Release 3.0.0 (#44)

* Addons restructure and Version Updates for 1.30 cluster (#34)

* update directory structure for alb,Node -termination-manager.cert-manager ,cluster-autoscaller,cluster-proportional-autoscaller,core dns-hpa,external-secret, reloader,metric-server

* version updste in alb,Node -termination-manager,cert-manager,cluster-autoscaller,cluster-proportional-autoscaller,core dns-hpa,external-secret,config reloader,metric-server-hpa

* udate default addons and example calling module

* Update addons directory structure for default addons, alb,Node -termination-manager,cert-manager,cluster-autoscaller,cluster-proportional-autoscaller,core dns-hpa,external-secret,config reloader,metric-server-hpa

* Update addons directory structure for default addons, alb,Node -termination-manager,cert-manager,cluster-autoscaller,cluster-proportional-autoscaller,core dns-hpa,external-secret,config reloader,metric-server-hpa

* Update addons directory structure for default addons, alb,Node -termination-manager,cert-manager,cluster-autoscaller,cluster-proportional-autoscaller,core dns-hpa,external-secret,config reloader,metric-server-hpa

* add akansha singh changes manually

* structure update in cert-manager and corednshpa

* structure update in cert-manager and corednshpa

* Changes of modules and version update

* Changes of modules and version update

* update structre

* kubernetes dashboard terraform addon module

* update cert-manager config

* solve kuberetes-dashboard ingress error

* Modifying addons module and version update of phase1

* update aws-ebs-csi-driver module

* update reloader configuration

* Updated the module names and corrected local.tf file.

* corrected module names which restructuring

* albhactically arrange modules

* Integrated ingress and private ingress in one module

* ingress-nginx logic implemented for private nlb

* comment update

* add karpenter-provisioner configuration for multiple labels

* change order of module names according to alphabatically

* Testing for public and private ingress has been done

* add keda configuration

* corrected pre-commit errors and warnings

* fixed the vpc-cni and ebs-csi-driver versions and resource limits

* Updated readme.md file

* standardized modules and variables

* resource limit update keda, cluster-autoscaler, cert-manager

* readme.md modified by pre-commit

* support for EKS version >=1.28

---------

Co-authored-by: Divyanshu jain <[email protected]>
Co-authored-by: Akanksha Singh <[email protected]>

* Added KMS key encryption for Karpenter, Version Update for Keda and m… (#35)

* Added KMS key encryption for Karpenter, Version Update for Keda and metric-server-vpa along with improving the limit and request of resources

* Added comments in main.tf for better understanding

* Added comments in main.tf for better understanding

* Kubernetes-dashboard improved version

---------

Co-authored-by: Akanksha Singh <[email protected]>

* Release 3.0.0 Fixes (#36)

* Updated some changes

* ebs-csi-driver policy addition and version update

* efs-csi-driver fixed

* Kubernetes-dashboard module depends_on added

* cluster autoscaler fixes for 1.30 EKS cluster

* Cert-Manager Fixes

* Karpenter and Velero changes

* added condition for internal ingress

* EFS Driver policy updates

* Fixed the indentation and comments in velero

---------

Co-authored-by: Ankush.upadhyay <[email protected]>
Co-authored-by: Akanksha Singh <[email protected]>

* Policy update in efs-csi-driver (#39)

Co-authored-by: Akanksha Singh <[email protected]>

* FIxed coredns HPA bug (#38)

* Release 3.0.0 (#40)

* Updated example calling module and readme files

* Updated example's main.tf file

* add nginx-ingress outputs

---------

Co-authored-by: AkankshaSquareops <[email protected]>
Co-authored-by: Divyanshu jain <[email protected]>
Co-authored-by: Akanksha Singh <[email protected]>
Co-authored-by: Ankush.upadhyay <[email protected]>
Co-authored-by: vinayakops <[email protected]>

Author: 6 people

README.md

@@ -1,13 +1,12 @@
 data "aws_partition" "current" {}
 data "aws_caller_identity" "current" {}
-data "aws_region" "current" {}
 
 resource "time_sleep" "dataplane" {
   create_duration = "10s"
 
   triggers = {
     data_plane_wait_arn = var.data_plane_wait_arn # this waits for the data plane to be ready
-    eks_cluster_id      = var.eks_cluster_id      # this ties it to downstream resources
+    eks_cluster_id      = var.eks_cluster_name    # this ties it to downstream resources
   }
 }
 

modules/kubernetes-addons/data.tf data.tfmodules/kubernetes-addons/data.tf renamed to data.tf

@@ -1,19 +1,13 @@
-# terraform-aws-eks-addons
-![squareops_avatar]
+# complete
 
-[squareops_avatar]: https://squareops.com/wp-content/uploads/2022/12/squareops-logo.png
-
-### [SquareOps Technologies](https://squareops.com/) Your DevOps Partner for Accelerating cloud journey.
-<br>
-This example is useful for users who are new to a module and want to quickly learn how to use it. By reviewing the examples, users can gain a better understanding of how the module works, what features it supports, and how to customize it to their specific needs.
-<br>
 <!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
 ## Requirements
 
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.0 |
 | <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 3.43.0 |
+| <a name="requirement_helm"></a> [helm](#requirement\_helm) | >= 2.0.0 |
 | <a name="requirement_kubectl"></a> [kubectl](#requirement\_kubectl) | >= 1.7.0 |
 | <a name="requirement_kubernetes"></a> [kubernetes](#requirement\_kubernetes) | >= 2.0.2 |
 
@@ -50,8 +44,8 @@ No inputs.
 | <a name="output_environment"></a> [environment](#output\_environment) | Environment Name for the EKS cluster |
 | <a name="output_internal_nginx_ingress_controller_dns_hostname"></a> [internal\_nginx\_ingress\_controller\_dns\_hostname](#output\_internal\_nginx\_ingress\_controller\_dns\_hostname) | DNS hostname of the NGINX Ingress Controller that can be used to access it from within the cluster. |
 | <a name="output_istio_ingressgateway_dns_hostname"></a> [istio\_ingressgateway\_dns\_hostname](#output\_istio\_ingressgateway\_dns\_hostname) | DNS hostname of the Istio Ingress Gateway |
-| <a name="output_k8s-dashboard-admin-token"></a> [k8s-dashboard-admin-token](#output\_k8s-dashboard-admin-token) | k8s-dashboard admin token |
-| <a name="output_k8s-dashboard-read-only-token"></a> [k8s-dashboard-read-only-token](#output\_k8s-dashboard-read-only-token) | k8s-dashboard read only  token |
+| <a name="output_k8s_dashboard_admin_token"></a> [k8s\_dashboard\_admin\_token](#output\_k8s\_dashboard\_admin\_token) | Kubernetes-Dashboard Admin Token |
+| <a name="output_k8s_dashboard_read_only_token"></a> [k8s\_dashboard\_read\_only\_token](#output\_k8s\_dashboard\_read\_only\_token) | Kubernetes-Dashboard Read Only Token |
 | <a name="output_kubeclarity"></a> [kubeclarity](#output\_kubeclarity) | Kubeclarity endpoint and credentials |
 | <a name="output_kubecost"></a> [kubecost](#output\_kubecost) | Kubecost endpoint and credentials |
 | <a name="output_nginx_ingress_controller_dns_hostname"></a> [nginx\_ingress\_controller\_dns\_hostname](#output\_nginx\_ingress\_controller\_dns\_hostname) | DNS hostname of the NGINX Ingress Controller. |

examples/complete/README.md

@@ -19,6 +19,3 @@ resources:
   requests:
     cpu: 50m
     memory: 100Mi
-
-podAnnotations:
-  co.elastic.logs/enabled: "true"

modules/aws_alb/aws_alb.yaml examples/complete/config/aws-alb.yamlmodules/aws_alb/aws_alb.yaml renamed to examples/complete/config/aws-alb.yaml

@@ -0,0 +1,7 @@
+resources:
+  limits:
+    cpu: 20m
+    memory: 60Mi
+  requests:
+    cpu: 10m
+    memory: 30Mi

examples/complete/config/aws-node-termination-handler.yaml

@@ -0,0 +1,64 @@
+extraArgs:
+  - --enable-certificate-owner-ref=true
+
+crds:
+  # This option decides if the CRDs should be installed
+  # as part of the Helm installation.
+  enabled: true
+## Node affinity for particular node in which labels key is "Infra-Services" and value is "true"
+
+affinity:
+  nodeAffinity:
+    requiredDuringSchedulingIgnoredDuringExecution:
+      nodeSelectorTerms:
+      - matchExpressions:
+        - key: "Addons-Services"
+          operator: In
+          values:
+          - "true"
+
+resources:
+  limits:
+    cpu: 20m
+    memory: 400Mi
+  requests:
+    cpu: 10m
+    memory: 200Mi
+
+webhook:
+  affinity:
+    nodeAffinity:
+      requiredDuringSchedulingIgnoredDuringExecution:
+        nodeSelectorTerms:
+        - matchExpressions:
+          - key: "Addons-Services"
+            operator: In
+            values:
+            - "true"
+
+  resources:
+    limits:
+      cpu: 20m
+      memory: 150Mi
+    requests:
+      cpu: 10m
+      memory: 75Mi
+
+cainjector:
+  affinity:
+    nodeAffinity:
+      requiredDuringSchedulingIgnoredDuringExecution:
+        nodeSelectorTerms:
+        - matchExpressions:
+          - key: "Addons-Services"
+            operator: In
+            values:
+            - "true"
+
+  resources:
+    limits:
+      cpu: 20m
+      memory: 480Mi
+    requests:
+      cpu: 10m
+      memory: 240Mi

examples/complete/config/cert-manager.yaml

@@ -0,0 +1,21 @@
+## Node affinity for particular node in which labels key is "Infra-Services" and value is "true"
+
+affinity:
+  nodeAffinity:
+    requiredDuringSchedulingIgnoredDuringExecution:
+      nodeSelectorTerms:
+      - matchExpressions:
+        - key: "Addons-Services"
+          operator: In
+          values:
+          - "true"
+
+## Using limits and requests
+
+resources:
+  limits:
+    cpu: 20m
+    memory: 200Mi
+  requests:
+    cpu: 10m
+    memory: 100Mi

examples/complete/config/cluster-autoscaler.yaml

@@ -0,0 +1,17 @@
+affinity:
+  nodeAffinity:
+    requiredDuringSchedulingIgnoredDuringExecution:
+      nodeSelectorTerms:
+      - matchExpressions:
+        - key: "Addons-Services"
+          operator: In
+          values:
+          - "true"
+
+resources:
+  limits:
+    cpu: 200m
+    memory: 200Mi
+  requests:
+    cpu: 100m
+    memory: 100Mi

examples/complete/config/coredns-hpa.yaml

@@ -0,0 +1,17 @@
+controller:
+  resources:
+    requests:
+      cpu: 10m
+      memory: 40Mi
+    limits:
+      cpu: 20m
+      memory: 80Mi
+
+node:
+  resources:
+    requests:
+      cpu: 10m
+      memory: 40Mi
+    limits:
+      cpu: 20m
+      memory: 80Mi

examples/complete/config/ebs-csi.yaml

@@ -1,6 +1,6 @@
 resources:
   limits:
-    cpu: 100m
+    cpu: 20m
     memory: 100Mi
   requests:
     cpu: 10m
@@ -19,7 +19,7 @@ affinity:
 webhook:
   resources:
     limits:
-      cpu: 100m
+      cpu: 20m
       memory: 100Mi
     requests:
       cpu: 10m
@@ -38,7 +38,7 @@ webhook:
 certController:
   resources:
     limits:
-      cpu: 100m
+      cpu: 20m
       memory: 100Mi
     requests:
       cpu: 10m