Skip to content

Commit

Permalink
Update default image to 2.2.2; add cache; update HPA
Browse files Browse the repository at this point in the history
  • Loading branch information
AnchorArray committed Nov 26, 2024
1 parent d298b90 commit 5fe974a
Show file tree
Hide file tree
Showing 7 changed files with 109 additions and 25 deletions.
11 changes: 11 additions & 0 deletions charts/guardrails/CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,17 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
and this project adheres to [Semantic Versioning]
(https://semver.org/spec/v2.0.0.html).

## [0.4.0] - 2024-11-26

### Changed

- Default image tag from `2.0.1` to `2.2.2`

### Added

- Caching support enabled with `cache.enable: true`
- Horizontal Pod Autoscaler (HPA) support for configuring scaling behavior

## [0.3.1] - 2024-10-31

### Fixed
Expand Down
22 changes: 12 additions & 10 deletions charts/guardrails/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -31,11 +31,11 @@ You can manage the API keys and container secrets in one of two ways, depending
# Helm release name (See installation for release_name usage)
release_name=""

kubectl create secret generic "whylabs-${release_name}-api-key" \
kubectl create secret generic "whylabs-guardrails-api-key" \
--namespace "${target_namespace}" \
--from-literal=WHYLABS_API_KEY="${whylabs_api_key}"

kubectl create secret generic "whylabs-${release_name}-api-secret" \
kubectl create secret generic "whylabs-guardrails-api-secret" \
--namespace "${target_namespace}" \
--from-literal=CONTAINER_PASSWORD="${container_password}"

Expand Down Expand Up @@ -67,12 +67,12 @@ You can manage the API keys and container secrets in one of two ways, depending

```yaml
envFrom:
whylabs-guardrails-api-key:
type: secretRef
optional: true
whylabs-guardrails-api-secret:
type: secretRef
optional: true
- secretRef:
name: whylabs-guardrails-api-key
optional: true
- secretRef:
name: whylabs-guardrails-api-secret
optional: true
```

- File-based Secrets: If you are using a CSI driver, set envFrom: {} in your
Expand Down Expand Up @@ -195,9 +195,11 @@ utilization.
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| affinity | object | `{}` | Affinity settings for `Pod` [scheduling](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/). If an explicit label selector is not provided for pod affinity or pod anti-affinity one will be created from the pod selector labels. |
| autoscaling | object | `{"enabled":false,"maxReplicas":100,"minReplicas":1,"targetCPUUtilizationPercentage":70}` | [Horizontal Pod Autoscaler](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) configuration for the `guardrails` container. |
| autoscaling | object | `{"behavior":{"scaleDown":{"policies":[{"periodSeconds":180,"type":"Pods","value":"{{ .Values.replicaCount | int }}"},{"periodSeconds":180,"type":"Percent","value":30}],"selectPolicy":"Max","stabilizationWindowSeconds":300},"scaleUp":{"policies":[{"periodSeconds":180,"type":"Pods","value":"{{ .Values.replicaCount | int }}"},{"periodSeconds":180,"type":"Percent","value":50}],"selectPolicy":"Min","stabilizationWindowSeconds":180}},"enabled":false,"maxReplicas":100,"minReplicas":1,"targetCPUUtilizationPercentage":70}` | [Horizontal Pod Autoscaler](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) configuration for the `guardrails` container. |
| cache.annotations | object | `{}` | |
| cache.duration | string | `"1m"` | |
| cache.enable | bool | `false` | |
| cache.endpoint | string | `"api.whylabsapp.com"` | |
| cache.labels | object | `{}` | |
| cache.replicaCount | int | `1` | |
| commonLabels | object | `{}` | Labels to add to all chart resources. |
Expand All @@ -208,7 +210,7 @@ utilization.
| fullnameOverride | string | `""` | Override the full name of the chart. |
| image.pullPolicy | string | `"IfNotPresent"` | Image pull policy for the `guardrails` container. |
| image.repository | string | `"registry.gitlab.com/whylabs/langkit-container"` | Image repository for the `guardrails` container. |
| image.tag | string | `""` | Image tag for the `guardrails` container, this will default to `.Chart.AppVersion` if not set. |
| image.tag | string | `"2.2.2"` | Image tag for the `guardrails` container, this will default to `.Chart.AppVersion` if not set. |
| imagePullSecrets[0] | list | `{"name":""}` | Image pull secrets for the `guardrails` container. Defaults to `whylabs-{{ .Release.Name }}-registry-credentials` if `name: ""`. To exclude The ImagePullSecret entirely, set `imagePullSecrets: []` and comment out the list items. |
| ingress | object | `{"annotations":{},"className":"","enabled":false,"hosts":[{"host":"chart-example.local","paths":[{"path":"/","pathType":"ImplementationSpecific"}]}],"tls":[]}` | [Ingress](https://kubernetes.io/docs/concepts/services-networking/ingress/) configuration for the `guardrails` container. |
| livenessProbe | object | `{"failureThreshold":3,"httpGet":{"path":"/health","port":8000},"initialDelaySeconds":30,"periodSeconds":30}` | [Liveness probe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/) configuration for the `guardrails` container. |
Expand Down
16 changes: 8 additions & 8 deletions charts/guardrails/README.md.gotmpl
Original file line number Diff line number Diff line change
Expand Up @@ -38,11 +38,11 @@ You can manage the API keys and container secrets in one of two ways, depending
# Helm release name (See installation for release_name usage)
release_name=""

kubectl create secret generic "whylabs-${release_name}-api-key" \
kubectl create secret generic "whylabs-guardrails-api-key" \
--namespace "${target_namespace}" \
--from-literal=WHYLABS_API_KEY="${whylabs_api_key}"

kubectl create secret generic "whylabs-${release_name}-api-secret" \
kubectl create secret generic "whylabs-guardrails-api-secret" \
--namespace "${target_namespace}" \
--from-literal=CONTAINER_PASSWORD="${container_password}"

Expand Down Expand Up @@ -74,12 +74,12 @@ You can manage the API keys and container secrets in one of two ways, depending

```yaml
envFrom:
whylabs-guardrails-api-key:
type: secretRef
optional: true
whylabs-guardrails-api-secret:
type: secretRef
optional: true
- secretRef:
name: whylabs-guardrails-api-key
optional: true
- secretRef:
name: whylabs-guardrails-api-secret
optional: true
```

- File-based Secrets: If you are using a CSI driver, set envFrom: {} in your
Expand Down
6 changes: 3 additions & 3 deletions charts/guardrails/templates/configmap-cache.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -47,12 +47,12 @@ data:
}
cache_config.conf: |
proxy_cache my_cache;
proxy_cache_valid 200 403 1m;
proxy_cache_valid 200 403 {{ .Values.cache.duration }};
proxy_cache_use_stale error timeout http_500 http_502 http_503 http_504;
add_header X-Cache-Status $upstream_cache_status always;
common_proxy.conf: |
proxy_pass https://songbird.development.whylabsdev.com;
proxy_set_header Host songbird.development.whylabsdev.com;
proxy_pass https://{{ .Values.cache.endpoint }};
proxy_set_header Host {{ .Values.cache.endpoint }};
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
Expand Down
3 changes: 2 additions & 1 deletion charts/guardrails/templates/deployment-cache.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,8 @@ spec:
app: {{ .Release.Name }}-cache
spec:
serviceAccountName: {{ include "guardrails.serviceAccountName" . }}
securityContext:
fsGroup: 101
containers:
- name: nginx
securityContext:
Expand All @@ -30,7 +32,6 @@ spec:
runAsNonRoot: true
runAsUser: 101
runAsGroup: 101
fsGroup: 101
capabilities:
drop: ["ALL"]
image: "nginxinc/nginx-unprivileged:latest"
Expand Down
41 changes: 39 additions & 2 deletions charts/guardrails/templates/hpa.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -10,8 +10,45 @@ spec:
apiVersion: apps/v1
kind: Deployment
name: {{ include "guardrails.fullname" . }}
minReplicas: {{ .Values.autoscaling.minReplicas }}
maxReplicas: {{ .Values.autoscaling.maxReplicas }}
minReplicas: {{ default 1 .Values.autoscaling.minReplicas }}
maxReplicas: {{ default 20 .Values.autoscaling.maxReplicas }}
{{- with .Values.autoscaling.behavior }}
behavior:
{{- with .scaleUp }}
scaleUp:
{{- with .policies }}
policies:
{{- range . }}
- type: {{ .type }}
value: {{ tpl (toString .value) $ | int }}
periodSeconds: {{ .periodSeconds | int }}
{{- end }}
{{- end }}
{{- with .selectPolicy }}
selectPolicy: {{ . }}
{{- end }}
{{- with .stabilizationWindowSeconds }}
stabilizationWindowSeconds: {{ . | int }}
{{- end }}
{{- end }}
{{- with .scaleDown }}
scaleDown:
{{- with .policies }}
policies:
{{- range . }}
- type: {{ .type }}
value: {{ tpl (toString .value) $ | int }}
periodSeconds: {{ .periodSeconds | int }}
{{- end }}
{{- end }}
{{- with .selectPolicy }}
selectPolicy: {{ . }}
{{- end }}
{{- with .stabilizationWindowSeconds }}
stabilizationWindowSeconds: {{ . | int}}
{{- end }}
{{- end }}
{{- end }}
metrics:
{{- if .Values.autoscaling.targetCPUUtilizationPercentage }}
- type: Resource
Expand Down
35 changes: 34 additions & 1 deletion charts/guardrails/values.yaml
Original file line number Diff line number Diff line change
@@ -1,6 +1,8 @@
cache:
enable: false
duration: 1m
replicaCount: 1
endpoint: "api.whylabsapp.com"
annotations: {}
labels: {}

Expand All @@ -14,7 +16,7 @@ image:
pullPolicy: IfNotPresent
# -- (string) Image tag for the `guardrails` container, this will default to
# `.Chart.AppVersion` if not set.
tag: ""
tag: "2.2.2"

imagePullSecrets:
# -- (list) Image pull secrets for the `guardrails` container. Defaults to
Expand Down Expand Up @@ -138,6 +140,37 @@ autoscaling:
enabled: false
minReplicas: 1
maxReplicas: 100
behavior:
scaleUp:
policies:
- type: Pods
value: "{{ .Values.replicaCount | int }}"
periodSeconds: 180
- type: Percent
value: 50
periodSeconds: 180
# selectPolicy can be `Min` or `Max` and refers to scaling policy
# to choose when there are multiple policies; `Max` will choose the
# policy perform the largest scaling adjustment, while `Min` will
# choose the policy that performs the smallest scaling adjustment.
selectPolicy: Min
stabilizationWindowSeconds: 180
scaleDown:
policies:
- type: Pods
value: "{{ .Values.replicaCount | int }}"
# periodSeconds is the rate at which a policy can be applied;
# this policy may only be applied once per period.
periodSeconds: 180
- type: Percent
value: 30
# periodSeconds is the rate at which a policy can be applied;
# this policy may only be applied once per period.
periodSeconds: 180
selectPolicy: Max
# stabilizationWindowSeconds is how many seconds the HPA looks back
# to determine if a policy is being met.
stabilizationWindowSeconds: 300
targetCPUUtilizationPercentage: 70
# targetMemoryUtilizationPercentage: 70

Expand Down

0 comments on commit 5fe974a

Please sign in to comment.