Skip to content

Instantly share code, notes, and snippets.

@MattMencel

MattMencel/aks-cluster-autoscale-pipeline.yaml

Created November 13, 2018 13:38
Show Gist options
  • Save MattMencel/af36b6a5c48cd7944bfbc77e975bbd90 to your computer and use it in GitHub Desktop.
Save MattMencel/af36b6a5c48cd7944bfbc77e975bbd90 to your computer and use it in GitHub Desktop.
Download ZIP
Cluster Autoscaler ADO Build Pipeline
Raw
aks-cluster-autoscale-pipeline.yaml
resources:
- repo: self
queue:
name: Hosted Windows Container
steps:
- task: AzureKeyVault@1
displayName: 'Azure Key Vault: MYKEYVAULT'
inputs:
azureSubscription: 'My Sub'
KeyVaultName: MYKEYVAULT
SecretsFilter: 'CLIENT-ID,CLIENT-SECRET'
- script: |
clientid=$(echo -ne "$(CLIENT-ID)" | base64)
clientsecret=$(echo -ne "$(CLIENT-SECRET)" | base64)
cat << EOT > aks-cluster-autoscaler-secret.yaml
apiVersion: v1
kind: Secret
metadata:
name: cluster-autoscaler-azure
namespace: kube-system
data:
ClientID: $client_id
ClientSecret: $client_secret
ResourceGroup: $(resource_group_base64)
SubscriptionID: $(subscription_id_base64)
TenantID: $(tenant_id_base64)
VMType: QUtTCg==
ClusterName: $(cluster_name_base64)
NodeResourceGroup: $(node_resource_group_base64)
EOT
cat aks-cluster-autoscaler-secret.yaml
displayName: 'Create aks-cluster-autoscaler-secret.yaml'
- script: |
cat <<EOT > aks-cluster-autoscaler.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
labels:
k8s-addon: cluster-autoscaler.addons.k8s.io
k8s-app: cluster-autoscaler
name: cluster-autoscaler
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: cluster-autoscaler
labels:
k8s-addon: cluster-autoscaler.addons.k8s.io
k8s-app: cluster-autoscaler
rules:
- apiGroups: [""]
resources: ["events","endpoints"]
verbs: ["create", "patch"]
- apiGroups: [""]
resources: ["pods/eviction"]
verbs: ["create"]
- apiGroups: [""]
resources: ["pods/status"]
verbs: ["update"]
- apiGroups: [""]
resources: ["endpoints"]
resourceNames: ["cluster-autoscaler"]
verbs: ["get","update"]
- apiGroups: [""]
resources: ["nodes"]
verbs: ["watch","list","get","update"]
- apiGroups: [""]
resources: ["pods","services","replicationcontrollers","persistentvolumeclaims","persistentvolumes"]
verbs: ["watch","list","get"]
- apiGroups: ["extensions"]
resources: ["replicasets","daemonsets"]
verbs: ["watch","list","get"]
- apiGroups: ["policy"]
resources: ["poddisruptionbudgets"]
verbs: ["watch","list"]
- apiGroups: ["apps"]
resources: ["statefulsets"]
verbs: ["watch","list","get"]
- apiGroups: ["storage.k8s.io"]
resources: ["storageclasses"]
verbs: ["get", "list", "watch"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: cluster-autoscaler
namespace: kube-system
labels:
k8s-addon: cluster-autoscaler.addons.k8s.io
k8s-app: cluster-autoscaler
rules:
- apiGroups: [""]
resources: ["configmaps"]
verbs: ["create"]
- apiGroups: [""]
resources: ["configmaps"]
resourceNames: ["cluster-autoscaler-status"]
verbs: ["delete","get","update"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: cluster-autoscaler
labels:
k8s-addon: cluster-autoscaler.addons.k8s.io
k8s-app: cluster-autoscaler
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-autoscaler
subjects:
- kind: ServiceAccount
name: cluster-autoscaler
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: cluster-autoscaler
namespace: kube-system
labels:
k8s-addon: cluster-autoscaler.addons.k8s.io
k8s-app: cluster-autoscaler
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: cluster-autoscaler
subjects:
- kind: ServiceAccount
name: cluster-autoscaler
namespace: kube-system
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: cluster-autoscaler
name: cluster-autoscaler
namespace: kube-system
spec:
replicas: 1
selector:
matchLabels:
app: cluster-autoscaler
template:
metadata:
labels:
app: cluster-autoscaler
spec:
serviceAccountName: cluster-autoscaler
containers:
- image: gcr.io/google-containers/cluster-autoscaler:v1.2.2
imagePullPolicy: Always
name: cluster-autoscaler
resources:
limits:
cpu: 100m
memory: 300Mi
requests:
cpu: 100m
memory: 300Mi
command:
- ./cluster-autoscaler
- --v=3
- --logtostderr=true
- --cloud-provider=azure
- --skip-nodes-with-local-storage=false
- --nodes=1:3:default
env:
- name: ARM_SUBSCRIPTION_ID
valueFrom:
secretKeyRef:
key: SubscriptionID
name: cluster-autoscaler-azure
- name: ARM_RESOURCE_GROUP
valueFrom:
secretKeyRef:
key: ResourceGroup
name: cluster-autoscaler-azure
- name: ARM_TENANT_ID
valueFrom:
secretKeyRef:
key: TenantID
name: cluster-autoscaler-azure
- name: ARM_CLIENT_ID
valueFrom:
secretKeyRef:
key: ClientID
name: cluster-autoscaler-azure
- name: ARM_CLIENT_SECRET
valueFrom:
secretKeyRef:
key: ClientSecret
name: cluster-autoscaler-azure
- name: ARM_VM_TYPE
valueFrom:
secretKeyRef:
key: VMType
name: cluster-autoscaler-azure
- name: AZURE_CLUSTER_NAME
valueFrom:
secretKeyRef:
key: ClusterName
name: cluster-autoscaler-azure
- name: AZURE_NODE_RESOURCE_GROUP
valueFrom:
secretKeyRef:
key: NodeResourceGroup
name: cluster-autoscaler-azure
restartPolicy: Always
EOT
cat aks-cluster-autoscaler.yaml
displayName: 'Create aks-cluster-autoscaler.yaml'
- task: Kubernetes@1
displayName: 'kubectl apply aks-cluster-autoscaler-secret.yaml'
inputs:
azureSubscriptionEndpoint: 'My Team'
azureResourceGroup: MY_AKS_RG
kubernetesCluster: MY_AKS_CLUSTER
useConfigurationFile: true
configuration: 'aks-cluster-autoscaler-secret.yaml'
- task: Kubernetes@1
displayName: 'kubectl apply aks-cluster-autoscaler.yaml'
inputs:
azureSubscriptionEndpoint: 'My Team'
azureResourceGroup: MY_AKS_RG
kubernetesCluster: MY_AKS_CLUSTER
useConfigurationFile: true
configuration: 'aks-cluster-autoscaler.yaml'
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment