converted kubectl manifests to helm releases for greater stability. (#35

)
CMS-Enterprise · Aug 16, 2024 · 6d56df8 · 6d56df8
2 parents dfcd9aa + 6e8f171
commit 6d56df8
Show file tree

Hide file tree

Showing 38 changed files with 547 additions and 394 deletions.
diff --git a/addons/argocd.tf b/addons/argocd.tf
@@ -1,5 +1,5 @@
 resource "helm_release" "argocd" {
-  depends_on       = [helm_release.karpenter-crd, kubectl_manifest.karpenter_nodepool, kubectl_manifest.karpenter_ec2nodeclass]
+  depends_on       = [helm_release.karpenter-crd, helm_release.karpenter_nodepool, helm_release.karpenter_ec2nodeclass]
   atomic           = true
   name             = "argocd"
   repository       = "https://argoproj.github.io/argo-helm"

diff --git a/addons/charts/efs-storage-class/.helmignore b/addons/charts/efs-storage-class/.helmignore
@@ -0,0 +1,27 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
+
+# Custom
+README.md.gotmpl
+examples/
diff --git a/addons/charts/efs-storage-class/Chart.yaml b/addons/charts/efs-storage-class/Chart.yaml
@@ -0,0 +1,4 @@
+apiVersion: v2
+name: efs-storage-class
+description: A Helm chart for creating an EFS-backed StorageClass
+version: 1.0.0
diff --git a/addons/charts/efs-storage-class/templates/efsStorageClass.yaml b/addons/charts/efs-storage-class/templates/efsStorageClass.yaml
@@ -0,0 +1,9 @@
+apiVersion: storage.k8s.io/v1
+kind: StorageClass
+metadata:
+  name: {{ .Values.storageClass.name | quote }}
+provisioner: {{ .Values.storageClass.provisioner | quote }}
+parameters:
+  provisioningMode: {{ .Values.storageClass.parameters.provisioningMode | quote }}
+  fileSystemId: {{ .Values.storageClass.parameters.fileSystemId | quote }}
+  directoryPerms: {{ .Values.storageClass.parameters.directoryPerms | quote }}
diff --git a/addons/charts/efs-storage-class/values.yaml b/addons/charts/efs-storage-class/values.yaml
diff --git a/addons/charts/eni-configs/.helmignore b/addons/charts/eni-configs/.helmignore
@@ -0,0 +1,27 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
+
+# Custom
+README.md.gotmpl
+examples/
diff --git a/addons/charts/eni-configs/Chart.yaml b/addons/charts/eni-configs/Chart.yaml
@@ -0,0 +1,4 @@
+apiVersion: v2
+name: eni-config
+description: A Helm chart for creating ENIConfig resources
+version: 1.0.0
diff --git a/addons/charts/eni-configs/templates/eniConfig.yaml b/addons/charts/eni-configs/templates/eniConfig.yaml
@@ -0,0 +1,13 @@
+{{- range .Values.eniConfigs }}
+apiVersion: crd.k8s.amazonaws.com/v1alpha1
+kind: ENIConfig
+metadata:
+  name: {{ .availabilityZone | quote }}
+spec:
+  securityGroups:
+{{- range .securityGroups }}
+  - {{ . | quote }}
+{{- end }}
+  subnet: {{ .subnetId | quote }}
+---
+{{- end }}
diff --git a/addons/charts/eni-configs/values.yaml b/addons/charts/eni-configs/values.yaml
@@ -0,0 +1,15 @@
+eniConfigs:
+  - availabilityZone: us-east-1a
+    securityGroups:
+      - "sga-988776665174773"
+    subnetId: "sba-7737937939729"
+
+  - availabilityZone: us-east-1b
+    securityGroups:
+      - "sga-98877666517838833"
+    subnetId: "sba-78374873487839"
+
+  - availabilityZone: us-east-1c
+    securityGroups:
+      - "sga-793479347939302"
+    subnetId: "sba-029840840482"
diff --git a/addons/charts/gp3/.helmignore b/addons/charts/gp3/.helmignore
@@ -0,0 +1,27 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
+
+# Custom
+README.md.gotmpl
+examples/
diff --git a/addons/charts/gp3/Chart.yaml b/addons/charts/gp3/Chart.yaml
@@ -0,0 +1,4 @@
+apiVersion: v2
+name: gp3-storage-class
+description: A Helm chart for creating a gp3 StorageClass
+version: 1.0.0
diff --git a/addons/charts/gp3/templates/gp3.yaml b/addons/charts/gp3/templates/gp3.yaml
@@ -0,0 +1,11 @@
+apiVersion: storage.k8s.io/v1
+kind: StorageClass
+metadata:
+  name: {{ .Values.storageClass.name | quote }}
+  annotations:
+    storageclass.kubernetes.io/is-default-class: "{{ .Values.storageClass.isDefaultClass }}"
+provisioner: {{ .Values.storageClass.provisioner | quote }}
+parameters:
+  type: {{ .Values.storageClass.parameters.type | quote }}
+reclaimPolicy: {{ .Values.storageClass.reclaimPolicy | quote }}
+volumeBindingMode: {{ .Values.storageClass.volumeBindingMode | quote }}
diff --git a/addons/charts/gp3/values.yaml b/addons/charts/gp3/values.yaml
diff --git a/addons/charts/karpenter-node-class/.helmignore b/addons/charts/karpenter-node-class/.helmignore
@@ -0,0 +1,27 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
+
+# Custom
+README.md.gotmpl
+examples/
diff --git a/addons/charts/karpenter-node-class/Chart.yaml b/addons/charts/karpenter-node-class/Chart.yaml
@@ -0,0 +1,4 @@
+apiVersion: v1
+name: karpenter-node-class
+description: "Applies Karpenter Node Class"
+version: 1.0.0
diff --git a/addons/charts/karpenter-node-class/templates/ec2nodeclass.yaml b/addons/charts/karpenter-node-class/templates/ec2nodeclass.yaml
@@ -0,0 +1,49 @@
+apiVersion: karpenter.k8s.aws/v1beta1
+kind: EC2NodeClass
+metadata:
+  name: {{ .Values.nodeClass.metadata.name | quote }}
+  annotations:
+{{- range $key, $value := .Values.nodeClass.metadata.annotations }}
+    {{ $key }}: "{{ $value }}"
+{{- end }}
+spec:
+  amiFamily: {{ .Values.nodeClass.spec.amiFamily | default "AL2" | quote }}
+  subnetSelectorTerms:
+    - tags:
+        Name: "{{ .Values.nodeClass.spec.subnetTag }}"
+  securityGroupSelectorTerms:
+{{- range .Values.nodeClass.spec.securityGroupIDs }}
+    - id: "{{ . }}"
+{{- end }}
+  instanceProfile: {{ .Values.nodeClass.spec.instanceProfile }}
+  amiSelectorTerms:
+    - id: {{ .Values.nodeClass.spec.amiSelectorId }}
+  userData: |
+    #!/bin/bash
+    set -e
+{{ if .Values.nodeClass.spec.preBootstrapUserData }}
+    {{ .Values.nodeClass.spec.preBootstrapUserData | nindent 4 }}
+{{ end }}
+    B64_CLUSTER_CA={{ .Values.nodeClass.spec.b64ClusterCA }}
+    API_SERVER_URL={{ .Values.nodeClass.spec.clusterEndpoint }}
+{{ if .Values.nodeClass.spec.bootstrapExtraArgs }}
+    /etc/eks/bootstrap.sh {{ .Values.nodeClass.spec.clusterName }} {{ .Values.nodeClass.spec.bootstrapExtraArgs }} --b64-cluster-ca $B64_CLUSTER_CA --apiserver-endpoint $API_SERVER_URL --ip-family {{ .Values.nodeClass.spec.clusterIpFamily }} --service-{{ .Values.nodeClass.spec.clusterIpFamily }}-cidr {{ .Values.nodeClass.spec.clusterCIDR | quote }}
+{{ else }}
+    /etc/eks/bootstrap.sh {{ .Values.nodeClass.spec.clusterName }} --b64-cluster-ca $B64_CLUSTER_CA --apiserver-endpoint $API_SERVER_URL --ip-family {{ .Values.nodeClass.spec.clusterIpFamily }} --service-{{ .Values.nodeClass.spec.clusterIpFamily }}-cidr {{ .Values.nodeClass.spec.clusterCIDR | quote }}
+{{ end }}
+{{ if .Values.nodeClass.spec.postBootstrapUserData }}
+    {{ .Values.nodeClass.spec.postBootstrapUserData | nindent 4 }}
+{{ end }}
+  tags:
+{{- range $key, $value := .Values.nodeClass.spec.tags }}
+    {{ $key }}: "{{ $value }}"
+{{- end }}
+
+  blockDeviceMappings:
+    - deviceName: {{ .Values.nodeClass.spec.deviceName | default "/dev/xvda" }}
+      ebs:
+        volumeSize: {{ .Values.nodeClass.spec.volumeSize | default "300G" }}
+        volumeType: {{ .Values.nodeClass.spec.volumeType | default "gp3" }}
+        deleteOnTermination: {{ .Values.nodeClass.spec.deleteOnTermination | default true }}
+        encrypted: {{ .Values.nodeClass.spec.encrypted | default true }}
+        kmsKeyId: {{ .Values.nodeClass.spec.kmsKeyId }}
diff --git a/addons/charts/karpenter-node-class/values.yaml b/addons/charts/karpenter-node-class/values.yaml
@@ -0,0 +1,19 @@
+nodeClass:
+  metadata:
+    name: "my-node-class"
+  spec:
+    amiFamily: "AL2" 
+    tags: []
+    deviceName: "/dev/xvda"
+    volumeSize: "300G"
+    volumeType: "gp3"
+    deleteOnTermination: true
+    encrypted: true
+    kmsKeyId: "kms-key-id"
+    instanceProfile: "my-instance-profile"
+    amiSelectorId: "ami-12345678"
+    subnetTag: "private"
+    securityGroupIDs:
+      - sg-0123456789abcdef0
+      - sg-0fedcba9876543210
+    userData: "userData"
diff --git a/addons/charts/karpenter-node-pool/.helmignore b/addons/charts/karpenter-node-pool/.helmignore
@@ -0,0 +1,27 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
+
+# Custom
+README.md.gotmpl
+examples/
diff --git a/addons/charts/karpenter-node-pool/Chart.yaml b/addons/charts/karpenter-node-pool/Chart.yaml
@@ -0,0 +1,4 @@
+apiVersion: v1
+name: karpenter-node-pool
+description: "Applies Karpenter Node Pool"
+version: 1.0.0
diff --git a/addons/charts/karpenter-node-pool/templates/nodepool.yaml b/addons/charts/karpenter-node-pool/templates/nodepool.yaml
@@ -0,0 +1,32 @@
+apiVersion: karpenter.sh/v1beta1
+kind: NodePool
+metadata:
+  name: {{ .Values.nodePool.metadata.name | default "default" | quote }}
+  annotations:
+{{- range $key, $value := .Values.nodePool.metadata.annotations }}
+    {{ $key }}: "{{ $value }}"
+{{- end }}
+spec:
+  template:
+    spec:
+      requirements:
+{{- range .Values.nodePool.spec.template.spec.requirements }}
+        - key: {{ .key | quote }}
+          operator: {{ .operator | quote }}
+          values: [{{ range $index, $value := .values }}{{ if $index }}, {{ end }}"{{ $value }}"{{ end }}]
+{{- end }}
+{{- if .Values.nodePool.spec.template.spec.taints }}
+      taints:
+{{- range .Values.nodePool.spec.template.spec.taints }}
+        - key: {{ .key | quote }}
+          value: {{ .value | quote }}
+          effect: {{ .effect | quote }}
+{{- end }}
+{{- end }}
+      nodeClassRef:
+        apiVersion: {{ .Values.nodePool.spec.template.spec.nodeClassRef.apiVersion | default "karpenter.k8s.aws/v1beta1" | quote }}
+        kind: {{ .Values.nodePool.spec.template.spec.nodeClassRef.kind | default "EC2NodeClass" | quote }}
+        name: {{ .Values.nodePool.spec.template.spec.nodeClassRef.name | default "default" | quote }}
+  disruption:
+    consolidationPolicy: {{ .Values.nodePool.consolidationPolicy | default "WhenUnderutilized" | quote }}
+    expireAfter: {{ .Values.nodePool.expireAfter | default "160h" | quote }}
diff --git a/addons/charts/karpenter-node-pool/values.yaml b/addons/charts/karpenter-node-pool/values.yaml
@@ -0,0 +1,15 @@
+nodePool:
+  metadata:
+    name: "default-nodepool"
+    annotations: {}
+  spec:
+    template:
+      spec:
+        requirements: []
+        taints: []
+        nodeClassRef:
+          apiVersion: "karpenter.k8s.aws/v1beta1"
+          kind: "EC2NodeClass"
+          name: "default"
+  consolidationPolicy: "WhenUnderutilized"
+  expireAfter: "160h"