Merge branch 'qa-increase-review-deploy-timeout' into 'master'

[Review Apps] Add resource requests and limits to most of the chart resources

See merge request gitlab-org/gitlab-ce!30155

2 files changed, 106 insertions, 24 deletions

diff --git a/.gitlab/ci/review.gitlab-ci.yml b/.gitlab/ci/review.gitlab-ci.yml
index 61fd48fd72e..ce019de213b 100644
--- a/.gitlab/ci/review.gitlab-ci.yml
+++ b/.gitlab/ci/review.gitlab-ci.yml
@@ -77,7 +77,7 @@ schedule:review-build-cng:
 .review-deploy-base: &review-deploy-base
   <<: *review-base
   allow_failure: true
-  retry: 2
+  retry: 1
   stage: review
   variables:
     HOST_SUFFIX: "${CI_ENVIRONMENT_SLUG}"
diff --git a/scripts/review_apps/review-apps.sh b/scripts/review_apps/review-apps.sh
index 633ea28e96c..2bf654b1e24 100755
--- a/scripts/review_apps/review-apps.sh
+++ b/scripts/review_apps/review-apps.sh
@@ -131,6 +131,7 @@ function install_external_dns() {
   if ! deploy_exists "${KUBE_NAMESPACE}" "${release_name}" || previous_deploy_failed "${release_name}" ; then
     echoinfo "Installing external-dns Helm chart"
     helm repo update
+    # Default requested: CPU => 0, memory => 0
     helm install stable/external-dns \
       -n "${release_name}" \
       --namespace "${KUBE_NAMESPACE}" \
@@ -141,7 +142,11 @@ function install_external_dns() {
       --set domainFilters[0]="${domain}" \
       --set txtOwnerId="${KUBE_NAMESPACE}" \
       --set rbac.create="true" \
-      --set policy="sync"
+      --set policy="sync" \
+      --set resources.requests.cpu=50m \
+      --set resources.limits.cpu=100m \
+      --set resources.requests.memory=100M \
+      --set resources.limits.memory=200M
   else
     echoinfo "The external-dns Helm chart is already successfully deployed."
   fi
@@ -196,45 +201,122 @@ HELM_CMD=$(cat << EOF
   helm upgrade --install \
     --wait \
     --timeout 600 \
-    --set global.appConfig.enableUsagePing=false \
     --set releaseOverride="$CI_ENVIRONMENT_SLUG" \
+    --set global.appConfig.enableUsagePing=false \
     --set global.imagePullPolicy=Always \
     --set global.hosts.hostSuffix="$HOST_SUFFIX" \
     --set global.hosts.domain="$REVIEW_APPS_DOMAIN" \
-    --set certmanager.install=false \
-    --set prometheus.install=false \
     --set global.ingress.configureCertmanager=false \
     --set global.ingress.tls.secretName=tls-cert \
     --set global.ingress.annotations."external-dns\.alpha\.kubernetes\.io/ttl"="10" \
+    --set certmanager.install=false \
+    --set prometheus.install=false \
     --set nginx-ingress.controller.service.enableHttp=false \
-    --set nginx-ingress.defaultBackend.resources.requests.memory=7Mi \
-    --set nginx-ingress.controller.resources.requests.memory=440M \
     --set nginx-ingress.controller.replicaCount=2 \
-    --set gitlab.unicorn.resources.requests.cpu=200m \
-    --set gitlab.sidekiq.resources.requests.cpu=100m \
-    --set gitlab.sidekiq.resources.requests.memory=800M \
-    --set gitlab.gitlab-shell.resources.requests.cpu=100m \
-    --set redis.resources.requests.cpu=100m \
-    --set minio.resources.requests.cpu=100m \
+    --set nginx-ingress.controller.config.ssl-ciphers="ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4" \
     --set gitlab.migrations.image.repository="$gitlab_migrations_image_repository" \
     --set gitlab.migrations.image.tag="$CI_COMMIT_REF_SLUG" \
-    --set gitlab.sidekiq.image.repository="$gitlab_sidekiq_image_repository" \
-    --set gitlab.sidekiq.image.tag="$CI_COMMIT_REF_SLUG" \
-    --set gitlab.unicorn.image.repository="$gitlab_unicorn_image_repository" \
-    --set gitlab.unicorn.image.tag="$CI_COMMIT_REF_SLUG" \
-    --set gitlab.task-runner.image.repository="$gitlab_task_runner_image_repository" \
-    --set gitlab.task-runner.image.tag="$CI_COMMIT_REF_SLUG" \
     --set gitlab.gitaly.image.repository="$gitlab_gitaly_image_repository" \
     --set gitlab.gitaly.image.tag="v$GITALY_VERSION" \
     --set gitlab.gitlab-shell.image.repository="$gitlab_shell_image_repository" \
     --set gitlab.gitlab-shell.image.tag="v$GITLAB_SHELL_VERSION" \
+    --set gitlab.sidekiq.image.repository="$gitlab_sidekiq_image_repository" \
+    --set gitlab.sidekiq.image.tag="$CI_COMMIT_REF_SLUG" \
+    --set gitlab.unicorn.image.repository="$gitlab_unicorn_image_repository" \
+    --set gitlab.unicorn.image.tag="$CI_COMMIT_REF_SLUG" \
     --set gitlab.unicorn.workhorse.image="$gitlab_workhorse_image_repository" \
     --set gitlab.unicorn.workhorse.tag="$CI_COMMIT_REF_SLUG" \
-    --set nginx-ingress.controller.config.ssl-ciphers="ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4" \
-    --namespace="$KUBE_NAMESPACE" \
-    --version="$CI_PIPELINE_ID-$CI_JOB_ID" \
-    "$name" \
-    .
+    --set gitlab.task-runner.image.repository="$gitlab_task_runner_image_repository" \
+    --set gitlab.task-runner.image.tag="$CI_COMMIT_REF_SLUG"
+EOF
+)
+
+# Default requested: CPU => 100m, memory => 100Mi
+HELM_CMD=$(cat << EOF
+  $HELM_CMD \
+  --set nginx-ingress.controller.resources.limits.cpu=200m \
+  --set nginx-ingress.controller.resources.requests.memory=210M \
+  --set nginx-ingress.controller.resources.limits.memory=420M
+EOF
+)
+
+# Default requested: CPU => 5m, memory => 5Mi
+HELM_CMD=$(cat << EOF
+  $HELM_CMD \
+  --set nginx-ingress.defaultBackend.resources.limits.cpu=10m \
+  --set nginx-ingress.defaultBackend.resources.requests.memory=12M \
+  --set nginx-ingress.defaultBackend.resources.limits.memory=24M
+EOF
+)
+
+# Default requested: CPU => 100m, memory => 200Mi
+HELM_CMD=$(cat << EOF
+  $HELM_CMD \
+  --set gitlab.gitaly.resources.requests.cpu=150m \
+  --set gitlab.gitaly.resources.limits.cpu=300m \
+  --set gitlab.gitaly.resources.limits.memory=420M
+EOF
+)
+
+# Default requested: CPU => 0, memory => 6M
+HELM_CMD=$(cat << EOF
+  $HELM_CMD \
+  --set gitlab.gitlab-shell.resources.requests.cpu=70m \
+  --set gitlab.gitlab-shell.resources.limits.cpu=140m \
+  --set gitlab.gitlab-shell.resources.requests.memory=20M \
+  --set gitlab.gitlab-shell.resources.limits.memory=40M
+EOF
+)
+
+# Default requested: CPU => 50m, memory => 650M
+HELM_CMD=$(cat << EOF
+  $HELM_CMD \
+  --set gitlab.sidekiq.resources.requests.cpu=200m \
+  --set gitlab.sidekiq.resources.limits.cpu=300m \
+  --set gitlab.sidekiq.resources.requests.memory=800M \
+  --set gitlab.sidekiq.resources.limits.memory=1.2G
+EOF
+)
+
+# Default requested: CPU => 300m + 100m (workhorse), memory => 1.2G + 100M (workhorse)
+HELM_CMD=$(cat << EOF
+  $HELM_CMD \
+  --set gitlab.unicorn.resources.limits.cpu=800m \
+  --set gitlab.unicorn.resources.limits.memory=2.6G
+EOF
+)
+
+# Default requested: CPU => 100m, memory => 64Mi
+HELM_CMD=$(cat << EOF
+  $HELM_CMD \
+  --set redis.resources.limits.cpu=200m \
+  --set redis.resources.limits.memory=130M
+EOF
+)
+
+# Default requested: CPU => 100m, memory => 128Mi
+HELM_CMD=$(cat << EOF
+  $HELM_CMD \
+  --set minio.resources.limits.cpu=200m \
+  --set minio.resources.limits.memory=280M
+EOF
+)
+
+# Default requested: CPU => 0, memory => 0
+HELM_CMD=$(cat << EOF
+  $HELM_CMD \
+  --set gitlab-runner.resources.requests.cpu=300m \
+  --set gitlab-runner.resources.limits.cpu=600m \
+  --set gitlab-runner.resources.requests.memory=300M \
+  --set gitlab-runner.resources.limits.memory=600M
+EOF
+)
+
+HELM_CMD=$(cat << EOF
+  $HELM_CMD \
+  --namespace="$KUBE_NAMESPACE" \
+  --version="$CI_PIPELINE_ID-$CI_JOB_ID" \
+  "$name" .
 EOF
 )