Add environment variables
What does this MR do and why?
This is a follow-up to Add GOGC configuration value (!56 - merged)
Context for the change: During the Zoekt incident @msmiley
mentioned that we run Zoekt pods on hosts with 80 vCPUs, so Go runtime spawns its threads suboptimally. To fix this mismatch, we need to set GOMAXPROCS
(I've also found confirmation that we should do that in different online resources, for example: https://github.com/uber-go/automaxprocs/issues/12#issuecomment-405976401).
In order to add GOMAXPROCS
configuration we'd essentially need to duplicate Add GOGC configuration value (!56 - merged). Instead, I've decided to make it so that we can set any env variables we want for zoekt-webserer
and zoekt-indexer
.
We don't use webserver.goGc.enabled
nor indexer.goGc.enabled
, so it's backwards compatible.
How to set up and validate locally
helm install gitlab-zoekt .
- Execute
kubectl describe pod gitlab-zoekt-0
and verify thatGOGC
andGOMAXPROCS
are unset forzoekt-webserver
andzoekt-indexer
helm upgrade gitlab-zoekt . --set webserver.environment.GOGC=50 --set webserver.environment.GOMAXPROCS=4 --set indexer.environment.GOGC=75 --set indexer.environment.GOMAXPROCS=6
- Execute
kubectl describe pod gitlab-zoekt-0
and verify thatGOGC
andGOMAXPROCS
are set forzoekt-webserver
andzoekt-indexer
zoekt-webserver:
...
Environment:
GOGC: 50
GOMAXPROCS: 4
zoekt-indexer:
...
Environment:
GOGC: 75
GOMAXPROCS: 6
- You can also use:
$ kubectl exec gitlab-zoekt-0 -c zoekt-indexer -- env | fgrep GO
GOGC=75
GOMAXPROCS=6
$ kubectl exec gitlab-zoekt-0 -c zoekt-webserver -- env | fgrep GO
GOGC=50
GOMAXPROCS=4
As an additional testing step I've executed ./spec/scripts/integration.sh
with these custom values, which was successful.
Click to expand
❯ ./spec/scripts/integration.sh --set webserver.environment.GOGC=50 --set webserver.environment.GOMAXPROCS=4 --set indexer.environment.GOGC=75 --set indexer.environment.GOMAXPROCS=6
Installation:
> Uninstall helm release if exists ... [OK]
> Helm install ... [OK]
> Deploy cert manager ... [OK]
Healthchecks & Metrics:
> Local | Legacy indexer health ... [OK]
> Local | New indexer health ... [OK]
> Local | Webserver health ... [OK]
> Internal Gateway | Legacy indexer health ... [OK]
> Internal Gateway | New indexer health ... [OK]
> Internal Gateway | New indexer metrics ... [OK]
> Internal Gateway | Webserver health ... [OK]
> Internal Gateway | Webserver metrics ... [OK]
> Internal Gateway | Nginx health ... [OK]
> External Gateway | Nginx health ... [OK]
> External Gateway | Indexer health ... [OK]
> External Gateway | Indexer metrics ... [OK]
> External Gateway | Webserver health ... [OK]
> External Gateway | Webserver metrics ... [OK]
Indexing & Searching:
> Local | Indexer truncate ... [OK]
> Local | Legacy indexer ... [OK]
> Local | Webserver ... [OK]
> Local | Indexer ... [OK]
> Internal Gateway | Legacy indexer indexing ... [OK]
> Internal Gateway | Webserver ... [OK]
> External Gateway | Indexer ... [OK]
> External Gateway | Webserver ... [OK]
> External Gateway /nodes endpoint | Webserver ... [OK]
> External Gateway /nodes endpoint | Indexer ... [OK]
Basic Auth:
> Auth | Create secret ... [OK]
> Auth | Enable basic_auth ... [OK]
> Auth | No auth | Internal Gateway | Nginx health ... [OK]
> Auth | No auth | External Gateway | Nginx health ... [OK]
> Auth | No auth | External Gateway | Webserver health ... [OK]
> Auth | No auth | External Gateway | Webserver metrics ... [OK]
> Auth | No auth | External Gateway | Indexer health ... [OK]
> Auth | No auth | External Gateway | Indexer metrics ... [OK]
> Auth | Wrong | External Gateway | Indexer ... [OK]
> Auth | Wrong | External Gateway | Webserver ... [OK]
> Auth | External Gateway | Indexer ... [OK]
> Auth | External Gateway | Webserver ... [OK]
> Auth | External Gateway /nodes endpoint | Webserver ... [OK]
> Auth | External Gateway /nodes endpoint | Indexer ... [OK]
TLS:
> Wait for cert-manager-webhook deployment ... [OK]
> Add certificate ... [OK]
> Enable TLS ... [OK]
> TLS | External Gateway | Webserver ... [OK]
> TLS | External Gateway | Indexer ... [OK]
> TLS | External Gateway /nodes endpoint | Webserver ... [OK]
> TLS | External Gateway /nodes endpoint | Indexer ... [OK]
Upgrade:
> Helm upgrade ... [OK]