update cluster-autoscaler

examples/extras/cloudwatch-agent/tf-run.data

@@ -1,4 +1,4 @@
-VERSION 1.4.2
+VERSION 1.4.3
 REMOTE-STATE
 COMMAND tf-directory-setup.py -l none -f
 COMMAND setup-new-directory.sh
@@ -29,3 +29,4 @@ LINK variables.vpc.auto.tfvars
 COMMAND tf-init 
 
 ALL
+COMMAND tf-directory-setup.py -l s3

examples/full-cluster-tf-upgrade/1.25/common-services/cloudwatch-agent/tf-run.data

@@ -1,4 +1,4 @@
-VERSION 1.4.2
+VERSION 1.4.3
 REMOTE-STATE
 COMMAND tf-directory-setup.py -l none -f
 COMMAND setup-new-directory.sh
@@ -29,3 +29,4 @@ LINK variables.vpc.auto.tfvars
 COMMAND tf-init 
 
 ALL
+COMMAND tf-directory-setup.py -l s3

examples/full-cluster-tf-upgrade/1.25/common-services/cluster-autoscaler.tf

@@ -0,0 +1,67 @@
+module "role_cluster-autoscaler" {
+  source = "terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks"
+
+  role_description = "EKS IAM Role for ${var.cluster_name} for service account ${var.cluster_autoscaler_namespace}:${var.cluster_autoscaler_name}"
+  role_name        = format("%v%v-irsa__%v", local._prefixes["eks-role"], var.cluster_name, "cluster-autoscaler")
+
+  attach_cluster_autoscaler_policy = true
+  cluster_autoscaler_cluster_names = [var.cluster_name]
+
+  oidc_providers = {
+    main = {
+      provider_arn = local.oidc_provider_arn
+      namespace_service_accounts = [
+        format("%v:%v", var.cluster_autoscaler_namespace, var.cluster_autoscaler_name),
+        format("%v:%v", var.cluster_autoscaler_namespace, format("%v-aws-%v", var.cluster_autoscaler_name, var.cluster_autoscaler_name)),
+      ]
+    }
+  }
+
+  tags = merge(
+    local.base_tags,
+    local.common_tags,
+    var.application_tags,
+    {
+      "eks:namespace" = var.cluster_autoscaler_namespace
+      "eks:user"      = var.cluster_autoscaler_name
+    }
+  )
+}
+
+resource "helm_release" "cluster-autoscaler" {
+  chart      = "cluster-autoscaler"
+  name       = "cluster-autoscaler"
+  namespace  = "kube-system"
+  repository = local.charts["cluster-autoscaler"].use_remote ? local.charts["cluster-autoscaler"].repository : "${path.module}/charts"
+  version    = local.charts["cluster-autoscaler"].use_remote ? local.charts["cluster-autoscaler"].version : null
+
+  depends_on = [module.images]
+  set {
+    name  = "image.repository"
+    value = split(":", local.image_output["cluster-autoscaler"].dest_full_path)[0]
+  }
+  set {
+    name  = "image.tag"
+    value = local.image_output["cluster-autoscaler"].tag
+  }
+  set {
+    name  = "autoDiscovery.clusterName"
+    value = var.cluster_name
+  }
+  set {
+    name  = "awsRegion"
+    value = local.region
+  }
+  set {
+    name  = "rbac.serviceAccount.create"
+    value = "true"
+  }
+  set {
+    name  = "rbac.serviceAccount.name"
+    value = var.cluster_autoscaler_name
+  }
+  set {
+    name  = "rbac.serviceAccount.annotations.eks\\.amazonaws\\.com/role-arn"
+    value = module.role_cluster-autoscaler.iam_role_arn
+  }
+}

examples/full-cluster-tf-upgrade/1.25/common-services/main.tf

@@ -65,39 +65,42 @@ resource "helm_release" "metrics-server" {
   timeout = 300
 }
 
-resource "helm_release" "cluster-autoscaler" {
-  chart     = "cluster-autoscaler"
-  name      = "cluster-autoscaler"
-  namespace = "kube-system"
-  #  repository = "${path.module}/charts/"
-  repository = local.charts["cluster-autoscaler"].use_remote ? local.charts["cluster-autoscaler"].repository : "${path.module}/charts"
-  version    = local.charts["cluster-autoscaler"].use_remote ? local.charts["cluster-autoscaler"].version : null
-  #  depends_on = [null_resource.copy_images]
-
-  depends_on = [module.images]
-  set {
-    name = "image.repository"
-    #    value = local.image_repos["cluster-autoscaler"]
-    value = split(":", local.image_output["cluster-autoscaler"].dest_full_path)[0]
-  }
-  set {
-    name = "image.tag"
-    #    value = var.cluster_autoscaler_tag
-    value = local.image_output["cluster-autoscaler"].tag
-  }
-  set {
-    name  = "autoDiscovery.clusterName"
-    value = var.cluster_name
-  }
-  set {
-    name  = "awsRegion"
-    value = local.region
-  }
-  set {
-    name  = "rbac.serviceAccount.create"
-    value = "false"
-  }
-}
+##--
+## move to cluster-autoscaler.tf
+##--
+## resource "helm_release" "cluster-autoscaler" {
+##   chart     = "cluster-autoscaler"
+##   name      = "cluster-autoscaler"
+##   namespace = "kube-system"
+##   #  repository = "${path.module}/charts/"
+##   repository = local.charts["cluster-autoscaler"].use_remote ? local.charts["cluster-autoscaler"].repository : "${path.module}/charts"
+##   version    = local.charts["cluster-autoscaler"].use_remote ? local.charts["cluster-autoscaler"].version : null
+##   #  depends_on = [null_resource.copy_images]
+## 
+##   depends_on = [module.images]
+##   set {
+##     name = "image.repository"
+##     #    value = local.image_repos["cluster-autoscaler"]
+##     value = split(":", local.image_output["cluster-autoscaler"].dest_full_path)[0]
+##   }
+##   set {
+##     name = "image.tag"
+##     #    value = var.cluster_autoscaler_tag
+##     value = local.image_output["cluster-autoscaler"].tag
+##   }
+##   set {
+##     name  = "autoDiscovery.clusterName"
+##     value = var.cluster_name
+##   }
+##   set {
+##     name  = "awsRegion"
+##     value = local.region
+##   }
+##   set {
+##     name  = "rbac.serviceAccount.create"
+##     value = "false"
+##   }
+## }
 
 # Install cert-manager
 #   https://cert-manager.io/docs/installation/helm/

examples/full-cluster-tf-upgrade/1.25/common-services/variables.cluster-autoscaler.tf

@@ -0,0 +1,40 @@
+variable "cluster_autoscaler_namespace" {
+  description = "Cluster Autoscaler namespace"
+  type        = string
+  default     = "kube-system"
+}
+
+variable "cluster_autoscaler_name" {
+  description = "Cluster Autoscaler service account name"
+  type        = string
+  #  default     = "cluster-autoscaler"
+  default = "cluster-autoscaler-aws-cluster-autoscaler"
+}
+
+variable "cluster_autoscaler_charts" {
+  description = "Cluster Autoscaler Map of object with details about remote charts"
+  type = map(object(
+    {
+      name          = string
+      documentation = optional(string, null)
+      repository    = string
+      version       = string
+      use_remote    = bool
+  }))
+  default = {}
+}
+
+variable "cluster_autoscaler_images" {
+  description = "Cluster Autoscaler List of image configuration objects to copy from SOURCE to DESTINATION"
+  type = map(object({
+    name            = string,
+    documentation   = optional(string, null)
+    tag             = string,
+    dest_path       = string,
+    source_registry = string,
+    source_image    = string,
+    source_tag      = string,
+    enabled         = bool,
+  }))
+  default = {}
+}

examples/full-cluster-tf-upgrade/1.25/common-services/variables.common-services.auto.tfvars

@@ -2,7 +2,7 @@
 #cert_manager_controller_tag    = "v1.4.3"
 #cert_manager_webhook_tag       = "v1.4.3"
 #cluster_autoscaler_tag         = "v1.24.0"
-istio_tag = "1.16.1"
+istio_tag = "1.18.2"
 #metrics_server_tag             = "0.6.2-debian-11-r9"
 tls_crt_b64                    = ""
 tls_crt_contents               = ""

examples/full-cluster-tf-upgrade/1.25/common-services/variables.images.auto.tfvars

@@ -14,7 +14,7 @@ chart_details = {
   "cluster-autoscaler" = {
     name       = "cluster-autoscaler"
     repository = "https://kubernetes.github.io/autoscaler"
-    version    = "9.29.1"
+    version    = "9.29.3"
     use_remote = true
   }
 }
@@ -67,8 +67,9 @@ image_details = {
     source_registry = "registry.k8s.io"
     source_image    = "autoscaling/cluster-autoscaler"
     source_tag      = null
-    tag             = "v1.25.3"
-    enabled         = true
+    #    tag             = "v1.27.3"
+    tag     = "v1.28.0"
+    enabled = true
   }
   "metrics-server" = {
     name            = "metrics-server"