From d6cd7770f16fb999d86faaa4d2027d1ffa544864 Mon Sep 17 00:00:00 2001 From: Katyanna Moura Date: Mon, 20 Apr 2026 16:40:46 +0200 Subject: [PATCH 01/13] Add kube-state-metrics CustomResourceState config for StackSet metrics MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Enable resource attribution for StackSet-managed workloads by exposing ownership and metadata metrics via kube-state-metrics CustomResourceState feature. Exposes 5 Info metrics: - kube_customresource_stackset_labels: StackSet labels for filtering - kube_customresource_stackset_info: StackSet identity and version - kube_customresource_stack_labels: Stack labels for filtering - kube_customresource_stack_info: Stack identity and version - kube_customresource_stack_owner: Stack-to-StackSet ownership link (key for resource attribution chain) This enables Prometheus queries to attribute Pod resource consumption through Deployment → Stack → StackSet hierarchy for capacity planning and cost attribution by team/application. Configuration added as ConfigMap in kube-state-metrics manifests. KSM deployment updated to mount and use the configuration file. No changes to stackset-controller. Implementation follows kube-state-metrics CustomResourceState documentation. --- .../kube-state-metrics/deployment.yaml | 8 +++ .../stackset-metrics-config.yaml | 65 +++++++++++++++++++ 2 files changed, 73 insertions(+) create mode 100644 cluster/manifests/kube-state-metrics/stackset-metrics-config.yaml diff --git a/cluster/manifests/kube-state-metrics/deployment.yaml b/cluster/manifests/kube-state-metrics/deployment.yaml index 4083b4d85f..04f8ee8676 100644 --- a/cluster/manifests/kube-state-metrics/deployment.yaml +++ b/cluster/manifests/kube-state-metrics/deployment.yaml @@ -32,6 +32,7 @@ spec: - --resources=certificatesigningrequests,configmaps,cronjobs,daemonsets,deployments,endpoints,horizontalpodautoscalers,ingresses,jobs,limitranges,mutatingwebhookconfigurations,namespaces,networkpolicies,nodes,persistentvolumeclaims,persistentvolumes,poddisruptionbudgets,pods,replicasets,replicationcontrollers,resourcequotas,secrets,services,statefulsets,storageclasses,validatingwebhookconfigurations,volumeattachments - --metric-labels-allowlist=pods=[{{.Cluster.ConfigItems.observability_metrics_pods_labels}}],ingresses=[{{.Cluster.ConfigItems.observability_metrics_ingresses_labels}}],nodes=[topology.kubernetes.io/zone,node.kubernetes.io/instance-type,node.kubernetes.io/node-pool,node.kubernetes.io/role,node.kubernetes.io/profile,dedicated] - --metric-annotations-allowlist=pods=[{{.Cluster.ConfigItems.observability_metrics_pods_annotations}}] + - --custom-resource-state-config-file=/etc/config/stackset-metrics-config.yaml ports: - containerPort: 8080 name: http-metrics @@ -52,9 +53,16 @@ spec: requests: cpu: "{{.Cluster.ConfigItems.kube_state_metrics_cpu}}" memory: "{{.Cluster.ConfigItems.kube_state_metrics_mem_max}}" + volumeMounts: + - name: stackset-metrics-config + mountPath: /etc/config securityContext: readOnlyRootFilesystem: true runAsNonRoot: true runAsUser: 65534 capabilities: drop: ["ALL"] + volumes: + - name: stackset-metrics-config + configMap: + name: stackset-metrics-config diff --git a/cluster/manifests/kube-state-metrics/stackset-metrics-config.yaml b/cluster/manifests/kube-state-metrics/stackset-metrics-config.yaml new file mode 100644 index 0000000000..f0268102fb --- /dev/null +++ b/cluster/manifests/kube-state-metrics/stackset-metrics-config.yaml @@ -0,0 +1,65 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: stackset-metrics-config + namespace: kube-system + labels: + application: kubernetes + component: kube-state-metrics +data: + config.yaml: | + kind: CustomResourceStateMetrics + spec: + resources: + - groupVersionKind: + group: zalando.org + version: "v1" + kind: StackSet + metrics: + - name: stackset_labels + help: "Kubernetes labels converted to Prometheus labels for StackSet" + each: + type: Info + info: + labelsFromPath: + "label_*": [metadata, labels] + - name: stackset_info + help: "StackSet identity and version" + each: + type: Info + info: + labelsFromPath: + stackset: [metadata, name] + namespace: [metadata, namespace] + version: [spec, stackTemplate, spec, version] + - groupVersionKind: + group: zalando.org + version: "v1" + kind: Stack + metrics: + - name: stack_labels + help: "Kubernetes labels converted to Prometheus labels for Stack" + each: + type: Info + info: + labelsFromPath: + "label_*": [metadata, labels] + - name: stack_info + help: "Stack identity and version" + each: + type: Info + info: + labelsFromPath: + stack: [metadata, name] + namespace: [metadata, namespace] + version: [metadata, labels, "stack-version"] + - name: stack_owner + help: "Information about Stackset that owns Stack" + each: + type: Info + info: + path: [metadata, ownerReferences] + labelsFromPath: + owner_kind: [kind] + owner_name: [name] + owner_uid: [uid] From 730b1c370170e7e79bf8228cd6d7014fe6f06a3e Mon Sep 17 00:00:00 2001 From: Mikkel Oscar Lyderik Larsen Date: Mon, 20 Apr 2026 20:18:22 +0200 Subject: [PATCH 02/13] Fix config file name Signed-off-by: Mikkel Oscar Lyderik Larsen --- .../manifests/kube-state-metrics/stackset-metrics-config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cluster/manifests/kube-state-metrics/stackset-metrics-config.yaml b/cluster/manifests/kube-state-metrics/stackset-metrics-config.yaml index f0268102fb..3666455a01 100644 --- a/cluster/manifests/kube-state-metrics/stackset-metrics-config.yaml +++ b/cluster/manifests/kube-state-metrics/stackset-metrics-config.yaml @@ -7,7 +7,7 @@ metadata: application: kubernetes component: kube-state-metrics data: - config.yaml: | + stackset-metrics-config.yaml: | kind: CustomResourceStateMetrics spec: resources: From 97c6d9ac1b9131fb2612a7c97b704fe31fc4f20c Mon Sep 17 00:00:00 2001 From: Mikkel Oscar Lyderik Larsen Date: Mon, 20 Apr 2026 20:18:36 +0200 Subject: [PATCH 03/13] Add additional rbac permissions to kube-state-metrics Signed-off-by: Mikkel Oscar Lyderik Larsen --- cluster/manifests/kube-state-metrics/rbac.yaml | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/cluster/manifests/kube-state-metrics/rbac.yaml b/cluster/manifests/kube-state-metrics/rbac.yaml index 1bd05fcdf5..c96612acbf 100644 --- a/cluster/manifests/kube-state-metrics/rbac.yaml +++ b/cluster/manifests/kube-state-metrics/rbac.yaml @@ -137,3 +137,20 @@ rules: verbs: - list - watch +- apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - get + - list + - watch +- apiGroups: + - zalando.org + resources: + - stacks + - stacksets + verbs: + - get + - list + - watch From 13190b06700a3766c57ac82b7b0db194d20343f4 Mon Sep 17 00:00:00 2001 From: "k8s-on-aws-manager-app[bot]" <181735053+k8s-on-aws-manager-app[bot]@users.noreply.github.com> Date: Mon, 20 Apr 2026 18:32:21 +0000 Subject: [PATCH 04/13] cronjob-fixer: Update to version master-37 Update container-registry.zalando.net/teapot/cronjob-fixer to version master-37 --- cluster/manifests/cronjob-fixer/deployment.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cluster/manifests/cronjob-fixer/deployment.yaml b/cluster/manifests/cronjob-fixer/deployment.yaml index ff2ab9ecc3..8ca03af478 100644 --- a/cluster/manifests/cronjob-fixer/deployment.yaml +++ b/cluster/manifests/cronjob-fixer/deployment.yaml @@ -27,7 +27,7 @@ spec: serviceAccountName: cronjob-fixer containers: - name: cronjob-fixer - image: "container-registry.zalando.net/teapot/cronjob-fixer:master-36" + image: "container-registry.zalando.net/teapot/cronjob-fixer:master-37" resources: limits: cpu: 5m From 3ef70a34360ff80a27947f8a12c5e86dc9fcf353 Mon Sep 17 00:00:00 2001 From: "k8s-on-aws-manager-app[bot]" <181735053+k8s-on-aws-manager-app[bot]@users.noreply.github.com> Date: Mon, 20 Apr 2026 18:32:55 +0000 Subject: [PATCH 05/13] kube-node-ready-controller: Update to version master-51 Update container-registry.zalando.net/teapot/kube-node-ready-controller to version master-51 --- cluster/manifests/kube-node-ready-controller/daemonset.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cluster/manifests/kube-node-ready-controller/daemonset.yaml b/cluster/manifests/kube-node-ready-controller/daemonset.yaml index b86314eef4..643c3dfeae 100644 --- a/cluster/manifests/kube-node-ready-controller/daemonset.yaml +++ b/cluster/manifests/kube-node-ready-controller/daemonset.yaml @@ -38,7 +38,7 @@ spec: dnsPolicy: Default containers: - name: controller - image: container-registry.zalando.net/teapot/kube-node-ready-controller:master-50 + image: container-registry.zalando.net/teapot/kube-node-ready-controller:master-51 resources: requests: cpu: {{.Cluster.ConfigItems.kube_node_ready_controller_cpu}} From 8039b3778b4736a0b493f25d853b47bb7fc7594a Mon Sep 17 00:00:00 2001 From: "k8s-on-aws-manager-app[bot]" <181735053+k8s-on-aws-manager-app[bot]@users.noreply.github.com> Date: Mon, 20 Apr 2026 19:32:21 +0000 Subject: [PATCH 06/13] event-logger: Update to version master-35 Update container-registry.zalando.net/teapot/event-logger to version master-35 --- cluster/manifests/event-logger/statefulset.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cluster/manifests/event-logger/statefulset.yaml b/cluster/manifests/event-logger/statefulset.yaml index 4ebc5959db..e3a0f4893d 100644 --- a/cluster/manifests/event-logger/statefulset.yaml +++ b/cluster/manifests/event-logger/statefulset.yaml @@ -30,7 +30,7 @@ spec: serviceAccountName: kubernetes-event-logger containers: - name: logger - image: container-registry.zalando.net/teapot/event-logger:master-34 + image: container-registry.zalando.net/teapot/event-logger:master-35 args: - --snapshot-namespace=kube-system - --snapshot-name=kubernetes-event-logger From 10798e6251d93761092650dc62cf8a6719feadce Mon Sep 17 00:00:00 2001 From: "k8s-on-aws-manager-app[bot]" <181735053+k8s-on-aws-manager-app[bot]@users.noreply.github.com> Date: Mon, 20 Apr 2026 20:32:12 +0000 Subject: [PATCH 07/13] deployment-controller: Update to version master-308 Update container-registry.zalando.net/teapot/deployment-controller to version master-308 --- cluster/manifests/deployment-service/controller-deployment.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cluster/manifests/deployment-service/controller-deployment.yaml b/cluster/manifests/deployment-service/controller-deployment.yaml index 51d9babeed..c9e5087f6a 100644 --- a/cluster/manifests/deployment-service/controller-deployment.yaml +++ b/cluster/manifests/deployment-service/controller-deployment.yaml @@ -30,7 +30,7 @@ spec: terminationGracePeriodSeconds: 300 containers: - name: "deployment-service-controller" - image: "container-registry.zalando.net/teapot/deployment-controller:master-307" + image: "container-registry.zalando.net/teapot/deployment-controller:master-308" args: - "--config-namespace=kube-system" - "--decrypt-kms-alias-arn=arn:aws:kms:{{ .Cluster.Region }}:{{ .Cluster.InfrastructureAccountID }}:alias/deployment-secret" From 585e4bb067f867bdf0ff4c36c5e0689ec8595888 Mon Sep 17 00:00:00 2001 From: "k8s-on-aws-manager-app[bot]" <181735053+k8s-on-aws-manager-app[bot]@users.noreply.github.com> Date: Tue, 21 Apr 2026 05:01:59 +0000 Subject: [PATCH 08/13] aws-node-decommissioner: Update to version main-18 Update container-registry.zalando.net/cloud-platform/aws-node-decommissioner to version main-18 --- cluster/manifests/aws-node-decommissioner/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cluster/manifests/aws-node-decommissioner/cronjob.yaml b/cluster/manifests/aws-node-decommissioner/cronjob.yaml index d3c86bc9d7..e394c9e04c 100644 --- a/cluster/manifests/aws-node-decommissioner/cronjob.yaml +++ b/cluster/manifests/aws-node-decommissioner/cronjob.yaml @@ -28,7 +28,7 @@ spec: restartPolicy: Never containers: - name: aws-node-decommissioner - image: container-registry.zalando.net/cloud-platform/aws-node-decommissioner:main-17 + image: container-registry.zalando.net/cloud-platform/aws-node-decommissioner:main-18 env: - name: AWS_REGION value: "{{.Cluster.Region}}" From db4a87a444128d3f742d6d133ae4cfeb5577be22 Mon Sep 17 00:00:00 2001 From: "k8s-on-aws-manager-app[bot]" <181735053+k8s-on-aws-manager-app[bot]@users.noreply.github.com> Date: Tue, 21 Apr 2026 05:02:06 +0000 Subject: [PATCH 09/13] cluster-lifecycle-controller: Update to version master-69 Update container-registry.zalando.net/teapot/cluster-lifecycle-controller to version master-69 --- cluster/manifests/cluster-lifecycle-controller/deployment.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cluster/manifests/cluster-lifecycle-controller/deployment.yaml b/cluster/manifests/cluster-lifecycle-controller/deployment.yaml index e18811cbb1..ffee24cba5 100644 --- a/cluster/manifests/cluster-lifecycle-controller/deployment.yaml +++ b/cluster/manifests/cluster-lifecycle-controller/deployment.yaml @@ -29,7 +29,7 @@ spec: serviceAccountName: cluster-lifecycle-controller containers: - name: cluster-lifecycle-controller - image: container-registry.zalando.net/teapot/cluster-lifecycle-controller:master-68 + image: container-registry.zalando.net/teapot/cluster-lifecycle-controller:master-69 args: - --drain-grace-period={{.Cluster.ConfigItems.drain_grace_period}} - --drain-min-pod-lifetime={{.Cluster.ConfigItems.drain_min_pod_lifetime}} From 880d8e9e946b33bbf6f6090af9f84d21fcfcebe8 Mon Sep 17 00:00:00 2001 From: "k8s-on-aws-manager-app[bot]" <181735053+k8s-on-aws-manager-app[bot]@users.noreply.github.com> Date: Tue, 21 Apr 2026 05:03:17 +0000 Subject: [PATCH 10/13] kubernetes-lifecycle-metrics: Update to version master-48 Update container-registry.zalando.net/teapot/kubernetes-lifecycle-metrics to version master-48 --- cluster/manifests/kubernetes-lifecycle-metrics/deployment.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cluster/manifests/kubernetes-lifecycle-metrics/deployment.yaml b/cluster/manifests/kubernetes-lifecycle-metrics/deployment.yaml index 257ca89c1d..cc21260a32 100644 --- a/cluster/manifests/kubernetes-lifecycle-metrics/deployment.yaml +++ b/cluster/manifests/kubernetes-lifecycle-metrics/deployment.yaml @@ -32,7 +32,7 @@ spec: serviceAccountName: kubernetes-lifecycle-metrics containers: - name: kubernetes-lifecycle-metrics - image: "container-registry.zalando.net/teapot/kubernetes-lifecycle-metrics:master-47" + image: "container-registry.zalando.net/teapot/kubernetes-lifecycle-metrics:master-48" ports: - containerPort: 9090 protocol: TCP From cce6c78315f9b9f30646593b63a608b9b46a01d0 Mon Sep 17 00:00:00 2001 From: "k8s-on-aws-manager-app[bot]" <181735053+k8s-on-aws-manager-app[bot]@users.noreply.github.com> Date: Tue, 21 Apr 2026 05:03:42 +0000 Subject: [PATCH 11/13] role-sync-controller: Update to version main-25 Update container-registry.zalando.net/teapot/role-sync-controller to version main-25 --- cluster/manifests/role-sync-controller/cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cluster/manifests/role-sync-controller/cronjob.yaml b/cluster/manifests/role-sync-controller/cronjob.yaml index adb8398021..0b290bb314 100644 --- a/cluster/manifests/role-sync-controller/cronjob.yaml +++ b/cluster/manifests/role-sync-controller/cronjob.yaml @@ -33,7 +33,7 @@ spec: restartPolicy: Never containers: - name: role-sync-controller - image: container-registry.zalando.net/teapot/role-sync-controller:main-24 + image: container-registry.zalando.net/teapot/role-sync-controller:main-25 args: - --subject-group=PowerUser - --subject-group=Manual From c9b65f62e7dd8b89f29a9c1d771df093bef901e2 Mon Sep 17 00:00:00 2001 From: tcondeixa Date: Tue, 21 Apr 2026 10:44:22 +0200 Subject: [PATCH 12/13] change all VPAs mode from Recreate to InPlaceOrRecreate --- cluster/manifests/03-kube-aws-iam-controller/vpa.yaml | 2 +- cluster/manifests/03-skipper-validation-webhook/vpa.yaml | 2 +- cluster/manifests/04-ebs-csi/vpa.yaml | 2 +- cluster/manifests/aws-load-balancer-controller/vpa.yaml | 2 +- cluster/manifests/cluster-lifecycle-controller/vpa.yaml | 2 +- cluster/manifests/cronjob-fixer/vpa.yaml | 2 +- cluster/manifests/efs-provisioner/vpa.yaml | 2 +- cluster/manifests/event-logger/vpa.yaml | 2 +- cluster/manifests/external-dns/vpa.yaml | 2 +- cluster/manifests/ingress-controller/vpa.yaml | 2 +- cluster/manifests/kube-downscaler/vpa.yaml | 2 +- cluster/manifests/kube-janitor/vpa.yaml | 2 +- cluster/manifests/kube-metrics-adapter/vpa.yaml | 2 +- cluster/manifests/kube-node-ready-controller/vpa.yaml | 2 +- cluster/manifests/kube-state-metrics/vpa.yaml | 2 +- cluster/manifests/kube-static-egress-controller/vpa.yaml | 2 +- cluster/manifests/kubernetes-lifecycle-metrics/vpa.yaml | 2 +- cluster/manifests/metrics-server/metrics-server-vpa.yaml | 2 +- cluster/manifests/pdb-controller/vpa.yaml | 2 +- cluster/manifests/prometheus/prometheus-vpa.yaml | 2 +- cluster/manifests/skipper/pod-deletion-cost-controller-vpa.yaml | 2 +- cluster/manifests/stackset-controller/vpa.yaml | 2 +- cluster/manifests/z-karpenter/vpa.yaml | 2 +- 23 files changed, 23 insertions(+), 23 deletions(-) diff --git a/cluster/manifests/03-kube-aws-iam-controller/vpa.yaml b/cluster/manifests/03-kube-aws-iam-controller/vpa.yaml index 7051ab711e..7750530f48 100644 --- a/cluster/manifests/03-kube-aws-iam-controller/vpa.yaml +++ b/cluster/manifests/03-kube-aws-iam-controller/vpa.yaml @@ -12,7 +12,7 @@ spec: kind: Deployment name: kube-aws-iam-controller updatePolicy: - updateMode: Recreate + updateMode: InPlaceOrRecreate resourcePolicy: containerPolicies: - containerName: kube-aws-iam-controller diff --git a/cluster/manifests/03-skipper-validation-webhook/vpa.yaml b/cluster/manifests/03-skipper-validation-webhook/vpa.yaml index 3bd0525843..8b3dee175e 100644 --- a/cluster/manifests/03-skipper-validation-webhook/vpa.yaml +++ b/cluster/manifests/03-skipper-validation-webhook/vpa.yaml @@ -12,7 +12,7 @@ spec: kind: Deployment name: skipper-validation-webhook updatePolicy: - updateMode: Recreate + updateMode: InPlaceOrRecreate resourcePolicy: containerPolicies: - containerName: skipper-admission-webhook diff --git a/cluster/manifests/04-ebs-csi/vpa.yaml b/cluster/manifests/04-ebs-csi/vpa.yaml index a3336619eb..6358dd70a4 100644 --- a/cluster/manifests/04-ebs-csi/vpa.yaml +++ b/cluster/manifests/04-ebs-csi/vpa.yaml @@ -12,7 +12,7 @@ spec: kind: Deployment name: ebs-csi-controller updatePolicy: - updateMode: Recreate + updateMode: InPlaceOrRecreate resourcePolicy: containerPolicies: - containerName: ebs-plugin diff --git a/cluster/manifests/aws-load-balancer-controller/vpa.yaml b/cluster/manifests/aws-load-balancer-controller/vpa.yaml index d64222729c..4baa4c3f29 100644 --- a/cluster/manifests/aws-load-balancer-controller/vpa.yaml +++ b/cluster/manifests/aws-load-balancer-controller/vpa.yaml @@ -13,7 +13,7 @@ spec: kind: Deployment name: aws-load-balancer-controller updatePolicy: - updateMode: Recreate + updateMode: InPlaceOrRecreate resourcePolicy: containerPolicies: - containerName: controller diff --git a/cluster/manifests/cluster-lifecycle-controller/vpa.yaml b/cluster/manifests/cluster-lifecycle-controller/vpa.yaml index 760592375d..353233582b 100644 --- a/cluster/manifests/cluster-lifecycle-controller/vpa.yaml +++ b/cluster/manifests/cluster-lifecycle-controller/vpa.yaml @@ -12,7 +12,7 @@ spec: kind: Deployment name: "cluster-lifecycle-controller" updatePolicy: - updateMode: Recreate + updateMode: InPlaceOrRecreate resourcePolicy: containerPolicies: - containerName: "cluster-lifecycle-controller" diff --git a/cluster/manifests/cronjob-fixer/vpa.yaml b/cluster/manifests/cronjob-fixer/vpa.yaml index 2d83484063..94881b0b20 100644 --- a/cluster/manifests/cronjob-fixer/vpa.yaml +++ b/cluster/manifests/cronjob-fixer/vpa.yaml @@ -12,7 +12,7 @@ spec: kind: Deployment name: cronjob-fixer updatePolicy: - updateMode: Recreate + updateMode: InPlaceOrRecreate resourcePolicy: containerPolicies: - containerName: cronjob-fixer diff --git a/cluster/manifests/efs-provisioner/vpa.yaml b/cluster/manifests/efs-provisioner/vpa.yaml index 5b45e4980c..d06bda0554 100644 --- a/cluster/manifests/efs-provisioner/vpa.yaml +++ b/cluster/manifests/efs-provisioner/vpa.yaml @@ -13,7 +13,7 @@ spec: kind: Deployment name: efs-provisioner updatePolicy: - updateMode: Recreate + updateMode: InPlaceOrRecreate resourcePolicy: containerPolicies: - containerName: efs-provisioner diff --git a/cluster/manifests/event-logger/vpa.yaml b/cluster/manifests/event-logger/vpa.yaml index 7d280262cf..233d6bfa14 100644 --- a/cluster/manifests/event-logger/vpa.yaml +++ b/cluster/manifests/event-logger/vpa.yaml @@ -12,7 +12,7 @@ spec: kind: StatefulSet name: kubernetes-event-logger updatePolicy: - updateMode: Recreate + updateMode: InPlaceOrRecreate resourcePolicy: containerPolicies: - containerName: logger diff --git a/cluster/manifests/external-dns/vpa.yaml b/cluster/manifests/external-dns/vpa.yaml index 2dbf612956..91aa8ffa32 100644 --- a/cluster/manifests/external-dns/vpa.yaml +++ b/cluster/manifests/external-dns/vpa.yaml @@ -12,7 +12,7 @@ spec: kind: Deployment name: external-dns updatePolicy: - updateMode: Recreate + updateMode: InPlaceOrRecreate resourcePolicy: containerPolicies: - containerName: external-dns diff --git a/cluster/manifests/ingress-controller/vpa.yaml b/cluster/manifests/ingress-controller/vpa.yaml index 9ca3115740..82f02fbf84 100644 --- a/cluster/manifests/ingress-controller/vpa.yaml +++ b/cluster/manifests/ingress-controller/vpa.yaml @@ -11,7 +11,7 @@ spec: kind: Deployment name: kube-ingress-aws-controller updatePolicy: - updateMode: Recreate + updateMode: InPlaceOrRecreate resourcePolicy: containerPolicies: - containerName: kube-ingress-aws-controller diff --git a/cluster/manifests/kube-downscaler/vpa.yaml b/cluster/manifests/kube-downscaler/vpa.yaml index 0f5237663e..2441e12ee8 100644 --- a/cluster/manifests/kube-downscaler/vpa.yaml +++ b/cluster/manifests/kube-downscaler/vpa.yaml @@ -13,7 +13,7 @@ spec: kind: Deployment name: kube-downscaler updatePolicy: - updateMode: Recreate + updateMode: InPlaceOrRecreate resourcePolicy: containerPolicies: - containerName: downscaler diff --git a/cluster/manifests/kube-janitor/vpa.yaml b/cluster/manifests/kube-janitor/vpa.yaml index 08a6470251..71e01b34a3 100644 --- a/cluster/manifests/kube-janitor/vpa.yaml +++ b/cluster/manifests/kube-janitor/vpa.yaml @@ -13,7 +13,7 @@ spec: kind: Deployment name: kube-janitor updatePolicy: - updateMode: Recreate + updateMode: InPlaceOrRecreate resourcePolicy: containerPolicies: - containerName: janitor diff --git a/cluster/manifests/kube-metrics-adapter/vpa.yaml b/cluster/manifests/kube-metrics-adapter/vpa.yaml index e1a38d3ab8..126e3af097 100644 --- a/cluster/manifests/kube-metrics-adapter/vpa.yaml +++ b/cluster/manifests/kube-metrics-adapter/vpa.yaml @@ -12,7 +12,7 @@ spec: kind: Deployment name: kube-metrics-adapter updatePolicy: - updateMode: Recreate + updateMode: InPlaceOrRecreate resourcePolicy: containerPolicies: - containerName: kube-metrics-adapter diff --git a/cluster/manifests/kube-node-ready-controller/vpa.yaml b/cluster/manifests/kube-node-ready-controller/vpa.yaml index b25c54cc56..09002d7cc3 100644 --- a/cluster/manifests/kube-node-ready-controller/vpa.yaml +++ b/cluster/manifests/kube-node-ready-controller/vpa.yaml @@ -13,7 +13,7 @@ spec: kind: Deployment name: kube-node-ready-controller updatePolicy: - updateMode: Recreate + updateMode: InPlaceOrRecreate resourcePolicy: containerPolicies: - containerName: controller diff --git a/cluster/manifests/kube-state-metrics/vpa.yaml b/cluster/manifests/kube-state-metrics/vpa.yaml index 24e72b3aac..bebe03d978 100644 --- a/cluster/manifests/kube-state-metrics/vpa.yaml +++ b/cluster/manifests/kube-state-metrics/vpa.yaml @@ -12,7 +12,7 @@ spec: kind: Deployment name: kube-state-metrics updatePolicy: - updateMode: Recreate + updateMode: InPlaceOrRecreate resourcePolicy: containerPolicies: - containerName: kube-state-metrics diff --git a/cluster/manifests/kube-static-egress-controller/vpa.yaml b/cluster/manifests/kube-static-egress-controller/vpa.yaml index e156a09bef..b5874d3b10 100644 --- a/cluster/manifests/kube-static-egress-controller/vpa.yaml +++ b/cluster/manifests/kube-static-egress-controller/vpa.yaml @@ -12,7 +12,7 @@ spec: kind: Deployment name: "kube-static-egress-controller" updatePolicy: - updateMode: Recreate + updateMode: InPlaceOrRecreate resourcePolicy: containerPolicies: - containerName: "controller" diff --git a/cluster/manifests/kubernetes-lifecycle-metrics/vpa.yaml b/cluster/manifests/kubernetes-lifecycle-metrics/vpa.yaml index ed0cb07b97..43ad26841c 100644 --- a/cluster/manifests/kubernetes-lifecycle-metrics/vpa.yaml +++ b/cluster/manifests/kubernetes-lifecycle-metrics/vpa.yaml @@ -12,7 +12,7 @@ spec: kind: Deployment name: kubernetes-lifecycle-metrics updatePolicy: - updateMode: Recreate + updateMode: InPlaceOrRecreate resourcePolicy: containerPolicies: - containerName: kubernetes-lifecycle-metrics diff --git a/cluster/manifests/metrics-server/metrics-server-vpa.yaml b/cluster/manifests/metrics-server/metrics-server-vpa.yaml index e5b3c5add5..c69ee48219 100644 --- a/cluster/manifests/metrics-server/metrics-server-vpa.yaml +++ b/cluster/manifests/metrics-server/metrics-server-vpa.yaml @@ -12,7 +12,7 @@ spec: kind: Deployment name: metrics-server updatePolicy: - updateMode: Recreate + updateMode: InPlaceOrRecreate resourcePolicy: containerPolicies: - containerName: metrics-server diff --git a/cluster/manifests/pdb-controller/vpa.yaml b/cluster/manifests/pdb-controller/vpa.yaml index fb02352133..7cd16a8537 100644 --- a/cluster/manifests/pdb-controller/vpa.yaml +++ b/cluster/manifests/pdb-controller/vpa.yaml @@ -12,7 +12,7 @@ spec: kind: Deployment name: pdb-controller updatePolicy: - updateMode: Recreate + updateMode: InPlaceOrRecreate resourcePolicy: containerPolicies: - containerName: pdb-controller diff --git a/cluster/manifests/prometheus/prometheus-vpa.yaml b/cluster/manifests/prometheus/prometheus-vpa.yaml index 8382fb6ed2..437d58f771 100644 --- a/cluster/manifests/prometheus/prometheus-vpa.yaml +++ b/cluster/manifests/prometheus/prometheus-vpa.yaml @@ -16,7 +16,7 @@ spec: kind: StatefulSet name: prometheus updatePolicy: - updateMode: Recreate + updateMode: InPlaceOrRecreate resourcePolicy: containerPolicies: - containerName: prometheus diff --git a/cluster/manifests/skipper/pod-deletion-cost-controller-vpa.yaml b/cluster/manifests/skipper/pod-deletion-cost-controller-vpa.yaml index e539ae4cf8..2cbb5765af 100644 --- a/cluster/manifests/skipper/pod-deletion-cost-controller-vpa.yaml +++ b/cluster/manifests/skipper/pod-deletion-cost-controller-vpa.yaml @@ -12,7 +12,7 @@ spec: kind: Deployment name: pod-deletion-cost-controller updatePolicy: - updateMode: Recreate + updateMode: InPlaceOrRecreate resourcePolicy: containerPolicies: - containerName: pod-deletion-cost-controller diff --git a/cluster/manifests/stackset-controller/vpa.yaml b/cluster/manifests/stackset-controller/vpa.yaml index cca83f88b5..69c5329f31 100644 --- a/cluster/manifests/stackset-controller/vpa.yaml +++ b/cluster/manifests/stackset-controller/vpa.yaml @@ -12,7 +12,7 @@ spec: kind: Deployment name: stackset-controller updatePolicy: - updateMode: Recreate + updateMode: InPlaceOrRecreate resourcePolicy: containerPolicies: - containerName: stackset-controller diff --git a/cluster/manifests/z-karpenter/vpa.yaml b/cluster/manifests/z-karpenter/vpa.yaml index 3fe22c19d8..e2e3765493 100644 --- a/cluster/manifests/z-karpenter/vpa.yaml +++ b/cluster/manifests/z-karpenter/vpa.yaml @@ -13,7 +13,7 @@ spec: kind: Deployment name: karpenter updatePolicy: - updateMode: Recreate + updateMode: InPlaceOrRecreate resourcePolicy: containerPolicies: - containerName: controller From 31038cd77272b9567f1b85295b91621756f0ebce Mon Sep 17 00:00:00 2001 From: "k8s-on-aws-manager-app[bot]" <181735053+k8s-on-aws-manager-app[bot]@users.noreply.github.com> Date: Tue, 21 Apr 2026 09:02:41 +0000 Subject: [PATCH 13/13] deployment-controller: Update to version master-309 Update container-registry.zalando.net/teapot/deployment-controller to version master-309 --- cluster/manifests/deployment-service/controller-deployment.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cluster/manifests/deployment-service/controller-deployment.yaml b/cluster/manifests/deployment-service/controller-deployment.yaml index c9e5087f6a..caf186ec69 100644 --- a/cluster/manifests/deployment-service/controller-deployment.yaml +++ b/cluster/manifests/deployment-service/controller-deployment.yaml @@ -30,7 +30,7 @@ spec: terminationGracePeriodSeconds: 300 containers: - name: "deployment-service-controller" - image: "container-registry.zalando.net/teapot/deployment-controller:master-308" + image: "container-registry.zalando.net/teapot/deployment-controller:master-309" args: - "--config-namespace=kube-system" - "--decrypt-kms-alias-arn=arn:aws:kms:{{ .Cluster.Region }}:{{ .Cluster.InfrastructureAccountID }}:alias/deployment-secret"