Merge pull request #1 from fiverr/init

Init

.github/pull_request_template.md

@@ -0,0 +1,12 @@
+<!-- Thank you for contributing!-->
+
+_Provide a description of what has been changed_
+
+### Checklist
+
+- [ ] README is updated with new configuration values *(if applicable)*
+- [ ] Changes were throughly tested locally
+- [ ] Changes are covered by Unit Tests
+- [ ] Version is updated in `Chart.yaml`
+
+Fixes #

.github/workflows/release.yml

@@ -0,0 +1,27 @@
+name: Release Charts
+
+on:
+  push:
+    branches:
+      - master
+
+jobs:
+  release:
+    permissions:
+      contents: write
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+
+      - name: Configure Git
+        run: |
+          git config user.name "$GITHUB_ACTOR"
+          git config user.email "$GITHUB_ACTOR@users.noreply.github.com"
+
+      - name: Run chart-releaser
+        uses: helm/chart-releaser-action@v1.6.0
+        env:
+          CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"

.github/workflows/tests.yml

@@ -0,0 +1,41 @@
+name: Lint and Test
+
+on: pull_request
+
+jobs:
+  lint-and-version-check-then-tests:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+
+      - name: Set up Helm
+        uses: azure/setup-helm@v3
+        with:
+          version: v3.13.3
+
+      - uses: actions/setup-python@v4
+        with:
+          python-version: '3.10'
+          check-latest: true
+
+      - name: Set up chart-testing
+        uses: helm/chart-testing-action@v2.6.0
+
+      - name: Run chart-testing (list-changed)
+        id: list-changed
+        run: |
+          changed=$(ct list-changed --target-branch ${{ github.event.repository.default_branch }})
+          if [[ -n "$changed" ]]; then
+            echo "changed=true" >> "$GITHUB_OUTPUT"
+          fi
+
+      - name: Run chart-testing (lint)
+        if: steps.list-changed.outputs.changed == 'true'
+        run: ct lint --target-branch ${{ github.event.repository.default_branch }}
+
+      - name: Run chart-testing (unit)
+        uses: d3adb5/helm-unittest-action@v2
+        if: steps.list-changed.outputs.changed == 'true'

README.md

@@ -1 +1,25 @@
-# public_charts
+# [WIP] Fiverr Community Helm Charts [WIP]
+
+The code is provided as-is with no warranties.
+
+## Usage
+
+[Helm](https://helm.sh) must be installed to use the charts.
+Please refer to Helm's [documentation](https://helm.sh/docs/) to get started.
+
+Once Helm is set up properly, add the repository as follows:
+
+```console
+helm repo add <repo name> <repo url>
+```
+
+You can then run `helm search repo <repo name>` to see the charts.
+
+## License
+
+<!-- Keep full URL links to repo files because this README syncs from main to gh-pages.  -->
+[Apache 2.0 License](https://github.com/fiverr/public_charts/blob/main/LICENSE).
+
+## Helm charts build status
+
+TODO

charts/karpenter_nodes/Chart.yaml

@@ -0,0 +1,6 @@
+apiVersion: v2
+name: karpenter_nodes
+version: 0.0.1
+description: A Helm chart for generating NodeClasses and NodePools for Karpenter
+maintainers:
+  - name: nadavbuc

charts/karpenter_nodes/README.md

@@ -0,0 +1,141 @@
+## Fiverr Public Helm Templates - Karpenter Nodes
+
+### Introduction
+This Helm Template is designed to generate NodeClasses and NodePools using [Karpenter](https://karpenter.sh/) in addition to optional HeadRoom.
+
+The template follows a naming convention which is comprised of the `nodegroup` name and its architecture (amd64, arm64 or multiarch).
+
+For example `nodes-default-amd64`
+
+The chart will loop over the `nodegroups` and generate the relevant NodeClasses and NodePools.
+
+### UserData
+The `UserData` field supports templating and your own values. You can take a look at the `userdata_example_values.yaml` file for an example.
+
+## Working with Helm
+
+### Todo - add helm install command when repo is public and alive with real url
+
+### Testing Your Changes
+After making changes you will probably want to see the new output. Run `helm template` with the relevant example files: </br>
+`helm template . -f values.yaml`
+
+### Unit Tests
+Make sure you have `helm-unittest` plugin installed. [helm-unittest](https://github.com/helm-unittest/helm-unittest)
+
+Unit tests are written in `tests` directory. To run the tests, use the following command: </br>
+`helm unittest --helm3 karpenter_nodes -f "tests/$value/*_test.yaml"`
+
+
+## Configuration keys
+Note - Most of the values can be overridden per nodegroup (If not specified, it will use the default (Global) values)
+
+|  Key Name                      | Description | Type | Optional? | Optional Per NodeGroup? |
+| ------------------------------ | ----------- | ---- | --------- | ----------------------- |
+| `ApiVersion`                   | ApiVersion used in Karpenter's CRD | `String` | × | × |
+| `IamRole`                      | The IAM Role which will be attached to the instance <br> via instance-profile (not required if `IamInstanceProfile` is specified) | `String` | x | ✓ |
+| `IamInstanceProfile`           | Existing instance profile To set on the instances <br>(not required if `IamRole` is specified)| `String` | x | ✓ |
+| `amiFamily`                    | AMIFamily to use (Default to AL2) [Documentation](https://karpenter.sh/docs/concepts/nodeclasses/#specamifamily) | `String` | x | ✓ |
+| `amiSelectorTerms`             | AMI Selector Terms (This will override `amiFamily`) [Documentation](https://karpenter.sh/docs/concepts/nodeclasses/#specamiselectorterms) | `List(Map)` | x | ✓ |
+| `subnetSelectorTerms`          | Selector for Subnets [Documentation](https://karpenter.sh/docs/concepts/nodeclasses/#specsubnetselectorterms) | `List(Map)` | x | ✓ |
+| `securityGroupSelectorTerms`   | Selector for Security Groups [Documentation](https://karpenter.sh/docs/concepts/nodeclasses/#specsecuritygroupselectorterms) | `List(Map)` | x | ✓ |
+| `nodeGroupLabelName`           | The Name of the label for each nodegroup (default is `nodegroup`) | `String` | x | ✓ |
+| `nodeTags`                     | Tags to add to the instances `<tag_name>`: `<tag_value>` | `Map` | ✓ | ✓ |
+| `additionalNodeTags`           | Additional Tags to add to the instances `<tag_name>`: `<tag_value>` | `Map` | ✓ | ✓ |
+| `nodegroups.{}`                | each will be used to setup a provisioner and template based on the nodegrup name key | `List[Maps]` | x | ✓ |
+| `blockDeviceMappings`          | Block Device Mappings [Documentation](https://karpenter.sh/docs/concepts/nodeclasses/#specblockdevicemappings) | `List(Map)` | x | ✓ |
+| `detailedMonitoring`           | Detailed Monitoring [Documentation](https://karpenter.sh/docs/concepts/nodeclasses/#specdetailedmonitoring) | `Boolean` | x | ✓ |
+| `associatePublicIPAddress`     | Associate Public IP Address [Documentation](https://karpenter.sh/docs/concepts/nodeclasses/#specassociatepublicipaddress) | `Boolean` | x | ✓ |
+| `instanceStorePolicy`          | Instance Store Policy [Documentation](https://karpenter.sh/docs/concepts/nodeclasses/#specinstancestorepolicy) | `String` | ✓ | ✓ |
+| `metaDataHttpEndpoint`         | Metadata HTTP Endpoint [Documentation](https://karpenter.sh/docs/concepts/nodeclasses/#specmetadataoptions) | `String` | x | ✓ |
+| `metaDataHttpProtocolIPv6`     | Metadata HTTP Protocol IPv6 [Documentation](https://karpenter.sh/docs/concepts/nodeclasses/#specmetadataoptions) | `String` | x | ✓ |
+| `metaDataHttpPutResponseHopLimit` | Metadata HTTP Put Response Hop Limit [Documentation](https://karpenter.sh/docs/concepts/nodeclasses/#specmetadataoptions) | `String` | x | ✓ |
+| `metaDataHttpTokens`           | Metadata HTTP Tokens [Documentation](https://karpenter.sh/docs/concepts/nodeclasses/#specmetadataoptions) | `String` | x | ✓ |
+| `userData`                     | User Data (supports templating and your own values) | `MultilineString` | ✓ | ✓ |
+| `instances`                    | Instance configurations for node types, families and sizing - see below | `Map` | x | ✓ |
+| `instances.minGeneration`      | The minimum instance generation to use (for example 4 = c4,c5,c6 etc) | `Integer` | x | ✓ |
+| `instances.architecture`       | `amd64`, `arm64` or `multiarch` for nodegroups which can have combined architectures | `String` | x | ✓ |
+| `instances.categories`         | Allowed instance categories (c, m, r) | `List(String)` | x | ✓ |
+| `instances.cores`              | Allowed cores per instance (`"4"`, `"8"`) | `List(String(int))` | x | ✓ |
+| `instances.capacityType`       | `spot`, `on-demand` (can use both on single provisioner) | `List(String)` | x | ✓ |
+| `instances.operatingSystems`   | Allowed operating systems (`"linux"`, `"windows"`) | `List(String)` | x | ✓ |
+| `availabilityZones`            | Availability Zones to use | `List(String)` | x | ✓ |
+| `expireAfter`                  | Specify how long node should be up before refreshing it [Documentation](https://karpenter.sh/docs/concepts/disruption/#automated-methods) | `String` | x | ✓ |
+| `weight`                       | Specify NodeGroup Weight (default is `1`) | `Integer` | x | ✓ |
+| `excludeFamilies`              | Exclude specific instance families | `List` | x | ✓ |
+| `consolidationPolicy`          | Specify how to consolidate nodes [Documentation](https://karpenter.sh/docs/concepts/nodepools/) | `String` | x | ✓ |
+| `consolidateAfter`             | Specify how long to wait before consolidating nodes [Documentation](https://karpenter.sh/docs/concepts/nodepools/) | `String` | ✓ | ✓ |
+| `excludeInstanceSize`          | Exclude specific instance sizes | `List` | ✓ | ✓ |
+| `headRoom`                     | Generate Ultra Low Priority Class for Headroom (see below) | `String` | ✓ | x |
+
+### NodeGroup Configuration
+|  Key Name                      | Description | Type | Optional? | Optional Per NodeGroup? |
+| ------------------------------ | ----------- | ---- | --------- | ----------------------- |
+| `nodegroups.{}.labels`         | Labels to add to nodes `<label_name>`: `<label_value>` | `Map` | ✓ | ✓ |
+| `nodegroups.{}.annotations`    | Annotations to add to nodes `<annotation_name>`: `<annotation_value>` | `Map` | ✓ | ✓ |
+| `nodegroups.{}.nodeClassRef`   | If you wish to use your own nodeClass, specify it [Documentation](https://karpenter.sh/docs/concepts/nodeclasses/) | `Map` | ✓ | ✓ |
+| `nodegroups.{}.taints`         | Taints to add to nodes `- <taint_key>`: `<taint_value>`: `<taint_effect>` | `List(Map)` | ✓ | ✓ |
+| `nodegroups.{}.startupTaints`  | startupTaints to add to nodes `- <taint_key>`: `<taint_value>`: `<taint_effect>` | `List(Map)` | ✓ | ✓ |
+| `nodegroups.{}.limits`         | Specify Limits [Documentation](https://karpenter.sh/docs/concepts/nodepools/#speclimits) | `Map` | ✓ | ✓ |
+| `nodegroups.{}.capacitySpread` | Set range of capacity spread keys (`integers`), set int for `start` and `end` | `Map` | ✓ | ✓ |
+| `nodegroups.{}.excludeFamilies`| Exclude specific instance families | `List` | ✓ | ✓ |
+| `nodegroups.{}.budgets`        | Specify Disruption Budgets [Documentation](https://karpenter.sh/docs/concepts/disruption/#nodes) | `List` | ✓ | ✓ |
+| `nodegroups.{}.*`              | Over-write all above which supports it | `Map` | ✓ | ✓ |
+| `nodegroups.{}.instances.*`    | Explicitly specify instances override, if using defaults specify `instances: {}` | `Map` | ✓ | ✓ |
+
+### Headroom Configuration
+Headroom will create `pause` pods with requetss to just keep empty nodes up and ready for scheduling.<br> This is useful for scaling up quickly when needed.<br>
+The pods will be configured with ultra-low priority, and will be terminated and recreated on new nodes to free them up for usage if needed.
+|  Key Name                      | Description | Type | Optional? | Optional Per NodeGroup? |
+| ------------------------------ | ----------- | ---- | --------- | ----------------------- |
+| `nodegroups.{}.headRoom`       | List of headroom configurations for the nodePool | `List(Map)` | ✓ | ✓ |
+| `nodegroups.{}.headRoom.size`  | `small`, `medium`, `large`, `xlarge` - see below | `String` | ✓ | ✓ |
+| `nodegroups.{}.headRoom.count` | Number of headroom pod replicas to schedule | `Integer` | ✓ | ✓ |
+| `nodegroups.{}.headRoom.antiAffinitySpec` | Required - set antiaffinity to match against all running workloads | `LabelSelectorSpec` | ✓ | ✓ |
+| `nodegroups.{}.headRoom.nameSpaces` | Specify list of namespaces to match again (default `all`) | `List(String)` | ✓ | ✓ |
+
+### Headroom Sizing
+
+|  Size | CPU | Ram |
+| ----- | --- | --- |
+| `small` | 1 | 4Gi |
+| `medium` | 2 | 8Gi |
+| `large` | 4 | 16Gi |
+| `xlarge` | 8 | 32Gi |
+
+### Kubelet Configuration
+[Documentation](https://karpenter.sh/docs/concepts/nodepools/#spectemplatespeckubelet)
+Kubelet configuration can be set globally or per nodegroup. The following keys are supported:
+|  Key Name                      | Description | Type | Optional? | Optional Per NodeGroup? |
+| ------------------------------ | ----------- | ---- | --------- | ----------------------- |
+| `kubeletClusterDNS`            | Cluster DNS | `List` | ✓ | ✓ |
+| `kubeletSystemReservedCpu`     | System Reserved CPU | `String` | x | ✓ |
+| `kubeletSystemReservedMemory`  | System Reserved Memory | `String` | x | ✓ |
+| `kubeletSystemReservedEphemeralStorage` | System Reserved Ephemeral Storage | `String` | x | ✓ |
+| `kubeletKubeReservedCpu`       | Kube Reserved CPU | `String` | x | ✓ |
+| `kubeletKubeReservedMemory`    | Kube Reserved Memory | `String` | x | ✓ |
+| `kubeletKubeReservedEphemeralStorage` | Kube Reserved Ephemeral Storage | `String` | x | ✓ |
+| `kubeletEvictionHardMemoryAvailable` | Eviction Hard Memory Available | `String` | x | ✓ |
+| `kubeletEvictionHardNodefsAvailable` | Eviction Hard Nodefs Available | `String` | x | ✓ |
+| `kubeletEvictionHardNodefsInodesFree` | Eviction Hard Nodefs Inodes Free | `String` | x | ✓ |
+| `kubeletEvictionSoftMemoryAvailable` | Eviction Soft Memory Available | `String` | x | ✓ |
+| `kubeletEvictionSoftNodefsAvailable` | Eviction Soft Nodefs Available | `String` | x | ✓ |
+| `kubeletEvictionSoftNodefsInodesFree` | Eviction Soft Nodefs Inodes Free | `String` | x | ✓ |
+| `kubeletEvictionSoftImagefsAvailable` | Eviction Soft Imagefs Available | `String` | x | ✓ |
+| `kubeletEvictionSoftImagefsInodesFree` | Eviction Soft Imagefs Inodes Free | `String` | x | ✓ |
+| `kubeletEvictionSoftPidAvailable` | Eviction Soft Pid Available | `String` | x | ✓ |
+| `kubeletEvictionSoftGracePeriodImagefsAvailable` | Eviction Soft Grace Period Imagefs Available | `String` | x | ✓ |
+| `kubeletEvictionSoftGracePeriodImagefsInodesFree` | Eviction Soft Grace Period Imagefs Inodes Free | `String` | x | ✓ |
+| `kubeletEvictionSoftGracePeriodMemoryAvailable` | Eviction Soft Grace Period Memory Available | `String` | x | ✓ |
+| `kubeletEvictionSoftGracePeriodNodefsAvailable` | Eviction Soft Grace Period Nodefs Available | `String` | x | ✓ |
+| `kubeletEvictionSoftGracePeriodNodefsInodesFree` | Eviction Soft Grace Period Nodefs Inodes Free | `String` | x | ✓ |
+| `kubeletEvictionSoftGracePeriodPidAvailable` | Eviction Soft Grace Period Pid Available | `String` | x | ✓ |
+| `kubeletImageGCHighThresholdPercent` | Image GC High Threshold Percent | `String` | ✓ | ✓ |
+| `kubeletImageGCLowThresholdPercent` | Image GC Low Threshold Percent | `String` | ✓ | ✓ |
+| `kubeletImageMinimumGCAge` | Image Minimum GC Age | `String` | ✓ | ✓ |
+| `kubeletCpuCFSQuota` | CPU CFS Quota | `String` | ✓ | ✓ |
+| `kubeletPodsPerCore` | Pods Per Core | `String` | ✓ | ✓ |
+| `kubeletMaxPods` | Max Pods | `String` | ✓ | ✓ |
+
+## Extras
+See grafana directory for dashbaords available for you to import into your Grafana instance.