diff --git a/examples/extras/datadog-agent/irsa.agent.tf b/examples/extras/datadog-agent/irsa.agent.tf index 745284a..1ce98ac 100644 --- a/examples/extras/datadog-agent/irsa.agent.tf +++ b/examples/extras/datadog-agent/irsa.agent.tf @@ -1,10 +1,10 @@ module "role_agent" { - source = "terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks" + source = "terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts" - role_description = "EKS IAM Role for ${var.cluster_name} for service account ${var.namespace}:${var.agent_name}" - role_name = format("%v%v-irsa__%v", local._prefixes["eks-role"], var.cluster_name, var.agent_name) + description = "EKS IAM Role for ${var.cluster_name} for service account ${var.namespace}:${var.agent_name}" + name = format("%v%v_%v", local._prefixes["eks-role"], var.cluster_name, var.agent_name) - role_policy_arns = { + policies = { policy = aws_iam_policy.policy_agent.arn } @@ -41,7 +41,7 @@ data "aws_iam_policy_document" "policy_agent" { } resource "aws_iam_policy" "policy_agent" { - name = format("%v%v-irsa__%v", local._prefixes["eks-policy"], var.cluster_name, var.agent_name) + name = format("%v%v_%v", local._prefixes["eks-policy"], var.cluster_name, var.agent_name) description = "EKS IAM Policy for ${var.cluster_name} for service account ${var.namespace}:${var.agent_name}" path = "/" policy = data.aws_iam_policy_document.policy_agent.json @@ -51,7 +51,7 @@ resource "aws_iam_policy" "policy_agent" { local.common_tags, var.application_tags, { - "Name" = format("%v%v-irsa__%v", local._prefixes["eks-policy"], var.cluster_name, var.agent_name) + "Name" = format("%v%v_%v", local._prefixes["eks-policy"], var.cluster_name, var.agent_name) "eks:namespace" = var.namespace "eks:user" = var.agent_name } diff --git a/examples/extras/datadog-agent/irsa.cluster-agent.tf b/examples/extras/datadog-agent/irsa.cluster-agent.tf index 8b74db4..85d3b61 100644 --- a/examples/extras/datadog-agent/irsa.cluster-agent.tf +++ b/examples/extras/datadog-agent/irsa.cluster-agent.tf @@ -1,10 +1,10 @@ module "role_cluster-agent" { - source = "terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks" + source = "terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts" - role_description = "EKS IAM Role for ${var.cluster_name} for service account ${var.namespace}:${var.cluster-agent_name}" - role_name = format("%v%v-irsa__%v", local._prefixes["eks-role"], var.cluster_name, var.cluster-agent_name) + description = "EKS IAM Role for ${var.cluster_name} for service account ${var.namespace}:${var.cluster-agent_name}" + name = format("%v%v_%v", local._prefixes["eks-role"], var.cluster_name, "cluster-agent") - role_policy_arns = { + policies = { policy = aws_iam_policy.policy_cluster-agent.arn } @@ -41,7 +41,7 @@ data "aws_iam_policy_document" "policy_cluster-agent" { } resource "aws_iam_policy" "policy_cluster-agent" { - name = format("%v%v-irsa__%v", local._prefixes["eks-policy"], var.cluster_name, var.cluster-agent_name) + name = format("%v%v_%v", local._prefixes["eks-policy"], var.cluster_name, "cluster-agent") description = "EKS IAM Policy for ${var.cluster_name} for service account ${var.namespace}:${var.cluster-agent_name}" path = "/" policy = data.aws_iam_policy_document.policy_cluster-agent.json @@ -51,7 +51,7 @@ resource "aws_iam_policy" "policy_cluster-agent" { local.common_tags, var.application_tags, { - "Name" = format("%v%v-irsa__%v", local._prefixes["eks-policy"], var.cluster_name, var.cluster-agent_name) + "Name" = format("%v%v_%v", local._prefixes["eks-policy"], var.cluster_name, var.cluster-agent_name) "eks:namespace" = var.namespace "eks:user" = var.cluster-agent_name } diff --git a/examples/extras/datadog-agent/main.tf b/examples/extras/datadog-agent/main.tf index de2ace3..f2dfbce 100644 --- a/examples/extras/datadog-agent/main.tf +++ b/examples/extras/datadog-agent/main.tf @@ -42,110 +42,118 @@ resource "helm_release" "datadog" { }) ] - set_sensitive { - name = "datadog.apiKey" - value = local.datadog_api_key - } - - set_sensitive { - name = "datadog.appKey" - value = local.datadog_app_key - } - - set { - name = "datadog.site" - value = local.datadog_site - } - - set { - name = "datadog.clusterName" - value = var.cluster_name - } - - ## set { - ## name = "datadog.dd_url" - ## value = var.datadog_site_url - ## } - - ## set { - ## name = "clusterAgent.endpoint" - ## value = var.datadog_api_url - ## } - - # set { - # name = "datadog.logs.enabled" - # value = false - # } - - ## set { - ## name = "datadog.proxy.http" - ## value = var.datadog_proxy.http - ## } - ## - ## set { - ## name = "datadog.proxy.https" - ## value = var.datadog_proxy.https - ## } - - set { - name = "registry" - value = dirname(split(":", local.images_output["datadog/cluster-agent"].dest_full_path)[0]) - } - # set { - # name = "clusterAgent.image.repository" - # value = split(":", local.images_output["datadog/cluster-agent"].dest_full_path)[0] - # } - set { - name = "clusterAgent.image.tag" - value = local.images_output["datadog/cluster-agent"].tag - } - # set { - # name = "agents.image.repository" - # value = split(":", local.images_output["datadog/agent"].dest_full_path)[0] - # } - set { - name = "agents.image.tag" - value = local.images_output["datadog/agent"].tag - } - # set { - # name = "fips.image.repository" - # value = split(":", local.images_output["datadog/fips-proxy"].dest_full_path)[0] - # } - set { - name = "fips.image.tag" - value = local.images_output["datadog/fips-proxy"].tag - } - - # cluster agent rbac - set { - name = "clusterAgent.rbac.serviceAccount.name" - value = var.cluster-agent_name - } - set { - name = "clusterAgent.rbac.serviceAccount.create" - value = "true" - } - - set { - name = "clusterAgent.rbac.serviceAccountAnnotations.eks\\.amazonaws\\.com/role-arn" - value = module.role_cluster-agent.iam_role_arn - } - - # agent rbac - set { - name = "agents.rbac.serviceAccount.name" - value = var.agent_name - } - set { - name = "agents.rbac.serviceAccount.create" - value = "true" - } - - set { - name = "agents.rbac.serviceAccountAnnotations.eks\\.amazonaws\\.com/role-arn" - value = module.role_agent.iam_role_arn - } + set_sensitive = [ + { + name = "datadog.apiKey" + value = local.datadog_api_key + }, + { + name = "datadog.appKey" + value = local.datadog_app_key + } + ] + set = [ + { + name = "datadog.site" + value = local.datadog_site + }, + + { + name = "datadog.clusterName" + value = var.cluster_name + }, + + ## { + ## name = "datadog.dd_url" + ## value = var.datadog_site_url + ## }, + + ## { + ## name = "clusterAgent.endpoint" + ## value = var.datadog_api_url + ## }, + + # { + # name = "datadog.logs.enabled" + # value = false + # }, + + ## { + ## name = "datadog.proxy.http" + ## value = var.datadog_proxy.http + ## }, + ## + ## { + ## name = "datadog.proxy.https" + ## value = var.datadog_proxy.https + ## }, + + { + name = "registry" + value = dirname(split(":", local.images_output["datadog/cluster-agent"].dest_full_path)[0]) + }, + # { + # name = "clusterAgent.image.repository" + # value = split(":", local.images_output["datadog/cluster-agent"].dest_full_path)[0] + # } + { + name = "clusterAgent.image.tag" + value = local.images_output["datadog/cluster-agent"].tag + }, + # { + # name = "agents.image.repository" + # value = split(":", local.images_output["datadog/agent"].dest_full_path)[0] + # }, + { + name = "agents.image.tag" + value = local.images_output["datadog/agent"].tag + }, + # { + # name = "fips.image.repository" + # value = split(":", local.images_output["datadog/fips-proxy"].dest_full_path)[0] + # }, + { + name = "fips.image.tag" + value = local.images_output["datadog/fips-proxy"].tag + }, + + # cluster agent rbac + { + name = "clusterAgent.rbac.serviceAccount.name" + value = var.cluster-agent_name + }, + { + name = "clusterAgent.rbac.serviceAccount.create" + value = "true" + }, + + { + name = "clusterAgent.rbac.serviceAccountAnnotations.eks\\.amazonaws\\.com/role-arn" + value = module.role_cluster-agent.arn + }, + + # agent rbac + { + name = "agents.rbac.serviceAccount.name" + value = var.agent_name + }, + { + name = "agents.rbac.serviceAccount.create" + value = "true" + }, + + # apm injection + # { + # name = "datadog.apm.instrumentation.injector.imageTag" + # value = local.images_output["datadog/apm-inject"].tag + # }, + + { + name = "agents.rbac.serviceAccountAnnotations.eks\\.amazonaws\\.com/role-arn" + value = module.role_agent.arn + }, + ] timeout = 600 } diff --git a/examples/extras/datadog-agent/variables.datadog.auto.tfvars b/examples/extras/datadog-agent/variables.datadog.auto.tfvars index 1588996..98a0569 100644 --- a/examples/extras/datadog-agent/variables.datadog.auto.tfvars +++ b/examples/extras/datadog-agent/variables.datadog.auto.tfvars @@ -1,6 +1,6 @@ namespace = "monitoring" create_namespace = true -name = "datadog-agent" +#name = "datadog-agent" datadog_proxy = { http = "http://proxy.tco.census.gov:3128" https = "http://proxy.tco.census.gov:3128" diff --git a/examples/extras/datadog-agent/variables.images.auto.tfvars b/examples/extras/datadog-agent/variables.images.auto.tfvars index 7ab7786..0e74c5a 100644 --- a/examples/extras/datadog-agent/variables.images.auto.tfvars +++ b/examples/extras/datadog-agent/variables.images.auto.tfvars @@ -2,12 +2,15 @@ charts = { "agent" = { name = "datadog-agent" documentation = "https://artifacthub.io/packages/helm/datadog/datadog" - repository = "https://helm.datadoghq.com" + # documentation = "https://github.com/DataDog/helm-charts/blob/main/charts/datadog/README.md" + repository = "https://helm.datadoghq.com" # version = "3.57.3" # version = "3.58.1" # version = "3.65.1" # version = "3.67.1" - version = "3.90.2" + # version = "3.90.2" + # version = "3.110.10" + version = "3.135.4" use_remote = true } } @@ -23,7 +26,9 @@ images = { # tag = "7.51.1" # tag = "7.53.0" # tag = "7.57.1" - tag = "7.62.2" + # tag = "7.62.2" + # tag = "7.64.3" + tag = "7.71.0" enabled = true } "cluster-agent" = { @@ -37,7 +42,9 @@ images = { # tag = "7.51.1" # tag = "7.53.0" # tag = "7.57.1" - tag = "7.62.2" + # tag = "7.62.2" + # tag = "7.64.3" + tag = "7.71.0" enabled = true } "fips-proxy" = { @@ -50,7 +57,8 @@ images = { # tag = "1.1.1" # tag = "1.1.2" # tag = "1.1.5" - tag = "1.1.6" + # tag = "1.1.6" + tag = "1.1.16" enabled = true } "installer-package" = { @@ -60,10 +68,49 @@ images = { source_registry = "public.ecr.aws" source_image = "datadog/installer-package" source_tag = null - tag = "7.62" - enabled = false + # tag = "7.62" + tag = "7.67.1-1" + enabled = false + } + "dd-lib-java-init" = { + name = "datadog/dd-lib-java-init" + image = "public.ecr.aws/datadog/dd-lib-java-init" + dest_path = null + source_registry = "public.ecr.aws" + source_image = "datadog/dd-lib-java-init" + source_tag = null + # tag = "1.48.1" + tag = "1.53.0" + enabled = true + } + "dd-lib-python-init" = { + name = "datadog/dd-lib-python-init" + image = "public.ecr.aws/datadog/dd-lib-python-init" + dest_path = null + source_registry = "public.ecr.aws" + source_image = "datadog/dd-lib-python-init" + source_tag = null + # tag = "3.4.1" + tag = "3.15.0" + enabled = true + } + "apm-inject" = { + name = "datadog/apm-inject" + image = "public.ecr.aws/datadog/apm-inject" + dest_path = null + source_registry = "public.ecr.aws" + source_image = "datadog/apm-inject" + source_tag = null + # tag = "0.37.0" + tag = "0.47.0" + enabled = true } } -#public.ecr.aws/datadog/agent:7.51.1 -#public.ecr.aws/datadog/cluster-agent:7.51.1 -#public.ecr.aws/datadog/fips-proxy:1.1.1 + +#public.ecr.aws/datadog/agent:7.64.3 +#public.ecr.aws/datadog/cluster-agent:7.64.3 +#public.ecr.aws/datadog/fips-proxy:1.1.6 +#public.ecr.aws/datadog/dd-lib-java-init:1.48.1 +#public.ecr.aws/datadog/dd-lib-python-init:v3.4.1 +#public.ecr.aws/datadog/apm-inject:0.37.0 +