From 09fb8a5074086e6711678e889eb96bfd6062d345 Mon Sep 17 00:00:00 2001
From: Daniele Monti <62102073+Monska85@users.noreply.github.com>
Date: Wed, 29 May 2024 17:33:55 +0200
Subject: [PATCH] feat: change pod distribution strategy using
topologySpreadConstraints instead of podAntiAffinity
---
CHANGELOG.md | 10 ++++++++++
README.md | 5 ++++-
examples/main.tf | 5 ++---
files/values.yaml.tftpl | 30 ++++++++++--------------------
main.tf | 11 +++++++----
variables.tf | 22 ++++++++++++++++++++--
6 files changed, 53 insertions(+), 30 deletions(-)
diff --git a/CHANGELOG.md b/CHANGELOG.md
index f240843..8ac2b64 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -8,6 +8,16 @@ to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
## [Unreleased]
+## [0.6.0] - 2024-05-29
+
+[Compare with previous version](https://github.com/sparkfabrik/terraform-helm-ingress-nginx/compare/0.5.2...0.6.0)
+
+### Changed
+
+- ⚠️ BREAKING CHANGE: use `topologySpreadConstraints` instead of `podAntiAffinity` for better control over pod distribution.
+
+If you have not set the old `set_controller_default_pod_anti_affinity` varible, you can safely upgrade to this version. Otherwise, you can turn off the `topologySpreadConstraints` feature by setting the new `set_controller_default_topology_spread_constraints` to `false`.
+
## [0.5.2] - 2024-05-15
[Compare with previous version](https://github.com/sparkfabrik/terraform-helm-ingress-nginx/compare/0.5.1...0.5.2)
diff --git a/README.md b/README.md
index bbb7268..9c4bf09 100644
--- a/README.md
+++ b/README.md
@@ -32,7 +32,10 @@ This is Terraform module to install and configure the Nginx Ingress Controller.
| [ingress\_nginx\_controller\_min\_replicas](#input\_ingress\_nginx\_controller\_min\_replicas) | Minimum number of replicas for the ingress controller. | `number` | `1` | no |
| [namespace](#input\_namespace) | Namespace of the ingress controller. | `string` | n/a | yes |
| [namespace\_additional\_labels](#input\_namespace\_additional\_labels) | Additional labels for the namespace of the ingress controller. | `map(string)` | `{}` | no |
-| [set\_controller\_default\_pod\_anti\_affinity](#input\_set\_controller\_default\_pod\_anti\_affinity) | Set the podAntiAffinity for the ingress controller. | `bool` | `true` | no |
+| [set\_controller\_default\_topology\_spread\_constraints](#input\_set\_controller\_default\_topology\_spread\_constraints) | Set the topologySpreadConstraints for the ingress controller. | `bool` | `true` | no |
+| [set\_controller\_default\_topology\_spread\_constraints\_max\_skew](#input\_set\_controller\_default\_topology\_spread\_constraints\_max\_skew) | Set the topologyKey in the topologySpreadConstraints for the ingress controller. | `number` | `1` | no |
+| [set\_controller\_default\_topology\_spread\_constraints\_topology\_key](#input\_set\_controller\_default\_topology\_spread\_constraints\_topology\_key) | Set the topologyKey in the topologySpreadConstraints for the ingress controller. | `string` | `"kubernetes.io/hostname"` | no |
+| [set\_controller\_default\_topology\_spread\_constraints\_when\_unsatisfiable](#input\_set\_controller\_default\_topology\_spread\_constraints\_when\_unsatisfiable) | Set the whenUnsatisfiable policy in the topologySpreadConstraints for the ingress controller. | `string` | `"ScheduleAnyway"` | no |
## Outputs
diff --git a/examples/main.tf b/examples/main.tf
index cf54ab4..ae2a200 100644
--- a/examples/main.tf
+++ b/examples/main.tf
@@ -1,5 +1,4 @@
module "ingress_nginx" {
- source = "../"
- chart_version = "4.8.3"
- namespace = "ingress-nginx"
+ source = "../"
+ namespace = "ingress-nginx"
}
diff --git a/files/values.yaml.tftpl b/files/values.yaml.tftpl
index 4ff1f89..23ac090 100644
--- a/files/values.yaml.tftpl
+++ b/files/values.yaml.tftpl
@@ -33,26 +33,16 @@ controller:
ssl-reject-handshake: "true"
service:
externalTrafficPolicy: "Local"
- %{~ if set_controller_default_pod_anti_affinity }
- # Set the default antiaffinity. If you eneable the hpa, the pods will be distributed in different nodes.
- affinity:
- podAntiAffinity:
- requiredDuringSchedulingIgnoredDuringExecution:
- - labelSelector:
- matchExpressions:
- - key: app.kubernetes.io/name
- operator: In
- values:
- - ${chart_name}
- - key: app.kubernetes.io/instance
- operator: In
- values:
- - ${release_name}
- - key: app.kubernetes.io/component
- operator: In
- values:
- - controller
- topologyKey: "kubernetes.io/hostname"
+ %{~ if set_controller_default_topology_spread_constraints }
+ topologySpreadConstraints:
+ - maxSkew: ${set_controller_default_topology_spread_constraints_max_skew}
+ topologyKey: "${set_controller_default_topology_spread_constraints_topology_key}"
+ whenUnsatisfiable: "${set_controller_default_topology_spread_constraints_when_unsatisfiable}"
+ labelSelector:
+ matchLabels:
+ app.kubernetes.io/name: ${chart_name}
+ app.kubernetes.io/instance: ${release_name}
+ app.kubernetes.io/component: controller
%{~ endif ~}
defaultBackend:
diff --git a/main.tf b/main.tf
index 356bb91..0d6898a 100644
--- a/main.tf
+++ b/main.tf
@@ -36,10 +36,13 @@ resource "helm_release" "this" {
templatefile(
"${path.module}/files/values.yaml.tftpl",
{
- common_labels = var.common_labels
- ingress_nginx_controller_min_replicas = var.ingress_nginx_controller_min_replicas
- ingress_nginx_controller_max_replicas = var.ingress_nginx_controller_max_replicas
- set_controller_default_pod_anti_affinity = var.set_controller_default_pod_anti_affinity
+ common_labels = var.common_labels
+ ingress_nginx_controller_min_replicas = var.ingress_nginx_controller_min_replicas
+ ingress_nginx_controller_max_replicas = var.ingress_nginx_controller_max_replicas
+ set_controller_default_topology_spread_constraints = var.set_controller_default_topology_spread_constraints
+ set_controller_default_topology_spread_constraints_max_skew = var.set_controller_default_topology_spread_constraints_max_skew
+ set_controller_default_topology_spread_constraints_topology_key = var.set_controller_default_topology_spread_constraints_topology_key
+ set_controller_default_topology_spread_constraints_when_unsatisfiable = var.set_controller_default_topology_spread_constraints_when_unsatisfiable
# Variables for creating the selector labels.
# If you use `nameOverride` in your values, you should use that instead of `chart_name`.
diff --git a/variables.tf b/variables.tf
index bc7acec..517f629 100644
--- a/variables.tf
+++ b/variables.tf
@@ -51,8 +51,26 @@ variable "ingress_nginx_controller_max_replicas" {
default = 3
}
-variable "set_controller_default_pod_anti_affinity" {
- description = "Set the podAntiAffinity for the ingress controller."
+variable "set_controller_default_topology_spread_constraints" {
+ description = "Set the topologySpreadConstraints for the ingress controller."
type = bool
default = true
}
+
+variable "set_controller_default_topology_spread_constraints_max_skew" {
+ description = "Set the topologyKey in the topologySpreadConstraints for the ingress controller."
+ type = number
+ default = 1
+}
+
+variable "set_controller_default_topology_spread_constraints_topology_key" {
+ description = "Set the topologyKey in the topologySpreadConstraints for the ingress controller."
+ type = string
+ default = "kubernetes.io/hostname"
+}
+
+variable "set_controller_default_topology_spread_constraints_when_unsatisfiable" {
+ description = "Set the whenUnsatisfiable policy in the topologySpreadConstraints for the ingress controller."
+ type = string
+ default = "ScheduleAnyway"
+}