From 06c3f9987cfe52e6a97fe23d6eee27dfd33a5777 Mon Sep 17 00:00:00 2001 From: badra001 Date: Fri, 15 Sep 2023 16:05:53 -0400 Subject: [PATCH] update cluster-autoscaler --- examples/extras/cloudwatch-agent/tf-run.data | 3 +- .../cloudwatch-agent/tf-run.data | 3 +- .../common-services/cluster-autoscaler.tf | 67 ++++++++++++++++++ .../1.25/common-services/main.tf | 69 ++++++++++--------- .../variables.cluster-autoscaler.tf | 40 +++++++++++ .../variables.common-services.auto.tfvars | 2 +- .../variables.images.auto.tfvars | 7 +- 7 files changed, 152 insertions(+), 39 deletions(-) create mode 100644 examples/full-cluster-tf-upgrade/1.25/common-services/cluster-autoscaler.tf create mode 100644 examples/full-cluster-tf-upgrade/1.25/common-services/variables.cluster-autoscaler.tf diff --git a/examples/extras/cloudwatch-agent/tf-run.data b/examples/extras/cloudwatch-agent/tf-run.data index 0db70b8..d868cbe 100644 --- a/examples/extras/cloudwatch-agent/tf-run.data +++ b/examples/extras/cloudwatch-agent/tf-run.data @@ -1,4 +1,4 @@ -VERSION 1.4.2 +VERSION 1.4.3 REMOTE-STATE COMMAND tf-directory-setup.py -l none -f COMMAND setup-new-directory.sh @@ -29,3 +29,4 @@ LINK variables.vpc.auto.tfvars COMMAND tf-init ALL +COMMAND tf-directory-setup.py -l s3 diff --git a/examples/full-cluster-tf-upgrade/1.25/common-services/cloudwatch-agent/tf-run.data b/examples/full-cluster-tf-upgrade/1.25/common-services/cloudwatch-agent/tf-run.data index 0db70b8..d868cbe 100644 --- a/examples/full-cluster-tf-upgrade/1.25/common-services/cloudwatch-agent/tf-run.data +++ b/examples/full-cluster-tf-upgrade/1.25/common-services/cloudwatch-agent/tf-run.data @@ -1,4 +1,4 @@ -VERSION 1.4.2 +VERSION 1.4.3 REMOTE-STATE COMMAND tf-directory-setup.py -l none -f COMMAND setup-new-directory.sh @@ -29,3 +29,4 @@ LINK variables.vpc.auto.tfvars COMMAND tf-init ALL +COMMAND tf-directory-setup.py -l s3 diff --git a/examples/full-cluster-tf-upgrade/1.25/common-services/cluster-autoscaler.tf b/examples/full-cluster-tf-upgrade/1.25/common-services/cluster-autoscaler.tf new file mode 100644 index 0000000..ff82766 --- /dev/null +++ b/examples/full-cluster-tf-upgrade/1.25/common-services/cluster-autoscaler.tf @@ -0,0 +1,67 @@ +module "role_cluster-autoscaler" { + source = "terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks" + + role_description = "EKS IAM Role for ${var.cluster_name} for service account ${var.cluster_autoscaler_namespace}:${var.cluster_autoscaler_name}" + role_name = format("%v%v-irsa__%v", local._prefixes["eks-role"], var.cluster_name, "cluster-autoscaler") + + attach_cluster_autoscaler_policy = true + cluster_autoscaler_cluster_names = [var.cluster_name] + + oidc_providers = { + main = { + provider_arn = local.oidc_provider_arn + namespace_service_accounts = [ + format("%v:%v", var.cluster_autoscaler_namespace, var.cluster_autoscaler_name), + format("%v:%v", var.cluster_autoscaler_namespace, format("%v-aws-%v", var.cluster_autoscaler_name, var.cluster_autoscaler_name)), + ] + } + } + + tags = merge( + local.base_tags, + local.common_tags, + var.application_tags, + { + "eks:namespace" = var.cluster_autoscaler_namespace + "eks:user" = var.cluster_autoscaler_name + } + ) +} + +resource "helm_release" "cluster-autoscaler" { + chart = "cluster-autoscaler" + name = "cluster-autoscaler" + namespace = "kube-system" + repository = local.charts["cluster-autoscaler"].use_remote ? local.charts["cluster-autoscaler"].repository : "${path.module}/charts" + version = local.charts["cluster-autoscaler"].use_remote ? local.charts["cluster-autoscaler"].version : null + + depends_on = [module.images] + set { + name = "image.repository" + value = split(":", local.image_output["cluster-autoscaler"].dest_full_path)[0] + } + set { + name = "image.tag" + value = local.image_output["cluster-autoscaler"].tag + } + set { + name = "autoDiscovery.clusterName" + value = var.cluster_name + } + set { + name = "awsRegion" + value = local.region + } + set { + name = "rbac.serviceAccount.create" + value = "true" + } + set { + name = "rbac.serviceAccount.name" + value = var.cluster_autoscaler_name + } + set { + name = "rbac.serviceAccount.annotations.eks\\.amazonaws\\.com/role-arn" + value = module.role_cluster-autoscaler.iam_role_arn + } +} diff --git a/examples/full-cluster-tf-upgrade/1.25/common-services/main.tf b/examples/full-cluster-tf-upgrade/1.25/common-services/main.tf index fb4584e..29efe14 100644 --- a/examples/full-cluster-tf-upgrade/1.25/common-services/main.tf +++ b/examples/full-cluster-tf-upgrade/1.25/common-services/main.tf @@ -65,39 +65,42 @@ resource "helm_release" "metrics-server" { timeout = 300 } -resource "helm_release" "cluster-autoscaler" { - chart = "cluster-autoscaler" - name = "cluster-autoscaler" - namespace = "kube-system" - # repository = "${path.module}/charts/" - repository = local.charts["cluster-autoscaler"].use_remote ? local.charts["cluster-autoscaler"].repository : "${path.module}/charts" - version = local.charts["cluster-autoscaler"].use_remote ? local.charts["cluster-autoscaler"].version : null - # depends_on = [null_resource.copy_images] - - depends_on = [module.images] - set { - name = "image.repository" - # value = local.image_repos["cluster-autoscaler"] - value = split(":", local.image_output["cluster-autoscaler"].dest_full_path)[0] - } - set { - name = "image.tag" - # value = var.cluster_autoscaler_tag - value = local.image_output["cluster-autoscaler"].tag - } - set { - name = "autoDiscovery.clusterName" - value = var.cluster_name - } - set { - name = "awsRegion" - value = local.region - } - set { - name = "rbac.serviceAccount.create" - value = "false" - } -} +##-- +## move to cluster-autoscaler.tf +##-- +## resource "helm_release" "cluster-autoscaler" { +## chart = "cluster-autoscaler" +## name = "cluster-autoscaler" +## namespace = "kube-system" +## # repository = "${path.module}/charts/" +## repository = local.charts["cluster-autoscaler"].use_remote ? local.charts["cluster-autoscaler"].repository : "${path.module}/charts" +## version = local.charts["cluster-autoscaler"].use_remote ? local.charts["cluster-autoscaler"].version : null +## # depends_on = [null_resource.copy_images] +## +## depends_on = [module.images] +## set { +## name = "image.repository" +## # value = local.image_repos["cluster-autoscaler"] +## value = split(":", local.image_output["cluster-autoscaler"].dest_full_path)[0] +## } +## set { +## name = "image.tag" +## # value = var.cluster_autoscaler_tag +## value = local.image_output["cluster-autoscaler"].tag +## } +## set { +## name = "autoDiscovery.clusterName" +## value = var.cluster_name +## } +## set { +## name = "awsRegion" +## value = local.region +## } +## set { +## name = "rbac.serviceAccount.create" +## value = "false" +## } +## } # Install cert-manager # https://cert-manager.io/docs/installation/helm/ diff --git a/examples/full-cluster-tf-upgrade/1.25/common-services/variables.cluster-autoscaler.tf b/examples/full-cluster-tf-upgrade/1.25/common-services/variables.cluster-autoscaler.tf new file mode 100644 index 0000000..2c502ce --- /dev/null +++ b/examples/full-cluster-tf-upgrade/1.25/common-services/variables.cluster-autoscaler.tf @@ -0,0 +1,40 @@ +variable "cluster_autoscaler_namespace" { + description = "Cluster Autoscaler namespace" + type = string + default = "kube-system" +} + +variable "cluster_autoscaler_name" { + description = "Cluster Autoscaler service account name" + type = string + # default = "cluster-autoscaler" + default = "cluster-autoscaler-aws-cluster-autoscaler" +} + +variable "cluster_autoscaler_charts" { + description = "Cluster Autoscaler Map of object with details about remote charts" + type = map(object( + { + name = string + documentation = optional(string, null) + repository = string + version = string + use_remote = bool + })) + default = {} +} + +variable "cluster_autoscaler_images" { + description = "Cluster Autoscaler List of image configuration objects to copy from SOURCE to DESTINATION" + type = map(object({ + name = string, + documentation = optional(string, null) + tag = string, + dest_path = string, + source_registry = string, + source_image = string, + source_tag = string, + enabled = bool, + })) + default = {} +} diff --git a/examples/full-cluster-tf-upgrade/1.25/common-services/variables.common-services.auto.tfvars b/examples/full-cluster-tf-upgrade/1.25/common-services/variables.common-services.auto.tfvars index 89c2488..448bd20 100644 --- a/examples/full-cluster-tf-upgrade/1.25/common-services/variables.common-services.auto.tfvars +++ b/examples/full-cluster-tf-upgrade/1.25/common-services/variables.common-services.auto.tfvars @@ -2,7 +2,7 @@ #cert_manager_controller_tag = "v1.4.3" #cert_manager_webhook_tag = "v1.4.3" #cluster_autoscaler_tag = "v1.24.0" -istio_tag = "1.16.1" +istio_tag = "1.18.2" #metrics_server_tag = "0.6.2-debian-11-r9" tls_crt_b64 = "" tls_crt_contents = "" diff --git a/examples/full-cluster-tf-upgrade/1.25/common-services/variables.images.auto.tfvars b/examples/full-cluster-tf-upgrade/1.25/common-services/variables.images.auto.tfvars index f14433f..ae75fa0 100644 --- a/examples/full-cluster-tf-upgrade/1.25/common-services/variables.images.auto.tfvars +++ b/examples/full-cluster-tf-upgrade/1.25/common-services/variables.images.auto.tfvars @@ -14,7 +14,7 @@ chart_details = { "cluster-autoscaler" = { name = "cluster-autoscaler" repository = "https://kubernetes.github.io/autoscaler" - version = "9.29.1" + version = "9.29.3" use_remote = true } } @@ -67,8 +67,9 @@ image_details = { source_registry = "registry.k8s.io" source_image = "autoscaling/cluster-autoscaler" source_tag = null - tag = "v1.25.3" - enabled = true + # tag = "v1.27.3" + tag = "v1.28.0" + enabled = true } "metrics-server" = { name = "metrics-server"