viktor/infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
infra/stacks/rbac/modules/rbac/etcd-tuning.tf
Viktor Barzin 6101fb99f9 Reduce disk write amplification across cluster (~200-350 GB/day savings) [ci skip] 
- Prometheus: persist metric whitelist (keep rules) to Helm template, preventing
  regression from 33K to 250K samples/scrape on next apply. Reduce retention 52w→26w.
- MySQL InnoDB: aggressive write reduction — flush_log_at_trx_commit=0, sync_binlog=0,
  doublewrite=OFF, io_capacity=100/200, redo_log=1GB, flush_neighbors=1, reduced page cleaners.
- etcd: increase snapshot-count 10000→50000 to reduce WAL snapshot frequency.
- VM disks: enable TRIM/discard passthrough to LVM thin pool via create-vm module.
- Cloud-init: enable fstrim.timer, journald limits (500M/7d/compress).
- Kubelet: containerLogMaxSize=10Mi, containerLogMaxFiles=3.
- Technitium: DNS query log retention 0→30 days (was unlimited writes to MySQL).

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-09 19:01:21 +00:00

50 lines
1.3 KiB
HCL
Raw Blame History

# Tune etcd for reduced disk writes on k8s-master.
# Increases snapshot-count from 10000 (default) to 50000 to reduce WAL snapshot frequency.
# etcd writes ~37.5 GB/day; less frequent snapshots reduce this by ~30-40%.
# This patches the kubeadm-managed static pod manifest. Note: kubeadm upgrades
# will reset this, so re-apply after any kubeadm upgrade.
resource "null_resource" "etcd_tuning" {
connection {
type = "ssh"
user = "wizard"
host = var.k8s_master_host
private_key = var.ssh_private_key
}
provisioner "remote-exec" {
inline = [
<<-SCRIPT
sudo python3 -c "
import yaml
path = '/etc/kubernetes/manifests/etcd.yaml'
with open(path) as f:
doc = yaml.safe_load(f)
container = doc['spec']['containers'][0]
args = container['command']
# Update or add --snapshot-count=50000
new_args = [a for a in args if not a.startswith('--snapshot-count=')]
new_args.append('--snapshot-count=50000')
# Update or add --quota-backend-bytes (256MB, default is 2GB which is fine)
# Keep default for now
container['command'] = new_args
with open(path, 'w') as f:
yaml.dump(doc, f, default_flow_style=False)
print('etcd manifest updated: --snapshot-count=50000')
"
SCRIPT
]
}
# Re-run if the configuration changes
triggers = {
snapshot_count = "50000"
}
}
Reference in a new issue View git blame Copy permalink