fix: Tuning cpu, memory and autoscaling trigger

.github/workflows/04h_deploy_with_github_runner.yml

@@ -13,7 +13,7 @@ on:
         type: string
 
 env:
-  APP_NAME: pagopafdr
+  APP_NAME: pagopafdr3
 
 
 permissions:
@@ -38,8 +38,10 @@ jobs:
           cluster_name: ${{ vars.CLUSTER_NAME }}
           resource_group: ${{ vars.CLUSTER_RESOURCE_GROUP }}
           app_name: ${{ env.APP_NAME }}
-          helm_upgrade_options: '--debug --set microservice-chart.azure.workloadIdentityClientId=${{vars.WORKLOAD_IDENTITY_ID}} --set scheduler.azure.workloadIdentityClientId=${{vars.WORKLOAD_IDENTITY_ID}}'
-          timeout: '10m0s'
+          helm_upgrade_options: '--debug 
+                  --set core.azure.workloadIdentityClientId=${{vars.WORKLOAD_IDENTITY_ID}} 
+                  --set scheduler.azure.workloadIdentityClientId=${{vars.WORKLOAD_IDENTITY_ID}}'
+          timeout: '5m0s'
 
   update_openapi:
     needs: [ deploy ]

helm/Chart.yaml

@@ -1,14 +1,15 @@
 apiVersion: v2
-name: pagopa-fdr-chart
+name: pagopa-fdr-3-chart
 description: Flussi di rendicontazioni
 type: application
 version: "1.148.0"
 appVersion: "1.1.60"
 dependencies:
   - name: microservice-chart
-    version: 7.5.0
+    version: 8.0.2
     repository: "https://pagopa.github.io/aks-microservice-chart-blueprint"
+    alias: core
   - name: microservice-chart
-    version: 7.5.0
+    version: 8.0.2
     repository: "https://pagopa.github.io/aks-microservice-chart-blueprint"
     alias: scheduler

helm/values-dev.yaml

@@ -1,10 +1,5 @@
 microservice-chart: &microservice-chart
   namespace: "fdr"
-  strategy:
-    type: RollingUpdate
-    rollingUpdate:
-      maxUnavailable: 0
-      maxSurge: 1
   image:
     repository: ghcr.io/pagopa/pagopa-fdr
     tag: 1.1.60
@@ -24,8 +19,11 @@ microservice-chart: &microservice-chart
     failureThreshold: 10
     periodSeconds: 5
   deployment: &deployment
-    create: true
-    replicas: 1 # default
+    strategy:
+      type: RollingUpdate
+      rollingUpdate:
+        maxSurge: 1
+        maxUnavailable: 0
   serviceMonitor:
     create: true
     endpoints:
@@ -114,13 +112,31 @@ microservice-chart: &microservice-chart
   canaryDelivery:
     create: false
 # Configuration for standard application
-app:
+core:
   !!merge <<: *microservice-chart
   ingress:
     !!merge <<: *ingress
+    path: /pagopa-fdr-service-core/(.*)
   deployment:
     !!merge <<: *deployment
-    replicas: 1
+  autoscaling:
+    !!merge <<: *autoscaling
+    enable: true
+    minReplica: 1
+    maxReplica: 2
+    pollingInterval: 10 # seconds
+    cooldownPeriod: 50 # seconds
+    advanced:
+      restoreToOriginalReplicaCount: false
+    triggers:
+      - type: cpu
+        metadata:
+          type: Utilization
+          value: "90"
+      - type: memory
+        metadata:
+          type: Utilization
+          value: "90"
   resources:
     !!merge <<: *resources
   envConfig:
@@ -135,10 +151,12 @@ scheduler:
   !!merge <<: *microservice-chart
   ingress:
     !!merge <<: *ingress
-    path: /pagopa-fdr-service-scheduler-unused/(.*)
+    create: false
   deployment:
     !!merge <<: *deployment
     replicas: 1
+  autoscaling:
+    !!merge <<: *autoscaling
   resources:
     !!merge <<: *resources
     requests:

helm/values-prod.yaml

@@ -1,10 +1,5 @@
 microservice-chart: &microservice-chart
   namespace: "fdr"
-  strategy:
-    type: RollingUpdate
-    rollingUpdate:
-      maxUnavailable: 0
-      maxSurge: 1
   image:
     repository: ghcr.io/pagopa/pagopa-fdr
     tag: 1.1.60
@@ -26,6 +21,11 @@ microservice-chart: &microservice-chart
   deployment: &deployment
     create: true
     replicas: 1 # default
+    strategy:
+      type: RollingUpdate
+      rollingUpdate:
+        maxSurge: 1
+        maxUnavailable: 0
   serviceMonitor:
     create: true
     endpoints:
@@ -57,7 +57,7 @@ microservice-chart: &microservice-chart
     allowPrivilegeEscalation: false
   resources: &resources
     requests:
-      memory: "1Gi"
+      memory: "1250Mi"
       cpu: "750m"
     limits:
       memory: "3.5Gi"
@@ -114,10 +114,11 @@ microservice-chart: &microservice-chart
   canaryDelivery:
     create: false
 # Configuration for standard application
-app:
+core:
   !!merge <<: *microservice-chart
   ingress:
     !!merge <<: *ingress
+    path: /pagopa-fdr-service-core/(.*)
   deployment:
     !!merge <<: *deployment
     replicas: 3 # same as HPA minReplica
@@ -130,15 +131,23 @@ app:
     maxReplica: 10
     pollingInterval: 10 # seconds
     cooldownPeriod: 50 # seconds
+    advanced:
+      restoreToOriginalReplicaCount: false
     triggers:
+      - type: cron
+        metadata:
+          timezone: Europe/Rome
+          start: 0 1 * * *
+          end: 30 10 * * *
+          desiredReplicas: "8"
       - type: cpu
         metadata:
           type: Utilization
           value: "150"
       - type: memory
         metadata:
           type: Utilization
-          value: "90"
+          value: "110"
   envConfig:
     !!merge <<: *envConfig
     SCHEDULE_HISTORY_CRON: "off"
@@ -151,10 +160,12 @@ scheduler:
   !!merge <<: *microservice-chart
   ingress:
     !!merge <<: *ingress
-    path: /pagopa-fdr-service-scheduler-unused/(.*)
+    create: false
   deployment:
     !!merge <<: *deployment
     replicas: 1
+  autoscaling:
+    !!merge <<: *autoscaling
   resources:
     !!merge <<: *resources
     requests:

helm/values-uat.yaml

@@ -1,10 +1,5 @@
 microservice-chart: &microservice-chart
   namespace: "fdr"
-  strategy:
-    type: RollingUpdate
-    rollingUpdate:
-      maxUnavailable: 0
-      maxSurge: 1
   image:
     repository: ghcr.io/pagopa/pagopa-fdr
     tag: 1.1.60
@@ -26,6 +21,11 @@ microservice-chart: &microservice-chart
   deployment: &deployment
     create: true
     replicas: 1 # default
+    strategy:
+      type: RollingUpdate
+      rollingUpdate:
+        maxSurge: 1
+        maxUnavailable: 0
   serviceMonitor:
     create: true
     endpoints:
@@ -114,10 +114,11 @@ microservice-chart: &microservice-chart
   canaryDelivery:
     create: false
 # Configuration for standard application
-app:
+core:
   !!merge <<: *microservice-chart
   ingress:
     !!merge <<: *ingress
+    path: /pagopa-fdr-service-core/(.*)
   deployment:
     !!merge <<: *deployment
     replicas: 1 # (default) same as HPA minReplica
@@ -130,6 +131,8 @@ app:
     maxReplica: 2
     pollingInterval: 10 # seconds
     cooldownPeriod: 50 # seconds
+    advanced:
+      restoreToOriginalReplicaCount: false
     triggers:
       - type: cpu
         metadata:
@@ -151,10 +154,12 @@ scheduler:
   !!merge <<: *microservice-chart
   ingress:
     !!merge <<: *ingress
-    path: /pagopa-fdr-service-scheduler-unused/(.*)
+    create: false
   deployment:
     !!merge <<: *deployment
     replicas: 1
+  autoscaling:
+    !!merge <<: *autoscaling
   resources:
     !!merge <<: *resources
     requests:

infra/04_apim_api.tf

@@ -142,7 +142,7 @@ module "apim_api_fdr_api_v1_internal" {
     host = local.apim_hostname
   })
 
-  xml_content = templatefile("./policy/_base_policy.xml.tpl", {
+  xml_content = templatefile("./policy/internal/_base_policy.xml.tpl", {
     hostname = local.hostname
   })
 }
@@ -224,7 +224,7 @@ resource "terraform_data" "sha256_fdr3_policy_orgs_v1" {
 }
 
 resource "terraform_data" "sha256_fdr3_policy_base" {
-  input = sha256(templatefile("./policy/_base_policy.xml.tpl", {
+  input = sha256(templatefile("./policy/internal/_base_policy.xml.tpl", {
     hostname = local.hostname
   }))
 }

infra/policy/_base_policy.xml.tpl → infra/policy/internal/_base_policy.xml.tpl

@@ -1,7 +1,7 @@
 <policies>
   <inbound>
     <base/>
-    <set-backend-service base-url="https://${hostname}/pagopa-fdr-service"/>
+    <set-backend-service base-url="https://${hostname}/pagopa-fdr-service-core"/>
   </inbound>
   <outbound>
     <base/>

infra/policy/org/v1/_base_policy.xml.tpl

@@ -1,11 +1,11 @@
 <policies>
     <inbound>
         <base />
-        <set-backend-service base-url="https://${hostname}/pagopa-fdr-service" />
+        <set-backend-service base-url="https://${hostname}/pagopa-fdr-service-core" />
         <!-- Calling Authorizer's fragment -->
         <set-variable name="application_domain" value="fdr" />
         <choose>
-            <!-- Making sure that will excludes all APIs that does not includes CI fiscal code -->
+            <!-- Making sure that will exclude all APIs that does not include CI fiscal code -->
             <when condition="@(context.Request.MatchedParameters.ContainsKey("organizationId"))">
                 <set-variable name="authorization_entity" value="@(context.Request.MatchedParameters["organizationId"])" />
                 <include-fragment fragment-id="authorizer" />

infra/policy/psp/v1/_base_policy.xml.tpl

@@ -1,7 +1,7 @@
 <policies>
     <inbound>
         <base />
-        <set-backend-service base-url="https://${hostname}/pagopa-fdr-service" />
+        <set-backend-service base-url="https://${hostname}/pagopa-fdr-service-core" />
         <!-- Calling Authorizer's fragment -->
         <set-variable name="application_domain" value="fdr" />
         <choose>