Enable DNS AutoScaler for CoreDNS (#3707)

* Enable AutoScaler for CoreDNS

* Only use one template for dns autoscaler

* Rename a few variables for replicas and minimum pods

* Rename a few variables for replicas and minimum pods

* Remove replicas to make autoscale work

* Cleanup kubedns-autoscaler as it has been renamed

roles/download/defaults/main.yml

@@ -181,9 +181,9 @@ dnsmasq_sidecar_image_tag: "{{ kubedns_version }}"
 dnsmasqautoscaler_version: 1.1.2
 dnsmasqautoscaler_image_repo: "gcr.io/google_containers/cluster-proportional-autoscaler-{{ image_arch }}"
 dnsmasqautoscaler_image_tag: "{{ dnsmasqautoscaler_version }}"
-kubednsautoscaler_version: 1.2.0
+dnsautoscaler_version: 1.2.0
-kubednsautoscaler_image_repo: "gcr.io/google_containers/cluster-proportional-autoscaler-{{ image_arch }}"
+dnsautoscaler_image_repo: "gcr.io/google_containers/cluster-proportional-autoscaler-{{ image_arch }}"
-kubednsautoscaler_image_tag: "{{ kubednsautoscaler_version }}"
+dnsautoscaler_image_tag: "{{ dnsautoscaler_version }}"
 test_image_repo: busybox
 test_image_tag: latest
 busybox_image_repo: busybox
@@ -487,12 +487,12 @@ downloads:
     groups:
       - kube-node
 
-  kubednsautoscaler:
+  dnsautoscaler:
-    enabled: "{{ dns_mode in ['kubedns', 'dnsmasq_kubedns'] }}"
+    enabled: "{{ dns_mode in ['kubedns', 'dnsmasq_kubedns','coredns', 'coredns_dual'] }}"
     container: true
-    repo: "{{ kubednsautoscaler_image_repo }}"
+    repo: "{{ dnsautoscaler_image_repo }}"
-    tag: "{{ kubednsautoscaler_image_tag }}"
+    tag: "{{ dnsautoscaler_image_tag }}"
-    sha256: "{{ kubednsautoscaler_digest_checksum|default(None) }}"
+    sha256: "{{ dnsautoscaler_digest_checksum|default(None) }}"
     groups:
       - kube-node
 

roles/kubernetes-apps/ansible/defaults/main.yml

@@ -7,11 +7,8 @@ kubednsautoscaler_version: 1.2.0
 dns_memory_limit: 170Mi
 dns_cpu_requests: 100m
 dns_memory_requests: 70Mi
-kubedns_min_replicas: 2
+dns_min_replicas: 2
-kubedns_nodes_per_replica: 10
+dns_nodes_per_replica: 10
-
-# CoreDNS
-coredns_replicas: 2
 
 # Images
 image_arch: "{{host_architecture}}"
@@ -22,8 +19,8 @@ dnsmasq_nanny_image_repo: "gcr.io/google_containers/k8s-dns-dnsmasq-nanny-{{ ima
 dnsmasq_nanny_image_tag: "{{ kubedns_version }}"
 dnsmasq_sidecar_image_repo: "gcr.io/google_containers/k8s-dns-sidecar-{{ image_arch }}"
 dnsmasq_sidecar_image_tag: "{{ kubedns_version }}"
-kubednsautoscaler_image_repo: "gcr.io/google_containers/cluster-proportional-autoscaler-{{ image_arch }}"
+dnsautoscaler_image_repo: "gcr.io/google_containers/cluster-proportional-autoscaler-{{ image_arch }}"
-kubednsautoscaler_image_tag: "{{ kubednsautoscaler_version }}"
+dnsautoscaler_image_tag: "{{ kubednsautoscaler_version }}"
 
 # Netchecker
 deploy_netchecker: false

roles/kubernetes-apps/ansible/tasks/cleanup_dns.yml

@@ -54,3 +54,13 @@
     - kubeadm_init is defined
     - kubeadm_init.changed|default(false)
     - inventory_hostname == groups['kube-master'][0]
+
+- name: Kubernetes Apps | Delete old KubeDNS Autoscaler deployment
+  kube:
+    name: "kubedns-autoscaler"
+    namespace: "kube-system"
+    kubectl: "{{ bin_dir }}/kubectl"
+    resource: "deploy"
+    state: absent
+  tags:
+    - upgrade

roles/kubernetes-apps/ansible/tasks/coredns.yml

@@ -10,6 +10,10 @@
     - { name: coredns, file: coredns-svc.yml, type: svc }
     - { name: coredns, file: coredns-clusterrole.yml, type: clusterrole }
     - { name: coredns, file: coredns-clusterrolebinding.yml, type: clusterrolebinding }
+    - { name: dns-autoscaler, file: dns-autoscaler-sa.yml, type: sa }
+    - { name: dns-autoscaler, file: dns-autoscaler-clusterrole.yml, type: clusterrole }
+    - { name: dns-autoscaler, file: dns-autoscaler-clusterrolebinding.yml, type: clusterrolebinding }
+    - { name: dns-autoscaler, file: dns-autoscaler.yml, type: deployment }
   register: coredns_manifests
   vars:
     clusterIP: "{{ skydns_server }}"
@@ -26,6 +30,7 @@
   with_items:
     - { name: coredns, src: coredns-deployment.yml, file: coredns-deployment-secondary.yml, type: deployment }
     - { name: coredns, src: coredns-svc.yml, file: coredns-svc-secondary.yml, type: svc }
+    - { name: dns-autoscaler, src: dns-autoscaler.yml, file: coredns-autoscaler-secondary.yml, type: deployment }
   register: coredns_secondary_manifests
   vars:
     clusterIP: "{{ skydns_server_secondary }}"

roles/kubernetes-apps/ansible/tasks/kubedns.yml

@@ -8,10 +8,10 @@
     - { name: kube-dns, file: kubedns-sa.yml, type: sa }
     - { name: kube-dns, file: kubedns-deploy.yml, type: deployment }
     - { name: kube-dns, file: kubedns-svc.yml, type: svc }
-    - { name: kubedns-autoscaler, file: kubedns-autoscaler-sa.yml, type: sa }
+    - { name: dns-autoscaler, file: dns-autoscaler-sa.yml, type: sa }
-    - { name: kubedns-autoscaler, file: kubedns-autoscaler-clusterrole.yml, type: clusterrole }
+    - { name: dns-autoscaler, file: dns-autoscaler-clusterrole.yml, type: clusterrole }
-    - { name: kubedns-autoscaler, file: kubedns-autoscaler-clusterrolebinding.yml, type: clusterrolebinding }
+    - { name: dns-autoscaler, file: dns-autoscaler-clusterrolebinding.yml, type: clusterrolebinding }
-    - { name: kubedns-autoscaler, file: kubedns-autoscaler.yml, type: deployment }
+    - { name: dns-autoscaler, file: dns-autoscaler.yml, type: deployment }
   register: kubedns_manifests
   when:
     - dns_mode in ['kubedns','dnsmasq_kubedns']

roles/kubernetes-apps/ansible/templates/coredns-deployment.yml.j2

@@ -8,7 +8,6 @@ metadata:
     k8s-app: coredns{{ coredns_ordinal_suffix | default('') }}
     kubernetes.io/name: "coredns{{ coredns_ordinal_suffix | default('') }}"
 spec:
-  replicas: {{ coredns_replicas }}
   strategy:
     type: RollingUpdate
     rollingUpdate:

roles/kubernetes-apps/ansible/templates/dns-autoscaler.yml.j2

@@ -16,17 +16,17 @@
 apiVersion: extensions/v1beta1
 kind: Deployment
 metadata:
-  name: kubedns-autoscaler
+  name: dns-autoscaler
   namespace: kube-system
   labels:
-    k8s-app: kubedns-autoscaler
+    k8s-app: dns-autoscaler
     kubernetes.io/cluster-service: "true"
     addonmanager.kubernetes.io/mode: Reconcile
 spec:
   template:
     metadata:
       labels:
-        k8s-app: kubedns-autoscaler
+        k8s-app: dns-autoscaler
     spec:
 {% if kube_version is version('v1.11.1', '>=') %}
       priorityClassName: system-cluster-critical
@@ -43,7 +43,7 @@ spec:
           - topologyKey: "kubernetes.io/hostname"
             labelSelector:
               matchLabels:
-                k8s-app: kubedns-autoscaler
+                k8s-app: dns-autoscaler
         nodeAffinity:
           preferredDuringSchedulingIgnoredDuringExecution:
           - weight: 100
@@ -55,7 +55,7 @@ spec:
                 - "true"
       containers:
       - name: autoscaler
-        image: "{{ kubednsautoscaler_image_repo }}:{{ kubednsautoscaler_image_tag }}"
+        image: "{{ dnsautoscaler_image_repo }}:{{ dnsautoscaler_image_tag }}"
         resources:
           requests:
             cpu: "20m"
@@ -63,10 +63,14 @@ spec:
         command:
         - /cluster-proportional-autoscaler
         - --namespace=kube-system
-        - --configmap=kubedns-autoscaler
+        - --default-params={"linear":{"nodesPerReplica":{{ dns_nodes_per_replica }},"min":{{ dns_min_replicas }}}}
-        # Should keep target in sync with cluster/addons/dns/kubedns-controller.yaml.base
-        - --target=Deployment/kube-dns
-        - --default-params={"linear":{"nodesPerReplica":{{ kubedns_nodes_per_replica }},"min":{{ kubedns_min_replicas }}}}
         - --logtostderr=true
         - --v=2
+        - --configmap=dns-autoscaler
+{% if dns_mode in ['coredns', 'coredns_dual'] %}
+        - --target=Deployment/coredns{{ coredns_ordinal_suffix | default('') }}
+{% endif %}
+{% if dns_mode in ['kubedns', 'dnsmasq_kubedns'] %}
+        - --target=Deployment/kube-dns
+{% endif %}
       serviceAccountName: cluster-proportional-autoscaler

tests/files/do_ubuntu-canal-ha.yml

@@ -5,5 +5,5 @@ mode: ha
 # Deployment settings
 kube_network_plugin: canal
 deploy_netchecker: true
-kubedns_min_replicas: 1
+dns_min_replicas: 1
 # cloud_provider: 'do'

tests/files/gce_centos-weave-kubeadm-sep.yml

@@ -11,5 +11,5 @@ kube_network_plugin: weave
 kubeadm_enabled: true
 deploy_netchecker: true
 kubernetes_audit: true
-kubedns_min_replicas: 1
+dns_min_replicas: 1
 cloud_provider: gce

tests/files/gce_centos7-calico-ha.yml

@@ -9,5 +9,5 @@ kube_network_plugin: calico
 download_localhost: true
 download_run_once: true
 deploy_netchecker: true
-kubedns_min_replicas: 1
+dns_min_replicas: 1
 cloud_provider: gce

tests/files/gce_centos7-cilium.yml

@@ -8,5 +8,5 @@ mode: default
 kube_network_plugin: cilium
 deploy_netchecker: true
 enable_network_policy: true
-kubedns_min_replicas: 1
+dns_min_replicas: 1
 cloud_provider: gce

tests/files/gce_centos7-flannel-addons.yml

@@ -12,7 +12,7 @@ etcd_events_cluster_setup: true
 local_volume_provisioner_enabled: true
 etcd_deployment_type: host
 deploy_netchecker: true
-kubedns_min_replicas: 1
+dns_min_replicas: 1
 cloud_provider: gce
 kube_encrypt_secret_data: true
 ingress_nginx_enabled: true

tests/files/gce_centos7-kube-router.yml

@@ -8,5 +8,5 @@ mode: default
 kube_network_plugin: kube-router
 deploy_netchecker: true
 enable_network_policy: true
-kubedns_min_replicas: 1
+dns_min_replicas: 1
 cloud_provider: gce

tests/files/gce_centos7-multus-calico.yml

@@ -8,5 +8,5 @@ mode: default
 kube_network_plugin_multus: true
 kube_network_plugin: calico
 deploy_netchecker: true
-kubedns_min_replicas: 1
+dns_min_replicas: 1
 cloud_provider: gce

tests/files/gce_coreos-alpha-weave-ha.yml

@@ -9,5 +9,5 @@ startup_script: 'systemctl disable locksmithd && systemctl stop locksmithd'
 kube_network_plugin: weave
 resolvconf_mode: host_resolvconf # this is required as long as the coreos stable channel uses docker < 1.12
 deploy_netchecker: true
-kubedns_min_replicas: 1
+dns_min_replicas: 1
 cloud_provider: gce

tests/files/gce_coreos-calico-aio.yml

@@ -11,5 +11,5 @@ no_group_vars: true
 kube_network_plugin: calico
 resolvconf_mode: host_resolvconf # this is required as long as the coreos stable channel uses docker < 1.12
 deploy_netchecker: true
-kubedns_min_replicas: 1
+dns_min_replicas: 1
 cloud_provider: gce

tests/files/gce_coreos-canal.yml

@@ -8,5 +8,5 @@ startup_script: 'systemctl disable locksmithd && systemctl stop locksmithd'
 kube_network_plugin: canal
 resolvconf_mode: host_resolvconf # this is required as long as the coreos stable channel uses docker < 1.12
 deploy_netchecker: true
-kubedns_min_replicas: 1
+dns_min_replicas: 1
 cloud_provider: gce

tests/files/gce_coreos-cilium.yml

@@ -9,5 +9,5 @@ kube_network_plugin: cilium
 resolvconf_mode: host_resolvconf # this is required as long as the coreos stable channel uses docker < 1.12
 deploy_netchecker: true
 enable_network_policy: true
-kubedns_min_replicas: 1
+dns_min_replicas: 1
 cloud_provider: gce

tests/files/gce_coreos-kube-router.yml

@@ -9,5 +9,5 @@ kube_network_plugin: kube-router
 bootstrap_os: coreos
 resolvconf_mode: host_resolvconf # this is required as long as the coreos stable channel uses docker < 1.12
 deploy_netchecker: true
-kubedns_min_replicas: 1
+dns_min_replicas: 1
 cloud_provider: gce

tests/files/gce_debian8-calico-upgrade.yml

@@ -6,5 +6,5 @@ mode: default
 # Deployment settings
 kube_network_plugin: calico
 deploy_netchecker: true
-kubedns_min_replicas: 1
+dns_min_replicas: 1
 cloud_provider: gce

tests/files/gce_opensuse-canal.yml

@@ -6,5 +6,5 @@ mode: default
 # Deployment settings
 kube_network_plugin: canal
 deploy_netchecker: true
-kubedns_min_replicas: 1
+dns_min_replicas: 1
 cloud_provider: gce

tests/files/gce_rhel7-canal-sep.yml

@@ -6,5 +6,5 @@ mode: separate
 # Deployment settings
 kube_network_plugin: canal
 deploy_netchecker: true
-kubedns_min_replicas: 1
+dns_min_replicas: 1
 cloud_provider: gce

tests/files/gce_rhel7-cilium.yml

@@ -7,5 +7,5 @@ mode: default
 kube_network_plugin: cilium
 deploy_netchecker: true
 enable_network_policy: true
-kubedns_min_replicas: 1
+dns_min_replicas: 1
 cloud_provider: gce

tests/files/gce_rhel7-weave.yml

@@ -6,5 +6,5 @@ mode: default
 # Deployment settings
 kube_network_plugin: weave
 deploy_netchecker: true
-kubedns_min_replicas: 1
+dns_min_replicas: 1
 cloud_provider: gce

tests/files/gce_ubuntu-canal-ha.yml

@@ -6,5 +6,5 @@ mode: ha
 # Deployment settings
 kube_network_plugin: canal
 deploy_netchecker: true
-kubedns_min_replicas: 1
+dns_min_replicas: 1
 cloud_provider: gce

tests/files/gce_ubuntu-canal-kubeadm.yml

@@ -9,5 +9,5 @@ kube_network_plugin: canal
 kubeadm_enabled: true
 dynamic_kubelet_configuration: true
 deploy_netchecker: true
-kubedns_min_replicas: 1
+dns_min_replicas: 1
 cloud_provider: gce

tests/files/gce_ubuntu-cilium-sep.yml

@@ -7,6 +7,6 @@ mode: separate
 kube_network_plugin: cilium
 deploy_netchecker: true
 enable_network_policy: true
-kubedns_min_replicas: 1
+dns_min_replicas: 1
 cloud_provider: gce
 

tests/files/gce_ubuntu-contiv-sep.yml

@@ -6,5 +6,5 @@ mode: separate
 # Deployment settings
 kube_network_plugin: contiv
 deploy_netchecker: true
-kubedns_min_replicas: 1
+dns_min_replicas: 1
 cloud_provider: gce

tests/files/gce_ubuntu-flannel-sep.yml

@@ -6,5 +6,5 @@ mode: separate
 # Deployment settings
 kube_network_plugin: flannel
 deploy_netchecker: true
-kubedns_min_replicas: 1
+dns_min_replicas: 1
 cloud_provider: gce

tests/files/gce_ubuntu-kube-router-sep.yml

@@ -7,5 +7,5 @@ mode: separate
 bootstrap_os: ubuntu
 kube_network_plugin: kube-router
 deploy_netchecker: true
-kubedns_min_replicas: 1
+dns_min_replicas: 1
 cloud_provider: gce

tests/files/gce_ubuntu-rkt-sep.yml

@@ -10,5 +10,5 @@ kubelet_deployment: rkt
 download_localhost: true
 download_run_once: true
 deploy_netchecker: true
-kubedns_min_replicas: 1
+dns_min_replicas: 1
 cloud_provider: gce

tests/files/gce_ubuntu-weave-sep.yml

@@ -6,5 +6,5 @@ mode: separate
 # Deployment settings
 kube_network_plugin: weave
 deploy_netchecker: true
-kubedns_min_replicas: 1
+dns_min_replicas: 1
 cloud_provider: gce

tests/files/gce_ubuntu18-flannel-aio.yml

@@ -8,5 +8,5 @@ mode: aio
 kube_network_plugin: flannel
 dynamic_kubelet_configuration: true
 deploy_netchecker: true
-kubedns_min_replicas: 1
+dns_min_replicas: 1
 cloud_provider: gce