The Vertical Pod Autoscaler (VPA) frees the users from necessity of setting up-to-date resource limits and requests for the containers in their pods. When configured, it will set the requests automatically based on usage and thus allow proper scheduling onto nodes so that appropriate resource amount is available for each pod. It will also maintain ratios between limits and requests that were specified in initial containers configuration.
It can both down-scale pods that are over-requesting resources, and also up-scale pods that are under-requesting resources based on their usage over time.
Autoscaling is configured with a CustomResourceDefinition
object called VerticalPodAutoscaler
. It allows to specify which pods should be vertically autoscaled as well as if/how the resource recommendations are applied.
This chart manages the MutatingWebhookConfiguration
outside of the workload so there is no need to run additional logic to clean-up after VPA is uninstalled, webhook certificates can also be managed by Cert Manager. The chart handles the parameters for logging levels and ports but all other parameters need to be passed in to the components.
Homepage: https://github.com/kubernetes/autoscaler/
Name | Url | |
---|---|---|
stevehipwell | steve.hipwell@gmail.com |
- https://github.com/kubernetes/autoscaler/tree/master/vertical-pod-autoscaler/
- https://github.com/stevehipwell/helm-charts/
To install the chart using the recommended OCI method you can use the following command.
helm upgrade --install vertical-pod-autoscaler oci://ghcr.io/stevehipwell/helm-charts/vertical-pod-autoscaler --version 1.7.2
As the OCI chart release is signed by Cosign you can verify the chart before installing it by running the following command.
cosign verify --certificate-oidc-issuer https://token.actions.githubusercontent.com --certificate-identity-regexp 'https://github\.com/action-stars/helm-workflows/\.github/workflows/release\.yaml@.+' --certificate-github-workflow-repository stevehipwell/helm-charts --certificate-github-workflow-name Release ghcr.io/stevehipwell/helm-charts/vertical-pod-autoscaler:1.7.2
Alternatively you can use the legacy non-OCI method via the following commands.
helm repo add stevehipwell https://stevehipwell.github.io/helm-charts/
helm upgrade --install vertical-pod-autoscaler stevehipwell/vertical-pod-autoscaler --version 1.7.2
Key | Type | Default | Description |
---|---|---|---|
admissionController.affinity | object | {} |
Affinity settings for scheduling the Admission Controller component. If an explicit label selector is not provided for pod affinity or pod anti-affinity one will be created from the pod selector labels. |
admissionController.certManager.enabled | bool | false |
If true , create a Certificate resource for the Admission Controller webhook. |
admissionController.certManager.issuerKind | string | "Issuer" |
Issuer kind for the Admission Controller webhook certificate. |
admissionController.certManager.issuerName | string | nil |
Issuer name for the Admission Controller webhook certificate; if not provided an Issuer will be created. |
admissionController.extraArgs | list | [] |
Additional args for the Admission Controller default container. |
admissionController.extraEnv | list | [] |
Additional environment variables for the Admission Controller default container. |
admissionController.image.pullPolicy | string | "IfNotPresent" |
Image pull policy for the Admission Controller default container. |
admissionController.image.repository | string | "registry.k8s.io/autoscaling/vpa-admission-controller" |
Image repository for the Admission Controller default container. |
admissionController.image.tag | string | nil |
Image tag for the Admission Controller default container; this will default to .Chart.AppVersion if not set. |
admissionController.livenessProbe | object | See values.yaml | Liveness probe configuration for the Admission Controller default container. |
admissionController.nodeSelector | object | {} |
Node selector labels for scheduling the Admission Controller. |
admissionController.podAnnotations | object | {} |
Annotations to add to the Admission Controller pod. |
admissionController.podDisruptionBudget.enabled | bool | false |
If true , create a PodDisruptionBudget for the Admission Controller. |
admissionController.podDisruptionBudget.maxUnavailable | string | nil |
Minimum number of unavailable pods for the Admission Controller; either a number or a percentage. |
admissionController.podDisruptionBudget.minAvailable | string | nil |
Minimum number of available pods for the Admission Controller; either a number or a percentage. |
admissionController.podDisruptionBudget.unhealthyPodEvictionPolicy | string | nil |
Unhealthy pod eviction policy for the Admission Controller PDB. |
admissionController.podLabels | object | {} |
Labels to add to the Admission Controller pod. |
admissionController.podSecurityContext | object | See values.yaml | Security context for the Admission Controller pod. |
admissionController.priorityClassName | string | nil |
Priority class name for the Admission Controller. |
admissionController.readinessProbe | object | See values.yaml | Readiness probe configuration for the Admission Controller default container. |
admissionController.replicas | int | 1 |
Number of Admission Controller replicas to create. |
admissionController.resources | object | {} |
Resources for the Admission Controller default container. |
admissionController.securityContext | object | See values.yaml | Security context for the Admission Controller default container. |
admissionController.service.annotations | object | {} |
Annotations to add to the Admission Controller service. |
admissionController.serviceAccount.annotations | object | {} |
Annotations to add to the Admission Controller service account. |
admissionController.serviceAccount.create | bool | true |
If true , create a new ServiceAccount for the Admission Controller. |
admissionController.serviceAccount.labels | object | {} |
Labels to add to the Admission Controller service account. |
admissionController.serviceAccount.name | string | nil |
If this is set and admissionController.serviceAccount.create is true this will be used for the created Admission Controller service account name, if this is set and admissionController.serviceAccount.create is false then this will define an existing service account to use. |
admissionController.terminationGracePeriodSeconds | int | nil |
Termination grace period for the Admission Controller; in seconds. |
admissionController.tolerations | list | [] |
Node taints the Admission Controller will be tolerate for scheduling. |
admissionController.topologySpreadConstraints | list | [] |
Topology spread constraints for scheduling for the Admission Controller component. If an explicit label selector is not provided one will be created from the pod selector labels. |
admissionController.updateStrategy | object | {} |
Update strategy for the Admission Controller. |
admissionController.webhook.name | string | "vpa-webhook-config" |
Name of the Admission Controller webhook to create. |
commonLabels | object | {} |
Labels to add to all chart resources. |
fullnameOverride | string | nil |
Override the full name of the chart. |
imagePullSecrets | list | [] |
Image pull secrets. |
logLevel | int | 4 |
Log level for all components. |
nameOverride | string | nil |
Override the name of the chart. |
rbac.create | bool | true |
If true , create ClusterRole & ClusterRoleBinding resources to enable access to the Kubernetes API. |
recommender.affinity | object | {} |
Affinity settings for scheduling the Recommender component. If an explicit label selector is not provided for pod affinity or pod anti-affinity one will be created from the pod selector labels. |
recommender.extraArgs | list | [] |
Additional args for the Recommender default container. |
recommender.extraEnv | list | [] |
Additional environment variables for the Recommender default container. |
recommender.image.pullPolicy | string | "IfNotPresent" |
Image pull policy for the Recommender default container. |
recommender.image.repository | string | "registry.k8s.io/autoscaling/vpa-recommender" |
Image repository for the Recommender default container. |
recommender.image.tag | string | nil |
Image tag for the Recommender default container; this will default to .Chart.AppVersion if not set. |
recommender.livenessProbe | object | See values.yaml | Liveness probe configuration for the Recommender default container. |
recommender.nodeSelector | object | {} |
Node selector labels for scheduling the Recommender. |
recommender.podAnnotations | object | {} |
Annotations to add to the Recommender pod. |
recommender.podDisruptionBudget.enabled | bool | false |
If true , create a PodDisruptionBudget for the Recommender. |
recommender.podDisruptionBudget.maxUnavailable | string | nil |
Minimum number of unavailable pods for the Recommender; either a number or a percentage. |
recommender.podDisruptionBudget.minAvailable | string | nil |
Minimum number of available pods for the Recommender; either a number or a percentage. |
recommender.podDisruptionBudget.unhealthyPodEvictionPolicy | string | nil |
Unhealthy pod eviction policy for the Recommender PDB. |
recommender.podLabels | object | {} |
Labels to add to the Recommender pod. |
recommender.podSecurityContext | object | See values.yaml | Security context for the Recommender pod. |
recommender.priorityClassName | string | nil |
Priority class name for the Recommender. |
recommender.readinessProbe | object | See values.yaml | Readiness probe configuration for the Recommender default container. |
recommender.replicas | int | 1 |
Number of Recommender replicas to create. |
recommender.resources | object | {} |
Resources for the Recommender default container. |
recommender.securityContext | object | See values.yaml | Security context for the Recommender default container. |
recommender.service.annotations | object | {} |
Annotations to add to the Recommender service. |
recommender.serviceAccount.annotations | object | {} |
Annotations to add to the Recommender service account. |
recommender.serviceAccount.create | bool | true |
If true , create a new ServiceAccount for the Recommender. |
recommender.serviceAccount.labels | object | {} |
Labels to add to the Recommender service account. |
recommender.serviceAccount.name | string | nil |
If this is set and admissionController.serviceAccount.create is true this will be used for the created Recommender service account name, if this is set and admissionController.serviceAccount.create is false then this will define an existing service account to use. |
recommender.terminationGracePeriodSeconds | int | nil |
Termination grace period for the Recommender; in seconds. |
recommender.tolerations | list | [] |
Node taints the Recommender will be tolerate for scheduling. |
recommender.topologySpreadConstraints | list | [] |
Topology spread constraints for scheduling for the Recommender component. If an explicit label selector is not provided one will be created from the pod selector labels. |
recommender.updateStrategy | object | {} |
Update strategy for the Recommender. |
recommenderOnly | bool | false |
If true , only deploy the Recommender component. |
serviceMonitor.additionalLabels | object | {} |
Additional labels for the service monitor. |
serviceMonitor.enabled | bool | false |
If true , create a ServiceMonitor to support collecting metrics via the Prometheus Operator. |
serviceMonitor.endpointConfig | object | {} |
Additional endpoint configuration for the service monitor endpoint. |
updater.affinity | object | {} |
Affinity settings for scheduling the Updater component. If an explicit label selector is not provided for pod affinity or pod anti-affinity one will be created from the pod selector labels. |
updater.extraArgs | list | [] |
Additional args for the Updater default container. |
updater.extraEnv | list | [] |
Additional environment variables for the Updater default container. |
updater.image.pullPolicy | string | "IfNotPresent" |
Image pull policy for the Updater default container. |
updater.image.repository | string | "registry.k8s.io/autoscaling/vpa-updater" |
Image repository for the Updater default container. |
updater.image.tag | string | nil |
Image tag for the Updater default container; this will default to .Chart.AppVersion if not set. |
updater.livenessProbe | object | See values.yaml | Liveness probe configuration for the Updater default container. |
updater.nodeSelector | object | {} |
Node selector labels for scheduling the Updater. |
updater.podAnnotations | object | {} |
Annotations to add to the Updater pod. |
updater.podDisruptionBudget.enabled | bool | false |
If true , create a PodDisruptionBudget for the Updater. |
updater.podDisruptionBudget.maxUnavailable | string | nil |
Minimum number of unavailable pods for the Updater; either a number or a percentage. |
updater.podDisruptionBudget.minAvailable | string | nil |
Minimum number of available pods for the Updater; either a number or a percentage. |
updater.podDisruptionBudget.unhealthyPodEvictionPolicy | string | nil |
Unhealthy pod eviction policy for the Updater PDB. |
updater.podLabels | object | {} |
Labels to add to the Updater pod. |
updater.podSecurityContext | object | See values.yaml | Security context for the Updater pod. |
updater.priorityClassName | string | nil |
Priority class name for the Updater. |
updater.readinessProbe | object | See values.yaml | Readiness probe configuration for the Updater default container. |
updater.replicas | int | 1 |
Number of Updater replicas to create. |
updater.resources | object | {} |
Resources for the Updater default container. |
updater.securityContext | object | See values.yaml | Security context for the Updater default container. |
updater.service.annotations | object | {} |
Annotations to add to the Updater service. |
updater.serviceAccount.annotations | object | {} |
Annotations to add to the Updater service account. |
updater.serviceAccount.create | bool | true |
If true , create a new ServiceAccount for the Updater. |
updater.serviceAccount.labels | object | {} |
Labels to add to the Updater service account. |
updater.serviceAccount.name | string | nil |
If this is set and admissionController.serviceAccount.create is true this will be used for the created Updater service account name, if this is set and admissionController.serviceAccount.create is false then this will define an existing service account to use. |
updater.terminationGracePeriodSeconds | int | nil |
Termination grace period for the Updater; in seconds. |
updater.tolerations | list | [] |
Node taints the Updater will be tolerate for scheduling. |
updater.topologySpreadConstraints | list | [] |
Topology spread constraints for scheduling for the Updater component. If an explicit label selector is not provided one will be created from the pod selector labels. |
updater.updateStrategy | object | {} |
Update strategy for the Updater. |
Autogenerated from chart metadata using helm-docs.