Docs and TF: Update EKS Kubernetes version to use 1.16

[aLekSer]

Update Terraform and website to use 1.16 version.

What type of PR is this?

/kind documentation

What this PR does / Why we need it:

Which issue(s) this PR fixes:

Relates to #1649

Special notes for your reviewer:

[agones-bot]

Build Succeeded 👏

Build Id: b78fc525-d40f-4f56-befe-2d456ed25500

The following development artifacts have been built, and will exist for the next 30 days:

• image: gcr.io/agones-images/agones-controller:1.9.0-bd77f82
• image: gcr.io/agones-images/agones-sdk:1.9.0-bd77f82
• image: gcr.io/agones-images/agones-ping:1.9.0-bd77f82
• Linux C++ SDK (build): agonessdk-1.9.0-bd77f82-linux-arch_64.tar.gz
• SDK Server: agonessdk-server-1.9.0-bd77f82.zip

A preview of the website (the last 30 builds are retained):

• https://bd77f82-dot-preview-dot-agones-images.appspot.com/

To install this version:

• git fetch https://github.com/googleforgames/agones.git pull/1790/head:pr_1790 && git checkout pr_1790
• helm install ./install/helm/agones --namespace agones-system --name agones --set agones.image.tag=1.9.0-bd77f82

[aLekSer]

Cluster creating was fine with this PR. However with destroy there is an issue still left.
I am receiving an error after switching to Helm 3:
There was an issue with terraform destroy in one step with EKS. So as a workaround mentioned in the docs:
https://agones.dev/site/docs/installation/terraform/eks/
When I do, I got an error:

terraform destroy -target module.helm_agones.helm_release.agones -auto-approve
module.helm_agones.helm_release.agones: Refreshing state... [id=agones]
Error: Kubernetes cluster unreachable: the server has asked for the client to provide credentials

while:

$ helm3 uninstall agones -n agones-system
        release "agones" uninstalled

Similar to:
hashicorp/terraform-provider-helm#400
Doing partial destroy to retaliate:

terraform destroy --target module.eks_cluster --auto-approve

[aLekSer]

Trying to fix mentioned above issue with updating Terraform provider module version to:

  source          = "git::github.com/terraform-aws-modules/terraform-aws-eks.git?ref=v12.2.0"

This change makes things even worse - terraform apply begins crashing:

module.eks_cluster.module.eks.kubernetes_config_map.aws_auth[0]: Creating...

Error: Post "https://81ECC7742A30D851E4A33147D481FE0C.gr7.us-west-2.eks.amazonaws.com/api/v1/namespaces/kube-system/configmaps": dial tcp: lookup 81ECC7742A30D851E4A33147D481FE0C.gr7.us-west-2.eks.amazonaws.com on 192.168.86.1:53: no such host

  on .terraform/modules/eks_cluster.eks/aws_auth.tf line 64, in resource "kubernetes_config_map" "aws_auth":
  64: resource "kubernetes_config_map" "aws_auth" {

[markmandel]

Not sure if I can help here on this issue, but doesn't look like anything changed much from the last EKS test, except to update the K8s version?

[aLekSer]

There could be the case that this issue was hidden in 1.15. I am investigating at the moment.

[aLekSer]

Well something wrong with the most fresh EKS module:

  source          = "git::github.com/terraform-aws-modules/terraform-aws-eks.git?ref=v12.2.0"

kubectl get nodes is empty, however there are 6 EC2 instances was created - 3 node pools.
Note providers:

terraform providers
.
├── provider.aws ~> 2.8
├── module.eks_cluster
│   ├── provider.aws >= 2.55.0
│   ├── module.eks
│   │   ├── provider.aws >= 2.55.0
│   │   ├── provider.kubernetes >= 1.11.1
│   │   ├── provider.local >= 1.4
│   │   ├── provider.null >= 2.1
│   │   ├── provider.random >= 2.1
│   │   ├── provider.template >= 2.1
│   │   └── module.node_groups
│   │       ├── provider.aws (inherited)
│   │       └── provider.random
│   └── module.vpc
│       └── provider.aws (inherited)
└── module.helm_agones
    └── provider.helm ~> 1.2

[aLekSer]

After updating the VPC module all major issues were fixed:

module "vpc" {
  source  = "terraform-aws-modules/vpc/aws"
  version = "2.47.0"

Note that I need to run terraform apply --auto-approve twice. Because of issue, described above :

module.eks_cluster.module.eks.kubernetes_config_map.aws_auth[0]: Creating...                                                                                                                                                                 
                                                                                                                                                                                                                                             
Error: Post "https://15745DA30E83335B686C2A118DABA8BD.gr7.us-west-2.eks.amazonaws.com/api/v1/namespaces/kube-system/configmaps": dial tcp: lookup 15745DA30E83335B686C2A118DABA8BD.gr7.us-west-2.eks.amazonaws.com on 192.168.86.1:53: no suc
h host                                                                                                                                                                                                                                       
                                                                                                                                                                                                                                             
  on .terraform/modules/eks_cluster.eks/aws_auth.tf line 64, in resource "kubernetes_config_map" "aws_auth":                                                                                                                                   64: resource "kubernetes_config_map" "aws_auth" {                      

But second terraform apply was fine and finished successfully with Agones installed.
kubectl get nodes shows 6 nodes as expected.
I am able to create a fleet, use nc -u to GS.
So this PR is ready to be merged.
This document section and issue link still applies:
https://agones.dev/site/docs/installation/terraform/eks/#uninstall-the-agones-and-delete-eks-cluster

[aLekSer]

terraform destroy output excerpt, for comparing with the future runs:

module.eks_cluster.module.eks.aws_iam_role_policy_attachment.cluster_AmazonEKSServicePolicy[0]: Destruction complete after 0s
module.eks_cluster.module.eks.aws_iam_role.cluster[0]: Destroying... [id=agones-cluster20200915225806675400000001]
module.eks_cluster.module.eks.aws_security_group_rule.cluster_https_worker_ingress[0]: Destruction complete after 2s
module.eks_cluster.module.eks.aws_security_group.workers[0]: Destroying... [id=sg-079da602265fa5e8f]module.eks_cluster.module.vpc.aws_subnet.public[1]: Destruction complete after 2s
module.eks_cluster.module.vpc.aws_subnet.public[0]: Destruction complete after 2s
module.eks_cluster.module.vpc.aws_subnet.public[2]: Destruction complete after 2s
module.eks_cluster.module.eks.aws_iam_role.cluster[0]: Destruction complete after 3s
module.eks_cluster.module.eks.aws_security_group.workers[0]: Destruction complete after 2s
module.eks_cluster.module.eks.aws_security_group_rule.cluster_egress_internet[0]: Destruction complete after 4s
module.eks_cluster.module.eks.aws_security_group.cluster[0]: Destroying... [id=sg-056aebb8ef968e4a5]
module.eks_cluster.module.eks.aws_security_group.cluster[0]: Destruction complete after 2s
module.eks_cluster.module.vpc.aws_vpc.this[0]: Destroying... [id=vpc-0300680ed571d8627]
module.eks_cluster.module.vpc.aws_vpc.this[0]: Destruction complete after 1s

Destroy complete! Resources: 43 destroyed.

[agones-bot]

Build Failed 😱

Build Id: 405b71a7-e99f-4e13-aeb8-7e5e2d65b6c5

• Cloud Build view
• Cloud Build log download

To get permission to view the Cloud Build view, join the agones-discuss Google Group.

[agones-bot]

Build Failed 😱

Build Id: 2a2c171a-c0ff-4994-a01d-28bba79350e3

• Cloud Build view
• Cloud Build log download

To get permission to view the Cloud Build view, join the agones-discuss Google Group.

[google-oss-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: aLekSer, roberthbailey

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [aLekSer,roberthbailey]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[google-oss-robot]

New changes are detected. LGTM label has been removed.

[agones-bot]

Build Succeeded 👏

Build Id: 8f9c3c71-0dc4-4561-936d-5b56def31f08

The following development artifacts have been built, and will exist for the next 30 days:

• image: gcr.io/agones-images/agones-controller:1.9.0-a172193
• image: gcr.io/agones-images/agones-sdk:1.9.0-a172193
• image: gcr.io/agones-images/agones-ping:1.9.0-a172193
• Linux C++ SDK (build): agonessdk-1.9.0-a172193-linux-arch_64.tar.gz
• SDK Server: agonessdk-server-1.9.0-a172193.zip

A preview of the website (the last 30 builds are retained):

• https://a172193-dot-preview-dot-agones-images.appspot.com/

To install this version:

• git fetch https://github.com/googleforgames/agones.git pull/1790/head:pr_1790 && git checkout pr_1790
• helm install ./install/helm/agones --namespace agones-system --name agones --set agones.image.tag=1.9.0-a172193