From 6645a73a8f5ad4cebde33f20680db5122e3d500a Mon Sep 17 00:00:00 2001 From: phuhung273 Date: Mon, 10 Nov 2025 19:07:15 +0700 Subject: [PATCH] feat(chart): VPA Updater leaderElection Signed-off-by: phuhung273 --- .../charts/vertical-pod-autoscaler/README.md | 8 +++++++- .../templates/_helpers.tpl | 10 ++++++++++ .../templates/updater-deployment.yaml | 11 +++++++++++ .../templates/updater-role.yaml | 13 ++++--------- .../templates/updater-rolebinding.yaml | 4 +++- .../charts/vertical-pod-autoscaler/values.yaml | 18 +++++++++++++++++- 6 files changed, 52 insertions(+), 12 deletions(-) diff --git a/vertical-pod-autoscaler/charts/vertical-pod-autoscaler/README.md b/vertical-pod-autoscaler/charts/vertical-pod-autoscaler/README.md index 7bc9f23b71c6..ae2895ed5c77 100644 --- a/vertical-pod-autoscaler/charts/vertical-pod-autoscaler/README.md +++ b/vertical-pod-autoscaler/charts/vertical-pod-autoscaler/README.md @@ -97,9 +97,15 @@ The Vertical Pod Autoscaler (VPA) automatically adjusts the CPU and memory resou | updater.image.pullPolicy | string | `"IfNotPresent"` | | | updater.image.repository | string | `"registry.k8s.io/autoscaling/vpa-updater"` | | | updater.image.tag | string | `nil` | | +| updater.leaderElection.enabled | string | `nil` | | +| updater.leaderElection.leaseDuration | string | `"15s"` | | +| updater.leaderElection.renewDeadline | string | `"10s"` | | +| updater.leaderElection.resourceName | string | `"vpa-updater-lease"` | | +| updater.leaderElection.resourceNamespace | string | `""` | | +| updater.leaderElection.retryPeriod | string | `"2s"` | | | updater.podAnnotations | object | `{}` | | | updater.podLabels | object | `{}` | | -| updater.replicas | int | `1` | | +| updater.replicas | int | `2` | | | updater.serviceAccount.annotations | object | `{}` | | | updater.serviceAccount.create | bool | `true` | | | updater.serviceAccount.labels | object | `{}` | | diff --git a/vertical-pod-autoscaler/charts/vertical-pod-autoscaler/templates/_helpers.tpl b/vertical-pod-autoscaler/charts/vertical-pod-autoscaler/templates/_helpers.tpl index 5907a8d7ffad..8ff4aed05fb7 100644 --- a/vertical-pod-autoscaler/charts/vertical-pod-autoscaler/templates/_helpers.tpl +++ b/vertical-pod-autoscaler/charts/vertical-pod-autoscaler/templates/_helpers.tpl @@ -96,6 +96,16 @@ app.kubernetes.io/component: updater {{- printf "%s:%s" .Values.updater.image.repository (default .Chart.AppVersion .Values.updater.image.tag) }} {{- end }} +{{- define "vertical-pod-autoscaler.updater.leaderElectionEnabled" -}} +{{- if and (eq .Values.updater.leaderElection.enabled nil) (gt (int .Values.updater.replicas) 1) -}} +true +{{- else if .Values.updater.leaderElection.enabled -}} +true +{{- else -}} +false +{{- end -}} +{{- end -}} + {{/* Create the name of the namespace to use diff --git a/vertical-pod-autoscaler/charts/vertical-pod-autoscaler/templates/updater-deployment.yaml b/vertical-pod-autoscaler/charts/vertical-pod-autoscaler/templates/updater-deployment.yaml index e50f920836df..cea81175cba5 100644 --- a/vertical-pod-autoscaler/charts/vertical-pod-autoscaler/templates/updater-deployment.yaml +++ b/vertical-pod-autoscaler/charts/vertical-pod-autoscaler/templates/updater-deployment.yaml @@ -40,6 +40,17 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace + args: + - --v=4 + - --stderrthreshold=info + {{- if eq (include "vertical-pod-autoscaler.updater.leaderElectionEnabled" .) "true" }} + - --leader-elect=true + - --leader-elect-resource-namespace={{ .Values.updater.leaderElection.resourceNamespace | default .Release.Namespace }} + - --leader-elect-resource-name={{ .Values.updater.leaderElection.resourceName }} + - --leader-elect-lease-duration={{ .Values.updater.leaderElection.leaseDuration }} + - --leader-elect-renew-deadline={{ .Values.updater.leaderElection.renewDeadline }} + - --leader-elect-retry-period={{ .Values.updater.leaderElection.retryPeriod }} + {{- end }} ports: - name: prometheus containerPort: 8943 diff --git a/vertical-pod-autoscaler/charts/vertical-pod-autoscaler/templates/updater-role.yaml b/vertical-pod-autoscaler/charts/vertical-pod-autoscaler/templates/updater-role.yaml index 9c1e745fe47a..fbf2c0e3ff40 100644 --- a/vertical-pod-autoscaler/charts/vertical-pod-autoscaler/templates/updater-role.yaml +++ b/vertical-pod-autoscaler/charts/vertical-pod-autoscaler/templates/updater-role.yaml @@ -1,4 +1,5 @@ -{{- if and (.Values.updater.enabled) .Values.updater.serviceAccount.create -}} +{{- if and .Values.updater.enabled .Values.rbac.create -}} +{{- if eq (include "vertical-pod-autoscaler.updater.leaderElectionEnabled" .) "true" }} apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: @@ -6,13 +7,6 @@ metadata: namespace: {{ .Release.Namespace }} labels: {{- include "vertical-pod-autoscaler.updater.labels" . | nindent 4 }} - {{- with .Values.updater.serviceAccount.labels }} - {{- toYaml . | nindent 4 }} - {{- end }} - {{- with .Values.updater.serviceAccount.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} rules: - apiGroups: - "coordination.k8s.io" @@ -23,7 +17,7 @@ rules: - apiGroups: - "coordination.k8s.io" resourceNames: - - vpa-updater + - {{ .Values.updater.leaderElection.resourceName }} resources: - leases verbs: @@ -31,3 +25,4 @@ rules: - watch - update {{- end -}} +{{- end -}} diff --git a/vertical-pod-autoscaler/charts/vertical-pod-autoscaler/templates/updater-rolebinding.yaml b/vertical-pod-autoscaler/charts/vertical-pod-autoscaler/templates/updater-rolebinding.yaml index 81d2c68b3ff3..8c8f3c43ac2b 100644 --- a/vertical-pod-autoscaler/charts/vertical-pod-autoscaler/templates/updater-rolebinding.yaml +++ b/vertical-pod-autoscaler/charts/vertical-pod-autoscaler/templates/updater-rolebinding.yaml @@ -1,4 +1,5 @@ -{{- if and (.Values.updater.enabled) .Values.rbac.create -}} +{{- if and .Values.updater.enabled .Values.rbac.create -}} +{{- if eq (include "vertical-pod-autoscaler.updater.leaderElectionEnabled" .) "true" }} apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: @@ -13,3 +14,4 @@ subjects: name: {{ include "vertical-pod-autoscaler.updater.fullname" . }} namespace: {{ .Release.Namespace }} {{- end -}} +{{- end -}} diff --git a/vertical-pod-autoscaler/charts/vertical-pod-autoscaler/values.yaml b/vertical-pod-autoscaler/charts/vertical-pod-autoscaler/values.yaml index 7b3b17f70b92..0569d19468f5 100644 --- a/vertical-pod-autoscaler/charts/vertical-pod-autoscaler/values.yaml +++ b/vertical-pod-autoscaler/charts/vertical-pod-autoscaler/values.yaml @@ -191,7 +191,7 @@ updater: pullPolicy: IfNotPresent # Number of Updater replicas to create. - replicas: 1 + replicas: 2 # Labels to add to the Updater pod. podLabels: {} @@ -205,3 +205,19 @@ updater: labels: {} # Annotations to add to the Updater service account. annotations: {} + + # Leader election configuration for the Updater. + # When running multiple replicas, leader election ensures only one instance is actively processing. + leaderElection: + # Enable leader election. If not set (null), automatically enabled when replicas > 1 + enabled: + # Namespace for the lease resource. Defaults to Release.Namespace if not set. + resourceNamespace: "" + # Name of the lease resource. + resourceName: vpa-updater-lease + # Duration that non-leader candidates will wait after observing a leadership renewal. + leaseDuration: 15s + # Interval between attempts by the acting master to renew a leadership slot. + renewDeadline: 10s + # Duration the clients should wait between attempting acquisition and renewal of a leadership. + retryPeriod: 2s