diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 7519bc45..76bdbde6 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.2 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.21.1 +version: 5.22.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo CD to v2.6.2 + - kind: added + description: Global affinity configuration diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index fe125210..2533c180 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -105,6 +105,10 @@ For full list of changes please check ArtifactHub [changelog]. Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version. +### 5.21.0 + +This versions adds `global.affinity` options that are used as a presets. Override on component level works as before and replaces the default preset completely. + ### 5.19.0 This version consolidates config for custom repository TLS certificates and SSH known hosts. If you provide this values please move them into new `configs.ssh` and `configs.tls` sections. @@ -381,6 +385,9 @@ NAME: my-release | Key | Type | Default | Description | |-----|------|---------|-------------| | global.additionalLabels | object | `{}` | Common labels for the all resources | +| global.affinity.nodeAffinity.matchExpressions | list | `[]` | Default match expressions for node affinity | +| global.affinity.nodeAffinity.type | string | `"hard"` | Default node affinity rules. Either: `soft` or `hard` | +| global.affinity.podAntiAffinity | string | `"soft"` | Default pod anti-affinity rules. Either: `soft` or `hard` | | global.deploymentAnnotations | object | `{}` | Annotations for the all deployed Deployments | | global.hostAliases | list | `[]` | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | | global.image.imagePullPolicy | string | `"IfNotPresent"` | If defined, a imagePullPolicy applied to all Argo CD deployments | @@ -460,7 +467,7 @@ NAME: my-release | Key | Type | Default | Description | |-----|------|---------|-------------| -| controller.affinity | object | `{}` | Assign custom [affinity] rules to the deployment | +| controller.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules to the deployment | | controller.args | object | `{}` | DEPRECATED - Application controller commandline flags | | controller.clusterRoleRules.enabled | bool | `false` | Enable custom rules for the application controller's ClusterRole resource | | controller.clusterRoleRules.rules | list | `[]` | List of custom rules for the application controller's ClusterRole resource | @@ -529,7 +536,7 @@ NAME: my-release | Key | Type | Default | Description | |-----|------|---------|-------------| -| repoServer.affinity | object | `{}` | Assign custom [affinity] rules to the deployment | +| repoServer.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules to the deployment | | repoServer.autoscaling.behavior | object | `{}` | Configures the scaling behavior of the target in both Up and Down directions. This is only available on HPA apiVersion `autoscaling/v2beta2` and newer | | repoServer.autoscaling.enabled | bool | `false` | Enable Horizontal Pod Autoscaler ([HPA]) for the repo server | | repoServer.autoscaling.maxReplicas | int | `5` | Maximum number of replicas for the repo server [HPA] | @@ -622,7 +629,7 @@ NAME: my-release | server.GKEfrontendConfig.spec | object | `{}` | [FrontendConfigSpec] | | server.GKEmanagedCertificate.domains | list | `["argocd.example.com"]` | Domains for the Google Managed Certificate | | server.GKEmanagedCertificate.enabled | bool | `false` | Enable ManagedCertificate custom resource for Google Kubernetes Engine. | -| server.affinity | object | `{}` | Assign custom [affinity] rules to the deployment | +| server.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules to the deployment | | server.autoscaling.behavior | object | `{}` | Configures the scaling behavior of the target in both Up and Down directions. This is only available on HPA apiVersion `autoscaling/v2beta2` and newer | | server.autoscaling.enabled | bool | `false` | Enable Horizontal Pod Autoscaler ([HPA]) for the Argo CD server | | server.autoscaling.maxReplicas | int | `5` | Maximum number of replicas for the Argo CD server [HPA] | @@ -785,7 +792,7 @@ server: | Key | Type | Default | Description | |-----|------|---------|-------------| -| dex.affinity | object | `{}` | Assign custom [affinity] rules to the deployment | +| dex.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules to the deployment | | dex.certificateSecret.annotations | object | `{}` | Annotations to be added to argocd-dex-server-tls secret | | dex.certificateSecret.ca | string | `""` | Certificate authority. Required for self-signed certificates. | | dex.certificateSecret.crt | string | `""` | Certificate data. Must contain SANs of Dex service (ie: argocd-dex-server, argocd-dex-server.argo-cd.svc) | @@ -869,7 +876,7 @@ server: | Key | Type | Default | Description | |-----|------|---------|-------------| -| redis.affinity | object | `{}` | Assign custom [affinity] rules to the deployment | +| redis.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules to the deployment | | redis.containerPorts.metrics | int | `9121` | Metrics container port | | redis.containerPorts.redis | int | `6379` | Redis container port | | redis.containerSecurityContext | object | See [values.yaml] | Redis container-level security context | @@ -979,7 +986,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | Key | Type | Default | Description | |-----|------|---------|-------------| -| applicationSet.affinity | object | `{}` | Assign custom [affinity] rules | +| applicationSet.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules | | applicationSet.args | object | `{}` | DEPRECATED - ApplicationSet controller command line flags | | applicationSet.containerPorts.metrics | int | `8080` | Metrics container port | | applicationSet.containerPorts.probe | int | `8081` | Probe container port | @@ -1063,9 +1070,9 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | Key | Type | Default | Description | |-----|------|---------|-------------| -| notifications.affinity | object | `{}` | Assign custom [affinity] rules | +| notifications.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules | | notifications.argocdUrl | string | `nil` | Argo CD dashboard url; used in place of {{.context.argocdUrl}} in templates | -| notifications.bots.slack.affinity | object | `{}` | Assign custom [affinity] rules | +| notifications.bots.slack.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules | | notifications.bots.slack.containerSecurityContext | object | See [values.yaml] | Slack bot container-level security Context | | notifications.bots.slack.dnsConfig | object | `{}` | [DNS configuration] | | notifications.bots.slack.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for Slack bot pods | diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index 6cec3732..f450e0e7 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -104,6 +104,10 @@ For full list of changes please check ArtifactHub [changelog]. Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version. +### 5.21.0 + +This versions adds `global.affinity` options that are used as a presets. Override on component level works as before and replaces the default preset completely. + ### 5.19.0 This version consolidates config for custom repository TLS certificates and SSH known hosts. If you provide this values please move them into new `configs.ssh` and `configs.tls` sections. diff --git a/charts/argo-cd/templates/_common.tpl b/charts/argo-cd/templates/_common.tpl index f5154e47..2ba53d8c 100644 --- a/charts/argo-cd/templates/_common.tpl +++ b/charts/argo-cd/templates/_common.tpl @@ -63,3 +63,57 @@ app.kubernetes.io/instance: {{ .context.Release.Name }} app.kubernetes.io/component: {{ .component }} {{- end }} {{- end }} + +{{/* +Common affinity definition +Pod affinity + - Soft prefers different nodes + - Hard requires different nodes and prefers different availibility zones +Node affinity + - Soft prefers given user expressions + - Hard requires given user expressions +*/}} +{{- define "argo-cd.affinity" -}} +{{- with .component.affinity -}} + {{- toYaml . -}} +{{- else -}} +{{- $preset := .context.Values.global.affinity -}} +podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + {{- if (eq $preset.podAntiAffinity "soft") }} + - weight: 100 + podAffinityTerm: + labelSelector: + matchLabels: + app.kubernetes.io/name: {{ include "argo-cd.name" .context }}-{{ .component.name }} + topologyKey: kubernetes.io/hostname + {{- else }} + - weight: 100 + podAffinityTerm: + labelSelector: + matchLabels: + app.kubernetes.io/name: {{ include "argo-cd.name" .context }}-{{ .component.name }} + topologyKey: topology.kubernetes.io/zone + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchLabels: + app.kubernetes.io/name: {{ include "argo-cd.name" .context }}-{{ .component.name }} + topologyKey: kubernetes.io/hostname + {{- end }} +{{- with $preset.nodeAffinity.matchExpressions }} +nodeAffinity: + {{- if (eq $preset.nodeAffinity.type "soft") }} + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 1 + preference: + matchExpressions: + {{- toYaml . | nindent 6 }} + {{- else }} + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + {{- toYaml . | nindent 6 }} + {{- end }} +{{- end -}} +{{- end -}} +{{- end -}} diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index 2ada23b4..0a161362 100644 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -264,6 +264,8 @@ spec: initContainers: {{- tpl (toYaml .) $ | nindent 6 }} {{- end }} + affinity: + {{- include "argo-cd.affinity" (dict "context" . "component" .Values.controller) | nindent 8 }} {{- with .Values.controller.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} @@ -272,10 +274,6 @@ spec: tolerations: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.controller.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} {{- with .Values.controller.topologySpreadConstraints }} topologySpreadConstraints: {{- range $constraint := . }} diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index ca129ffd..462ebcba 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -198,14 +198,12 @@ spec: initContainers: {{- tpl (toYaml .) $ | nindent 6 }} {{- end }} + affinity: + {{- include "argo-cd.affinity" (dict "context" . "component" .Values.applicationSet) | nindent 8 }} {{- with .Values.applicationSet.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.applicationSet.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} {{- with .Values.applicationSet.tolerations }} tolerations: {{- toYaml . | nindent 8 }} diff --git a/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml index b9949aab..2749cb2b 100644 --- a/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml @@ -53,14 +53,12 @@ spec: {{- toYaml .Values.notifications.bots.slack.resources | nindent 12 }} securityContext: {{- toYaml .Values.notifications.bots.slack.containerSecurityContext | nindent 12 }} + affinity: + {{- include "argo-cd.affinity" (dict "context" . "component" .Values.notifications.bots.slack) | nindent 8 }} {{- with .Values.notifications.bots.slack.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.notifications.bots.slack.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} {{- with .Values.notifications.bots.slack.tolerations }} tolerations: {{- toYaml . | nindent 8 }} diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index 474dc01d..5efc0965 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -88,14 +88,12 @@ spec: initContainers: {{- tpl (toYaml . ) $ | nindent 8 }} {{- end }} + affinity: + {{- include "argo-cd.affinity" (dict "context" . "component" .Values.notifications) | nindent 8 }} {{- with .Values.notifications.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.notifications.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} {{- with .Values.notifications.tolerations }} tolerations: {{- toYaml . | nindent 8 }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 67ad60f9..00e73d8a 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -291,6 +291,8 @@ spec: {{- with .Values.repoServer.initContainers }} {{- tpl (toYaml .) $ | nindent 6 }} {{- end }} + affinity: + {{- include "argo-cd.affinity" (dict "context" . "component" .Values.repoServer) | nindent 8 }} {{- with .Values.repoServer.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} @@ -299,10 +301,6 @@ spec: tolerations: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.repoServer.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} {{- with .Values.repoServer.topologySpreadConstraints }} topologySpreadConstraints: {{- range $constraint := . }} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index 57d1305b..bb394006 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -348,6 +348,8 @@ spec: initContainers: {{- tpl (toYaml .) $ | nindent 6 }} {{- end }} + affinity: + {{- include "argo-cd.affinity" (dict "context" . "component" .Values.server) | nindent 8 }} {{- with .Values.server.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} @@ -356,10 +358,6 @@ spec: tolerations: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.server.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} {{- with .Values.server.topologySpreadConstraints }} topologySpreadConstraints: {{- range $constraint := . }} diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index 9acc0871..7fea0b48 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -146,10 +146,8 @@ spec: tolerations: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.dex.affinity }} affinity: - {{- toYaml . | nindent 8 }} - {{- end }} + {{- include "argo-cd.affinity" (dict "context" . "component" .Values.dex) | nindent 8 }} {{- with .Values.dex.topologySpreadConstraints }} topologySpreadConstraints: {{- range $constraint := . }} diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index ff4b29b1..ffff4bad 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -106,10 +106,8 @@ spec: tolerations: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.redis.affinity }} affinity: - {{- toYaml . | nindent 8 }} - {{- end }} + {{- include "argo-cd.affinity" (dict "context" . "component" .Values.redis) | nindent 8 }} {{- with .Values.redis.topologySpreadConstraints }} topologySpreadConstraints: {{- range $constraint := . }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index f444e21c..b3706c5a 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -92,12 +92,29 @@ global: # hostnames: # - git.myhostname + # Default network policy rules used by all components networkPolicy: # -- Create NetworkPolicy objects for all components create: false # -- Default deny all ingress traffic defaultDenyIngress: false + # Default affinity preset for all components + affinity: + # -- Default pod anti-affinity rules. Either: `soft` or `hard` + podAntiAffinity: soft + # Node affinity rules + nodeAffinity: + # -- Default node affinity rules. Either: `soft` or `hard` + type: hard + # -- Default match expressions for node affinity + matchExpressions: [] + # - key: topology.kubernetes.io/zone + # operator: In + # values: + # - antarctica-east1 + # - antarctica-west1 + ## Argo Configs configs: # General Argo CD configuration @@ -627,6 +644,7 @@ controller: tolerations: [] # -- Assign custom [affinity] rules to the deployment + # @default -- `{}` (defaults to global.affinity preset) affinity: {} # -- Assign custom [TopologySpreadConstraints] rules to the application controller @@ -965,6 +983,7 @@ dex: # -- [Tolerations] for use with node taints tolerations: [] # -- Assign custom [affinity] rules to the deployment + # @default -- `{}` (defaults to global.affinity preset) affinity: {} # -- Assign custom [TopologySpreadConstraints] rules to dex @@ -1136,6 +1155,7 @@ redis: tolerations: [] # -- Assign custom [affinity] rules to the deployment + # @default -- `{}` (defaults to global.affinity preset) affinity: {} # -- Assign custom [TopologySpreadConstraints] rules to redis @@ -1523,6 +1543,7 @@ server: # -- [Tolerations] for use with node taints tolerations: [] # -- Assign custom [affinity] rules to the deployment + # @default -- `{}` (defaults to global.affinity preset) affinity: {} # -- Assign custom [TopologySpreadConstraints] rules to the Argo CD server @@ -2014,6 +2035,7 @@ repoServer: # -- [Tolerations] for use with node taints tolerations: [] # -- Assign custom [affinity] rules to the deployment + # @default -- `{}` (defaults to global.affinity preset) affinity: {} # -- Assign custom [TopologySpreadConstraints] rules to the repo server @@ -2349,6 +2371,7 @@ applicationSet: tolerations: [] # -- Assign custom [affinity] rules + # @default -- `{}` (defaults to global.affinity preset) affinity: {} # -- If specified, indicates the pod's priority. If not specified, the pod priority will be default or zero if there is no default. @@ -2594,6 +2617,7 @@ notifications: tolerations: [] # -- Assign custom [affinity] rules + # @default -- `{}` (defaults to global.affinity preset) affinity: {} # -- Priority class for the notifications controller pods @@ -2983,6 +3007,7 @@ notifications: # memory: 128Mi # -- Assign custom [affinity] rules + # @default -- `{}` (defaults to global.affinity preset) affinity: {} # -- [Tolerations] for use with node taints