Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[common] Support for adding resouces to Addons #27351

Closed
2 tasks done
alfi0812 opened this issue Sep 24, 2024 · 5 comments · Fixed by #31167
Closed
2 tasks done

[common] Support for adding resouces to Addons #27351

alfi0812 opened this issue Sep 24, 2024 · 5 comments · Fixed by #31167
Labels
enhancement New feature or request
Milestone
TrueCharts 2025-Q1

Comments

@alfi0812
Copy link
Collaborator

alfi0812 commented Sep 24, 2024
edited
Loading

Is your feature request related to a problem?

Talos 1.8 no longer exposes the tunnel interface and it needs to be added as a resource to the vpn container.
https://github.com/siderolabs/talos/releases

Describe the solution you'd like

Add option for addons to include resources like already possible for the main pod

Describe alternatives you've considered

Manually adding the deployment.

Additional context

No response

I've read and agree with the following

  • I've checked all open and closed issues and my request is not there.
  • I've checked all open and closed pull requests and my request is not there.
@alfi0812 alfi0812 added the enhancement New feature or request label Sep 24, 2024
@stavros-k
Copy link
Collaborator

It should be for all addons, but yea

@stavros-k stavros-k self-assigned this Sep 24, 2024
@alfi0812 alfi0812 changed the title Support for adding resouces to Gluetun Addon Support for adding resouces to Addons Sep 24, 2024
@PrivatePuffin
Copy link
Member

Addons and dependencies need a complete refactor/rewrite, creating a standardized interface for them

@PrivatePuffin PrivatePuffin changed the title Support for adding resouces to Addons [common] Support for adding resouces to Addons Oct 7, 2024
@PrivatePuffin PrivatePuffin transferred this issue from another repository Oct 7, 2024
@likeaninja5
Copy link

Here's the workaround until addons are reworked, adapted from https://www.talos.dev/v1.8/kubernetes-guides/configuration/device-plugins/.

Apply this file to expose /dev/net/tun on your nodes

apiVersion: apps/v1
kind: DaemonSet
metadata:
  name: tun-device
  namespace: kube-system
  labels:
    app.kubernetes.io/name: tun-device
spec:
  selector:
    matchLabels:
      app.kubernetes.io/name: tun-device
  template:
    metadata:
      labels:
        app.kubernetes.io/name: tun-device
    spec:
      priorityClassName: system-node-critical
      tolerations:
      - operator: "Exists"
        effect: "NoExecute"
      - operator: "Exists"
        effect: "NoSchedule"
      containers:
      - image: squat/generic-device-plugin
        args:
        - --device
        - |
          name: tun
          groups:
            - count: 1000
              paths:
                - path: /dev/net/tun          
        name: tun-device
        resources:
          requests:
            cpu: 50m
            memory: 10Mi
          limits:
            cpu: 50m
            memory: 20Mi
        ports:
        - containerPort: 8080
          name: http
        securityContext:
          privileged: true
        volumeMounts:
        - name: device-plugin
          mountPath: /var/lib/kubelet/device-plugins
        - name: dev
          mountPath: /dev
      volumes:
      - name: device-plugin
        hostPath:
          path: /var/lib/kubelet/device-plugins
      - name: dev
        hostPath:
          path: /dev
  updateStrategy:
    type: RollingUpdate

kubectl -n kube-system apply -f FILE_NAME.yaml

Verify with kubectl describe node NODE_NAME, you should see squat.ai/tun under resources.

Then apply this patch to your broken deployment:

spec:
  template:
    spec:
      containers:
      - name: VPN_CONTAINER_NAME
        resources:
          limits:
            squat.ai/tun: "1"

kubectl -n NAMESPACE patch --patch-file PATCH_FILE.yaml deployment DEPLOYMENT_NAME

@kqmaverick
Copy link
Collaborator

Here's the workaround until addons are reworked, adapted from https://www.talos.dev/v1.8/kubernetes-guides/configuration/device-plugins/.

Apply this file to expose /dev/net/tun on your nodes

apiVersion: apps/v1
kind: DaemonSet
metadata:
  name: tun-device
  namespace: kube-system
  labels:
    app.kubernetes.io/name: tun-device
spec:
  selector:
    matchLabels:
      app.kubernetes.io/name: tun-device
  template:
    metadata:
      labels:
        app.kubernetes.io/name: tun-device
    spec:
      priorityClassName: system-node-critical
      tolerations:
      - operator: "Exists"
        effect: "NoExecute"
      - operator: "Exists"
        effect: "NoSchedule"
      containers:
      - image: squat/generic-device-plugin
        args:
        - --device
        - |
          name: tun
          groups:
            - count: 1000
              paths:
                - path: /dev/net/tun          
        name: tun-device
        resources:
          requests:
            cpu: 50m
            memory: 10Mi
          limits:
            cpu: 50m
            memory: 20Mi
        ports:
        - containerPort: 8080
          name: http
        securityContext:
          privileged: true
        volumeMounts:
        - name: device-plugin
          mountPath: /var/lib/kubelet/device-plugins
        - name: dev
          mountPath: /dev
      volumes:
      - name: device-plugin
        hostPath:
          path: /var/lib/kubelet/device-plugins
      - name: dev
        hostPath:
          path: /dev
  updateStrategy:
    type: RollingUpdate

kubectl -n kube-system apply -f FILE_NAME.yaml

Verify with kubectl describe node NODE_NAME, you should see squat.ai/tun under resources.

Then apply this patch to your broken deployment:

spec:
  template:
    spec:
      containers:
      - name: VPN_CONTAINER_NAME
        resources:
          limits:
            squat.ai/tun: "1"

kubectl -n NAMESPACE patch --patch-file PATCH_FILE.yaml deployment DEPLOYMENT_NAME

This was more of a tracking issue and the above is already on the truecharts.org website. Thanks for trying to help though.

@stavros-k stavros-k linked a pull request Feb 2, 2025 that will close this issue
feat(common): BREAKING CHANGE refactor add-on system #31167
Merged
13 tasks
@PrivatePuffin PrivatePuffin mentioned this issue Feb 2, 2025
Merged
13 tasks
@PrivatePuffin PrivatePuffin added this to the TrueCharts 2025-Q1 milestone Feb 10, 2025
PrivatePuffin added a commit that referenced this issue Mar 2, 2025
@PrivatePuffin @kqmaverick @stavros-k
feat(common): BREAKING CHANGE refactor add-on system (#31167)
b62e536 
**Description**

This PR updates the add-on system to allow for more end-user flexibility
It basically moves add-on container configuration to values.yaml, to
expose all container options to end users.

Fixes: #27351
Fixes: #31876

**⚙️ Type of change**

- [ ] ⚙️ Feature/App addition
- [ ] 🪛 Bugfix
- [ ] ⚠️ Breaking change (fix or feature that would cause existing
functionality to not work as expected)
- [ ] 🔃 Refactor of current code

**🧪 How Has This Been Tested?**
<!--
Please describe the tests that you ran to verify your changes. Provide
instructions so we can reproduce. Please also list any relevant details
for your test configuration
-->

**📃 Notes:**
<!-- Please enter any other relevant information here -->

**✔️ Checklist:**

- [ ] ⚖️ My code follows the style guidelines of this project
- [ ] 👀 I have performed a self-review of my own code
- [ ] #️⃣ I have commented my code, particularly in hard-to-understand
areas
- [ ] 📄 I have made corresponding changes to the documentation
- [ ] ⚠️ My changes generate no new warnings
- [ ] 🧪 I have added tests to this description that prove my fix is
effective or that my feature works
- [ ] ⬆️ I increased versions for any altered app according to semantic
versioning
- [ ] I made sure the title starts with `feat(chart-name):`,
`fix(chart-name):` or `chore(chart-name):`

**➕ App addition**

If this PR is an app addition please make sure you have done the
following.

- [ ] 🖼️ I have added an icon in the Chart's root directory called
`icon.png`

---

_Please don't blindly check all the boxes. Read them and only check
those that apply.
Those checkboxes are there for the reviewer to see what is this all
about and
the status of this PR with a quick glance._

---------

Signed-off-by: Kjeld Schouten <[email protected]>
Signed-off-by: Stavros Kois <[email protected]>
Co-authored-by: kqmaverick <[email protected]>
Co-authored-by: Stavros Kois <[email protected]>
Co-authored-by: Stavros Kois <[email protected]>
@truecharts-admin
Copy link
Collaborator

This issue is locked to prevent necro-posting on closed issues. Please create a new issue or contact staff on discord of the problem persists

@truecharts truecharts locked and limited conversation to collaborators Mar 10, 2025
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
TrueCharts 2025-Q1
Development

Successfully merging a pull request may close this issue.

feat(common): BREAKING CHANGE refactor add-on system truecharts/public
6 participants
@PrivatePuffin @alfi0812 @stavros-k @truecharts-admin @kqmaverick @likeaninja5