Skip to content

Commit d5ecc68

Browse files
phuhung273phuhung273
committed
add securityContext,resources,probe,port
1 parent e6a6817 commit d5ecc68

File tree

1 file changed

+51
-0
lines changed

1 file changed

+51
-0
lines changed

vertical-pod-autoscaler/e2e/utils/common.go

Lines changed: 51 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -27,8 +27,10 @@ import (
2727
appsv1 "k8s.io/api/apps/v1"
2828
autoscaling "k8s.io/api/autoscaling/v1"
2929
apiv1 "k8s.io/api/core/v1"
30+
"k8s.io/apimachinery/pkg/api/resource"
3031
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
3132
"k8s.io/apimachinery/pkg/types"
33+
"k8s.io/apimachinery/pkg/util/intstr"
3234
"k8s.io/apimachinery/pkg/util/wait"
3335
"k8s.io/kubernetes/test/e2e/framework"
3436
framework_deployment "k8s.io/kubernetes/test/e2e/framework/deployment"
@@ -161,6 +163,55 @@ func NewVPADeployment(f *framework.Framework, flags []string) *appsv1.Deployment
161163
d.Spec.Template.Spec.ServiceAccountName = "vpa-recommender"
162164
d.Spec.Template.Spec.Containers[0].Command = []string{"/recommender"}
163165
d.Spec.Template.Spec.Containers[0].Args = flags
166+
167+
runAsNonRoot := true
168+
var runAsUser int64 = 65534 // nobody
169+
d.Spec.Template.Spec.SecurityContext = &apiv1.PodSecurityContext{
170+
RunAsNonRoot: &runAsNonRoot,
171+
RunAsUser: &runAsUser,
172+
}
173+
174+
// Same as deploy/recommender-deployment.yaml
175+
d.Spec.Template.Spec.Containers[0].Resources = apiv1.ResourceRequirements{
176+
Limits: apiv1.ResourceList{
177+
apiv1.ResourceCPU: resource.MustParse("200m"),
178+
apiv1.ResourceMemory: resource.MustParse("1000Mi"),
179+
},
180+
Requests: apiv1.ResourceList{
181+
apiv1.ResourceCPU: resource.MustParse("50m"),
182+
apiv1.ResourceMemory: resource.MustParse("500Mi"),
183+
},
184+
}
185+
186+
d.Spec.Template.Spec.Containers[0].Ports = []apiv1.ContainerPort{{
187+
Name: "prometheus",
188+
ContainerPort: 8942,
189+
}}
190+
191+
d.Spec.Template.Spec.Containers[0].LivenessProbe = &apiv1.Probe{
192+
ProbeHandler: apiv1.ProbeHandler{
193+
HTTPGet: &apiv1.HTTPGetAction{
194+
Path: "/health-check",
195+
Port: intstr.FromString("prometheus"),
196+
Scheme: apiv1.URISchemeHTTP,
197+
},
198+
},
199+
InitialDelaySeconds: 5,
200+
PeriodSeconds: 10,
201+
FailureThreshold: 3,
202+
}
203+
d.Spec.Template.Spec.Containers[0].ReadinessProbe = &apiv1.Probe{
204+
ProbeHandler: apiv1.ProbeHandler{
205+
HTTPGet: &apiv1.HTTPGetAction{
206+
Path: "/health-check",
207+
Port: intstr.FromString("prometheus"),
208+
Scheme: apiv1.URISchemeHTTP,
209+
},
210+
},
211+
PeriodSeconds: 10,
212+
FailureThreshold: 3,
213+
}
214+
164215
return d
165216
}
166217

0 commit comments

Comments
 (0)