github/capsule
1
0
Fork 0
mirror of https://github.com/projectcapsule/capsule.git synced 2026-02-14 18:09:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: diverse performance improvements (#1861)

Browse Source 
Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>
This commit is contained in:
Oliver Bähler
2026-02-03 22:05:00 +01:00
committed by GitHub
parent 43c23cb4c8
commit 0abc77b56a
146 changed files with 5620 additions and 1760 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
hack/distro/capsule/example-setup/claims.yaml Normal file
View File

@@ -0,0 +1,35 @@
---
apiVersion: capsule.clastix.io/v1beta2
kind: ResourcePoolClaim
metadata:
name: get-me-solar
namespace: solar-test
spec:
pool: "solar-pool"
claim:
requests.cpu: "2"
requests.memory: 2Gi
---
apiVersion: capsule.clastix.io/v1beta2
kind: ResourcePoolClaim
metadata:
name: get-me-solar-2
namespace: solar-test
spec:
pool: "solar-pool"
claim:
requests.cpu: "2"
requests.memory: 2Gi
---
apiVersion: capsule.clastix.io/v1beta2
kind: ResourcePoolClaim
metadata:
name: get-me-customer
annotations:
"projectcapsule.dev/release": "true"
namespace: solar-test
spec:
pool: "customer-pool"
claim:
requests.cpu: "2"
requests.memory: 2Gi

1
hack/distro/capsule/example-setup/kustomization.yaml
View File

@@ -4,3 +4,4 @@ resources:
- owners.yaml
- tenants.yaml
- resource.yaml
- pools.yaml

32
hack/distro/capsule/example-setup/pools.yaml Normal file
View File

@@ -0,0 +1,32 @@
---
apiVersion: capsule.clastix.io/v1beta2
kind: ResourcePool
metadata:
name: solar-pool
spec:
quota:
hard:
limits.cpu: "2"
limits.memory: 2Gi
requests.cpu: "2"
requests.memory: 2Gi
requests.storage: "5Gi"
selectors:
- matchLabels:
capsule.clastix.io/tenant: solar
---
apiVersion: capsule.clastix.io/v1beta2
kind: ResourcePool
metadata:
name: customer-pool
spec:
quota:
hard:
limits.cpu: "2"
limits.memory: 2Gi
requests.cpu: "2"
requests.memory: 2Gi
requests.storage: "5Gi"
selectors:
- matchLabels:
customer: a

62
hack/distro/capsule/example-setup/tenants.yaml
View File

@@ -3,6 +3,8 @@ apiVersion: capsule.clastix.io/v1beta2
kind: Tenant
metadata:
name: solar
labels:
customer: a
spec:
owners:
- name: alice
@@ -13,12 +15,51 @@ spec:
team: platform
- matchLabels:
tenant: solar
namespaceOptions:
requiredMetadata:
labels:
env: "prod|test|dev"
additionalMetadata:
labels:
team: platform
annotations:
owner: "team-platform"
additionalMetadataList:
- labels:
customer: a
additionalRoleBindings:
- clusterRoleName: 'view'
subjects:
- apiGroup: rbac.authorization.k8s.io
kind: User
name: joe
---
apiVersion: capsule.clastix.io/v1beta2
kind: Tenant
metadata:
name: green
labels:
customer: a
spec:
namespaceOptions:
requiredMetadata:
labels:
env: "prod|test|dev"
permissions:
matchOwners:
- matchLabels:
team: devops
- matchLabels:
tenant: green
owners:
- name: bob
kind: User
additionalRoleBindings:
- clusterRoleName: 'view'
subjects:
- apiGroup: rbac.authorization.k8s.io
kind: User
name: alice
rules:
- enforce:
registries:
@@ -39,27 +80,6 @@ spec:
---
apiVersion: capsule.clastix.io/v1beta2
kind: Tenant
metadata:
name: green
spec:
permissions:
matchOwners:
- matchLabels:
team: devops
- matchLabels:
tenant: green
owners:
- name: bob
kind: User
additionalRoleBindings:
- clusterRoleName: 'view'
subjects:
- apiGroup: rbac.authorization.k8s.io
kind: User
name: alice
---
apiVersion: capsule.clastix.io/v1beta2
kind: Tenant
metadata:
name: wind
spec:

11
hack/distro/host-proxy/deploy.yaml
View File

@@ -15,9 +15,6 @@ spec:
labels:
app: capsule
annotations:
prometheus.io/scrape: 'true'
prometheus.io/path: '/metrics'
prometheus.io/port: '8080'
profiles.grafana.com/memory.scrape: "true"
profiles.grafana.com/memory.port: "8082"
profiles.grafana.com/cpu.scrape: "true"
@@ -26,11 +23,13 @@ spec:
profiles.grafana.com/goroutine.port: "8082"
spec:
containers:
- name: tcp-proxy
- name: capsule
image: alpine/socat
ports:
- containerPort: 8080
- containerPort: 8082
- name: metrics
containerPort: 8080
- name: profiling
containerPort: 8082
command: ["sh", "-c"]
args:
- |

306
hack/distro/monitoring/dashboards/ctrl-runtime-admission.json
View File

@@ -24,7 +24,7 @@
"editable": true,
"fiscalYearStartMonth": 0,
"graphTooltip": 0,
"id": 10,
"id": 31,
"links": [],
"panels": [
{
@@ -121,7 +121,7 @@
"sort": "none"
}
},
"pluginVersion": "12.3.0",
"pluginVersion": "12.3.1",
"targets": [
{
"datasource": {
@@ -221,7 +221,7 @@
"sort": "none"
}
},
"pluginVersion": "12.3.0",
"pluginVersion": "12.3.1",
"targets": [
{
"datasource": {
@@ -240,13 +240,303 @@
"title": "Reoncile Rate",
"type": "timeseries"
},
{
"datasource": {
"type": "prometheus",
"uid": "prometheus"
},
"fieldConfig": {
"defaults": {
"color": {
"mode": "palette-classic"
},
"custom": {
"axisBorderShow": false,
"axisCenteredZero": false,
"axisColorMode": "text",
"axisLabel": "",
"axisPlacement": "auto",
"barAlignment": 0,
"barWidthFactor": 0.6,
"drawStyle": "line",
"fillOpacity": 0,
"gradientMode": "none",
"hideFrom": {
"legend": false,
"tooltip": false,
"viz": false
},
"insertNulls": false,
"lineInterpolation": "linear",
"lineWidth": 1,
"pointSize": 5,
"scaleDistribution": {
"type": "linear"
},
"showPoints": "auto",
"showValues": false,
"spanNulls": false,
"stacking": {
"group": "A",
"mode": "none"
},
"thresholdsStyle": {
"mode": "off"
}
},
"mappings": [],
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green",
"value": 0
},
{
"color": "red",
"value": 80
}
]
},
"unit": "s"
},
"overrides": []
},
"gridPos": {
"h": 9,
"w": 12,
"x": 0,
"y": 10
},
"id": 13,
"options": {
"legend": {
"calcs": [
"lastNotNull"
],
"displayMode": "table",
"placement": "right",
"showLegend": true,
"sortBy": "Last *",
"sortDesc": true
},
"tooltip": {
"hideZeros": false,
"mode": "single",
"sort": "none"
}
},
"pluginVersion": "12.3.1",
"targets": [
{
"editorMode": "code",
"exemplar": false,
"expr": "histogram_quantile(\n 0.99,\n sum by (le, webhook) (rate(controller_runtime_webhook_latency_seconds_bucket{job=\"$job\"}[5m]))\n)",
"format": "time_series",
"instant": false,
"legendFormat": "{{webhook}}",
"range": true,
"refId": "A"
}
],
"title": "Webhook Latency (P99)",
"type": "timeseries"
},
{
"datasource": {
"type": "prometheus",
"uid": "prometheus"
},
"fieldConfig": {
"defaults": {
"color": {
"mode": "palette-classic"
},
"custom": {
"axisBorderShow": false,
"axisCenteredZero": false,
"axisColorMode": "text",
"axisLabel": "",
"axisPlacement": "auto",
"barAlignment": 0,
"barWidthFactor": 0.6,
"drawStyle": "line",
"fillOpacity": 0,
"gradientMode": "none",
"hideFrom": {
"legend": false,
"tooltip": false,
"viz": false
},
"insertNulls": false,
"lineInterpolation": "linear",
"lineWidth": 1,
"pointSize": 5,
"scaleDistribution": {
"type": "linear"
},
"showPoints": "auto",
"showValues": false,
"spanNulls": false,
"stacking": {
"group": "A",
"mode": "none"
},
"thresholdsStyle": {
"mode": "off"
}
},
"mappings": [],
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green",
"value": 0
},
{
"color": "red",
"value": 80
}
]
}
},
"overrides": []
},
"gridPos": {
"h": 9,
"w": 12,
"x": 12,
"y": 10
},
"id": 15,
"options": {
"legend": {
"calcs": [],
"displayMode": "list",
"placement": "bottom",
"showLegend": true
},
"tooltip": {
"hideZeros": false,
"mode": "single",
"sort": "none"
}
},
"pluginVersion": "12.3.1",
"targets": [
{
"editorMode": "code",
"expr": "controller_runtime_webhook_requests_total{job=\"$job\"}",
"legendFormat": "{{webhook}}",
"range": true,
"refId": "A"
}
],
"title": "Admission Requests",
"type": "timeseries"
},
{
"datasource": {
"type": "prometheus",
"uid": "prometheus"
},
"fieldConfig": {
"defaults": {
"color": {
"mode": "palette-classic"
},
"custom": {
"axisBorderShow": false,
"axisCenteredZero": false,
"axisColorMode": "text",
"axisLabel": "",
"axisPlacement": "auto",
"barAlignment": 0,
"barWidthFactor": 0.6,
"drawStyle": "line",
"fillOpacity": 0,
"gradientMode": "none",
"hideFrom": {
"legend": false,
"tooltip": false,
"viz": false
},
"insertNulls": false,
"lineInterpolation": "linear",
"lineWidth": 1,
"pointSize": 5,
"scaleDistribution": {
"type": "linear"
},
"showPoints": "auto",
"showValues": false,
"spanNulls": false,
"stacking": {
"group": "A",
"mode": "none"
},
"thresholdsStyle": {
"mode": "off"
}
},
"mappings": [],
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green",
"value": 0
},
{
"color": "red",
"value": 80
}
]
}
},
"overrides": []
},
"gridPos": {
"h": 8,
"w": 12,
"x": 0,
"y": 19
},
"id": 14,
"options": {
"legend": {
"calcs": [],
"displayMode": "list",
"placement": "bottom",
"showLegend": true
},
"tooltip": {
"hideZeros": false,
"mode": "single",
"sort": "none"
}
},
"pluginVersion": "12.3.1",
"targets": [
{
"editorMode": "code",
"expr": "controller_runtime_webhook_requests_in_flight{job=\"$job\"}",
"legendFormat": "{{webhook}}",
"range": true,
"refId": "A"
}
],
"title": "Requests In-Flight",
"type": "timeseries"
},
{
"collapsed": false,
"gridPos": {
"h": 1,
"w": 24,
"x": 0,
"y": 10
"y": 27
},
"id": 8,
"panels": [],
@@ -319,7 +609,7 @@
"h": 9,
"w": 24,
"x": 0,
"y": 11
"y": 28
},
"id": 10,
"options": {
@@ -335,7 +625,7 @@
"sort": "none"
}
},
"pluginVersion": "12.3.0",
"pluginVersion": "12.3.1",
"targets": [
{
"datasource": {
@@ -378,7 +668,7 @@
"h": 10,
"w": 24,
"x": 0,
"y": 20
"y": 37
},
"id": 12,
"options": {
@@ -419,7 +709,7 @@
"unit": "short"
}
},
"pluginVersion": "12.3.0",
"pluginVersion": "12.3.1",
"targets": [
{
"datasource": {

3
hack/distro/monitoring/kube-prometheus-stack/release.flux.yaml
View File

@@ -6,7 +6,7 @@ metadata:
namespace: flux-system
spec:
serviceAccountName: kustomize-controller
interval: 30s
interval: 5m
timeout: 10m
targetNamespace: monitoring-system
releaseName: "kube-prometheus-stack"
@@ -24,7 +24,6 @@ spec:
retries: -1
upgrade:
remediation:
remediateLastFailure: true
retries: -1
driftDetection:
mode: enabled

1
hack/kind-cluster.yaml
View File

@@ -6,3 +6,4 @@ featureGates:
ImageVolume: true
nodes:
- role: control-plane
- role: worker

42
hack/pentest.sh Normal file
View File

@@ -0,0 +1,42 @@
#!/usr/bin/env sh
OUT=busybox-test.yml
: > "$OUT" # truncate file
for i in $(seq 0 99); do
cat >> "$OUT" <<EOF
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: busybox-$i
name: busybox-$i
namespace: solar-test
spec:
replicas: 1
selector:
matchLabels:
app: busybox-$i
strategy: {}
template:
metadata:
labels:
app: busybox-$i
spec:
containers:
- image: busybox:latest
name: busybox-$i
command:
- "sleep"
- "100"
resources:
requests:
cpu: 1m
memory: 16Mi
limits:
cpu: 10m
memory: 32Mi
EOF
done