Tag Archives: AWS

Automate Kubernetes Pod Scaling with CronJobs

Leave a reply

Automating Pod Scaling in Kubernetes: Using a Service Account to Scale Down and Scale Up Pods in AWS

Managing pod scaling in Kubernetes is crucial for optimizing resource usage and cost, especially when running clusters on AWS. You may want to automatically scale down all the pods in a namespace during off-peak hours and scale them back up when needed.

In this guide, we’ll go over how to:

  1. Create a ServiceAccount with permissions to scale pods.
  2. Set up CronJobs to automatically scale down and up all pods in a Kubernetes namespace.
  3. Automate this process with a ServiceAccount that has the required permissions to perform scaling.

Steps Overview:

  1. Create a ServiceAccount that can manage pod scaling.
  2. Create a Role with permissions to scale deployments.
  3. Bind the Role to the ServiceAccount using a RoleBinding.
  4. Create a CronJob to scale down all pods at a scheduled time.
  5. Create a CronJob to scale the pods back up.

1. Create a ServiceAccount

A ServiceAccount will allow us to run the scaling operations with the proper permissions. We’ll create a ServiceAccount called scale-operator in the namespace of your choice.

YAML for ServiceAccount:

apiVersion: v1
kind: ServiceAccount
metadata:
  name: scale-operator
  namespace: <namespace>  # Replace with your target namespace

Command to Create ServiceAccount:

Save this YAML as serviceaccount.yaml and apply it:

kubectl apply -f serviceaccount.yaml

2. Create a Role with Permissions to Scale Pods

The next step is to create a Role that gives the ServiceAccount permission to scale deployments. This will allow the ServiceAccount to perform get, update, and patch operations on deployment resources, which are required to adjust replica counts.

YAML for Role:

apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
  name: scale-role
  namespace: <namespace>  # Replace with your namespace
rules:
- apiGroups: ["apps"]
  resources: ["deployments"]
  verbs: ["get", "update", "patch"]  # Necessary permissions for scaling

Command to Create Role:

Save this as role.yaml and apply it:

kubectl apply -f role.yaml

3. Bind the Role to the ServiceAccount (RoleBinding)

To allow the scale-operator ServiceAccount to use the permissions defined in the scale-role, we need to create a RoleBinding.

YAML for RoleBinding:

apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  name: scale-rolebinding
  namespace: <namespace>  # Replace with your namespace
subjects:
- kind: ServiceAccount
  name: scale-operator
  namespace: <namespace>
roleRef:
  kind: Role
  name: scale-role
  apiGroup: rbac.authorization.k8s.io

Command to Create RoleBinding:

Save this as rolebinding.yaml and apply it:

kubectl apply -f rolebinding.yaml

Now, the scale-operator ServiceAccount has the necessary permissions to scale deployments in the namespace.

4. Create a CronJob to Scale Down Pods

Now, we’ll create a CronJob that will automatically scale down all the pods in a namespace by setting the replica count to 0. This CronJob will use the scale-operator ServiceAccount and run at a scheduled time (for example, 2 AM daily).

YAML for Scale-Down CronJob:

apiVersion: batch/v1
kind: CronJob
metadata:
  name: scale-down-pods
  namespace: <namespace>  # Replace with your namespace
spec:
  schedule: "0 2 * * *"  # Runs the job every day at 2 AM
  jobTemplate:
    spec:
      template:
        spec:
          serviceAccountName: scale-operator  # Use the ServiceAccount created earlier
          containers:
          - name: kubectl
            image: bitnami/kubectl:latest   # Image with kubectl tool
            command:
            - /bin/sh
            - -c
            - |
              kubectl scale deployment --all --replicas=0 -n <namespace>  # Scale down all deployments in the namespace
          restartPolicy: OnFailure
  • Schedule: "0 2 * * *" runs the job every day at 2 AM.
  • kubectl command: This command scales down all deployments in the namespace by setting replicas to 0.

Command to Create Scale-Down CronJob:

Save the file as scale-down-cronjob.yaml and apply it:

kubectl apply -f scale-down-cronjob.yaml

5. Create a CronJob to Scale Up Pods

After scaling down pods, you might want to scale them back up when traffic increases or during working hours. We can create another CronJob that scales up the pods by setting the replicas back to their desired number (e.g., 1).

YAML for Scale-Up CronJob:

apiVersion: batch/v1
kind: CronJob
metadata:
  name: scale-up-pods
  namespace: <namespace>  # Replace with your namespace
spec:
  schedule: "0 6 * * *"  # This runs every day at 6 AM (adjust as needed)
  jobTemplate:
    spec:
      template:
        spec:
          serviceAccountName: scale-operator  # Use the same ServiceAccount
          containers:
          - name: kubectl
            image: bitnami/kubectl:latest
            command:
            - /bin/sh
            - -c
            - |
              kubectl scale deployment --all --replicas=1 -n <namespace>  # Scale back up to 3 replicas (adjust as needed)
          restartPolicy: OnFailure
  • Schedule: "0 6 * * *" runs the job daily at 6 AM. You can adjust this to meet your needs.
  • kubectl command: This command scales up all deployments in the namespace by setting the replica count back to 1.

Command to Create Scale-Up CronJob:

Save this file as scale-up-cronjob.yaml and apply it:

kubectl apply -f scale-up-cronjob.yaml

Verifying Your Setup

Once you’ve applied the CronJobs, you can check that everything is working as expected:

  • List the ServiceAccount:
kubectl get serviceaccount -n <namespace>

Check the CronJobs:

kubectl get cronjobs -n <namespace>

Monitor the Jobs: As CronJobs run, they create Jobs. You can check if the jobs have been created by listing the jobs:

kubectl get jobs -n <namespace>

View Logs: After the CronJob runs, you can check the logs of the job’s pod to verify that it successfully scaled the pods:

kubectl logs <pod-name> -n <namespace>