Amazon + Keyspaces, Amazon MSK, Amazon ElastiCache, or Neptune. + + For more information, see Target tracking scaling policies (https://docs.aws.amazon.com/autoscaling/application/userguide/application-auto-scaling-target-tracking.html) and Step scaling policies (https://docs.aws.amazon.com/autoscaling/application/userguide/application-auto-scaling-step-scaling-policies.html) - in the Application Auto Scaling User Guide." + in the Application Auto Scaling User Guide. type: string resourceID: - description: "The identifier of the resource associated with the scaling - policy. This string consists of the resource type and unique identifier. - \n - ECS service - The resource type is service and the unique identifier - is the cluster name and service name. Example: service/default/sample-webapp. - \n - Spot Fleet - The resource type is spot-fleet-request and the - unique identifier is the Spot Fleet request ID. Example: spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE. - \n - EMR cluster - The resource type is instancegroup and the unique - identifier is the cluster ID and instance group ID. Example: instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0. - \n - AppStream 2.0 fleet - The resource type is fleet and the unique - identifier is the fleet name. Example: fleet/sample-fleet. \n - - DynamoDB table - The resource type is table and the unique identifier - is the table name. Example: table/my-table. \n - DynamoDB global - secondary index - The resource type is index and the unique identifier - is the index name. Example: table/my-table/index/my-table-index. - \n - Aurora DB cluster - The resource type is cluster and the unique - identifier is the cluster name. Example: cluster:my-db-cluster. - \n - SageMaker endpoint variant - The resource type is variant and - the unique identifier is the resource ID. Example: endpoint/my-end-point/variant/KMeansClustering. - \n - Custom resources are not supported with a resource type. This - parameter must specify the OutputValue from the CloudFormation template - stack used to access the resources. The unique identifier is defined - by the service provider. More information is available in our GitHub - repository (https://github.com/aws/aws-auto-scaling-custom-resource). - \n - Amazon Comprehend document classification endpoint - The resource - type and unique identifier are specified using the endpoint ARN. - Example: arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE. - \n - Amazon Comprehend entity recognizer endpoint - The resource - type and unique identifier are specified using the endpoint ARN. - Example: arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE. - \n - Lambda provisioned concurrency - The resource type is function - and the unique identifier is the function name with a function version - or alias name suffix that is not $LATEST. Example: function:my-function:prod - or function:my-function:1. \n - Amazon Keyspaces table - The resource - type is table and the unique identifier is the table name. Example: - keyspace/mykeyspace/table/mytable. \n - Amazon MSK cluster - The - resource type and unique identifier are specified using the cluster - ARN. Example: arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5. - \n - Amazon ElastiCache replication group - The resource type is - replication-group and the unique identifier is the replication group - name. Example: replication-group/mycluster. \n - Neptune cluster - - The resource type is cluster and the unique identifier is the - cluster name. Example: cluster:mycluster." + description: |- + The identifier of the resource associated with the scaling policy. This string + consists of the resource type and unique identifier. + + - ECS service - The resource type is service and the unique identifier + is the cluster name and service name. Example: service/my-cluster/my-service. + + - Spot Fleet - The resource type is spot-fleet-request and the unique + identifier is the Spot Fleet request ID. Example: spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE. + + - EMR cluster - The resource type is instancegroup and the unique identifier + is the cluster ID and instance group ID. Example: instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0. + + - AppStream 2.0 fleet - The resource type is fleet and the unique identifier + is the fleet name. Example: fleet/sample-fleet. + + - DynamoDB table - The resource type is table and the unique identifier + is the table name. Example: table/my-table. + + - DynamoDB global secondary index - The resource type is index and the + unique identifier is the index name. Example: table/my-table/index/my-table-index. + + - Aurora DB cluster - The resource type is cluster and the unique identifier + is the cluster name. Example: cluster:my-db-cluster. + + - SageMaker endpoint variant - The resource type is variant and the unique + identifier is the resource ID. Example: endpoint/my-end-point/variant/KMeansClustering. + + - Custom resources are not supported with a resource type. This parameter + must specify the OutputValue from the CloudFormation template stack used + to access the resources. The unique identifier is defined by the service + provider. More information is available in our GitHub repository (https://github.com/aws/aws-auto-scaling-custom-resource). + + - Amazon Comprehend document classification endpoint - The resource type + and unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE. + + - Amazon Comprehend entity recognizer endpoint - The resource type and + unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE. + + - Lambda provisioned concurrency - The resource type is function and the + unique identifier is the function name with a function version or alias + name suffix that is not $LATEST. Example: function:my-function:prod or + function:my-function:1. + + - Amazon Keyspaces table - The resource type is table and the unique identifier + is the table name. Example: keyspace/mykeyspace/table/mytable. + + - Amazon MSK cluster - The resource type and unique identifier are specified + using the cluster ARN. Example: arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5. + + - Amazon ElastiCache replication group - The resource type is replication-group + and the unique identifier is the replication group name. Example: replication-group/mycluster. + + - Neptune cluster - The resource type is cluster and the unique identifier + is the cluster name. Example: cluster:mycluster. + + - SageMaker serverless endpoint - The resource type is variant and the + unique identifier is the resource ID. Example: endpoint/my-end-point/variant/KMeansClustering. + + - SageMaker inference component - The resource type is inference-component + and the unique identifier is the resource ID. Example: inference-component/my-inference-component. + + - Pool of WorkSpaces - The resource type is workspacespool and the unique + identifier is the pool ID. Example: workspacespool/wspool-123456. + + Regex Pattern: `^[\u0020-\uD7FF\uE000-\uFFFD\uD800\uDC00-\uDBFF\uDFFF\r\n\t]*$` type: string scalableDimension: - description: "The scalable dimension. This string consists of the - service namespace, resource type, and scaling property. \n - ecs:service:DesiredCount - - The desired task count of an ECS service. \n - elasticmapreduce:instancegroup:InstanceCount - - The instance count of an EMR Instance Group. \n - ec2:spot-fleet-request:TargetCapacity - - The target capacity of a Spot Fleet. \n - appstream:fleet:DesiredCapacity - - The desired capacity of an AppStream 2.0 fleet. \n - dynamodb:table:ReadCapacityUnits - - The provisioned read capacity for a DynamoDB table. \n - dynamodb:table:WriteCapacityUnits - - The provisioned write capacity for a DynamoDB table. \n - dynamodb:index:ReadCapacityUnits - - The provisioned read capacity for a DynamoDB global secondary - index. \n - dynamodb:index:WriteCapacityUnits - The provisioned - write capacity for a DynamoDB global secondary index. \n - rds:cluster:ReadReplicaCount - - The count of Aurora Replicas in an Aurora DB cluster. Available - for Aurora MySQL-compatible edition and Aurora PostgreSQL-compatible - edition. \n - sagemaker:variant:DesiredInstanceCount - The number - of EC2 instances for an SageMaker model endpoint variant. \n - custom-resource:ResourceType:Property - - The scalable dimension for a custom resource provided by your - own application or service. \n - comprehend:document-classifier-endpoint:DesiredInferenceUnits - - The number of inference units for an Amazon Comprehend document - classification endpoint. \n - comprehend:entity-recognizer-endpoint:DesiredInferenceUnits - - The number of inference units for an Amazon Comprehend entity - recognizer endpoint. \n - lambda:function:ProvisionedConcurrency - - The provisioned concurrency for a Lambda function. \n - cassandra:table:ReadCapacityUnits - - The provisioned read capacity for an Amazon Keyspaces table. \n - - cassandra:table:WriteCapacityUnits - The provisioned write capacity - for an Amazon Keyspaces table. \n - kafka:broker-storage:VolumeSize - - The provisioned volume size (in GiB) for brokers in an Amazon - MSK cluster. \n - elasticache:replication-group:NodeGroups - The - number of node groups for an Amazon ElastiCache replication group. - \n - elasticache:replication-group:Replicas - The number of replicas - per node group for an Amazon ElastiCache replication group. \n - - neptune:cluster:ReadReplicaCount - The count of read replicas in - an Amazon Neptune DB cluster." + description: |- + The scalable dimension. This string consists of the service namespace, resource + type, and scaling property. + + - ecs:service:DesiredCount - The task count of an ECS service. + + - elasticmapreduce:instancegroup:InstanceCount - The instance count of + an EMR Instance Group. + + - ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot + Fleet. + + - appstream:fleet:DesiredCapacity - The capacity of an AppStream 2.0 fleet. + + - dynamodb:table:ReadCapacityUnits - The provisioned read capacity for + a DynamoDB table. + + - dynamodb:table:WriteCapacityUnits - The provisioned write capacity for + a DynamoDB table. + + - dynamodb:index:ReadCapacityUnits - The provisioned read capacity for + a DynamoDB global secondary index. + + - dynamodb:index:WriteCapacityUnits - The provisioned write capacity for + a DynamoDB global secondary index. + + - rds:cluster:ReadReplicaCount - The count of Aurora Replicas in an Aurora + DB cluster. Available for Aurora MySQL-compatible edition and Aurora PostgreSQL-compatible + edition. + + - sagemaker:variant:DesiredInstanceCount - The number of EC2 instances + for a SageMaker model endpoint variant. + + - custom-resource:ResourceType:Property - The scalable dimension for a + custom resource provided by your own application or service. + + - comprehend:document-classifier-endpoint:DesiredInferenceUnits - The + number of inference units for an Amazon Comprehend document classification + endpoint. + + - comprehend:entity-recognizer-endpoint:DesiredInferenceUnits - The number + of inference units for an Amazon Comprehend entity recognizer endpoint. + + - lambda:function:ProvisionedConcurrency - The provisioned concurrency + for a Lambda function. + + - cassandra:table:ReadCapacityUnits - The provisioned read capacity for + an Amazon Keyspaces table. + + - cassandra:table:WriteCapacityUnits - The provisioned write capacity + for an Amazon Keyspaces table. + + - kafka:broker-storage:VolumeSize - The provisioned volume size (in GiB) + for brokers in an Amazon MSK cluster. + + - elasticache:replication-group:NodeGroups - The number of node groups + for an Amazon ElastiCache replication group. + + - elasticache:replication-group:Replicas - The number of replicas per + node group for an Amazon ElastiCache replication group. + + - neptune:cluster:ReadReplicaCount - The count of read replicas in an + Amazon Neptune DB cluster. + + - sagemaker:variant:DesiredProvisionedConcurrency - The provisioned concurrency + for a SageMaker serverless endpoint. + + - sagemaker:inference-component:DesiredCopyCount - The number of copies + across an endpoint for a SageMaker inference component. + + - workspaces:workspacespool:DesiredUserSessions - The number of user sessions + for the WorkSpaces in the pool. type: string serviceNamespace: - description: The namespace of the Amazon Web Services service that - provides the resource. For a resource provided by your own application - or service, use custom-resource instead. + description: |- + The namespace of the Amazon Web Services service that provides the resource. + For a resource provided by your own application or service, use custom-resource + instead. type: string stepScalingPolicyConfiguration: - description: "A step scaling policy. \n This parameter is required - if you are creating a policy and the policy type is StepScaling." + description: |- + A step scaling policy. + + This parameter is required if you are creating a policy and the policy type + is StepScaling. properties: adjustmentType: type: string @@ -151,27 +240,36 @@ spec: type: integer stepAdjustments: items: - description: "Represents a step adjustment for a StepScalingPolicyConfiguration - (https://docs.aws.amazon.com/autoscaling/application/APIReference/API_StepScalingPolicyConfiguration.html). - Describes an adjustment based on the difference between the - value of the aggregated CloudWatch metric and the breach threshold - that you've defined for the alarm. \n For the following examples, - suppose that you have an alarm with a breach threshold of - 50: \n - To trigger the adjustment when the metric is greater - than or equal to 50 and less than 60, specify a lower bound - of 0 and an upper bound of 10. \n - To trigger the adjustment - when the metric is greater than 40 and less than or equal - to 50, specify a lower bound of -10 and an upper bound of - 0. \n There are a few rules for the step adjustments for your - step policy: \n - The ranges of your step adjustments can't - overlap or have a gap. \n - At most one step adjustment can - have a null lower bound. If one step adjustment has a negative - lower bound, then there must be a step adjustment with a null - lower bound. \n - At most one step adjustment can have a null - upper bound. If one step adjustment has a positive upper bound, - then there must be a step adjustment with a null upper bound. - \n - The upper and lower bound can't be null in the same step - adjustment." + description: |- + Represents a step adjustment for a StepScalingPolicyConfiguration (https://docs.aws.amazon.com/autoscaling/application/APIReference/API_StepScalingPolicyConfiguration.html). + Describes an adjustment based on the difference between the value of the + aggregated CloudWatch metric and the breach threshold that you've defined + for the alarm. + + For the following examples, suppose that you have an alarm with a breach + threshold of 50: + + - To initiate the adjustment when the metric is greater than or equal + to 50 and less than 60, specify a lower bound of 0 and an upper bound + of 10. + + - To initiate the adjustment when the metric is greater than 40 and less + than or equal to 50, specify a lower bound of -10 and an upper bound of + 0. + + There are a few rules for the step adjustments for your step policy: + + - The ranges of your step adjustments can't overlap or have a gap. + + - At most one step adjustment can have a null lower bound. If one step + adjustment has a negative lower bound, then there must be a step adjustment + with a null lower bound. + + - At most one step adjustment can have a null upper bound. If one step + adjustment has a positive upper bound, then there must be a step adjustment + with a null upper bound. + + - The upper and lower bound can't be null in the same step adjustment. properties: metricIntervalLowerBound: type: number @@ -184,29 +282,38 @@ spec: type: array type: object targetTrackingScalingPolicyConfiguration: - description: "A target tracking scaling policy. Includes support for - predefined or customized metrics. \n This parameter is required - if you are creating a policy and the policy type is TargetTrackingScaling." + description: |- + A target tracking scaling policy. Includes support for predefined or customized + metrics. + + This parameter is required if you are creating a policy and the policy type + is TargetTrackingScaling. properties: customizedMetricSpecification: - description: "Represents a CloudWatch metric of your choosing - for a target tracking scaling policy to use with Application - Auto Scaling. \n For information about the available metrics - for a service, see Amazon Web Services Services That Publish - CloudWatch Metrics (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/aws-services-cloudwatch-metrics.html) - in the Amazon CloudWatch User Guide. \n To create your customized - metric specification: \n * Add values for each required parameter - from CloudWatch. You can use an existing metric, or a new metric - that you create. To use your own metric, you must first publish - the metric to CloudWatch. For more information, see Publish - Custom Metrics (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/publishingMetrics.html) - in the Amazon CloudWatch User Guide. \n * Choose a metric that - changes proportionally with capacity. The value of the metric - should increase or decrease in inverse proportion to the number - of capacity units. That is, the value of the metric should decrease - when capacity increases, and increase when capacity decreases. - \n For more information about CloudWatch, see Amazon CloudWatch - Concepts (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html)." + description: |- + Represents a CloudWatch metric of your choosing for a target tracking scaling + policy to use with Application Auto Scaling. + + For information about the available metrics for a service, see Amazon Web + Services services that publish CloudWatch metrics (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/aws-services-cloudwatch-metrics.html) + in the Amazon CloudWatch User Guide. + + To create your customized metric specification: + + * Add values for each required parameter from CloudWatch. You can use + an existing metric, or a new metric that you create. To use your own metric, + you must first publish the metric to CloudWatch. For more information, + see Publish custom metrics (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/publishingMetrics.html) + in the Amazon CloudWatch User Guide. + + * Choose a metric that changes proportionally with capacity. The value + of the metric should increase or decrease in inverse proportion to the + number of capacity units. That is, the value of the metric should decrease + when capacity increases, and increase when capacity decreases. + + For more information about the CloudWatch terminology below, see Amazon CloudWatch + concepts (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html) + in the Amazon CloudWatch User Guide. properties: dimensions: items: @@ -231,14 +338,13 @@ spec: disableScaleIn: type: boolean predefinedMetricSpecification: - description: "Represents a predefined metric for a target tracking - scaling policy to use with Application Auto Scaling. \n Only - the Amazon Web Services that you're using send metrics to Amazon - CloudWatch. To determine whether a desired metric already exists - by looking up its namespace and dimension using the CloudWatch - metrics dashboard in the console, follow the procedure in Building - dashboards with CloudWatch (https://docs.aws.amazon.com/autoscaling/application/userguide/monitoring-cloudwatch.html) - in the Application Auto Scaling User Guide." + description: |- + Represents a predefined metric for a target tracking scaling policy to use + with Application Auto Scaling. + + For more information, Predefined metrics for target tracking scaling policies + (https://docs.aws.amazon.com/autoscaling/application/userguide/monitoring-cloudwatch.html#predefined-metrics) + in the Application Auto Scaling User Guide. properties: predefinedMetricType: type: string @@ -264,24 +370,29 @@ spec: description: ScalingPolicyStatus defines the observed state of ScalingPolicy properties: ackResourceMetadata: - description: All CRs managed by ACK have a common `Status.ACKResourceMetadata` - member that is used to contain resource sync state, account ownership, + description: |- + All CRs managed by ACK have a common `Status.ACKResourceMetadata` member + that is used to contain resource sync state, account ownership, constructed ARN for the resource properties: arn: - description: 'ARN is the Amazon Resource Name for the resource. - This is a globally-unique identifier and is set only by the - ACK service controller once the controller has orchestrated - the creation of the resource OR when it has verified that an - "adopted" resource (a resource where the ARN annotation was - set by the Kubernetes user on the CR) exists and matches the - supplied CR''s Spec field values. TODO(vijat@): Find a better - strategy for resources that do not have ARN in CreateOutputResponse - https://github.com/aws/aws-controllers-k8s/issues/270' + description: |- + ARN is the Amazon Resource Name for the resource. This is a + globally-unique identifier and is set only by the ACK service controller + once the controller has orchestrated the creation of the resource OR + when it has verified that an "adopted" resource (a resource where the + ARN annotation was set by the Kubernetes user on the CR) exists and + matches the supplied CR's Spec field values. + https://github.com/aws/aws-controllers-k8s/issues/270 type: string ownerAccountID: - description: OwnerAccountID is the AWS Account ID of the account - that owns the backend AWS service API resource. + description: |- + OwnerAccountID is the AWS Account ID of the account that owns the + backend AWS service API resource. + type: string + partition: + description: Partition is the AWS partition in which the resource + exists or will exist type: string region: description: Region is the AWS region in which the resource exists @@ -305,14 +416,16 @@ spec: type: object type: array conditions: - description: All CRS managed by ACK have a common `Status.Conditions` - member that contains a collection of `ackv1alpha1.Condition` objects - that describe the various terminal states of the CR and its backend - AWS service API resource + description: |- + All CRs managed by ACK have a common `Status.Conditions` member that + contains a collection of `ackv1alpha1.Condition` objects that describe + the various terminal states of the CR and its backend AWS service API + resource items: - description: Condition is the common struct used by all CRDs managed - by ACK service controllers to indicate terminal states of the - CR and its backend AWS service API resource + description: |- + Condition is the common struct used by all CRDs managed by ACK service + controllers to indicate terminal states of the CR and its backend AWS + service API resource properties: lastTransitionTime: description: Last time the condition transitioned from one status diff --git a/addons/applicationautoscaling-chart/crds/services.k8s.aws_fieldexports.yaml b/addons/applicationautoscaling-chart/crds/services.k8s.aws_fieldexports.yaml index 4a7ab61b3..6e2c61e62 100644 --- a/addons/applicationautoscaling-chart/crds/services.k8s.aws_fieldexports.yaml +++ b/addons/applicationautoscaling-chart/crds/services.k8s.aws_fieldexports.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.9.2 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.19.0 name: fieldexports.services.k8s.aws spec: group: services.k8s.aws @@ -21,14 +20,19 @@ spec: description: FieldExport is the schema for the FieldExport API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -36,15 +40,17 @@ spec: description: FieldExportSpec defines the desired state of the FieldExport. properties: from: - description: ResourceFieldSelector provides the values necessary to - identify an individual field on an individual K8s resource. + description: |- + ResourceFieldSelector provides the values necessary to identify an individual + field on an individual K8s resource. properties: path: type: string resource: - description: NamespacedResource provides all the values necessary - to identify an ACK resource of a given type (within the same - namespace as the custom resource containing this type). + description: |- + NamespacedResource provides all the values necessary to identify an ACK + resource of a given type (within the same namespace as the custom resource + containing this type). properties: group: type: string @@ -62,16 +68,18 @@ spec: - resource type: object to: - description: FieldExportTarget provides the values necessary to identify - the output path for a field export. + description: |- + FieldExportTarget provides the values necessary to identify the + output path for a field export. properties: key: description: Key overrides the default value (`.`) for the FieldExport target type: string kind: - description: FieldExportOutputType represents all types that can - be produced by a field export operation + description: |- + FieldExportOutputType represents all types that can be produced by a field + export operation enum: - configmap - secret @@ -94,12 +102,14 @@ spec: description: FieldExportStatus defines the observed status of the FieldExport. properties: conditions: - description: A collection of `ackv1alpha1.Condition` objects that - describe the various recoverable states of the field CR + description: |- + A collection of `ackv1alpha1.Condition` objects that describe the various + recoverable states of the field CR items: - description: Condition is the common struct used by all CRDs managed - by ACK service controllers to indicate terminal states of the - CR and its backend AWS service API resource + description: |- + Condition is the common struct used by all CRDs managed by ACK service + controllers to indicate terminal states of the CR and its backend AWS + service API resource properties: lastTransitionTime: description: Last time the condition transitioned from one status diff --git a/addons/applicationautoscaling-chart/crds/services.k8s.aws_iamroleselectors.yaml b/addons/applicationautoscaling-chart/crds/services.k8s.aws_iamroleselectors.yaml new file mode 100644 index 000000000..803a75c5f --- /dev/null +++ b/addons/applicationautoscaling-chart/crds/services.k8s.aws_iamroleselectors.yaml @@ -0,0 +1,100 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.19.0 + name: iamroleselectors.services.k8s.aws +spec: + group: services.k8s.aws + names: + kind: IAMRoleSelector + listKind: IAMRoleSelectorList + plural: iamroleselectors + singular: iamroleselector + scope: Cluster + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: IAMRoleSelector is the schema for the IAMRoleSelector API. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + properties: + arn: + type: string + x-kubernetes-validations: + - message: Value is immutable once set + rule: self == oldSelf + namespaceSelector: + description: IAMRoleSelectorSpec defines the desired state of IAMRoleSelector + properties: + labelSelector: + description: LabelSelector is a label query over a set of resources. + properties: + matchLabels: + additionalProperties: + type: string + type: object + required: + - matchLabels + type: object + names: + items: + type: string + type: array + required: + - names + type: object + resourceLabelSelector: + description: LabelSelector is a label query over a set of resources. + properties: + matchLabels: + additionalProperties: + type: string + type: object + required: + - matchLabels + type: object + resourceTypeSelector: + items: + properties: + group: + type: string + kind: + type: string + version: + type: string + required: + - group + - kind + - version + type: object + type: array + required: + - arn + type: object + status: + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/addons/applicationautoscaling-chart/templates/NOTES.txt b/addons/applicationautoscaling-chart/templates/NOTES.txt index 70943afb9..ec870c982 100644 --- a/addons/applicationautoscaling-chart/templates/NOTES.txt +++ b/addons/applicationautoscaling-chart/templates/NOTES.txt @@ -1,5 +1,5 @@ {{ .Chart.Name }} has been installed. -This chart deploys "public.ecr.aws/aws-controllers-k8s/applicationautoscaling-controller:1.0.8". +This chart deploys "public.ecr.aws/aws-controllers-k8s/applicationautoscaling-controller:1.3.0". Check its status by running: kubectl --namespace {{ .Release.Namespace }} get pods -l "app.kubernetes.io/instance={{ .Release.Name }}" diff --git a/addons/applicationautoscaling-chart/templates/_helpers.tpl b/addons/applicationautoscaling-chart/templates/_helpers.tpl index 391d5de33..ad62a8d89 100644 --- a/addons/applicationautoscaling-chart/templates/_helpers.tpl +++ b/addons/applicationautoscaling-chart/templates/_helpers.tpl @@ -1,5 +1,5 @@ {{/* The name of the application this chart installs */}} -{{- define "app.name" -}} +{{- define "ack-applicationautoscaling-controller.app.name" -}} {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} {{- end -}} @@ -8,7 +8,7 @@ Create a default fully qualified app name. We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). If release name contains chart name it will be used as a full name. */}} -{{- define "app.fullname" -}} +{{- define "ack-applicationautoscaling-controller.app.fullname" -}} {{- if .Values.fullnameOverride -}} {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} {{- else -}} @@ -22,27 +22,104 @@ If release name contains chart name it will be used as a full name. {{- end -}} {{/* The name and version as used by the chart label */}} -{{- define "chart.name-version" -}} +{{- define "ack-applicationautoscaling-controller.chart.name-version" -}} {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} {{- end -}} {{/* The name of the service account to use */}} -{{- define "service-account.name" -}} +{{- define "ack-applicationautoscaling-controller.service-account.name" -}} {{ default "default" .Values.serviceAccount.name }} {{- end -}} -{{- define "watch-namespace" -}} +{{- define "ack-applicationautoscaling-controller.watch-namespace" -}} {{- if eq .Values.installScope "namespace" -}} {{ .Values.watchNamespace | default .Release.Namespace }} {{- end -}} {{- end -}} {{/* The mount path for the shared credentials file */}} -{{- define "aws.credentials.secret_mount_path" -}} +{{- define "ack-applicationautoscaling-controller.aws.credentials.secret_mount_path" -}} {{- "/var/run/secrets/aws" -}} {{- end -}} {{/* The path the shared credentials file is mounted */}} -{{- define "aws.credentials.path" -}} -{{- printf "%s/%s" (include "aws.credentials.secret_mount_path" .) .Values.aws.credentials.secretKey -}} +{{- define "ack-applicationautoscaling-controller.aws.credentials.path" -}} +{{ $secret_mount_path := include "ack-applicationautoscaling-controller.aws.credentials.secret_mount_path" . }} +{{- printf "%s/%s" $secret_mount_path .Values.aws.credentials.secretKey -}} +{{- end -}} + +{{/* The rules a of ClusterRole or Role */}} +{{- define "ack-applicationautoscaling-controller.rbac-rules" -}} +rules: +- apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - patch + - watch +- apiGroups: + - "" + resources: + - namespaces + verbs: + - get + - list + - watch +- apiGroups: + - applicationautoscaling.services.k8s.aws + resources: + - scalabletargets + - scalingpolicies + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - applicationautoscaling.services.k8s.aws + resources: + - scalabletargets/status + - scalingpolicies/status + verbs: + - get + - patch + - update +- apiGroups: + - services.k8s.aws + resources: + - fieldexports + - iamroleselectors + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - services.k8s.aws + resources: + - fieldexports/status + - iamroleselectors/status + verbs: + - get + - patch + - update +{{- end }} + +{{/* Convert k/v map to string like: "key1=value1,key2=value2,..." */}} +{{- define "ack-applicationautoscaling-controller.feature-gates" -}} +{{- $list := list -}} +{{- range $k, $v := .Values.featureGates -}} +{{- $list = append $list (printf "%s=%s" $k ( $v | toString)) -}} +{{- end -}} +{{ join "," $list }} {{- end -}} diff --git a/addons/applicationautoscaling-chart/templates/caches-role-binding.yaml b/addons/applicationautoscaling-chart/templates/caches-role-binding.yaml new file mode 100644 index 000000000..7f298af5e --- /dev/null +++ b/addons/applicationautoscaling-chart/templates/caches-role-binding.yaml @@ -0,0 +1,40 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ include "ack-applicationautoscaling-controller.app.fullname" . }}-namespaces-cache + labels: + app.kubernetes.io/name: {{ include "ack-applicationautoscaling-controller.app.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} + k8s-app: {{ include "ack-applicationautoscaling-controller.app.name" . }} + helm.sh/chart: {{ include "ack-applicationautoscaling-controller.chart.name-version" . }} +roleRef: + kind: ClusterRole + apiGroup: rbac.authorization.k8s.io + name: {{ include "ack-applicationautoscaling-controller.app.fullname" . }}-namespaces-cache +subjects: +- kind: ServiceAccount + name: {{ include "ack-applicationautoscaling-controller.service-account.name" . }} + namespace: {{ .Release.Namespace }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: {{ include "ack-applicationautoscaling-controller.app.fullname" . }}-configmaps-cache + namespace: {{ .Release.Namespace }} + labels: + app.kubernetes.io/name: {{ include "ack-applicationautoscaling-controller.app.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} + k8s-app: {{ include "ack-applicationautoscaling-controller.app.name" . }} + helm.sh/chart: {{ include "ack-applicationautoscaling-controller.chart.name-version" . }} +roleRef: + kind: Role + apiGroup: rbac.authorization.k8s.io + name: {{ include "ack-applicationautoscaling-controller.app.fullname" . }}-configmaps-cache +subjects: +- kind: ServiceAccount + name: {{ include "ack-applicationautoscaling-controller.service-account.name" . }} + namespace: {{ .Release.Namespace }} diff --git a/addons/applicationautoscaling-chart/templates/caches-role.yaml b/addons/applicationautoscaling-chart/templates/caches-role.yaml new file mode 100644 index 000000000..7865ee83b --- /dev/null +++ b/addons/applicationautoscaling-chart/templates/caches-role.yaml @@ -0,0 +1,42 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ include "ack-applicationautoscaling-controller.app.fullname" . }}-namespaces-cache + labels: + app.kubernetes.io/name: {{ include "ack-applicationautoscaling-controller.app.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} + k8s-app: {{ include "ack-applicationautoscaling-controller.app.name" . }} + helm.sh/chart: {{ include "ack-applicationautoscaling-controller.chart.name-version" . }} +rules: +- apiGroups: + - "" + resources: + - namespaces + verbs: + - get + - list + - watch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: {{ include "ack-applicationautoscaling-controller.app.fullname" . }}-configmaps-cache + namespace: {{ .Release.Namespace }} + labels: + app.kubernetes.io/name: {{ include "ack-applicationautoscaling-controller.app.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} + k8s-app: {{ include "ack-applicationautoscaling-controller.app.name" . }} + helm.sh/chart: {{ include "ack-applicationautoscaling-controller.chart.name-version" . }} +rules: +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch \ No newline at end of file diff --git a/addons/applicationautoscaling-chart/templates/cluster-role-binding.yaml b/addons/applicationautoscaling-chart/templates/cluster-role-binding.yaml index f3f792a6e..c329f80c7 100644 --- a/addons/applicationautoscaling-chart/templates/cluster-role-binding.yaml +++ b/addons/applicationautoscaling-chart/templates/cluster-role-binding.yaml @@ -1,21 +1,52 @@ -apiVersion: rbac.authorization.k8s.io/v1 {{ if eq .Values.installScope "cluster" }} +apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - name: {{ include "app.fullname" . }} + name: {{ include "ack-applicationautoscaling-controller.app.fullname" . }}-rolebinding + labels: + app.kubernetes.io/name: {{ include "ack-applicationautoscaling-controller.app.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} + k8s-app: {{ include "ack-applicationautoscaling-controller.app.name" . }} + helm.sh/chart: {{ include "ack-applicationautoscaling-controller.chart.name-version" . }} roleRef: kind: ClusterRole -{{ else }} + apiGroup: rbac.authorization.k8s.io + name: {{ include "ack-applicationautoscaling-controller.app.fullname" . }} +subjects: +- kind: ServiceAccount + name: {{ include "ack-applicationautoscaling-controller.service-account.name" . }} + namespace: {{ .Release.Namespace }} +{{ else if eq .Values.installScope "namespace" }} +{{ $wn := include "ack-applicationautoscaling-controller.watch-namespace" . }} +{{ $namespaces := split "," $wn }} +{{ $fullname := include "ack-applicationautoscaling-controller.app.fullname" . }} +{{ $releaseNamespace := .Release.Namespace }} +{{ $serviceAccountName := include "ack-applicationautoscaling-controller.service-account.name" . }} +{{ $chartVersion := include "ack-applicationautoscaling-controller.chart.name-version" . }} +{{ $appVersion := .Chart.AppVersion | quote }} +{{ range $namespaces }} +--- +apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: - name: {{ include "app.fullname" . }} - namespace: {{ .Release.Namespace }} + name: {{ $fullname }}-{{ . }} + namespace: {{ . }} + labels: + app.kubernetes.io/name: {{ $fullname }} + app.kubernetes.io/instance: {{ $.Release.Name }} + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/version: {{ $appVersion }} + k8s-app: {{ $fullname }} + helm.sh/chart: {{ $chartVersion }} roleRef: kind: Role -{{ end }} apiGroup: rbac.authorization.k8s.io - name: ack-applicationautoscaling-controller + name: {{ $fullname }}-{{ . }} subjects: - kind: ServiceAccount - name: {{ include "service-account.name" . }} - namespace: {{ .Release.Namespace }} + name: {{ $serviceAccountName }} + namespace: {{ $releaseNamespace }} +{{ end }} +{{ end }} \ No newline at end of file diff --git a/addons/applicationautoscaling-chart/templates/cluster-role-controller.yaml b/addons/applicationautoscaling-chart/templates/cluster-role-controller.yaml index 07c6e2772..2af4b79a8 100644 --- a/addons/applicationautoscaling-chart/templates/cluster-role-controller.yaml +++ b/addons/applicationautoscaling-chart/templates/cluster-role-controller.yaml @@ -1,128 +1,44 @@ -apiVersion: rbac.authorization.k8s.io/v1 +{{ $labels := .Values.role.labels }} +{{ $appVersion := .Chart.AppVersion | quote }} +{{ $rbacRules := include "ack-applicationautoscaling-controller.rbac-rules" . }} +{{ $fullname := include "ack-applicationautoscaling-controller.app.fullname" . }} +{{ $chartVersion := include "ack-applicationautoscaling-controller.chart.name-version" . }} {{ if eq .Values.installScope "cluster" }} +apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - creationTimestamp: null - name: ack-applicationautoscaling-controller + name: {{ include "ack-applicationautoscaling-controller.app.fullname" . }} labels: - {{- range $key, $value := .Values.role.labels }} + app.kubernetes.io/name: {{ include "ack-applicationautoscaling-controller.app.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} + k8s-app: {{ include "ack-applicationautoscaling-controller.app.name" . }} + helm.sh/chart: {{ include "ack-applicationautoscaling-controller.chart.name-version" . }} + {{- range $key, $value := $labels }} {{ $key }}: {{ $value | quote }} {{- end }} -{{ else }} +{{$rbacRules }} +{{ else if eq .Values.installScope "namespace" }} +{{ $wn := include "ack-applicationautoscaling-controller.watch-namespace" . }} +{{ $namespaces := split "," $wn }} +{{ range $namespaces }} +--- +apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: - creationTimestamp: null - name: ack-applicationautoscaling-controller + name: {{ $fullname }}-{{ . }} + namespace: {{ . }} labels: - {{- range $key, $value := .Values.role.labels }} + app.kubernetes.io/name: {{ $fullname }} + app.kubernetes.io/instance: {{ $.Release.Name }} + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/version: {{ $appVersion }} + k8s-app: {{ $fullname }} + helm.sh/chart: {{ $chartVersion }} + {{- range $key, $value := $labels }} {{ $key }}: {{ $value | quote }} {{- end }} - namespace: {{ .Release.Namespace }} +{{ $rbacRules }} {{ end }} -rules: -- apiGroups: - - "" - resources: - - configmaps - verbs: - - get - - list - - patch - - watch -- apiGroups: - - "" - resources: - - namespaces - verbs: - - get - - list - - watch -- apiGroups: - - "" - resources: - - secrets - verbs: - - get - - list - - patch - - watch -- apiGroups: - - applicationautoscaling.services.k8s.aws - resources: - - scalabletargets - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - applicationautoscaling.services.k8s.aws - resources: - - scalabletargets/status - verbs: - - get - - patch - - update -- apiGroups: - - applicationautoscaling.services.k8s.aws - resources: - - scalingpolicies - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - applicationautoscaling.services.k8s.aws - resources: - - scalingpolicies/status - verbs: - - get - - patch - - update -- apiGroups: - - services.k8s.aws - resources: - - adoptedresources - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - services.k8s.aws - resources: - - adoptedresources/status - verbs: - - get - - patch - - update -- apiGroups: - - services.k8s.aws - resources: - - fieldexports - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - services.k8s.aws - resources: - - fieldexports/status - verbs: - - get - - patch - - update +{{ end }} \ No newline at end of file diff --git a/addons/applicationautoscaling-chart/templates/deployment.yaml b/addons/applicationautoscaling-chart/templates/deployment.yaml index f40b5f22a..97998cbab 100644 --- a/addons/applicationautoscaling-chart/templates/deployment.yaml +++ b/addons/applicationautoscaling-chart/templates/deployment.yaml @@ -1,20 +1,23 @@ apiVersion: apps/v1 kind: Deployment metadata: - name: {{ include "app.fullname" . }} + name: {{ include "ack-applicationautoscaling-controller.app.fullname" . }} namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: {{ include "app.name" . }} + app.kubernetes.io/name: {{ include "ack-applicationautoscaling-controller.app.name" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: Helm app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} - k8s-app: {{ include "app.name" . }} - helm.sh/chart: {{ include "chart.name-version" . }} + k8s-app: {{ include "ack-applicationautoscaling-controller.app.name" . }} + helm.sh/chart: {{ include "ack-applicationautoscaling-controller.chart.name-version" . }} +{{- range $key, $value := .Values.deployment.labels }} + {{ $key }}: {{ $value | quote }} +{{- end }} spec: replicas: {{ .Values.deployment.replicas }} selector: matchLabels: - app.kubernetes.io/name: {{ include "app.name" . }} + app.kubernetes.io/name: {{ include "ack-applicationautoscaling-controller.app.name" . }} app.kubernetes.io/instance: {{ .Release.Name }} template: metadata: @@ -25,15 +28,15 @@ spec: {{- end }} {{- end }} labels: - app.kubernetes.io/name: {{ include "app.name" . }} + app.kubernetes.io/name: {{ include "ack-applicationautoscaling-controller.app.name" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: Helm - k8s-app: {{ include "app.name" . }} + k8s-app: {{ include "ack-applicationautoscaling-controller.app.name" . }} {{- range $key, $value := .Values.deployment.labels }} {{ $key }}: {{ $value | quote }} {{- end }} spec: - serviceAccountName: {{ include "service-account.name" . }} + serviceAccountName: {{ include "ack-applicationautoscaling-controller.service-account.name" . }} {{- if .Values.image.pullSecrets }} imagePullSecrets: {{- range .Values.image.pullSecrets }} @@ -48,6 +51,13 @@ spec: - "$(AWS_REGION)" - --aws-endpoint-url - "$(AWS_ENDPOINT_URL)" +{{- if .Values.aws.identity_endpoint_url }} + - --aws-identity-endpoint-url + - "$(AWS_IDENTITY_ENDPOINT_URL)" +{{- end }} +{{- if .Values.aws.allow_unsafe_aws_endpoint_urls }} + - --allow-unsafe-aws-endpoint-urls +{{- end }} {{- if .Values.log.enable_development_logging }} - --enable-development-logging {{- end }} @@ -57,6 +67,10 @@ spec: - "$(ACK_RESOURCE_TAGS)" - --watch-namespace - "$(ACK_WATCH_NAMESPACE)" + - --watch-selectors + - "$(ACK_WATCH_SELECTORS)" + - --reconcile-resources + - "$(RECONCILE_RESOURCES)" - --deletion-policy - "$(DELETION_POLICY)" {{- if .Values.leaderElection.enabled }} @@ -64,7 +78,7 @@ spec: - --leader-election-namespace - "$(LEADER_ELECTION_NAMESPACE)" {{- end }} -{{- if gt .Values.reconcile.defaultResyncPeriod 0.0 }} +{{- if gt (int .Values.reconcile.defaultResyncPeriod) 0 }} - --reconcile-default-resync-seconds - "$(RECONCILE_DEFAULT_RESYNC_SECONDS)" {{- end }} @@ -72,6 +86,19 @@ spec: - --reconcile-resource-resync-seconds - "$(RECONCILE_RESOURCE_RESYNC_SECONDS_{{ $key | upper }})" {{- end }} +{{- if gt (int .Values.reconcile.defaultMaxConcurrentSyncs) 0 }} + - --reconcile-default-max-concurrent-syncs + - "$(RECONCILE_DEFAULT_MAX_CONCURRENT_SYNCS)" +{{- end }} +{{- range $key, $value := .Values.reconcile.resourceMaxConcurrentSyncs }} + - --reconcile-resource-max-concurrent-syncs + - "$(RECONCILE_RESOURCE_MAX_CONCURRENT_SYNCS_{{ $key | upper }})" +{{- end }} +{{- if .Values.featureGates}} + - --feature-gates + - "$(FEATURE_GATES)" +{{- end }} + - --enable-carm={{ .Values.enableCARM }} image: {{ .Values.image.repository }}:{{ .Values.image.tag }} imagePullPolicy: {{ .Values.image.pullPolicy }} name: controller @@ -89,8 +116,14 @@ spec: value: {{ .Values.aws.region }} - name: AWS_ENDPOINT_URL value: {{ .Values.aws.endpoint_url | quote }} + - name: AWS_IDENTITY_ENDPOINT_URL + value: {{ .Values.aws.identity_endpoint_url | quote }} - name: ACK_WATCH_NAMESPACE - value: {{ include "watch-namespace" . }} + value: {{ include "ack-applicationautoscaling-controller.watch-namespace" . }} + - name: ACK_WATCH_SELECTORS + value: {{ .Values.watchSelectors }} + - name: RECONCILE_RESOURCES + value: {{ join "," .Values.reconcile.resources | quote }} - name: DELETION_POLICY value: {{ .Values.deletionPolicy }} - name: LEADER_ELECTION_NAMESPACE @@ -99,39 +132,66 @@ spec: value: {{ .Values.log.level | quote }} - name: ACK_RESOURCE_TAGS value: {{ join "," .Values.resourceTags | quote }} -{{- if gt .Values.reconcile.defaultResyncPeriod 0.0 }} +{{- if gt (int .Values.reconcile.defaultResyncPeriod) 0 }} - name: RECONCILE_DEFAULT_RESYNC_SECONDS value: {{ .Values.reconcile.defaultResyncPeriod | quote }} {{- end }} {{- range $key, $value := .Values.reconcile.resourceResyncPeriods }} - name: RECONCILE_RESOURCE_RESYNC_SECONDS_{{ $key | upper }} value: {{ $key }}={{ $value }} +{{- end }} +{{- if gt (int .Values.reconcile.defaultMaxConcurrentSyncs) 0 }} + - name: RECONCILE_DEFAULT_MAX_CONCURRENT_SYNCS + value: {{ .Values.reconcile.defaultMaxConcurrentSyncs | quote }} +{{- end }} +{{- range $key, $value := .Values.reconcile.resourceMaxConcurrentSyncs }} + - name: RECONCILE_RESOURCE_MAX_CONCURRENT_SYNCS_{{ $key | upper }} + value: {{ $key }}={{ $value }} +{{- end }} +{{- if .Values.featureGates}} + - name: FEATURE_GATES + value: {{ include "ack-applicationautoscaling-controller.feature-gates" . }} {{- end }} {{- if .Values.aws.credentials.secretName }} - name: AWS_SHARED_CREDENTIALS_FILE - value: {{ include "aws.credentials.path" . }} + value: {{ include "ack-applicationautoscaling-controller.aws.credentials.path" . }} - name: AWS_PROFILE value: {{ .Values.aws.credentials.profile }} {{- end }} {{- if .Values.deployment.extraEnvVars -}} {{ toYaml .Values.deployment.extraEnvVars | nindent 8 }} {{- end }} + {{- if or .Values.aws.credentials.secretName .Values.deployment.extraVolumeMounts }} volumeMounts: {{- if .Values.aws.credentials.secretName }} - name: {{ .Values.aws.credentials.secretName }} - mountPath: {{ include "aws.credentials.secret_mount_path" . }} + mountPath: {{ include "ack-applicationautoscaling-controller.aws.credentials.secret_mount_path" . }} readOnly: true {{- end }} {{- if .Values.deployment.extraVolumeMounts -}} - {{ toYaml .Values.deployment.extraVolumeMounts | nindent 12 }} + {{ toYaml .Values.deployment.extraVolumeMounts | nindent 10 }} + {{- end }} {{- end }} securityContext: allowPrivilegeEscalation: false privileged: false + readOnlyRootFilesystem: true runAsNonRoot: true capabilities: drop: - ALL + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 15 + periodSeconds: 20 + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 5 + periodSeconds: 10 securityContext: seccompProfile: type: RuntimeDefault @@ -150,12 +210,17 @@ spec: hostPID: false hostNetwork: {{ .Values.deployment.hostNetwork }} dnsPolicy: {{ .Values.deployment.dnsPolicy }} + {{- if or .Values.aws.credentials.secretName .Values.deployment.extraVolumes }} volumes: - {{- if .Values.aws.credentials.secretName -}} + {{- if .Values.aws.credentials.secretName }} - name: {{ .Values.aws.credentials.secretName }} secret: secretName: {{ .Values.aws.credentials.secretName }} - {{ end -}} -{{- if .Values.deployment.extraVolumes }} -{{ toYaml .Values.deployment.extraVolumes | indent 8}} -{{- end }} + {{- end }} + {{- if .Values.deployment.extraVolumes }} + {{- toYaml .Values.deployment.extraVolumes | nindent 8 }} + {{- end }} + {{- end }} + {{- with .Values.deployment.strategy }} + strategy: {{- toYaml . | nindent 4 }} + {{- end }} diff --git a/addons/applicationautoscaling-chart/templates/leader-election-role-binding.yaml b/addons/applicationautoscaling-chart/templates/leader-election-role-binding.yaml index 979749d08..7ac07709e 100644 --- a/addons/applicationautoscaling-chart/templates/leader-election-role-binding.yaml +++ b/addons/applicationautoscaling-chart/templates/leader-election-role-binding.yaml @@ -2,17 +2,24 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: - name: applicationautoscaling-leader-election-rolebinding + name: {{ include "ack-applicationautoscaling-controller.app.fullname" . }}-leaderelection {{ if .Values.leaderElection.namespace }} namespace: {{ .Values.leaderElection.namespace }} {{ else }} namespace: {{ .Release.Namespace }} {{ end }} + labels: + app.kubernetes.io/name: {{ include "ack-applicationautoscaling-controller.app.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} + k8s-app: {{ include "ack-applicationautoscaling-controller.app.name" . }} + helm.sh/chart: {{ include "ack-applicationautoscaling-controller.chart.name-version" . }} roleRef: apiGroup: rbac.authorization.k8s.io kind: Role - name: applicationautoscaling-leader-election-role + name: {{ include "ack-applicationautoscaling-controller.app.fullname" . }}-leaderelection subjects: - kind: ServiceAccount - name: {{ include "service-account.name" . }} + name: {{ include "ack-applicationautoscaling-controller.service-account.name" . }} namespace: {{ .Release.Namespace }}{{- end }} diff --git a/addons/applicationautoscaling-chart/templates/leader-election-role.yaml b/addons/applicationautoscaling-chart/templates/leader-election-role.yaml index c5fdb2ca5..4a7b54545 100644 --- a/addons/applicationautoscaling-chart/templates/leader-election-role.yaml +++ b/addons/applicationautoscaling-chart/templates/leader-election-role.yaml @@ -2,12 +2,19 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: - name: applicationautoscaling-leader-election-role + name: {{ include "ack-applicationautoscaling-controller.app.fullname" . }}-leaderelection {{ if .Values.leaderElection.namespace }} namespace: {{ .Values.leaderElection.namespace }} {{ else }} namespace: {{ .Release.Namespace }} {{ end }} + labels: + app.kubernetes.io/name: {{ include "ack-applicationautoscaling-controller.app.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} + k8s-app: {{ include "ack-applicationautoscaling-controller.app.name" . }} + helm.sh/chart: {{ include "ack-applicationautoscaling-controller.chart.name-version" . }} rules: - apiGroups: - coordination.k8s.io diff --git a/addons/applicationautoscaling-chart/templates/metrics-service.yaml b/addons/applicationautoscaling-chart/templates/metrics-service.yaml index 638858a38..99d7b0e97 100644 --- a/addons/applicationautoscaling-chart/templates/metrics-service.yaml +++ b/addons/applicationautoscaling-chart/templates/metrics-service.yaml @@ -5,18 +5,18 @@ metadata: name: {{ .Chart.Name | trimSuffix "-chart" | trunc 44 }}-controller-metrics namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: {{ include "app.name" . }} + app.kubernetes.io/name: {{ include "ack-applicationautoscaling-controller.app.name" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: Helm app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} - k8s-app: {{ include "app.name" . }} - helm.sh/chart: {{ include "chart.name-version" . }} + k8s-app: {{ include "ack-applicationautoscaling-controller.app.name" . }} + helm.sh/chart: {{ include "ack-applicationautoscaling-controller.chart.name-version" . }} spec: selector: - app.kubernetes.io/name: {{ include "app.name" . }} + app.kubernetes.io/name: {{ include "ack-applicationautoscaling-controller.app.name" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: Helm - k8s-app: {{ include "app.name" . }} + k8s-app: {{ include "ack-applicationautoscaling-controller.app.name" . }} {{- range $key, $value := .Values.deployment.labels }} {{ $key }}: {{ $value | quote }} {{- end }} diff --git a/addons/applicationautoscaling-chart/templates/role-reader.yaml b/addons/applicationautoscaling-chart/templates/role-reader.yaml index f416f5ec2..e9b77a053 100644 --- a/addons/applicationautoscaling-chart/templates/role-reader.yaml +++ b/addons/applicationautoscaling-chart/templates/role-reader.yaml @@ -3,8 +3,15 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: creationTimestamp: null - name: ack-applicationautoscaling-reader + name: {{ include "ack-applicationautoscaling-controller.app.fullname" . }}-reader namespace: {{ .Release.Namespace }} + labels: + app.kubernetes.io/name: {{ include "ack-applicationautoscaling-controller.app.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} + k8s-app: {{ include "ack-applicationautoscaling-controller.app.name" . }} + helm.sh/chart: {{ include "ack-applicationautoscaling-controller.chart.name-version" . }} rules: - apiGroups: - applicationautoscaling.services.k8s.aws diff --git a/addons/applicationautoscaling-chart/templates/role-writer.yaml b/addons/applicationautoscaling-chart/templates/role-writer.yaml index cfb9f3050..1d10356e3 100644 --- a/addons/applicationautoscaling-chart/templates/role-writer.yaml +++ b/addons/applicationautoscaling-chart/templates/role-writer.yaml @@ -3,16 +3,21 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: creationTimestamp: null - name: ack-applicationautoscaling-writer + name: {{ include "ack-applicationautoscaling-controller.app.fullname" . }}-writer namespace: {{ .Release.Namespace }} + labels: + app.kubernetes.io/name: {{ include "ack-applicationautoscaling-controller.app.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} + k8s-app: {{ include "ack-applicationautoscaling-controller.app.name" . }} + helm.sh/chart: {{ include "ack-applicationautoscaling-controller.chart.name-version" . }} rules: - apiGroups: - applicationautoscaling.services.k8s.aws resources: - scalabletargets - - scalingpolicies - verbs: - create - delete diff --git a/addons/applicationautoscaling-chart/templates/service-account.yaml b/addons/applicationautoscaling-chart/templates/service-account.yaml index 73306395f..c6de3fad2 100644 --- a/addons/applicationautoscaling-chart/templates/service-account.yaml +++ b/addons/applicationautoscaling-chart/templates/service-account.yaml @@ -3,13 +3,13 @@ apiVersion: v1 kind: ServiceAccount metadata: labels: - app.kubernetes.io/name: {{ include "app.name" . }} + app.kubernetes.io/name: {{ include "ack-applicationautoscaling-controller.app.name" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: Helm app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} - k8s-app: {{ include "app.name" . }} - helm.sh/chart: {{ include "chart.name-version" . }} - name: {{ include "service-account.name" . }} + k8s-app: {{ include "ack-applicationautoscaling-controller.app.name" . }} + helm.sh/chart: {{ include "ack-applicationautoscaling-controller.chart.name-version" . }} + name: {{ include "ack-applicationautoscaling-controller.service-account.name" . }} namespace: {{ .Release.Namespace }} annotations: {{- range $key, $value := .Values.serviceAccount.annotations }} diff --git a/addons/applicationautoscaling-chart/values.schema.json b/addons/applicationautoscaling-chart/values.schema.json index ac28b6808..619cfe372 100644 --- a/addons/applicationautoscaling-chart/values.schema.json +++ b/addons/applicationautoscaling-chart/values.schema.json @@ -171,9 +171,16 @@ "region": { "type": "string" }, - "endpoint": { + "endpoint_url": { "type": "string" }, + "identity_endpoint_url": { + "type": "string" + }, + "allow_unsafe_aws_endpoint_urls": { + "type": "boolean", + "default": false + }, "credentials": { "description": "AWS credentials information", "properties": { @@ -210,7 +217,10 @@ }, "watchNamespace": { "type": "string" - }, + }, + "watchSelectors": { + "type": "string" + }, "resourceTags": { "type": "array", "items": { @@ -223,13 +233,27 @@ "enum": ["delete", "retain"] }, "reconcile": { - "description": "Reconcile resync settings. Parameters to tune the controller's drift remediation period.", + "description": "Reconcile settings. This is used to configure the controller's reconciliation behavior. e.g resyncPeriod and maxConcurrentSyncs", "properties": { "defaultResyncPeriod": { "type": "number" }, "resourceResyncPeriods": { "type": "object" + }, + "defaultMaxConcurentSyncs": { + "type": "number" + }, + "resourceMaxConcurrentSyncs": { + "type": "object" + }, + "resources": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of resource kinds to reconcile. If empty, all resources will be reconciled.", + "default": [] } }, "type": "object" @@ -246,6 +270,11 @@ }, "type": "object" }, + "enableCARM": { + "description": "Parameter to enable or disable cross account resource management.", + "type": "boolean", + "default": true + }, "serviceAccount": { "description": "ServiceAccount settings", "properties": { @@ -262,6 +291,13 @@ "type": "object" } }, + "featureGates": { + "description": "Feature gates settings", + "type": "object", + "additionalProperties": { + "type": "boolean" + } + }, "required": [ "image", "deployment", diff --git a/addons/applicationautoscaling-chart/values.yaml b/addons/applicationautoscaling-chart/values.yaml index 308b7f268..d7bb1c61b 100644 --- a/addons/applicationautoscaling-chart/values.yaml +++ b/addons/applicationautoscaling-chart/values.yaml @@ -4,7 +4,7 @@ image: repository: public.ecr.aws/aws-controllers-k8s/applicationautoscaling-controller - tag: 1.0.8 + tag: 1.3.0 pullPolicy: IfNotPresent pullSecrets: [] @@ -41,6 +41,9 @@ deployment: # To have DNS options set along with hostNetwork, you have to specify DNS policy # explicitly to 'ClusterFirstWithHostNet'. dnsPolicy: ClusterFirst + # Set rollout strategy for deployment. + # See: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy + strategy: {} extraVolumes: [] extraVolumeMounts: [] @@ -87,6 +90,8 @@ aws: # If specified, use the AWS region for AWS API calls region: "" endpoint_url: "" + identity_endpoint_url: "" + allow_unsafe_aws_endpoint_urls: false credentials: # If specified, Secret with shared credentials file to use. secretName: "" @@ -107,13 +112,21 @@ installScope: cluster # Set the value of the "namespace" to be watched by the controller # This value is only used when the `installScope` is set to "namespace". If left empty, the default value is the release namespace for the chart. +# You can set multiple namespaces by providing a comma separated list of namespaces. e.g "namespace1,namespace2" watchNamespace: "" +# Set the value of labelsSelectors to be used by the controller to filter the resources to watch. +# You can set multiple labelsSelectors by providing a comma separated list of a=b arguments. e.g "label1=value1,label2=value2" +watchSelectors: "" + resourceTags: # Configures the ACK service controller to always set key/value pairs tags on # resources that it manages. + # Note: Tags with empty values are automatically skipped to keep resources clean. - services.k8s.aws/controller-version=%CONTROLLER_SERVICE%-%CONTROLLER_VERSION% - services.k8s.aws/namespace=%K8S_NAMESPACE% + - app.kubernetes.io/managed-by=%MANAGED_BY% + - kro.run/kro-version=%KRO_VERSION% # Set to "retain" to keep all AWS resources intact even after the K8s resources # have been deleted. By default, the ACK controller will delete the AWS resource @@ -127,6 +140,19 @@ reconcile: # An object representing the reconcile resync configuration for each specific resource. resourceResyncPeriods: {} + # The default number of concurrent syncs that a reconciler can perform. + defaultMaxConcurrentSyncs: 1 + # An object representing the reconcile max concurrent syncs configuration for each specific + # resource. + resourceMaxConcurrentSyncs: {} + + # Set the value of resources to specify which resource kinds to reconcile. + # If empty, all resources will be reconciled. + # If specified, only the listed resource kinds will be reconciled. + resources: + - ScalableTarget + - ScalingPolicy + serviceAccount: # Specifies whether a service account should be created create: true @@ -146,3 +172,21 @@ leaderElection: # will attempt to use the namespace of the service account mounted to the Controller # pod. namespace: "" + +# Enable Cross Account Resource Management (default = true). Set this to false to disable cross account resource management. +enableCARM: true + +# Configuration for feature gates. These are optional controller features that +# can be individually enabled ("true") or disabled ("false") by adding key/value +# pairs below. +featureGates: + # Enables the Service level granularity for CARM. See https://github.com/aws-controllers-k8s/community/issues/2031 + ServiceLevelCARM: false + # Enables the Team level granularity for CARM. See https://github.com/aws-controllers-k8s/community/issues/2031 + TeamLevelCARM: false + # Enable ReadOnlyResources feature/annotation. + ReadOnlyResources: true + # Enable ResourceAdoption feature/annotation. + ResourceAdoption: true + # Enable IAMRoleSelector, a multirole feature, replacing CARM. See https://github.com/aws-controllers-k8s/community/pull/2628 + IAMRoleSelector: false \ No newline at end of file