Skip to content

Commit

Permalink
Merge pull request #32 from msfidelis/feature/upgrades
Browse files Browse the repository at this point in the history
tests: karpenter v1
  • Loading branch information
msfidelis authored Oct 11, 2024
2 parents f0d4655 + a5d55ef commit 63a64d1
Show file tree
Hide file tree
Showing 10 changed files with 130 additions and 75 deletions.
29 changes: 29 additions & 0 deletions helm/karpenter/templates/node-class.yaml.tpl
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
apiVersion: karpenter.k8s.aws/v1
kind: EC2NodeClass
metadata:
name: ${EKS_CLUSTER}-nodeclass
spec:

instanceProfile: ${INSTANCE_PROFILE}
amiSelectorTerms:

- id: ${AMI_ID}

amiFamily: ${AMI_FAMILY}

securityGroupSelectorTerms:
%{ for sg in SECURITY_GROUPS ~}

- id: ${sg}

%{ endfor ~}

subnetSelectorTerms:
%{ for sb in EKS_SUBNETS ~}

- id: ${sb}

%{ endfor ~}

launchTemplate:
id: ${LAUNCH_TEMPLATE}
55 changes: 55 additions & 0 deletions helm/karpenter/templates/node-pool.yaml.tpl
Original file line number Diff line number Diff line change
@@ -0,0 +1,55 @@
apiVersion: karpenter.sh/v1
kind: NodePool
metadata:
name: ${EKS_CLUSTER}-nodepool
spec:
disruption:
consolidationPolicy: WhenEmptyOrUnderutilized
consolidateAfter: Never
topologySpreadConstraints:
- maxSkew: 1
topologyKey: "topology.kubernetes.io/zone"
whenUnsatisfiable: ScheduleAnyway
template:
spec:
requirements:
- key: karpenter.k8s.aws/instance-family
operator: In
values:
%{ for ifm in INSTANCE_FAMILY ~}

- ${ifm}

%{ endfor ~}

- key: karpenter.sh/capacity-type
operator: In
values:
%{ for cpct in CAPACITY_TYPE ~}

- ${cpct}

%{ endfor ~}

- key: karpenter.k8s.aws/instance-size
operator: In
values:
%{ for ifs in INSTANCE_SIZES ~}

- ${ifs}

%{ endfor ~}

- key: "topology.kubernetes.io/zone"
operator: In
values:
%{ for az in AVAILABILITY_ZONES ~}

- ${az}

%{ endfor ~}

nodeClassRef:
group: karpenter.k8s.aws
kind: EC2NodeClass
name: ${EKS_CLUSTER}-nodeclass
39 changes: 0 additions & 39 deletions helm/karpenter/templates/provisioner.yml.tpl

This file was deleted.

8 changes: 0 additions & 8 deletions helm/karpenter/templates/template.yml.tpl

This file was deleted.

9 changes: 9 additions & 0 deletions helm_jaeger.tf
Original file line number Diff line number Diff line change
@@ -1,4 +1,7 @@
resource "helm_release" "jaeger" {

count = var.enable_jaeger ? 1 : 0

name = "jaeger"
repository = "https://jaegertracing.github.io/helm-charts"
chart = "jaeger"
Expand All @@ -16,6 +19,9 @@ resource "helm_release" "jaeger" {
}

resource "kubectl_manifest" "jaeger_gateway" {

count = var.enable_jaeger ? 1 : 0

yaml_body = <<YAML
apiVersion: networking.istio.io/v1alpha3
kind: Gateway
Expand Down Expand Up @@ -46,6 +52,9 @@ YAML
}

resource "kubectl_manifest" "jaeger_virtual_service" {

count = var.enable_jaeger ? 1 : 0

yaml_body = <<YAML
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
Expand Down
30 changes: 19 additions & 11 deletions helm_karpenter.tf
Original file line number Diff line number Diff line change
Expand Up @@ -4,22 +4,22 @@ resource "helm_release" "karpenter" {
create_namespace = true

name = "karpenter"
repository = "https://charts.karpenter.sh"
repository = "oci://public.ecr.aws/karpenter"
chart = "karpenter"
version = "v0.15.0"
version = "1.0.5"

set {
name = "serviceAccount.annotations.eks\\.amazonaws\\.com/role-arn"
value = aws_iam_role.karpenter_role[count.index].arn
}

set {
name = "clusterName"
name = "settings.clusterName"
value = var.cluster_name
}

set {
name = "clusterEndpoint"
name = "settings.clusterEndpoint"
value = aws_eks_cluster.main.endpoint
}

Expand All @@ -36,10 +36,10 @@ resource "helm_release" "karpenter" {

}

resource "kubectl_manifest" "karpenter_provisioner" {
resource "kubectl_manifest" "karpenter_node_pool" {
count = var.karpenter_toggle ? 1 : 0
yaml_body = templatefile(
"${path.module}/helm/karpenter/templates/provisioner.yml.tpl", {
"${path.module}/helm/karpenter/templates/node-pool.yaml.tpl", {
EKS_CLUSTER = var.cluster_name,
CAPACITY_TYPE = var.karpenter_capacity_type
INSTANCE_FAMILY = var.karpenter_instance_family
Expand All @@ -52,16 +52,24 @@ resource "kubectl_manifest" "karpenter_provisioner" {
]
}

resource "kubectl_manifest" "karpenter_template" {
resource "kubectl_manifest" "karpenter_node_class" {
count = var.karpenter_toggle ? 1 : 0
yaml_body = templatefile(
"${path.module}/helm/karpenter/templates/template.yml.tpl", {
EKS_CLUSTER = var.cluster_name,
EKS_SUBNETS = join(", ", [
"${path.module}/helm/karpenter/templates/node-class.yaml.tpl", {
EKS_CLUSTER = var.cluster_name
AMI_FAMILY = var.karpenter_ec2_node_family
SECURITY_GROUPS = [
aws_security_group.cluster_sg.id,
aws_security_group.cluster_nodes_sg.id,
aws_eks_cluster.main.vpc_config[0].cluster_security_group_id
]
INSTANCE_PROFILE = aws_iam_instance_profile.nodes.name
AMI_ID = data.aws_ssm_parameter.eks.value
EKS_SUBNETS = [
aws_subnet.private_subnet_1a.id,
aws_subnet.private_subnet_1b.id,
aws_subnet.private_subnet_1c.id
])
]
LAUNCH_TEMPLATE = format("%s-karpenter", var.cluster_name)
})

Expand Down
16 changes: 3 additions & 13 deletions iam_karpenter.tf
Original file line number Diff line number Diff line change
Expand Up @@ -39,12 +39,15 @@ data "aws_iam_policy_document" "karpenter_policy" {
"ec2:DescribeInstances",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSubnets",
"ec2:DescribeImages",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstanceTypeOfferings",
"ec2:DescribeAvailabilityZones",
"ec2:DescribeSpotPriceHistory",
"pricing:GetProducts",
"ec2:RunInstances",
"ec2:TerminateInstances",
"ec2:DeleteLaunchTemplate",
"ssm:GetParameter",
"iam:PassRole"
]
Expand All @@ -55,19 +58,6 @@ data "aws_iam_policy_document" "karpenter_policy" {

}

statement {

effect = "Allow"
actions = [
"ec2:TerminateInstances",
"ec2:DeleteLaunchTemplate",
]

resources = [
"*"
]

}

}

Expand Down
1 change: 1 addition & 0 deletions provider.tf
Original file line number Diff line number Diff line change
Expand Up @@ -49,4 +49,5 @@ provider "kubectl" {
host = aws_eks_cluster.main.endpoint
cluster_ca_certificate = base64decode(aws_eks_cluster.main.certificate_authority.0.data)
token = data.aws_eks_cluster_auth.default.token
apply_retry_count = 15
}
6 changes: 3 additions & 3 deletions samples/chip/chip-istio.yml
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ metadata:
name: chip
namespace: chip
spec:
replicas: 2
replicas: 200
selector:
matchLabels:
app: chip
Expand Down Expand Up @@ -94,8 +94,8 @@ metadata:
name: chip
namespace: chip
spec:
maxReplicas: 10
minReplicas: 2
maxReplicas: 1000
minReplicas: 200
metrics:
- type: Resource
resource:
Expand Down
12 changes: 11 additions & 1 deletion variables.tf
Original file line number Diff line number Diff line change
Expand Up @@ -91,6 +91,10 @@ variable "karpenter_availability_zones" {
]
}

variable "karpenter_ec2_node_family" {
default = "Bottlerocket"
}

#########################
### INGRESS CONFIGS ###
#########################
Expand Down Expand Up @@ -128,7 +132,7 @@ variable "enable_cross_zone_load_balancing" {
variable "enable_vpc_link" {
type = bool
description = "Create VPC Link associated to Network Load Balancing"
default = true
default = false
}

#########################
Expand Down Expand Up @@ -179,6 +183,12 @@ variable "kiali_virtual_service_host" {
default = "kiali.k8s.raj.ninja"
}

variable "enable_jaeger" {
type = bool
description = "Flag to create jaeger standalone stack"
default = false
}

variable "jaeger_virtual_service_host" {
type = string
description = "The hostname for the Jaeger virtual service, used for tracing and monitoring microservices within the Istio service mesh."
Expand Down

0 comments on commit 63a64d1

Please sign in to comment.