Skip to content

Commit

Permalink
copy from 1.22 to prep for 1.23
Browse files Browse the repository at this point in the history
  • Loading branch information
@badra001
badra001 committed Apr 6, 2023
1 parent 5397a69 commit 50cd775
Show file tree
Hide file tree
Showing 9 changed files with 43 additions and 10 deletions.
3 changes: 2 additions & 1 deletion examples/full-cluster-tf-upgrade/1.23.in-progress/aws-auth/tf-run.data
View file
Original file line number Diff line number Diff line change
@@ -1,10 +1,11 @@
VERSION 1.2.2
VERSION 1.2.3
REMOTE-STATE
COMMAND tf-directory-setup.py -l none -f
COMMAND setup-new-directory.sh
COMMAND tf-init -upgrade
COMMAND ln -sf ../versions.tf
COMMAND ln -sf ../settings.auto.tfvars
COMMAND ln -sf ../variables.application_tags.auto.tfvars
LINKTOP init
ALL
COMMAND tf-directory-setup.py -l s3
Expand Down
2 changes: 1 addition & 1 deletion examples/full-cluster-tf-upgrade/1.23.in-progress/cluster-roles/deployer.iam.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ module "service_cicd_deployer" {
)
}
module "role_cicd_deployer" {
source = "git@github.e.it.census.gov:terraform-modules/aws-iam-role.git"
source = "git@github.e.it.census.gov:terraform-modules/aws-iam-role.git?ref=tf-upgrade"

role_name = local.role_cicd_k8s_group_name
role_description = "Role for EKS cluster ${var.cluster_name} for access by ${var.cicd_k8s_group_name}"
Expand Down
6 changes: 5 additions & 1 deletion examples/full-cluster-tf-upgrade/1.23.in-progress/cluster-roles/tf-run.data
View file
Original file line number Diff line number Diff line change
@@ -1,12 +1,16 @@
VERSION 1.2.2
VERSION 1.2.4
REMOTE-STATE
STOP only run this after the cluster roles represented here have been setup in K8S
COMMAND tf-directory-setup.py -l none -f
COMMAND setup-new-directory.sh
COMMAND tf-init -upgrade
COMMAND ln -sf ../versions.tf
COMMAND ln -sf ../settings.auto.tfvars .
COMMAND ln -sf ../variables.application_tags.auto.tfvars
LINKTOP init
LINKTOP provider_configs.d/provider.ldap_new.auto.tfvars
LINKTOP provider_configs.d/provider.ldap_new.tf
LINKTOP provider_configs.d/provider.ldap_new.variables.tf
POLICY
ALL
COMMAND tf-directory-setup.py -l s3
Expand Down
20 changes: 20 additions & 0 deletions examples/full-cluster-tf-upgrade/1.23.in-progress/common-services/tags.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
# Tagging

## Istio

For the [AWS Load Balancer Controller](https://kubernetes-sigs.github.io/aws-load-balancer-controller/v2.4/guide/service/annotations/#load-balancer-attributes), we want
to enable the following

* S3 Access Logs
```
service.beta.kubernetes.io/aws-load-balancer-attributes: access_logs.s3.enabled=true,access_logs.s3.bucket=my-access-log-bucket,access_logs.s3.prefix=my-app
```
* Disable IP address persistence (needed for Cumulus, may not be needed for others, will make a variable)
```
#service.beta.kubernetes.io/aws-load-balancer-target-group-attributes: stickiness.enabled=true,stickiness.type=source_ip
service.beta.kubernetes.io/aws-load-balancer-target-group-attributes: stickiness.enabled=false
```
* Pass additional tags (from `var.application_tags.auto.tfvars`)
```
service.beta.kubernetes.io/aws-load-balancer-additional-resource-tags: key=value,key=value
```
3 changes: 2 additions & 1 deletion examples/full-cluster-tf-upgrade/1.23.in-progress/common-services/tf-run.data
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
VERSION 1.2.2
VERSION 1.2.3
REMOTE-STATE
COMMAND tf-directory-setup.py -l none -f
COMMAND setup-new-directory.sh
Expand All @@ -7,6 +7,7 @@ COMMAND ln -sf ../variables.vpc.auto.tfvars .
COMMAND ln -sf ../variables.vpc.tf
COMMAND ln -sf ../versions.tf
COMMAND ln -sf ../settings.auto.tfvars
COMMAND ln -sf ../variables.application_tags.auto.tfvars
LINKTOP init

module.cert
Expand Down
8 changes: 5 additions & 3 deletions examples/full-cluster-tf-upgrade/1.23.in-progress/efs/tf-run.data
View file
Original file line number Diff line number Diff line change
@@ -1,11 +1,13 @@
VERSION 1.2.2
VERSION 1.1.2
REMOTE-STATE
COMMAND tf-directory-setup.py -l none -f
COMMAND setup-new-directory.sh
COMMAND tf-init -upgrade
COMMAND ln -sf ../versions.tf
COMMAND ln -sf ../settings.auto.tfvars
LINKTOP init
LINKTOP provider_configs.d/provider.ldap_new.auto.tfvars
LINKTOP provider_configs.d/provider.ldap_new.tf
LINKTOP provider_configs.d/provider.ldap_new.variables.tf

POLICY
ALL
COMMAND tf-directory-setup.py -l s3
Expand Down
6 changes: 5 additions & 1 deletion examples/full-cluster-tf-upgrade/1.23.in-progress/irsa-roles/cluster-autoscaler/tf-run.data
View file
Original file line number Diff line number Diff line change
@@ -1,11 +1,15 @@
VERSION 1.2.2
VERSION 1.2.3
REMOTE-STATE
COMMAND tf-directory-setup.py -l none
COMMAND setup-new-directory.sh
COMMAND tf-init -upgrade
COMMAND ln -sf ../versions.tf
COMMAND ln -sf ../settings.auto.tfvars
LINKTOP init
LINKTOP provider_configs.d/provider.ldap_new.auto.tfvars
LINKTOP provider_configs.d/provider.ldap_new.tf
LINKTOP provider_configs.d/provider.ldap_new.variables.tf

POLICY
ALL
COMMAND tf-directory-setup.py -l s3
Expand Down
3 changes: 2 additions & 1 deletion examples/full-cluster-tf-upgrade/1.23.in-progress/irsa-roles/tf-run.data
View file
Original file line number Diff line number Diff line change
@@ -1,10 +1,11 @@
VERSION 1.2.2
VERSION 1.2.3
REMOTE-STATE
COMMAND tf-directory-setup.py -l none -f
COMMAND setup-new-directory.sh
COMMAND tf-init -upgrade
COMMAND ln -sf ../versions.tf
COMMAND ln -sf ../settings.auto.tfvars
COMMAND ln -sf ../variables.application_tags.auto.tfvars
LINKTOP init
ALL
COMMAND tf-directory-setup.py -l s3
Expand Down
2 changes: 1 addition & 1 deletion examples/full-cluster-tf-upgrade/1.23.in-progress/tf-run.data
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
VERSION 1.3.1
VERSION 1.3.3
REMOTE-STATE
COMMENT make sure the private-lb subnet and container subnets are tagged properly (see README.md)
STOP then continue with at step %%NEXT%% (tag:subnets-verified)
Expand Down

0 comments on commit 50cd775

Please sign in to comment.