Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: Correct spelling in the locals.ec2_events #344

Closed
wants to merge 6 commits into from
Closed

fix: Correct spelling in the locals.ec2_events #344

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
1f7cf9c
fix: Gateway-api-controller lacks permissions to create and describe …
neelaruban Dec 7, 2023
99520ae
feat: Grant IAM policy permissions to allow Fargate Fluent Bit to sen…
vilakshan2996 Dec 7, 2023
66ae42e
docs: Add a full example of CoreDNS ConfigurationSchema (#334)
allamand Dec 21, 2023
b09514c
docs: Kong Konnect - Kong Mesh Manager partner addon doc (#340)
DaniellaFreese Jan 5, 2024
b395bc3
fix spelling
KAZYPinkSaurus Jan 23, 2024
c5f98a8
Merge branch 'v2.0' into chore/fix-spelling
KAZYPinkSaurus Jan 24, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
188 changes: 178 additions & 10 deletions docs/amazon-eks-addons.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -100,10 +100,10 @@ You can supply custom configuration values to each addon via the `configuration_

```sh
aws eks describe-addon-configuration \
--addon-name coredns \
--addon-version v1.8.7-eksbuild.2 \
--query 'configurationSchema' \
--output text | jq
--addon-name coredns \
--addon-version v1.10.1-eksbuild.2 \
--query 'configurationSchema' \
--output text | jq
```

Which returns the formatted JSON schema like below:
Expand All @@ -116,6 +116,63 @@ Which returns the formatted JSON schema like below:
"Coredns": {
"additionalProperties": false,
"properties": {
"affinity": {
"default": {
"affinity": {
"nodeAffinity": {
"requiredDuringSchedulingIgnoredDuringExecution": {
"nodeSelectorTerms": [
{
"matchExpressions": [
{
"key": "kubernetes.io/os",
"operator": "In",
"values": [
"linux"
]
},
{
"key": "kubernetes.io/arch",
"operator": "In",
"values": [
"amd64",
"arm64"
]
}
]
}
]
}
},
"podAntiAffinity": {
"preferredDuringSchedulingIgnoredDuringExecution": [
{
"podAffinityTerm": {
"labelSelector": {
"matchExpressions": [
{
"key": "k8s-app",
"operator": "In",
"values": [
"kube-dns"
]
}
]
},
"topologyKey": "kubernetes.io/hostname"
},
"weight": 100
}
]
}
}
},
"description": "Affinity of the coredns pods",
"type": [
"object",
"null"
]
},
"computeType": {
"type": "string"
},
Expand All @@ -134,6 +191,27 @@ Which returns the formatted JSON schema like below:
},
"resources": {
"$ref": "#/definitions/Resources"
},
"tolerations": {
"default": [
{
"key": "CriticalAddonsOnly",
"operator": "Exists"
},
{
"key": "node-role.kubernetes.io/master",
"operator": "NoSchedule"
}
],
"description": "Tolerations of the coredns pod",
"items": {
"type": "object"
},
"type": "array"
},
"topologySpreadConstraints": {
"description": "The coredns pod topology spread constraints",
"type": "array"
}
},
"title": "Coredns",
Expand Down Expand Up @@ -178,11 +256,104 @@ module "eks_blueprints_addons" {
# ... truncated for brevity

eks_addons = {
coredns = {
coredns = {
most_recent = true

configuration_values = jsonencode({
replicaCount = 4
tolerations = [
{
key = "dedicated",
operator = "Equal",
effect = "NoSchedule",
value = "orchestration-seb"
}
]

topologySpreadConstraints = [
{
maxSkew = 1
topologyKey = "topology.kubernetes.io/zone"
whenUnsatisfiable = "ScheduleAnyway"
labelSelector = {
matchLabels = {
k8s-app: "kube-dns"
}
}
}
]

affinity = {
nodeAffinity = {
requiredDuringSchedulingIgnoredDuringExecution = {
nodeSelectorTerms = [
{
matchExpressions = [
{
key = "kubernetes.io/os"
operator = "In"
values = ["linux"]
},
{
key = "kubernetes.io/arch"
operator = "In"
values = ["amd64"]
}
]
}]
}
}

podAffinity = {
requiredDuringSchedulingIgnoredDuringExecution = [{
labelSelector = {
matchExpressions = [
{
key = "k8s-app"
operator = "NotIn"
values = ["kube-dns"]
}
]
}
topologyKey = "kubernetes.io/hostname"
}
]
}

podAntiAffinity = {
preferredDuringSchedulingIgnoredDuringExecution = [{
podAffinityTerm = {
labelSelector = {
matchExpressions = [
{
key = "k8s-app"
operator = "In"
values = ["kube-dns"]
}
]
}
topologyKey = "kubernetes.io/hostname"
}
weight = 100
}
]

requiredDuringSchedulingIgnoredDuringExecution = [{
labelSelector = {
matchExpressions = [
{
key = "k8s-app"
operator = "In"
values = ["kube-dns"]
}
]
}
topologyKey = "kubernetes.io/hostname"
}
]
}

}

resources = {
limits = {
cpu = "100m"
Expand All @@ -191,10 +362,7 @@ module "eks_blueprints_addons" {
requests = {
cpu = "100m"
memory = "150Mi"
}
}
})
})
}
}
}
```
5 changes: 3 additions & 2 deletions docs/aws-partner-addons.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,5 +10,6 @@ The following addons are provided by [AWS Partners](https://aws.amazon.com/partn
| [Sysdig](https://github.com/sysdiglabs/terraform-eksblueprints-sysdig-addon) | Sysdig CNAPP helps you stop cloud and container security attacks with no wasted time. |
| [Tetrate Istio](https://github.com/tetratelabs/terraform-eksblueprints-tetrate-istio-addon) | Tetrate Istio Distro is an open source project from Tetrate that provides vetted builds of Istio tested against all major cloud platforms. |
| [NetApp ONTAP Astra Trident](https://github.com/NetApp/terraform-aws-netapp-fsxn-eks-addon) | NetApp's Astra Trident provides dynamic storage orchestration for FSx for NetApp ONTAP using a Container Storage Interface (CSI) compliant driver. |
| [Kong Konnect Gateway](https://github.com/Kong/terraform-aws-eks-blueprint-konnect-runtime-instance) | Kong Gateway is the fastest and most adopted API gateway that integrates with Kong Konnect, the end-to-end SaaS API lifecycle management platform. |
| [Kong Konnect Kong Ingress Controller](https://github.com/Kong/terraform-aws-eks-blueprint-konnect-kic) | Kong Ingress Controller combines the powerful features of the widely popular Kong Gateway with Kubernetes in a truly Kubernetes-native manner and now integrated with Kong Konnect, the end-to-end SaaS API lifecycle management platform. |
| [Kong Konnect - Kong Gateway](https://github.com/Kong/terraform-aws-eks-blueprint-konnect-runtime-instance) | Kong Gateway is the fastest and most adopted API gateway that integrates with Kong Konnect, the end-to-end SaaS API lifecycle management platform. |
| [Kong Konnect - Kong Ingress Controller](https://github.com/Kong/terraform-aws-eks-blueprint-konnect-kic) | Kong Ingress Controller combines the powerful features of the widely popular Kong Gateway with Kubernetes in a truly Kubernetes-native manner and now integrated with Kong Konnect, the end-to-end SaaS API lifecycle management platform. |
| [Kong Konnect - Kong Mesh Manager](https://github.com/Kong/terraform-aws-eks-blueprint-konnect-kic) | Kong Mesh is the most flexible, enterprise-proven, service-to-service connectivity solution for developing modern applications that drive compelling digital experiences for an organization’s customers. |
24 changes: 21 additions & 3 deletions main.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ locals {
detail-type = ["AWS Health Event"]
}
}
spot_interupt = {
spot_interrupt = {
name = "SpotInterrupt"
description = "EC2 spot instance interruption warning"
event_pattern = {
Expand Down Expand Up @@ -2538,8 +2538,19 @@ data "aws_iam_policy_document" "fargate_fluentbit" {
resources = var.fargate_fluentbit.s3_bucket_arns
}
}
}

dynamic "statement" {
for_each = try(var.fargate_fluentbit.send_to_firehose, false) ? [1] : []

content {
sid = "FirehoseEvent"
actions = [
"firehose:PutRecordBatch"
]
resources = lookup(var.fargate_fluentbit, "firehose_arns", ["*"])
}
}
}
# Help on Fargate Logging with Fluentbit and CloudWatch
# https://docs.aws.amazon.com/eks/latest/userguide/fargate-logging.html
resource "kubernetes_namespace_v1" "aws_observability" {
Expand Down Expand Up @@ -3564,7 +3575,14 @@ data "aws_iam_policy_document" "aws_gateway_api_controller" {
"iam:CreateServiceLinkedRole",
"ec2:DescribeVpcs",
"ec2:DescribeSubnets",
"ec2:DescribeTags"
"ec2:DescribeTags",
"ec2:DescribeSecurityGroups",
"logs:CreateLogDelivery",
"logs:GetLogDelivery",
"logs:UpdateLogDelivery",
"logs:DeleteLogDelivery",
"logs:ListLogDeliveries",
"tag:GetResources"
]
resources = ["*"]
}
Expand Down