serverless

module

v0.0.0-...-738d9da Latest Latest Go to latest Published: Jan 11, 2024 License: Apache-2.0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

README ¶

Function Controller

The Function Controller is a Kubernetes controller that enables Kyma to manage Function resources. It uses Kubernetes Jobs, Deployments, Services, and HorizontalPodAutoscalers (HPA) under the hood.

Prerequisites

The Function Controller requires the following components to be installed:

Istio (v1.4.3)
Docker registry (v2.7.1)

Development

To develop the Function Controller, you need:

libgit2-dev (v1.5)
controller-gen (v0.6.2)
[kustomize](https://github.com/kubernetes-sigs/kustomize/releases/tag/kustomize%2Fv4.5.7) (v4.5.7)

To develop the component, use the formulae declared in the Makefile.

To run the manager and set up envs correctly, source controller.env. You can customize the configuration by editing files in hack dir.

Environment Variables

The Function Controller Uses These Environment Variables:

Variable	Description	Default value
APP_METRICS_ADDRESS	Address on which controller metrics are exposed	`:8080`
APP_LEADER_ELECTION_ENABLED	Field that enables one instance of the Function Controller to manage the traffic among all instances	`false`
APP_LEADER_ELECTION_ID	Name of the ConfigMap that specifies the main instance of the Function Controller that manages the traffic among all instances	`serverless-controller-leader-election-helper`
APP_KUBERNETES_BASE_NAMESPACE	Name of the namespace with the serverless configuration (such as runtime, Secret and service account for the Docker registry) propagated to other namespaces	`kyma-system`
APP_KUBERNETES_EXCLUDED_NAMESPACES	List of namespaces to which serverless configuration is not propagated	`istio-system,knative-eventing,kube-node-lease,kube-public,kube-system,kyma-installer,kyma-system,natss`
APP_KUBERNETES_CONFIG_MAP_REQUEUE_DURATION	Period of time after which the ConfigMap Controller refreshes the status of a ConfigMap	`1m`
APP_KUBERNETES_SECRET_REQUEUE_DURATION	Period of time after which the Secret Controller refreshes the status of a Secret	`1m`
APP_KUBERNETES_SERVICE_ACCOUNT_REQUEUE_DURATION	Period of time after which the ServiceAccount Controller refreshes the status of a ServiceAccount	`1m`
APP_FUNCTION_IMAGE_REGISTRY_DOCKER_CONFIG_SECRET_NAME	Name of the secret that contains hashed credentials to the Docker registry	`serverless-image-pull-secret`
APP_FUNCTION_IMAGE_PULL_ACCOUNT_NAME	Name of the service account that contains credentials to the Docker registry	`serverless`
APP_FUNCTION_REQUEUE_DURATION	Period of time after which the Function Controller refreshes the status of a Function CR	`1m`
APP_FUNCTION_BUILD_REQUESTS_CPU	Minimum amount of CPU assigned to the Job to build a Function image. See this document for available values.	`350m`
APP_FUNCTION_BUILD_REQUESTS_MEMORY	Minimum amount of memory assigned to the Job to build a Function image. See this document for available values.	`750mi`
APP_FUNCTION_BUILD_LIMITS_CPU	Maximum amount of CPU assigned to the Job to build a Function image. See this document for available values.	`1`
APP_FUNCTION_BUILD_LIMITS_MEMORY	Maximum amount of memory assigned to the Job to build a Function image. See this document for available values.	`1Gi`
APP_FUNCTION_BUILD_RUNTIME_CONFIG_MAP_NAME	Name of the ConfigMap that contains the runtime definition	`dockerfile-nodejs18`
APP_FUNCTION_BUILD_EXECUTOR_ARGS	List of arguments passed to the Kaniko executor	`--insecure,--skip-tls-verify,--skip-unused-stages,--log-format=text,--cache=true`
APP_FUNCTION_BUILD_EXECUTOR_IMAGE	Full name of the Kaniko executor image used for building Function images and pushing them to the Docker registry	`gcr.io/kaniko-project/executor:v0.22.0`
APP_FUNCTION_BUILD_REPOFETCHER_IMAGE	Full name of the Repo-Fetcher init container used for cloning repository for the Kaniko executor	`europe-docker.pkg.dev/kyma-project/prod/function-build-init:305bee60`
APP_FUNCTION_BUILD_MAX_SIMULTANEOUS_JOBS	Maximum number of build jobs running simultaneously	`5`
APP_FUNCTION_DOCKER_INTERNAL_SERVER_ADDRESS	Internal server address of the Docker registry	`serverless-docker-registry.kyma-system.svc.cluster.local:5000`
APP_FUNCTION_DOCKER_REGISTRY_ADDRESS	External address of the Docker registry	`registry.kyma.local`
APP_FUNCTION_TARGET_CPU_UTILIZATION_PERCENTAGE	Average CPU usage of all the Pods in a given Deployment. It is represented as a percentage of the overall requested CPU. If the CPU consumption is higher or lower than this limit, HorizontalPodAutoscaler (HPA) scales the Deployment and increases or decreases the number of Pod replicas accordingly.	`50`

The Webhook Uses These Environment Variables:

Variable	Description	Default value
SYSTEM_NAMESPACE	Namespace which contains the ServiceAccount and the Secret	`kyma-system`
WEBHOOK_SERVICE_NAME	Name of the ServiceAccount which is used by the webhook server	`serverless-webhook`
WEBHOOK_SECRET_NAME	Name of the Secret which contains the certificate is used to register the webhook server	`serverless-webhook`
WEBHOOK_PORT	Port on which the webhook server are exposed	`8443`
WEBHOOK_VALIDATION_MIN_REQUEST_CPU	Minimum amount of requested the limits and requests CPU to pass through the validation	`10m`
WEBHOOK_VALIDATION_MIN_REQUEST_MEMORY	Minimum amount of requested the limits and requests memory to pass through the validation	`16Mi`
WEBHOOK_VALIDATION_MIN_REPLICAS_VALUE	Minimum amount of replicas to pass through the validation	`1`
WEBHOOK_VALIDATION_RESERVED_ENVS	List of reserved envs	`{}`
WEBHOOK_DEFAULTING_REQUEST_CPU	Value of the request CPU which webhook should set if origin equals null	`50m`
WEBHOOK_DEFAULTING_REQUEST_MEMORY	Value of the request memory which webhook should set if origin equals null	`64Mi`
WEBHOOK_DEFAULTING_LIMITS_CPU	Value of the limits CPU which webhook should set if origin equals null	`100m`
WEBHOOK_DEFAULTING_LIMITS_MEMORY	Value of the limits memory which webhook should set if origin equals null	`128Mi`
WEBHOOK_DEFAULTING_MINREPLICAS	Value of the minReplicas which webhook should set if origin equals null	`1`
WEBHOOK_DEFAULTING_MAXREPLICAS	Value of the maxReplicas which webhook should set if origin equals null	`1`

Troubleshooting

Symptom

Function Controller tests keep failing with such an error message: error: Invalid libgit2 version; this git2go supports libgit2 between vA.B.C and vX.Y.Z

Cause

Function Controller tests are failing due to the wrong version of the libgit2 binary. The required version of the binary is 1.1.

Remedy

Build and install the libgit2 binary required by the Function Controller on macOS. Follow these steps:

Navigate to the Function Controller's root directory and verify the version of git2go:
```
cat go.mod | grep git2go
```
You should get a result similar to this example:
```
github.com/libgit2/git2go/v31 v31.4.14
```
Go to the git2go page to check which version of libgit2 you must use. For example, for git2go v34, use libigit2 in version 1.5.

Clone the libgit2 repository:

git clone https://github.com/libgit2/libgit2.git

Check out the sources. In this example, the sources are for git2go v31:
```
git checkout v1.1.0
```

Build and install the libgit2 binary:

cmake -DCMAKE_OSX_ARCHITECTURES="x86_64" .
make install

Alternative Remedy

There is an alternative method for macOS that relies on brew. If you still see the Invalid libgit2 version error message on macOS, follow these steps:

Locate your brew's Cellar directory.
```
find / -type d -name "Cellar"
```

Alternatively, you can use ⌘⇧G in Finder to search for Cellar.

Prepare the libgit2 directory.

If you already have libgit2 installed via brew you need to delete previous installations found in the libgit2 directory.

Otherwise create an empty directory named libgit2.

Extract libgit.tgz located in ./components/serverless/hack into Cellar/libgit2.
Link libgit2 using:
```
brew link libgit2
```

Symptom

The Function Controller tests keep failing with the following error message:

assertion failed [!result.is_error]: Failed to create temporary file
(ThreadContextFcntl.cpp:84 create_tempfile)

Cause

The Docker engine uses Rosetta for virtualization, which causes issues on M1 Mac.

Remedy

Disable the Use Rosetta for x86/amd64 emulation on Apple Silicon option in the Docker Desktop general settings.

Directories ¶

Path	Synopsis
cmd
jobinit
manager
webhook
internal
config
controllers/kubernetes
controllers/serverless
controllers/serverless/automock
controllers/serverless/metrics
controllers/serverless/runtime
docker
file
git
logging
resource
resource/automock
testenv
webhook
webhook/resources
pkg
apis/serverless/v1alpha2 Package v1alpha2 contains API Schema definitions for the serverless v1alpha2 API group +k8s:openapi-gen=true +k8s:deepcopy-gen=package,register +k8s:conversion-gen=github.com/kyma-project/serverless/components/serverless/pkg/apis/serverless +k8s:defaulter-gen=TypeMeta +groupName=serverless.kyma-project.io +kubebuilder:object:generate=true +groupName=serverless.kyma-project.io	Package v1alpha2 contains API Schema definitions for the serverless v1alpha2 API group +k8s:openapi-gen=true +k8s:deepcopy-gen=package,register +k8s:conversion-gen=github.com/kyma-project/serverless/components/serverless/pkg/apis/serverless +k8s:defaulter-gen=TypeMeta +groupName=serverless.kyma-project.io +kubebuilder:object:generate=true +groupName=serverless.kyma-project.io

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL