# Copyright 2022-2023 ETSI TeraFlowSDN - TFS OSG (https://tfs.etsi.org/) # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. apiVersion: apps/v1 kind: Deployment metadata: name: l3-attackmitigatorservice spec: selector: matchLabels: app: l3-attackmitigatorservice template: metadata: labels: app: l3-attackmitigatorservice spec: terminationGracePeriodSeconds: 5 containers: - name: server image: labs.etsi.org:5050/tfs/controller/l3_attackmitigator:latest imagePullPolicy: Always ports: - containerPort: 10002 - containerPort: 9192 env: - name: LOG_LEVEL value: "INFO" readinessProbe: exec: command: ["/bin/grpc_health_probe", "-addr=:10002"] livenessProbe: exec: command: ["/bin/grpc_health_probe", "-addr=:10002"] resources: requests: cpu: 250m memory: 512Mi limits: cpu: 700m memory: 1024Mi --- apiVersion: v1 kind: Service metadata: name: l3-attackmitigatorservice labels: app: l3-attackmitigatorservice spec: type: ClusterIP selector: app: l3-attackmitigatorservice ports: - name: metrics protocol: TCP port: 9192 targetPort: 9192 - name: grpc port: 10002 targetPort: 10002 --- apiVersion: autoscaling/v2 kind: HorizontalPodAutoscaler metadata: name: l3-attackmitigatorservice-hpa spec: scaleTargetRef: apiVersion: apps/v1 kind: Deployment name: l3-attackmitigatorservice minReplicas: 1 maxReplicas: 10 metrics: - type: Resource resource: name: cpu target: type: Utilization averageUtilization: 80 behavior: scaleDown: stabilizationWindowSeconds: 120 --- apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: tfs-l3-attackmitigatorservice-metric labels: app: l3-attackmitigatorservice #release: prometheus #release: prom # name of the release # ( VERY IMPORTANT: You need to know the correct release name by viewing # the servicemonitor of Prometheus itself: Without the correct name, # Prometheus cannot identify the metrics of the Flask app as the target.) spec: selector: matchLabels: # Target app service #namespace: tfs app: l3-attackmitigatorservice # same as above #release: prometheus # same as above endpoints: - port: metrics # named port in target app scheme: http path: /metrics # path to scrape interval: 5s # scrape interval namespaceSelector: any: false matchNames: - tfs # namespace where the app is running