From edb6ef6c54e5a6f447654d34c47e132de64b3887 Mon Sep 17 00:00:00 2001 From: Edgar Costa Date: Thu, 30 May 2024 01:00:59 -0300 Subject: [PATCH 01/21] upgrading module eks to 20.12 and eks to 1.30 --- bootstrap/terraform/main.tf | 53 +++++++------------------------- bootstrap/terraform/providers.tf | 40 ++++++++++++++++++++++++ bootstrap/terraform/variables.tf | 4 +-- 3 files changed, 53 insertions(+), 44 deletions(-) create mode 100644 bootstrap/terraform/providers.tf diff --git a/bootstrap/terraform/main.tf b/bootstrap/terraform/main.tf index e6ed65cd..3f922434 100644 --- a/bootstrap/terraform/main.tf +++ b/bootstrap/terraform/main.tf @@ -1,44 +1,6 @@ # Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. # SPDX-License-Identifier: Apache-2.0 -provider "aws" { - region = local.region -} - -provider "kubernetes" { - host = module.eks.cluster_endpoint - cluster_ca_certificate = base64decode(module.eks.cluster_certificate_authority_data) - exec { - api_version = "client.authentication.k8s.io/v1beta1" - args = ["eks", "get-token", "--cluster-name", local.name, "--region", var.region] - command = "aws" - } -} - -provider "helm" { - kubernetes { - host = module.eks.cluster_endpoint - cluster_ca_certificate = base64decode(module.eks.cluster_certificate_authority_data) - exec { - api_version = "client.authentication.k8s.io/v1beta1" - args = ["eks", "get-token", "--cluster-name", local.name, "--region", var.region] - command = "aws" - } - } -} - -provider "kubectl" { - host = module.eks.cluster_endpoint - cluster_ca_certificate = base64decode(module.eks.cluster_certificate_authority_data) - exec { - api_version = "client.authentication.k8s.io/v1beta1" - args = ["eks", "get-token", "--cluster-name", local.name, "--region", var.region] - command = "aws" - } - load_config_file = false - apply_retry_count = 15 -} - data "aws_caller_identity" "current" {} data "aws_availability_zones" "available" {} @@ -87,7 +49,7 @@ module "ebs_csi_driver_irsa" { module "eks" { source = "terraform-aws-modules/eks/aws" - version = "~> 19.13" + version = "~> 20.12" cluster_name = local.name cluster_version = local.cluster_version @@ -96,11 +58,18 @@ module "eks" { cluster_addons = { aws-ebs-csi-driver = { + most_recent = true service_account_role_arn = module.ebs_csi_driver_irsa.iam_role_arn } - coredns = {} - kube-proxy = {} - vpc-cni = {} + coredns = { + most_recent = true + } + kube-proxy = { + most_recent = true + } + vpc-cni = { + most_recent = true + } } vpc_id = module.vpc.vpc_id diff --git a/bootstrap/terraform/providers.tf b/bootstrap/terraform/providers.tf new file mode 100644 index 00000000..95515b0d --- /dev/null +++ b/bootstrap/terraform/providers.tf @@ -0,0 +1,40 @@ +# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +# SPDX-License-Identifier: Apache-2.0 + +provider "aws" { + region = local.region +} + +provider "kubernetes" { + host = module.eks.cluster_endpoint + cluster_ca_certificate = base64decode(module.eks.cluster_certificate_authority_data) + exec { + api_version = "client.authentication.k8s.io/v1beta1" + args = ["eks", "get-token", "--cluster-name", local.name, "--region", var.region] + command = "aws" + } +} + +provider "helm" { + kubernetes { + host = module.eks.cluster_endpoint + cluster_ca_certificate = base64decode(module.eks.cluster_certificate_authority_data) + exec { + api_version = "client.authentication.k8s.io/v1beta1" + args = ["eks", "get-token", "--cluster-name", local.name, "--region", var.region] + command = "aws" + } + } +} + +provider "kubectl" { + host = module.eks.cluster_endpoint + cluster_ca_certificate = base64decode(module.eks.cluster_certificate_authority_data) + exec { + api_version = "client.authentication.k8s.io/v1beta1" + args = ["eks", "get-token", "--cluster-name", local.name, "--region", var.region] + command = "aws" + } + load_config_file = false + apply_retry_count = 15 +} diff --git a/bootstrap/terraform/variables.tf b/bootstrap/terraform/variables.tf index f4cdec3b..110197fe 100644 --- a/bootstrap/terraform/variables.tf +++ b/bootstrap/terraform/variables.tf @@ -16,7 +16,7 @@ variable "name" { variable "cluster_version" { type = string description = "Kubernetes Version" - default = "1.29" + default = "1.30" } variable "capacity_type" { @@ -46,5 +46,5 @@ variable "enable_kubernetes_provider" { variable "enable_helm_provider" { type = bool description = "Installs the helm provider" - default = false + default = false } From 7ae0cdd10472105f95da4993d666b4fb70151f63 Mon Sep 17 00:00:00 2001 From: Edgar Costa Date: Thu, 30 May 2024 01:41:04 -0300 Subject: [PATCH 02/21] upgrading crossplane to 1.16 --- bootstrap/terraform/addon/main.tf | 4 ++-- bootstrap/terraform/main.tf | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/bootstrap/terraform/addon/main.tf b/bootstrap/terraform/addon/main.tf index 7adc1d4c..de94a784 100644 --- a/bootstrap/terraform/addon/main.tf +++ b/bootstrap/terraform/addon/main.tf @@ -4,7 +4,7 @@ module "crossplane" { source = "aws-ia/eks-blueprints-addon/aws" - version = "1.1.0" + version = "1.1.1" create = var.enable_crossplane @@ -14,7 +14,7 @@ module "crossplane" { namespace = try(var.crossplane.namespace, "crossplane-system") create_namespace = try(var.crossplane.create_namespace, true) chart = try(var.crossplane.chart, "crossplane") - chart_version = try(var.crossplane.chart_version, "1.15.1") + chart_version = try(var.crossplane.chart_version, "1.16.0") repository = try(var.crossplane.repository, "https://charts.crossplane.io/stable/") values = try(var.crossplane.values, []) diff --git a/bootstrap/terraform/main.tf b/bootstrap/terraform/main.tf index 3f922434..56514c32 100644 --- a/bootstrap/terraform/main.tf +++ b/bootstrap/terraform/main.tf @@ -180,7 +180,7 @@ locals { upjet_aws_provider = { enable = var.enable_upjet_aws_provider # defaults to true - version = "v1.4.0" + version = "v1.5.0" runtime_config = "upjet-aws-runtime-config" provider_config_name = "aws-provider-config" #this is the providerConfigName used in all the examples in this repo families = [ From 5948d2093c14206b1c62b4b03e22822bdba8215c Mon Sep 17 00:00:00 2001 From: Edgar Costa Date: Thu, 30 May 2024 02:13:46 -0300 Subject: [PATCH 03/21] upgrading aws provider to be compatible with eks module --- bootstrap/terraform/main.tf | 2 -- bootstrap/terraform/versions.tf | 10 +++++----- 2 files changed, 5 insertions(+), 7 deletions(-) diff --git a/bootstrap/terraform/main.tf b/bootstrap/terraform/main.tf index 56514c32..658f66e3 100644 --- a/bootstrap/terraform/main.tf +++ b/bootstrap/terraform/main.tf @@ -359,7 +359,6 @@ resource "kubectl_manifest" "aws_provider_config" { depends_on = [kubectl_manifest.aws_provider, time_sleep.aws_wait_60_seconds] } - #--------------------------------------------------------------- # Crossplane Kubernetes Provider #--------------------------------------------------------------- @@ -488,7 +487,6 @@ resource "kubectl_manifest" "helm_provider_config" { depends_on = [kubectl_manifest.helm_provider, time_sleep.wait_60_seconds_helm] } - #--------------------------------------------------------------- # Supporting Resources #--------------------------------------------------------------- diff --git a/bootstrap/terraform/versions.tf b/bootstrap/terraform/versions.tf index 2ffd5358..d6204174 100644 --- a/bootstrap/terraform/versions.tf +++ b/bootstrap/terraform/versions.tf @@ -1,25 +1,25 @@ terraform { - required_version = ">= 1.0.0" + required_version = "~> 1.3" required_providers { aws = { source = "hashicorp/aws" - version = ">= 3.72" + version = "~> 5.0" } kubectl = { source = "gavinbunney/kubectl" - version = ">= 1.14.0" + version = "~> 1.14.0" } kubernetes = { source = "hashicorp/kubernetes" - version = ">= 2.19" + version = "~> 2.19" } helm = { source = "hashicorp/helm" - version = ">= 2.11.0" + version = "~> 2.11.0" } } } From 2647a0ecb4e354aa5946c4f329aeef0fc9b30ae4 Mon Sep 17 00:00:00 2001 From: Edgar Costa Date: Thu, 30 May 2024 02:22:53 -0300 Subject: [PATCH 04/21] adding the cluster creator admin --- bootstrap/terraform/main.tf | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/bootstrap/terraform/main.tf b/bootstrap/terraform/main.tf index 658f66e3..b52cc1f3 100644 --- a/bootstrap/terraform/main.tf +++ b/bootstrap/terraform/main.tf @@ -49,7 +49,7 @@ module "ebs_csi_driver_irsa" { module "eks" { source = "terraform-aws-modules/eks/aws" - version = "~> 20.12" + version = "~> 20.0" cluster_name = local.name cluster_version = local.cluster_version @@ -87,6 +87,9 @@ module "eks" { } } + # To add the current caller identity as an administrator + enable_cluster_creator_admin_permissions = true + tags = local.tags } From 490af870a33d34502033045996d82527d862335e Mon Sep 17 00:00:00 2001 From: Edgar Costa Date: Thu, 30 May 2024 02:41:23 -0300 Subject: [PATCH 05/21] upgrading argocd chart to last stable version --- bootstrap/terraform/main.tf | 10 ++++++---- bootstrap/terraform/versions.tf | 4 ++-- 2 files changed, 8 insertions(+), 6 deletions(-) diff --git a/bootstrap/terraform/main.tf b/bootstrap/terraform/main.tf index b52cc1f3..d868e582 100644 --- a/bootstrap/terraform/main.tf +++ b/bootstrap/terraform/main.tf @@ -27,7 +27,7 @@ locals { module "ebs_csi_driver_irsa" { source = "terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks" - version = "~> 5.14" + version = "~> 5.20" role_name = "${local.name}-ebs-csi-driver" @@ -99,16 +99,17 @@ module "eks" { module "eks_blueprints_addons" { source = "aws-ia/eks-blueprints-addons/aws" - version = "1.8.0" + version = "~> 1.16" cluster_name = module.eks.cluster_name cluster_endpoint = module.eks.cluster_endpoint cluster_version = module.eks.cluster_version oidc_provider_arn = module.eks.oidc_provider_arn - enable_argocd = true + + enable_argocd = true argocd = { namespace = "argocd" - chart_version = "6.3.1" # ArgoCD v2.10.1 + chart_version = "6.11.1" # ArgoCD v2.11.2 values = [ templatefile("${path.module}/argocd-values.yaml", { crossplane_aws_provider_enable = local.aws_provider.enable @@ -116,6 +117,7 @@ module "eks_blueprints_addons" { crossplane_kubernetes_provider_enable = local.kubernetes_provider.enable })] } + enable_gatekeeper = true enable_metrics_server = true enable_kube_prometheus_stack = true diff --git a/bootstrap/terraform/versions.tf b/bootstrap/terraform/versions.tf index d6204174..41fae9a0 100644 --- a/bootstrap/terraform/versions.tf +++ b/bootstrap/terraform/versions.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = ">= 1.3" required_providers { aws = { source = "hashicorp/aws" - version = "~> 5.0" + version = ">= 5.34" } kubectl = { From 36105fa2c0b345e30703e5712921832e144bc8e5 Mon Sep 17 00:00:00 2001 From: Edgar Costa Date: Thu, 30 May 2024 02:49:26 -0300 Subject: [PATCH 06/21] replacing the kubectl provider to use the alekc/kubectl --- bootstrap/terraform/versions.tf | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/bootstrap/terraform/versions.tf b/bootstrap/terraform/versions.tf index 41fae9a0..f1229032 100644 --- a/bootstrap/terraform/versions.tf +++ b/bootstrap/terraform/versions.tf @@ -7,19 +7,24 @@ terraform { version = ">= 5.34" } + # kubectl = { + # source = "gavinbunney/kubectl" + # version = ">= 1.14.0" + # } + kubectl = { - source = "gavinbunney/kubectl" - version = "~> 1.14.0" + source = "alekc/kubectl" + version = ">= 2.0" } kubernetes = { source = "hashicorp/kubernetes" - version = "~> 2.19" + version = ">= 2.30" } helm = { source = "hashicorp/helm" - version = "~> 2.11.0" + version = ">= 2.13" } } } From 3998782eb1c82487428939e70b8e475c6dc0931b Mon Sep 17 00:00:00 2001 From: Edgar Costa Date: Thu, 30 May 2024 03:11:15 -0300 Subject: [PATCH 07/21] adjusting the helm values to a separate directory --- bootstrap/terraform/main.tf | 57 ++++++++++++++++--- bootstrap/terraform/providers.tf | 40 ------------- .../control-plane-argocd-values.yaml} | 0 .../control-plane-eks-prometheus-stack.yaml} | 0 bootstrap/terraform/versions.tf | 5 -- 5 files changed, 48 insertions(+), 54 deletions(-) delete mode 100644 bootstrap/terraform/providers.tf rename bootstrap/terraform/{argocd-values.yaml => values/control-plane-argocd-values.yaml} (100%) rename bootstrap/terraform/{kube-prometheus-stack-values.yaml => values/control-plane-eks-prometheus-stack.yaml} (100%) diff --git a/bootstrap/terraform/main.tf b/bootstrap/terraform/main.tf index d868e582..775e19e6 100644 --- a/bootstrap/terraform/main.tf +++ b/bootstrap/terraform/main.tf @@ -1,6 +1,44 @@ # Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. # SPDX-License-Identifier: Apache-2.0 +provider "aws" { + region = local.region +} + +provider "kubernetes" { + host = module.eks.cluster_endpoint + cluster_ca_certificate = base64decode(module.eks.cluster_certificate_authority_data) + exec { + api_version = "client.authentication.k8s.io/v1beta1" + args = ["eks", "get-token", "--cluster-name", local.name, "--region", var.region] + command = "aws" + } +} + +provider "helm" { + kubernetes { + host = module.eks.cluster_endpoint + cluster_ca_certificate = base64decode(module.eks.cluster_certificate_authority_data) + exec { + api_version = "client.authentication.k8s.io/v1beta1" + args = ["eks", "get-token", "--cluster-name", local.name, "--region", var.region] + command = "aws" + } + } +} + +provider "kubectl" { + host = module.eks.cluster_endpoint + cluster_ca_certificate = base64decode(module.eks.cluster_certificate_authority_data) + exec { + api_version = "client.authentication.k8s.io/v1beta1" + args = ["eks", "get-token", "--cluster-name", local.name, "--region", var.region] + command = "aws" + } + load_config_file = false + apply_retry_count = 15 +} + data "aws_caller_identity" "current" {} data "aws_availability_zones" "available" {} @@ -27,7 +65,7 @@ locals { module "ebs_csi_driver_irsa" { source = "terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks" - version = "~> 5.20" + version = "~> 5.30" role_name = "${local.name}-ebs-csi-driver" @@ -56,6 +94,13 @@ module "eks" { cluster_endpoint_public_access = true kms_key_enable_default_policy = true + # Give the Terraform identity admin access to the cluster + # which will allow resources to be deployed into the cluster + enable_cluster_creator_admin_permissions = true + + vpc_id = module.vpc.vpc_id + subnet_ids = module.vpc.private_subnets + cluster_addons = { aws-ebs-csi-driver = { most_recent = true @@ -72,9 +117,6 @@ module "eks" { } } - vpc_id = module.vpc.vpc_id - subnet_ids = module.vpc.private_subnets - # for production cluster, add a node group for add-ons that should not be inerrupted such as coredns eks_managed_node_groups = { initial = { @@ -87,9 +129,6 @@ module "eks" { } } - # To add the current caller identity as an administrator - enable_cluster_creator_admin_permissions = true - tags = local.tags } @@ -111,7 +150,7 @@ module "eks_blueprints_addons" { namespace = "argocd" chart_version = "6.11.1" # ArgoCD v2.11.2 values = [ - templatefile("${path.module}/argocd-values.yaml", { + templatefile("${path.module}/values/control-plane-eks-argocd-stack.yaml", { crossplane_aws_provider_enable = local.aws_provider.enable crossplane_upjet_aws_provider_enable = local.upjet_aws_provider.enable crossplane_kubernetes_provider_enable = local.kubernetes_provider.enable @@ -123,7 +162,7 @@ module "eks_blueprints_addons" { enable_kube_prometheus_stack = true enable_aws_load_balancer_controller = true kube_prometheus_stack = { - values = [file("${path.module}/kube-prometheus-stack-values.yaml")] + values = [file("${path.module}/values/control-plane-eks-prometheus-stack.yaml")] } depends_on = [module.eks.eks_managed_node_groups] diff --git a/bootstrap/terraform/providers.tf b/bootstrap/terraform/providers.tf deleted file mode 100644 index 95515b0d..00000000 --- a/bootstrap/terraform/providers.tf +++ /dev/null @@ -1,40 +0,0 @@ -# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. -# SPDX-License-Identifier: Apache-2.0 - -provider "aws" { - region = local.region -} - -provider "kubernetes" { - host = module.eks.cluster_endpoint - cluster_ca_certificate = base64decode(module.eks.cluster_certificate_authority_data) - exec { - api_version = "client.authentication.k8s.io/v1beta1" - args = ["eks", "get-token", "--cluster-name", local.name, "--region", var.region] - command = "aws" - } -} - -provider "helm" { - kubernetes { - host = module.eks.cluster_endpoint - cluster_ca_certificate = base64decode(module.eks.cluster_certificate_authority_data) - exec { - api_version = "client.authentication.k8s.io/v1beta1" - args = ["eks", "get-token", "--cluster-name", local.name, "--region", var.region] - command = "aws" - } - } -} - -provider "kubectl" { - host = module.eks.cluster_endpoint - cluster_ca_certificate = base64decode(module.eks.cluster_certificate_authority_data) - exec { - api_version = "client.authentication.k8s.io/v1beta1" - args = ["eks", "get-token", "--cluster-name", local.name, "--region", var.region] - command = "aws" - } - load_config_file = false - apply_retry_count = 15 -} diff --git a/bootstrap/terraform/argocd-values.yaml b/bootstrap/terraform/values/control-plane-argocd-values.yaml similarity index 100% rename from bootstrap/terraform/argocd-values.yaml rename to bootstrap/terraform/values/control-plane-argocd-values.yaml diff --git a/bootstrap/terraform/kube-prometheus-stack-values.yaml b/bootstrap/terraform/values/control-plane-eks-prometheus-stack.yaml similarity index 100% rename from bootstrap/terraform/kube-prometheus-stack-values.yaml rename to bootstrap/terraform/values/control-plane-eks-prometheus-stack.yaml diff --git a/bootstrap/terraform/versions.tf b/bootstrap/terraform/versions.tf index f1229032..0982c820 100644 --- a/bootstrap/terraform/versions.tf +++ b/bootstrap/terraform/versions.tf @@ -7,11 +7,6 @@ terraform { version = ">= 5.34" } - # kubectl = { - # source = "gavinbunney/kubectl" - # version = ">= 1.14.0" - # } - kubectl = { source = "alekc/kubectl" version = ">= 2.0" From 574e531dabcfced1e832a91759b74a38034fb2d3 Mon Sep 17 00:00:00 2001 From: Edgar Costa Date: Thu, 30 May 2024 03:15:47 -0300 Subject: [PATCH 08/21] adjusting argo filename --- ...ane-argocd-values.yaml => control-plane-eks-argocd-stack.yaml} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename bootstrap/terraform/values/{control-plane-argocd-values.yaml => control-plane-eks-argocd-stack.yaml} (100%) diff --git a/bootstrap/terraform/values/control-plane-argocd-values.yaml b/bootstrap/terraform/values/control-plane-eks-argocd-stack.yaml similarity index 100% rename from bootstrap/terraform/values/control-plane-argocd-values.yaml rename to bootstrap/terraform/values/control-plane-eks-argocd-stack.yaml From 2d947079e0f205a51655d007aaa1eba5ec39852e Mon Sep 17 00:00:00 2001 From: Edgar Costa Date: Thu, 30 May 2024 03:28:21 -0300 Subject: [PATCH 09/21] fixing crossplane to use a separate file --- bootstrap/terraform/main.tf | 27 +------------------ .../control-plane-eks-crossplane-stack.yaml | 18 +++++++++++++ 2 files changed, 19 insertions(+), 26 deletions(-) create mode 100644 bootstrap/terraform/values/control-plane-eks-crossplane-stack.yaml diff --git a/bootstrap/terraform/main.tf b/bootstrap/terraform/main.tf index 775e19e6..ad45ad49 100644 --- a/bootstrap/terraform/main.tf +++ b/bootstrap/terraform/main.tf @@ -175,32 +175,7 @@ module "crossplane" { source = "github.com/awslabs/crossplane-on-eks/bootstrap/terraform/addon/" enable_crossplane = true crossplane = { - values = [yamlencode({ - args = ["--enable-environment-configs"] - metrics = { - enabled = true - } - resourcesCrossplane = { - limits = { - cpu = "1" - memory = "2Gi" - } - requests = { - cpu = "100m" - memory = "1Gi" - } - } - resourcesRBACManager = { - limits = { - cpu = "500m" - memory = "1Gi" - } - requests = { - cpu = "100m" - memory = "512Mi" - } - } - })] + values = [file("${path.module}/values/control-plane-eks-crossplane-stack.yaml")] } depends_on = [module.eks.eks_managed_node_groups] diff --git a/bootstrap/terraform/values/control-plane-eks-crossplane-stack.yaml b/bootstrap/terraform/values/control-plane-eks-crossplane-stack.yaml new file mode 100644 index 00000000..3691d3ba --- /dev/null +++ b/bootstrap/terraform/values/control-plane-eks-crossplane-stack.yaml @@ -0,0 +1,18 @@ +args: + - "--enable-environment-configs" +metrics: + enabled: true +resourcesCrossplane: + limits: + cpu: "1" + memory: "2Gi" + requests: + cpu: "100m" + memory: "1Gi" +resourcesRBACManager: + limits: + cpu: "500m" + memory: "1Gi" + requests: + cpu: "100m" + memory: "512Mi" From f67921b2e46a191cbc928c7b37822d5adddeb2b2 Mon Sep 17 00:00:00 2001 From: Edgar Costa Date: Thu, 30 May 2024 03:50:06 -0300 Subject: [PATCH 10/21] using eks blueprints addon directly to deploy crossplane --- bootstrap/terraform/main.tf | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/bootstrap/terraform/main.tf b/bootstrap/terraform/main.tf index ad45ad49..fd1aaf72 100644 --- a/bootstrap/terraform/main.tf +++ b/bootstrap/terraform/main.tf @@ -172,11 +172,17 @@ module "eks_blueprints_addons" { # Crossplane #--------------------------------------------------------------- module "crossplane" { - source = "github.com/awslabs/crossplane-on-eks/bootstrap/terraform/addon/" - enable_crossplane = true - crossplane = { - values = [file("${path.module}/values/control-plane-eks-crossplane-stack.yaml")] - } + source = "aws-ia/eks-blueprints-addon/aws" + version = "1.1.1" + + name = "crossplane" + description = "A Helm chart to deploy crossplane project" + namespace = "crossplane-system" + create_namespace = true + chart = "crossplane" + chart_version = "1.16.0" + repository = "https://charts.crossplane.io/stable/" + values = [file("${path.module}/values/control-plane-eks-crossplane-stack.yaml")] depends_on = [module.eks.eks_managed_node_groups] } From d6947d5ff1e3a9cc3cbf6c21e502c1e6ea0be345 Mon Sep 17 00:00:00 2001 From: Edgar Costa Date: Thu, 30 May 2024 04:03:02 -0300 Subject: [PATCH 11/21] replacing variables to local config --- bootstrap/terraform/main.tf | 23 ++++++++------- bootstrap/terraform/outputs.tf | 2 +- bootstrap/terraform/variables.tf | 49 -------------------------------- 3 files changed, 13 insertions(+), 61 deletions(-) diff --git a/bootstrap/terraform/main.tf b/bootstrap/terraform/main.tf index fd1aaf72..b09bb820 100644 --- a/bootstrap/terraform/main.tf +++ b/bootstrap/terraform/main.tf @@ -10,7 +10,7 @@ provider "kubernetes" { cluster_ca_certificate = base64decode(module.eks.cluster_certificate_authority_data) exec { api_version = "client.authentication.k8s.io/v1beta1" - args = ["eks", "get-token", "--cluster-name", local.name, "--region", var.region] + args = ["eks", "get-token", "--cluster-name", local.name, "--region", local.region] command = "aws" } } @@ -21,7 +21,7 @@ provider "helm" { cluster_ca_certificate = base64decode(module.eks.cluster_certificate_authority_data) exec { api_version = "client.authentication.k8s.io/v1beta1" - args = ["eks", "get-token", "--cluster-name", local.name, "--region", var.region] + args = ["eks", "get-token", "--cluster-name", local.name, "--region", local.region] command = "aws" } } @@ -32,7 +32,7 @@ provider "kubectl" { cluster_ca_certificate = base64decode(module.eks.cluster_certificate_authority_data) exec { api_version = "client.authentication.k8s.io/v1beta1" - args = ["eks", "get-token", "--cluster-name", local.name, "--region", var.region] + args = ["eks", "get-token", "--cluster-name", local.name, "--region", local.region] command = "aws" } load_config_file = false @@ -43,10 +43,11 @@ data "aws_caller_identity" "current" {} data "aws_availability_zones" "available" {} locals { - name = var.name - region = var.region + name = "crossplane-blueprints" + region = "us-east-1" - cluster_version = var.cluster_version + cluster_version = "1.30" + capacity_type = "SPOT" cluster_name = local.name vpc_name = local.name @@ -121,7 +122,7 @@ module "eks" { eks_managed_node_groups = { initial = { instance_types = ["m6i.large", "m5.large", "m5n.large", "m5zn.large"] - capacity_type = var.capacity_type # defaults to SPOT + capacity_type = local.capacity_type # defaults to SPOT min_size = 1 max_size = 5 desired_size = 3 @@ -204,7 +205,7 @@ locals { crossplane_namespace = "crossplane-system" upjet_aws_provider = { - enable = var.enable_upjet_aws_provider # defaults to true + enable = true version = "v1.5.0" runtime_config = "upjet-aws-runtime-config" provider_config_name = "aws-provider-config" #this is the providerConfigName used in all the examples in this repo @@ -227,7 +228,7 @@ locals { } aws_provider = { - enable = var.enable_aws_provider # defaults to false + enable = false version = "v0.48.0" name = "aws-provider" runtime_config = "aws-runtime-config" @@ -235,7 +236,7 @@ locals { } kubernetes_provider = { - enable = var.enable_kubernetes_provider # defaults to true + enable = true version = "v0.13.0" service_account = "kubernetes-provider" name = "kubernetes-provider" @@ -245,7 +246,7 @@ locals { } helm_provider = { - enable = var.enable_helm_provider # defaults to true + enable = true version = "v0.18.1" service_account = "helm-provider" name = "helm-provider" diff --git a/bootstrap/terraform/outputs.tf b/bootstrap/terraform/outputs.tf index 65fccc14..97dffc31 100644 --- a/bootstrap/terraform/outputs.tf +++ b/bootstrap/terraform/outputs.tf @@ -4,5 +4,5 @@ output "eks_cluster_id" { } output "configure_kubectl" { description = "Configure kubectl: make sure you're logged in with the correct AWS profile and run the following command to update your kubeconfig" - value = "aws eks update-kubeconfig --name ${module.eks.cluster_name} --alias ${var.name} --region ${var.region}" + value = "aws eks update-kubeconfig --name ${module.eks.cluster_name} --alias ${local.name} --region ${local.region}" } diff --git a/bootstrap/terraform/variables.tf b/bootstrap/terraform/variables.tf index 110197fe..8b137891 100644 --- a/bootstrap/terraform/variables.tf +++ b/bootstrap/terraform/variables.tf @@ -1,50 +1 @@ -# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. -# SPDX-License-Identifier: Apache-2.0 -variable "region" { - description = "AWS region" - type = string - default = "us-east-1" -} - -variable "name" { - description = "EKS Cluster Name and the VPC name" - type = string - default = "crossplane-blueprints" -} - -variable "cluster_version" { - type = string - description = "Kubernetes Version" - default = "1.30" -} - -variable "capacity_type" { - type = string - description = "Capacity SPOT or ON_DEMAND" - default = "SPOT" -} - -variable "enable_upjet_aws_provider" { - type = bool - description = "Installs the upjet aws provider" - default = true -} - -variable "enable_aws_provider" { - type = bool - description = "Installs the contrib aws provider" - default = false -} - -variable "enable_kubernetes_provider" { - type = bool - description = "Installs the kubernetes provider" - default = true -} - -variable "enable_helm_provider" { - type = bool - description = "Installs the helm provider" - default = false -} From 4ec34206a43755ea255be500e5a000d6ff02d0dc Mon Sep 17 00:00:00 2001 From: Edgar Costa Date: Thu, 30 May 2024 12:13:29 -0300 Subject: [PATCH 12/21] increase timeout to avoid first deploy errors --- bootstrap/terraform/main.tf | 4 +++- bootstrap/terraform/destroy.sh => docs/_partials/destroy.md | 6 ++---- {doc => docs}/debugging.md | 0 {doc => docs}/nested-compositions.md | 0 {doc => docs}/patching-101.md | 0 {doc => docs}/rds-day-2.md | 0 {doc => docs}/vault-integration.md | 0 7 files changed, 5 insertions(+), 5 deletions(-) rename bootstrap/terraform/destroy.sh => docs/_partials/destroy.md (92%) mode change 100755 => 100644 rename {doc => docs}/debugging.md (100%) rename {doc => docs}/nested-compositions.md (100%) rename {doc => docs}/patching-101.md (100%) rename {doc => docs}/rds-day-2.md (100%) rename {doc => docs}/vault-integration.md (100%) diff --git a/bootstrap/terraform/main.tf b/bootstrap/terraform/main.tf index b09bb820..be67f438 100644 --- a/bootstrap/terraform/main.tf +++ b/bootstrap/terraform/main.tf @@ -150,6 +150,7 @@ module "eks_blueprints_addons" { argocd = { namespace = "argocd" chart_version = "6.11.1" # ArgoCD v2.11.2 + timeout = "600" values = [ templatefile("${path.module}/values/control-plane-eks-argocd-stack.yaml", { crossplane_aws_provider_enable = local.aws_provider.enable @@ -163,7 +164,8 @@ module "eks_blueprints_addons" { enable_kube_prometheus_stack = true enable_aws_load_balancer_controller = true kube_prometheus_stack = { - values = [file("${path.module}/values/control-plane-eks-prometheus-stack.yaml")] + timeout = "600" + values = [file("${path.module}/values/control-plane-eks-prometheus-stack.yaml")] } depends_on = [module.eks.eks_managed_node_groups] diff --git a/bootstrap/terraform/destroy.sh b/docs/_partials/destroy.md old mode 100755 new mode 100644 similarity index 92% rename from bootstrap/terraform/destroy.sh rename to docs/_partials/destroy.md index 1e686718..7b95aafb --- a/bootstrap/terraform/destroy.sh +++ b/docs/_partials/destroy.md @@ -1,9 +1,7 @@ -#!/bin/bash - -set -xe - +```sh terraform destroy -target="module.crossplane" -auto-approve terraform destroy -target="module.eks_blueprints_addons" -auto-approve terraform destroy -target="module.eks" -auto-approve terraform destroy -target="module.vpc" -auto-approve terraform destroy -auto-approve +``` \ No newline at end of file diff --git a/doc/debugging.md b/docs/debugging.md similarity index 100% rename from doc/debugging.md rename to docs/debugging.md diff --git a/doc/nested-compositions.md b/docs/nested-compositions.md similarity index 100% rename from doc/nested-compositions.md rename to docs/nested-compositions.md diff --git a/doc/patching-101.md b/docs/patching-101.md similarity index 100% rename from doc/patching-101.md rename to docs/patching-101.md diff --git a/doc/rds-day-2.md b/docs/rds-day-2.md similarity index 100% rename from doc/rds-day-2.md rename to docs/rds-day-2.md diff --git a/doc/vault-integration.md b/docs/vault-integration.md similarity index 100% rename from doc/vault-integration.md rename to docs/vault-integration.md From 2542061c318bd014c8296e00bc80c53b63253fe4 Mon Sep 17 00:00:00 2001 From: Edgar Costa Date: Thu, 30 May 2024 12:15:23 -0300 Subject: [PATCH 13/21] increase timeout to avoid first deploy errors --- bootstrap/terraform/main.tf | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/bootstrap/terraform/main.tf b/bootstrap/terraform/main.tf index be67f438..269b3f17 100644 --- a/bootstrap/terraform/main.tf +++ b/bootstrap/terraform/main.tf @@ -159,10 +159,15 @@ module "eks_blueprints_addons" { })] } - enable_gatekeeper = true + enable_gatekeeper = true + gatekeeper = { + timeout = "600s" + } + enable_metrics_server = true - enable_kube_prometheus_stack = true enable_aws_load_balancer_controller = true + + enable_kube_prometheus_stack = true kube_prometheus_stack = { timeout = "600" values = [file("${path.module}/values/control-plane-eks-prometheus-stack.yaml")] From 53340720ebcab38dbaa6efc148f6b16bd08da16b Mon Sep 17 00:00:00 2001 From: Edgar Costa Date: Thu, 30 May 2024 12:25:19 -0300 Subject: [PATCH 14/21] removing gatekeeper since it's not required --- bootstrap/terraform/main.tf | 5 ----- 1 file changed, 5 deletions(-) diff --git a/bootstrap/terraform/main.tf b/bootstrap/terraform/main.tf index 269b3f17..af5f4bf7 100644 --- a/bootstrap/terraform/main.tf +++ b/bootstrap/terraform/main.tf @@ -159,11 +159,6 @@ module "eks_blueprints_addons" { })] } - enable_gatekeeper = true - gatekeeper = { - timeout = "600s" - } - enable_metrics_server = true enable_aws_load_balancer_controller = true From 45cc43b4db39bb92569a120c7311e0e2bbad9594 Mon Sep 17 00:00:00 2001 From: Edgar Costa Date: Thu, 30 May 2024 12:46:44 -0300 Subject: [PATCH 15/21] removing internal addon module --- bootstrap/terraform/addon/main.tf | 53 ------------------- bootstrap/terraform/addon/variables.tf | 22 -------- .../{ => config}/environmentconfig.yaml | 0 bootstrap/terraform/main.tf | 2 +- 4 files changed, 1 insertion(+), 76 deletions(-) delete mode 100644 bootstrap/terraform/addon/main.tf delete mode 100644 bootstrap/terraform/addon/variables.tf rename bootstrap/terraform/{ => config}/environmentconfig.yaml (100%) diff --git a/bootstrap/terraform/addon/main.tf b/bootstrap/terraform/addon/main.tf deleted file mode 100644 index de94a784..00000000 --- a/bootstrap/terraform/addon/main.tf +++ /dev/null @@ -1,53 +0,0 @@ -################################################################################ -# Crossplane -################################################################################ - -module "crossplane" { - source = "aws-ia/eks-blueprints-addon/aws" - version = "1.1.1" - - create = var.enable_crossplane - - # https://github.com/crossplane/crossplane/tree/master/cluster/charts/crossplane - name = try(var.crossplane.name, "crossplane") - description = try(var.crossplane.description, "A Helm chart to deploy crossplane project") - namespace = try(var.crossplane.namespace, "crossplane-system") - create_namespace = try(var.crossplane.create_namespace, true) - chart = try(var.crossplane.chart, "crossplane") - chart_version = try(var.crossplane.chart_version, "1.16.0") - repository = try(var.crossplane.repository, "https://charts.crossplane.io/stable/") - values = try(var.crossplane.values, []) - - timeout = try(var.crossplane.timeout, null) - repository_key_file = try(var.crossplane.repository_key_file, null) - repository_cert_file = try(var.crossplane.repository_cert_file, null) - repository_ca_file = try(var.crossplane.repository_ca_file, null) - repository_username = try(var.crossplane.repository_username, null) - repository_password = try(var.crossplane.repository_password, null) - devel = try(var.crossplane.devel, null) - verify = try(var.crossplane.verify, null) - keyring = try(var.crossplane.keyring, null) - disable_webhooks = try(var.crossplane.disable_webhooks, null) - reuse_values = try(var.crossplane.reuse_values, null) - reset_values = try(var.crossplane.reset_values, null) - force_update = try(var.crossplane.force_update, null) - recreate_pods = try(var.crossplane.recreate_pods, null) - cleanup_on_fail = try(var.crossplane.cleanup_on_fail, null) - max_history = try(var.crossplane.max_history, null) - atomic = try(var.crossplane.atomic, null) - skip_crds = try(var.crossplane.skip_crds, null) - render_subchart_notes = try(var.crossplane.render_subchart_notes, null) - disable_openapi_validation = try(var.crossplane.disable_openapi_validation, null) - wait = try(var.crossplane.wait, false) - wait_for_jobs = try(var.crossplane.wait_for_jobs, null) - dependency_update = try(var.crossplane.dependency_update, null) - replace = try(var.crossplane.replace, null) - lint = try(var.crossplane.lint, null) - - postrender = try(var.crossplane.postrender, []) - set = try(var.crossplane.set, []) - set_sensitive = try(var.crossplane.set_sensitive, []) - - tags = var.tags -} - diff --git a/bootstrap/terraform/addon/variables.tf b/bootstrap/terraform/addon/variables.tf deleted file mode 100644 index b05f5bd9..00000000 --- a/bootstrap/terraform/addon/variables.tf +++ /dev/null @@ -1,22 +0,0 @@ -variable "tags" { - description = "A map of tags to add to all resources" - type = map(string) - default = {} -} - -################################################################################ -# Crossplane -################################################################################ - -variable "enable_crossplane" { - description = "Enable Crossplane Kubernetes add-on" - type = bool - default = false -} - -variable "crossplane" { - description = "Crossplane add-on configuration values" - type = any - default = {} -} - diff --git a/bootstrap/terraform/environmentconfig.yaml b/bootstrap/terraform/config/environmentconfig.yaml similarity index 100% rename from bootstrap/terraform/environmentconfig.yaml rename to bootstrap/terraform/config/environmentconfig.yaml diff --git a/bootstrap/terraform/main.tf b/bootstrap/terraform/main.tf index af5f4bf7..f1e6e0ea 100644 --- a/bootstrap/terraform/main.tf +++ b/bootstrap/terraform/main.tf @@ -191,7 +191,7 @@ module "crossplane" { } resource "kubectl_manifest" "environmentconfig" { - yaml_body = templatefile("${path.module}/environmentconfig.yaml", { + yaml_body = templatefile("${path.module}/config/environmentconfig.yaml", { awsAccountID = data.aws_caller_identity.current.account_id eksOIDC = module.eks.oidc_provider vpcID = module.vpc.vpc_id From 5b0def6e432dfbb500652a749eea171d3f815a06 Mon Sep 17 00:00:00 2001 From: Edgar Costa Date: Thu, 30 May 2024 12:50:35 -0300 Subject: [PATCH 16/21] adjusting the crossplane grafana dashboard --- .../control-plane-eks-prometheus-stack.yaml | 44 ++++++++++--------- 1 file changed, 24 insertions(+), 20 deletions(-) diff --git a/bootstrap/terraform/values/control-plane-eks-prometheus-stack.yaml b/bootstrap/terraform/values/control-plane-eks-prometheus-stack.yaml index 8ee7ca37..b83c6275 100644 --- a/bootstrap/terraform/values/control-plane-eks-prometheus-stack.yaml +++ b/bootstrap/terraform/values/control-plane-eks-prometheus-stack.yaml @@ -16,39 +16,43 @@ grafana: type: "LoadBalancer" annotations: service.beta.kubernetes.io/aws-load-balancer-scheme: "internet-facing" - resources: + resources: requests: - cpu : "100m" - memory : "1Gi" + cpu: "100m" + memory: "1Gi" limits: cpu: "1" memory: "2Gi" - datasources: + datasources: datasources.yaml: apiVersion: 1 datasources: - - name: Prometheus - type: prometheus - access: proxy - url: http://kube-prometheus-stack-prometheus.kube-prometheus-stack:9090/ - isDefault: false - uid: prometheusdatasource + - name: Prometheus + type: prometheus + access: proxy + url: http://kube-prometheus-stack-prometheus.kube-prometheus-stack:9090/ + isDefault: false + uid: prometheusdatasource deleteDatasources: - - name: Prometheus + - name: Prometheus dashboardProviders: dashboardproviders.yaml: apiVersion: 1 providers: - - name: 'default' - orgId: 1 - type: file - disableDeletion: false - editable: true - options: - path: /var/lib/grafana/dashboards/default + - name: "default" + orgId: 1 + type: file + disableDeletion: false + editable: true + options: + path: /var/lib/grafana/dashboards/default dashboards: default: crossplane: - gnetId: 19747 - revision: 5 + gnetId: 21169 + revision: 1 + datasource: prometheusdatasource + argocd: + gnetId: 14584 + revision: 1 datasource: prometheusdatasource From e4d324ddde2dd7d62f9bd335127b20a9160b6bb8 Mon Sep 17 00:00:00 2001 From: Edgar Costa Date: Thu, 30 May 2024 16:46:52 -0300 Subject: [PATCH 17/21] adding back provider boolean variables --- bootstrap/terraform/main.tf | 8 ++++---- bootstrap/terraform/variables.tf | 25 +++++++++++++++++++++++++ 2 files changed, 29 insertions(+), 4 deletions(-) diff --git a/bootstrap/terraform/main.tf b/bootstrap/terraform/main.tf index f1e6e0ea..ae525d48 100644 --- a/bootstrap/terraform/main.tf +++ b/bootstrap/terraform/main.tf @@ -207,7 +207,7 @@ locals { crossplane_namespace = "crossplane-system" upjet_aws_provider = { - enable = true + enable = var.enable_upjet_aws_provider # defaults to true version = "v1.5.0" runtime_config = "upjet-aws-runtime-config" provider_config_name = "aws-provider-config" #this is the providerConfigName used in all the examples in this repo @@ -230,7 +230,7 @@ locals { } aws_provider = { - enable = false + enable = var.enable_aws_provider # defaults to false version = "v0.48.0" name = "aws-provider" runtime_config = "aws-runtime-config" @@ -238,7 +238,7 @@ locals { } kubernetes_provider = { - enable = true + enable = var.enable_kubernetes_provider # defaults to true version = "v0.13.0" service_account = "kubernetes-provider" name = "kubernetes-provider" @@ -248,7 +248,7 @@ locals { } helm_provider = { - enable = true + enable = var.enable_helm_provider # defaults to true version = "v0.18.1" service_account = "helm-provider" name = "helm-provider" diff --git a/bootstrap/terraform/variables.tf b/bootstrap/terraform/variables.tf index 8b137891..dcb32b0f 100644 --- a/bootstrap/terraform/variables.tf +++ b/bootstrap/terraform/variables.tf @@ -1 +1,26 @@ +# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +# SPDX-License-Identifier: Apache-2.0 +variable "enable_upjet_aws_provider" { + type = bool + description = "Installs the upjet aws provider" + default = true +} + +variable "enable_aws_provider" { + type = bool + description = "Installs the contrib aws provider" + default = false +} + +variable "enable_kubernetes_provider" { + type = bool + description = "Installs the kubernetes provider" + default = true +} + +variable "enable_helm_provider" { + type = bool + description = "Installs the helm provider" + default = false +} From 53e905ea2e5e541e1c069e273506706f67c16658 Mon Sep 17 00:00:00 2001 From: Edgar Costa Date: Thu, 30 May 2024 17:38:03 -0300 Subject: [PATCH 18/21] adding gatekeeper back with the wait and timeout --- bootstrap/terraform/main.tf | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/bootstrap/terraform/main.tf b/bootstrap/terraform/main.tf index ae525d48..8bfbfe89 100644 --- a/bootstrap/terraform/main.tf +++ b/bootstrap/terraform/main.tf @@ -150,6 +150,7 @@ module "eks_blueprints_addons" { argocd = { namespace = "argocd" chart_version = "6.11.1" # ArgoCD v2.11.2 + wait = true timeout = "600" values = [ templatefile("${path.module}/values/control-plane-eks-argocd-stack.yaml", { @@ -158,12 +159,18 @@ module "eks_blueprints_addons" { crossplane_kubernetes_provider_enable = local.kubernetes_provider.enable })] } + enable_gatekeeper = true + gatekeeper = { + timeout = "600" + wait = true + } enable_metrics_server = true enable_aws_load_balancer_controller = true enable_kube_prometheus_stack = true kube_prometheus_stack = { + wait = true timeout = "600" values = [file("${path.module}/values/control-plane-eks-prometheus-stack.yaml")] } From 9540cd3758d2b056d38d52e47a5dcf47182251bb Mon Sep 17 00:00:00 2001 From: Edgar Costa Date: Thu, 30 May 2024 17:45:16 -0300 Subject: [PATCH 19/21] remove the prefix from helm values --- bootstrap/terraform/main.tf | 6 +++--- ...ontrol-plane-eks-argocd-stack.yaml => argocd-stack.yaml} | 0 ...lane-eks-crossplane-stack.yaml => crossplane-stack.yaml} | 0 ...lane-eks-prometheus-stack.yaml => prometheus-stack.yaml} | 0 4 files changed, 3 insertions(+), 3 deletions(-) rename bootstrap/terraform/values/{control-plane-eks-argocd-stack.yaml => argocd-stack.yaml} (100%) rename bootstrap/terraform/values/{control-plane-eks-crossplane-stack.yaml => crossplane-stack.yaml} (100%) rename bootstrap/terraform/values/{control-plane-eks-prometheus-stack.yaml => prometheus-stack.yaml} (100%) diff --git a/bootstrap/terraform/main.tf b/bootstrap/terraform/main.tf index 8bfbfe89..a39f4760 100644 --- a/bootstrap/terraform/main.tf +++ b/bootstrap/terraform/main.tf @@ -153,7 +153,7 @@ module "eks_blueprints_addons" { wait = true timeout = "600" values = [ - templatefile("${path.module}/values/control-plane-eks-argocd-stack.yaml", { + templatefile("${path.module}/values/argocd-stack.yaml", { crossplane_aws_provider_enable = local.aws_provider.enable crossplane_upjet_aws_provider_enable = local.upjet_aws_provider.enable crossplane_kubernetes_provider_enable = local.kubernetes_provider.enable @@ -172,7 +172,7 @@ module "eks_blueprints_addons" { kube_prometheus_stack = { wait = true timeout = "600" - values = [file("${path.module}/values/control-plane-eks-prometheus-stack.yaml")] + values = [file("${path.module}/values/prometheus-stack.yaml")] } depends_on = [module.eks.eks_managed_node_groups] @@ -192,7 +192,7 @@ module "crossplane" { chart = "crossplane" chart_version = "1.16.0" repository = "https://charts.crossplane.io/stable/" - values = [file("${path.module}/values/control-plane-eks-crossplane-stack.yaml")] + values = [file("${path.module}/values/crossplane-stack.yaml")] depends_on = [module.eks.eks_managed_node_groups] } diff --git a/bootstrap/terraform/values/control-plane-eks-argocd-stack.yaml b/bootstrap/terraform/values/argocd-stack.yaml similarity index 100% rename from bootstrap/terraform/values/control-plane-eks-argocd-stack.yaml rename to bootstrap/terraform/values/argocd-stack.yaml diff --git a/bootstrap/terraform/values/control-plane-eks-crossplane-stack.yaml b/bootstrap/terraform/values/crossplane-stack.yaml similarity index 100% rename from bootstrap/terraform/values/control-plane-eks-crossplane-stack.yaml rename to bootstrap/terraform/values/crossplane-stack.yaml diff --git a/bootstrap/terraform/values/control-plane-eks-prometheus-stack.yaml b/bootstrap/terraform/values/prometheus-stack.yaml similarity index 100% rename from bootstrap/terraform/values/control-plane-eks-prometheus-stack.yaml rename to bootstrap/terraform/values/prometheus-stack.yaml From 88980dc99ceaf09543ab08ff242459c436303d59 Mon Sep 17 00:00:00 2001 From: Edgar Costa Date: Thu, 30 May 2024 20:45:49 -0300 Subject: [PATCH 20/21] adding the variables back --- bootstrap/terraform/main.tf | 9 ++++----- bootstrap/terraform/variables.tf | 24 ++++++++++++++++++++++++ bootstrap/terraform/versions.tf | 7 +++++++ 3 files changed, 35 insertions(+), 5 deletions(-) diff --git a/bootstrap/terraform/main.tf b/bootstrap/terraform/main.tf index a39f4760..3253aeaa 100644 --- a/bootstrap/terraform/main.tf +++ b/bootstrap/terraform/main.tf @@ -43,11 +43,10 @@ data "aws_caller_identity" "current" {} data "aws_availability_zones" "available" {} locals { - name = "crossplane-blueprints" - region = "us-east-1" + name = var.name + region = var.region - cluster_version = "1.30" - capacity_type = "SPOT" + cluster_version = var.cluster_version cluster_name = local.name vpc_name = local.name @@ -122,7 +121,7 @@ module "eks" { eks_managed_node_groups = { initial = { instance_types = ["m6i.large", "m5.large", "m5n.large", "m5zn.large"] - capacity_type = local.capacity_type # defaults to SPOT + capacity_type = var.capacity_type # defaults to SPOT min_size = 1 max_size = 5 desired_size = 3 diff --git a/bootstrap/terraform/variables.tf b/bootstrap/terraform/variables.tf index dcb32b0f..110197fe 100644 --- a/bootstrap/terraform/variables.tf +++ b/bootstrap/terraform/variables.tf @@ -1,6 +1,30 @@ # Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. # SPDX-License-Identifier: Apache-2.0 +variable "region" { + description = "AWS region" + type = string + default = "us-east-1" +} + +variable "name" { + description = "EKS Cluster Name and the VPC name" + type = string + default = "crossplane-blueprints" +} + +variable "cluster_version" { + type = string + description = "Kubernetes Version" + default = "1.30" +} + +variable "capacity_type" { + type = string + description = "Capacity SPOT or ON_DEMAND" + default = "SPOT" +} + variable "enable_upjet_aws_provider" { type = bool description = "Installs the upjet aws provider" diff --git a/bootstrap/terraform/versions.tf b/bootstrap/terraform/versions.tf index 0982c820..b82daba3 100644 --- a/bootstrap/terraform/versions.tf +++ b/bootstrap/terraform/versions.tf @@ -22,4 +22,11 @@ terraform { version = ">= 2.13" } } + + # ## Used for end-to-end testing on project; update to suit your needs + # backend "s3" { + # bucket = "terraform-crossplane-on-eks-github-actions-state" + # region = "us-east-1" + # key = "e2e/bootstrap/terraform/terraform.tfstate" + # } } From f206ffa7029d1dfe28cc919de9cc12c8543af2c8 Mon Sep 17 00:00:00 2001 From: Edgar Costa Date: Thu, 30 May 2024 21:19:58 -0300 Subject: [PATCH 21/21] adjusting the helm values name --- bootstrap/terraform/main.tf | 6 +++--- .../terraform/values/{argocd-stack.yaml => argocd.yaml} | 0 .../values/{crossplane-stack.yaml => crossplane.yaml} | 0 .../values/{prometheus-stack.yaml => prometheus.yaml} | 0 4 files changed, 3 insertions(+), 3 deletions(-) rename bootstrap/terraform/values/{argocd-stack.yaml => argocd.yaml} (100%) rename bootstrap/terraform/values/{crossplane-stack.yaml => crossplane.yaml} (100%) rename bootstrap/terraform/values/{prometheus-stack.yaml => prometheus.yaml} (100%) diff --git a/bootstrap/terraform/main.tf b/bootstrap/terraform/main.tf index 3253aeaa..dcdfa6a0 100644 --- a/bootstrap/terraform/main.tf +++ b/bootstrap/terraform/main.tf @@ -152,7 +152,7 @@ module "eks_blueprints_addons" { wait = true timeout = "600" values = [ - templatefile("${path.module}/values/argocd-stack.yaml", { + templatefile("${path.module}/values/argocd.yaml", { crossplane_aws_provider_enable = local.aws_provider.enable crossplane_upjet_aws_provider_enable = local.upjet_aws_provider.enable crossplane_kubernetes_provider_enable = local.kubernetes_provider.enable @@ -171,7 +171,7 @@ module "eks_blueprints_addons" { kube_prometheus_stack = { wait = true timeout = "600" - values = [file("${path.module}/values/prometheus-stack.yaml")] + values = [file("${path.module}/values/prometheus.yaml")] } depends_on = [module.eks.eks_managed_node_groups] @@ -191,7 +191,7 @@ module "crossplane" { chart = "crossplane" chart_version = "1.16.0" repository = "https://charts.crossplane.io/stable/" - values = [file("${path.module}/values/crossplane-stack.yaml")] + values = [file("${path.module}/values/crossplane.yaml")] depends_on = [module.eks.eks_managed_node_groups] } diff --git a/bootstrap/terraform/values/argocd-stack.yaml b/bootstrap/terraform/values/argocd.yaml similarity index 100% rename from bootstrap/terraform/values/argocd-stack.yaml rename to bootstrap/terraform/values/argocd.yaml diff --git a/bootstrap/terraform/values/crossplane-stack.yaml b/bootstrap/terraform/values/crossplane.yaml similarity index 100% rename from bootstrap/terraform/values/crossplane-stack.yaml rename to bootstrap/terraform/values/crossplane.yaml diff --git a/bootstrap/terraform/values/prometheus-stack.yaml b/bootstrap/terraform/values/prometheus.yaml similarity index 100% rename from bootstrap/terraform/values/prometheus-stack.yaml rename to bootstrap/terraform/values/prometheus.yaml