Skip to content

CORS-4212: AWS: Add the ability to configure throughput on GP3 volumes #9945

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

CORS-4212: AWS: Add the ability to configure throughput on GP3 volumes #9945

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
24 changes: 24 additions & 0 deletions data/data/install.openshift.io_installconfigs.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -221,6 +221,12 @@ spec:
(GiB).
minimum: 0
type: integer
throughput:
description: Throughput to provision in MiB/s supported
for the volume type. Not applicable to all types.
format: int64
minimum: 0
type: integer
type:
description: Type defines the type of the volume.
type: string
Expand Down Expand Up @@ -1661,6 +1667,12 @@ spec:
gibibytes (GiB).
minimum: 0
type: integer
throughput:
description: Throughput to provision in MiB/s supported
for the volume type. Not applicable to all types.
format: int64
minimum: 0
type: integer
type:
description: Type defines the type of the volume.
type: string
Expand Down Expand Up @@ -3041,6 +3053,12 @@ spec:
(GiB).
minimum: 0
type: integer
throughput:
description: Throughput to provision in MiB/s supported
for the volume type. Not applicable to all types.
format: int64
minimum: 0
type: integer
type:
description: Type defines the type of the volume.
type: string
Expand Down Expand Up @@ -4604,6 +4622,12 @@ spec:
(GiB).
minimum: 0
type: integer
throughput:
description: Throughput to provision in MiB/s supported
for the volume type. Not applicable to all types.
format: int64
minimum: 0
type: integer
type:
description: Type defines the type of the volume.
type: string
Expand Down
1 change: 1 addition & 0 deletions pkg/asset/machines/aws/awsmachines.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -107,6 +107,7 @@ func GenerateMachines(clusterID string, in *MachineInput) ([]*asset.RuntimeFile,
Size: int64(mpool.EC2RootVolume.Size),
Type: capa.VolumeType(mpool.EC2RootVolume.Type),
IOPS: int64(mpool.EC2RootVolume.IOPS),
Throughput: ptr.To(mpool.EC2RootVolume.Throughput),
Encrypted: ptr.To(true),
EncryptionKey: mpool.KMSKeyARN,
},
Expand Down
1 change: 1 addition & 0 deletions pkg/asset/machines/aws/machines.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -242,6 +242,7 @@ func provider(in *machineProviderInput) (*machineapi.AWSMachineProviderConfig, e
VolumeType: pointer.String(in.root.Type),
VolumeSize: pointer.Int64(int64(in.root.Size)),
Iops: pointer.Int64(int64(in.root.IOPS)),
Throughput: pointer.Int64(int64(in.root.Throughput)),
Encrypted: pointer.Bool(true),
KMSKey: machineapi.AWSResourceReference{ARN: pointer.String(in.root.KMSKeyARN)},
},
Expand Down
4 changes: 4 additions & 0 deletions pkg/tfvars/aws/aws.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,7 @@ type Config struct {
EdgeZonesGatewayIndex map[string]int `json:"aws_edge_parent_zones_index,omitempty"`
EdgeZonesType map[string]string `json:"aws_edge_zones_type,omitempty"`
IOPS int64 `json:"aws_master_root_volume_iops"`
Throughput int64 `json:"aws_master_root_volume_throughput"`
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think we need this change. AFAIK AWS is not using the Terraform configs (a few providers get information from the terraform configs in the capi workflows, but I don't think AWS is one of those. correct me if I'm wrong). We will delete them to avoid future confusion.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Will remove. Why does this code still exist if we aren't using it?

Size int64 `json:"aws_master_root_volume_size,omitempty"`
Type string `json:"aws_master_root_volume_type,omitempty"`
Encrypted bool `json:"aws_master_root_volume_encrypted"`
Expand Down Expand Up @@ -244,6 +245,9 @@ func TFVars(sources TFVarsSources) ([]byte, error) {
if rootVolume.EBS.Iops != nil {
cfg.IOPS = *rootVolume.EBS.Iops
}
if rootVolume.EBS.Throughput != nil {
cfg.Throughput = *rootVolume.EBS.Throughput
}
Comment on lines +248 to +250
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ditto, I don't think we need this terraform update.


cfg.Encrypted = true
if rootVolume.EBS.Encrypted != nil {
Expand Down
9 changes: 9 additions & 0 deletions pkg/types/aws/machinepool.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -71,6 +71,9 @@ func (a *MachinePool) Set(required *MachinePool) {
if required.EC2RootVolume.IOPS != 0 {
a.EC2RootVolume.IOPS = required.EC2RootVolume.IOPS
}
if required.EC2RootVolume.Throughput != 0 {
a.EC2RootVolume.Throughput = required.EC2RootVolume.Throughput
}
if required.EC2RootVolume.Size != 0 {
a.EC2RootVolume.Size = required.EC2RootVolume.Size
}
Expand Down Expand Up @@ -107,6 +110,12 @@ type EC2RootVolume struct {
// +optional
IOPS int `json:"iops"`

// Throughput to provision in MiB/s supported for the volume type. Not applicable to all types.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
// Throughput to provision in MiB/s supported for the volume type. Not applicable to all types.
// Throughput to provision in MiB/s supported for the volume type. Only supported for gp3.

//
// +kubebuilder:validation:Minimum=0
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: the minimum is listing as 0, but we validate the minimum as 125, so it seems like the minimum here should be set to 125 and also the maximum should be set as well

Copy link
Member Author

@jhixson74 jhixson74 Sep 25, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A non-zero value will break things. This setting is only valid for gp3 volumes. While I don't know the behavior from Amazon that this would cause, I do know that cluter-api-provider-aws will blow up:

https://github.com/openshift/cluster-api-provider-aws/blob/043b4e8048915656d91428c01497fb109e534b09/api/v1beta2/awsmachine_webhook.go#L343

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We handle IOPS in a similar fashion.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

https://github.com/openshift/machine-api-provider-aws/blob/d1cc300e80d2c02c234a04b8c72b71e720bc311f/pkg/actuators/machine/instances.go#L321

// +optional
Throughput int64 `json:"throughput"`

// Size defines the size of the volume in gibibytes (GiB).
//
// +kubebuilder:validation:Minimum=0
Expand Down
20 changes: 20 additions & 0 deletions pkg/types/aws/validation/machinepool.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -46,6 +46,7 @@ func ValidateMachinePool(platform *aws.Platform, p *aws.MachinePool, fldPath *fi
if p.EC2RootVolume.Type != "" {
allErrs = append(allErrs, validateVolumeSize(p, fldPath)...)
allErrs = append(allErrs, validateIOPS(p, fldPath)...)
allErrs = append(allErrs, validateThroughput(p, fldPath)...)
}

if p.EC2Metadata.Authentication != "" && !validMetadataAuthValues.Has(p.EC2Metadata.Authentication) {
Expand Down Expand Up @@ -108,6 +109,25 @@ func validateIOPS(p *aws.MachinePool, fldPath *field.Path) field.ErrorList {
return allErrs
}

func validateThroughput(p *aws.MachinePool, fldPath *field.Path) field.ErrorList {
allErrs := field.ErrorList{}
volumeType := strings.ToLower(p.EC2RootVolume.Type)
throughput := p.EC2RootVolume.Throughput

switch volumeType {
case "gp3":
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@patrickdillon @jhixson74 should we allow io2 too as it is commonly used to environments which requires highly throughput/performance on disks?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@mtulio according to documentation in the code, this is only supported by gp3. If you can show otherwise, I'm happy to update.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

https://docs.aws.amazon.com/cli/latest/reference/ec2/create-volume.html

Scroll down to --throughput

Only gp3 is supported.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yep, I messed up with iops

if throughput < 125 || throughput > 1000 {
allErrs = append(allErrs, field.Invalid(fldPath.Child("throughput"), throughput, "throughput must be between 125 MiB/s and 1000 MiB/s"))
}
default:
if throughput != 0 {
allErrs = append(allErrs, field.Invalid(fldPath.Child("throughput"), throughput, fmt.Sprintf("throughput not supported for type %s", volumeType)))
}
}

return allErrs
}

// ValidateAMIID check the AMI ID is set for a machine pool.
func ValidateAMIID(platform *aws.Platform, p *aws.MachinePool, fldPath *field.Path) field.ErrorList {
allErrs := field.ErrorList{}
Expand Down