diff --git a/devops/gc/deploy/README.md b/devops/gc/deploy/README.md
index b8721d3e6c81f4369f3d0364e237dae0e1f3dba5..b7536c1acb65f9b181f23208a9b7ec8b9242ef46 100644
--- a/devops/gc/deploy/README.md
+++ b/devops/gc/deploy/README.md
@@ -102,6 +102,8 @@ First you need to set variables in **values.yaml** file using any code editor. S
**global.limitsEnabled** | whether CPU and memory limits are enabled | boolean | `true` | yes
**global.dataPartitionId** | data partition id | string | - | yes
**global.logLevel** | severity of logging level | string | `ERROR` | yes
+**global.tier** | Only PROD must be used to enable autoscaling | string | "" | no
+**global.autoscaling** | enables horizontal pod autoscaling, when tier=PROD | boolean | true | yes
### Configmap variables
@@ -154,6 +156,29 @@ First you need to set variables in **values.yaml** file using any code editor. S
**istio.sidecarInject** | whether Istio sidecar will be injected. Setting to `false` reduces security, because disables authorization policy. | boolean | `true` | yes
**istio.partitionEditors** | list of users who can edit partitions. If it is empty, the service allows all external GET requests and POST/PUT/PATCH for bootstrap k8s service account. It accepts gc accounts only | list | - | no
+### Horizontal Pod Autoscaling (HPA) variables (works only if tier=PROD and autoscaling=true)
+
+| Name | Description | Type | Default |Required |
+|------|-------------|------|---------|---------|
+**hpa.minReplicas** | minimum number of replicas | integer | 6 | only if `global.autoscaling` is true and `global.tier` is PROD
+**hpa.maxReplicas** | maximum number of replicas | integer | 15 | only if `global.autoscaling` is true and `global.tier` is PROD
+**hpa.targetType** | type of measurements: AverageValue or Value | string | "AverageValue" | only if `global.autoscaling` is true and `global.tier` is PROD
+**hpa.targetValue** | threshold value to trigger the scaling up | integer | 140 | only if `global.autoscaling` is true and `global.tier` is PROD
+**hpa.behaviorScaleUpStabilizationWindowSeconds** | time to start implementing the scale up when it is triggered | integer | 10 | only if `global.autoscaling` is true and `global.tier` is PROD
+**hpa.behaviorScaleUpPoliciesValue** | the maximum number of new replicas to create (in percents from current state)| integer | 50 | only if `global.autoscaling` is true and `global.tier` is PROD
+**hpa.behaviorScaleUpPoliciesPeriodSeconds** | pause for every new scale up decision | integer | 15 | only if `global.autoscaling` is true and `global.tier` is PROD
+**hpa.behaviorScaleDownStabilizationWindowSeconds** | time to start implementing the scale down when it is triggered | integer | 60 | only if `global.autoscaling` is true and `global.tier` is PROD
+**hpa.behaviorScaleDownPoliciesValue** | the maximum number of replicas to destroy (in percents from current state) | integer | 25 | only if `global.autoscaling` is true and `global.tier` is PROD
+**hpa.behaviorScaleDownPoliciesPeriodSeconds** | pause for every new scale down decision | integer | 60 | only if `global.autoscaling` is true and `global.tier` is PROD
+
+### Limits variables
+
+| Name | Description | Type | Default |Required |
+|------|-------------|------|---------|---------|
+**limits.maxTokens** | maximum number of requests per fillInterval | integer | 80 | only if `global.autoscaling` is true and `global.tier` is PROD
+**limits.tokensPerFill** | number of new tokens allowed every fillInterval | integer | 80 | only if `global.autoscaling` is true and `global.tier` is PROD
+**limits.fillInterval** | time interval | string | "1s" | only if `global.autoscaling` is true and `global.tier` is PROD
+
### Install the helm chart
Run this command from within this directory:
diff --git a/devops/gc/deploy/templates/hpa.yaml b/devops/gc/deploy/templates/hpa.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..3cda953f2f4691aa6e7210df91773d3d3bced2f3
--- /dev/null
+++ b/devops/gc/deploy/templates/hpa.yaml
@@ -0,0 +1,42 @@
+{{- if and (eq .Values.global.tier "PROD") (eq .Values.global.autoscaling true) }}
+apiVersion: autoscaling/v2
+kind: HorizontalPodAutoscaler
+metadata:
+ name: {{ printf "%s-hpa" .Values.conf.appName | quote }}
+ namespace: {{ .Release.Namespace | quote }}
+spec:
+ scaleTargetRef:
+ apiVersion: apps/v1
+ kind: Deployment
+ name: {{ .Values.conf.appName | quote }}
+ minReplicas: {{ .Values.hpa.minReplicas }}
+ maxReplicas: {{ .Values.hpa.maxReplicas }}
+ metrics:
+ - type: External
+ external:
+ metric:
+ name: istio.io|service|server|request_count
+ selector:
+ matchLabels:
+ metric.labels.destination_workload_name: {{ .Values.conf.appName | quote }}
+ target:
+ type: {{ .Values.hpa.targetType | quote }}
+ {{- if eq .Values.hpa.targetType "AverageValue" }}
+ averageValue: {{ .Values.hpa.targetValue }}
+ {{- else if eq .Values.hpa.targetType "Value" }}
+ value: {{ .Values.hpa.targetValue }}
+ {{- end }}
+ behavior:
+ scaleUp:
+ stabilizationWindowSeconds: {{ .Values.hpa.behaviorScaleUpStabilizationWindowSeconds }}
+ policies:
+ - type: Percent
+ value: {{ .Values.hpa.behaviorScaleUpPoliciesValue }}
+ periodSeconds: {{ .Values.hpa.behaviorScaleUpPoliciesPeriodSeconds }}
+ scaleDown:
+ stabilizationWindowSeconds: {{ .Values.hpa.behaviorScaleDownStabilizationWindowSeconds }}
+ policies:
+ - type: Percent
+ value: {{ .Values.hpa.behaviorScaleDownPoliciesValue }}
+ periodSeconds: {{ .Values.hpa.behaviorScaleDownPoliciesPeriodSeconds }}
+{{- end }}
diff --git a/devops/gc/deploy/templates/rate-limits.yaml b/devops/gc/deploy/templates/rate-limits.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..ddc911c8bc1c66f08dc28d8f0626668d98586ed8
--- /dev/null
+++ b/devops/gc/deploy/templates/rate-limits.yaml
@@ -0,0 +1,43 @@
+{{- if and (eq .Values.global.tier "PROD") (eq .Values.global.autoscaling true) }}
+apiVersion: networking.istio.io/v1alpha3
+kind: EnvoyFilter
+metadata:
+ name: {{ printf "%s-ratelimit" .Values.conf.appName | quote }}
+ namespace: {{ .Release.Namespace | quote }}
+spec:
+ workloadSelector:
+ labels:
+ app: {{ .Values.conf.appName | quote }}
+ configPatches:
+ - applyTo: "HTTP_FILTER"
+ match:
+ context: "SIDECAR_INBOUND"
+ listener:
+ filterChain:
+ filter:
+ name: "envoy.filters.network.http_connection_manager"
+ patch:
+ operation: INSERT_BEFORE
+ value:
+ name: "envoy.filters.http.local_ratelimit"
+ typed_config:
+ '@type': "type.googleapis.com/udpa.type.v1.TypedStruct"
+ type_url: "type.googleapis.com/envoy.extensions.filters.http.local_ratelimit.v3.LocalRateLimit"
+ value:
+ stat_prefix: "http_local_rate_limiter"
+ enable_x_ratelimit_headers: "DRAFT_VERSION_03"
+ token_bucket:
+ max_tokens: {{ .Values.limits.maxTokens }}
+ tokens_per_fill: {{ .Values.limits.tokensPerFill }}
+ fill_interval: {{ .Values.limits.fillInterval | quote}}
+ filter_enabled:
+ runtime_key: "local_rate_limit_enabled"
+ default_value:
+ numerator: 100
+ denominator: "HUNDRED"
+ filter_enforced:
+ runtime_key: "local_rate_limit_enforced"
+ default_value:
+ numerator: 100
+ denominator: "HUNDRED"
+{{- end }}
diff --git a/devops/gc/deploy/values.yaml b/devops/gc/deploy/values.yaml
index fe3d4545c601f42f70aff2a1e2e014d75455d82c..3347579fe076fa5d0bcea4ddd1455a19c5ed8469 100644
--- a/devops/gc/deploy/values.yaml
+++ b/devops/gc/deploy/values.yaml
@@ -5,6 +5,8 @@ global:
limitsEnabled: true
dataPartitionId: ""
logLevel: "ERROR"
+ tier: ""
+ autoscaling: true
data:
# configmaps
@@ -52,3 +54,20 @@ istio:
bootstrapProxyCPULimit: "100m"
sidecarInject: "true"
partitionEditors: []
+
+hpa:
+ minReplicas: 6
+ maxReplicas: 15
+ targetType: "AverageValue" #Could be AverageValue or Value
+ targetValue: 400 #200 rps
+ behaviorScaleUpStabilizationWindowSeconds: 10
+ behaviorScaleUpPoliciesValue: 50
+ behaviorScaleUpPoliciesPeriodSeconds: 15
+ behaviorScaleDownStabilizationWindowSeconds: 60
+ behaviorScaleDownPoliciesValue: 25
+ behaviorScaleDownPoliciesPeriodSeconds: 60
+
+limits:
+ maxTokens: 250
+ tokensPerFill: 250
+ fillInterval: "1s"