Skip to content

Commit 4edeae5

Browse files
ankush-sqopsAkankshaSquareopsdivyanshujainSquareopsAkanksha Singhvinayakgautamops
authored
Release 3.1.0 (#75)
* Addons restructure and Version Updates for 1.30 cluster (#34) * update directory structure for alb,Node -termination-manager.cert-manager ,cluster-autoscaller,cluster-proportional-autoscaller,core dns-hpa,external-secret, reloader,metric-server * version updste in alb,Node -termination-manager,cert-manager,cluster-autoscaller,cluster-proportional-autoscaller,core dns-hpa,external-secret,config reloader,metric-server-hpa * udate default addons and example calling module * Update addons directory structure for default addons, alb,Node -termination-manager,cert-manager,cluster-autoscaller,cluster-proportional-autoscaller,core dns-hpa,external-secret,config reloader,metric-server-hpa * Update addons directory structure for default addons, alb,Node -termination-manager,cert-manager,cluster-autoscaller,cluster-proportional-autoscaller,core dns-hpa,external-secret,config reloader,metric-server-hpa * Update addons directory structure for default addons, alb,Node -termination-manager,cert-manager,cluster-autoscaller,cluster-proportional-autoscaller,core dns-hpa,external-secret,config reloader,metric-server-hpa * add akansha singh changes manually * structure update in cert-manager and corednshpa * structure update in cert-manager and corednshpa * Changes of modules and version update * Changes of modules and version update * update structre * kubernetes dashboard terraform addon module * update cert-manager config * solve kuberetes-dashboard ingress error * Modifying addons module and version update of phase1 * update aws-ebs-csi-driver module * update reloader configuration * Updated the module names and corrected local.tf file. * corrected module names which restructuring * albhactically arrange modules * Integrated ingress and private ingress in one module * ingress-nginx logic implemented for private nlb * comment update * add karpenter-provisioner configuration for multiple labels * change order of module names according to alphabatically * Testing for public and private ingress has been done * add keda configuration * corrected pre-commit errors and warnings * fixed the vpc-cni and ebs-csi-driver versions and resource limits * Updated readme.md file * standardized modules and variables * resource limit update keda, cluster-autoscaler, cert-manager * readme.md modified by pre-commit * support for EKS version >=1.28 --------- Co-authored-by: Divyanshu jain <divyanshu.jain@squareops.com> Co-authored-by: Akanksha Singh <akanksha.singh@squareops.in> * Added KMS key encryption for Karpenter, Version Update for Keda and m… (#35) * Added KMS key encryption for Karpenter, Version Update for Keda and metric-server-vpa along with improving the limit and request of resources * Added comments in main.tf for better understanding * Added comments in main.tf for better understanding * Kubernetes-dashboard improved version --------- Co-authored-by: Akanksha Singh <akanksha.singh@squareops.in> * Release 3.0.0 Fixes (#36) * Updated some changes * ebs-csi-driver policy addition and version update * efs-csi-driver fixed * Kubernetes-dashboard module depends_on added * cluster autoscaler fixes for 1.30 EKS cluster * Cert-Manager Fixes * Karpenter and Velero changes * added condition for internal ingress * EFS Driver policy updates * Fixed the indentation and comments in velero --------- Co-authored-by: Ankush.upadhyay <ankush.upadhyay@squareops.com> Co-authored-by: Akanksha Singh <akanksha.singh@squareops.in> * Policy update in efs-csi-driver * Policy update in efs-csi-driver (#39) Co-authored-by: Akanksha Singh <akanksha.singh@squareops.in> * FIxed coredns HPA bug (#38) * Release 3.0.0 (#40) * Updated example calling module and readme files * Updated example's main.tf file * add nginx-ingress outputs * Karpenter on single AZ * Terraform destroy script * Added note for terraform destroy script * Revert "Karpenter on single AZ" This reverts commit 1fe021d. * Removed istio module and moved to z-archieve folder * Added private alb option in K8S-dashabord ingress annotation * Karpenter, VPC-cni fixes * added cost tags in additional_aws_tags in calling module * Modified karpenter provisioner block * Support cost tags in all aws services * modified email * Optimized Resource request and limit (#49) * added spot instance policy for service-lined-role * Optimized Resource request and limit * Updated cost related tags in all the addons services (#50) * Support cost tags in all aws services * modified email * Release 3.0.1 (#51) * added spot instance policy for service-lined-role * Modifed main config for cert manager CRD's * Update main.tf "}" missing * ArgoCD and ArgoProject support in Addons Module * Updated coreDNS HPA memory metric type * Output block added for argocd creds * Add namespace support for ArgoCD * Provide support of additional tags in all the aws resources * Argo-Workflow Module added * argocd namespace changes * Variablizing name and namespace in argo project * Argo-workflow token output * Solved K8S-dashboard ingress terminating issue * Bug fux for certmanager and ingress-nginx * Updated HPA for argocd and workflow * alb-controller-bug-fix * Update argo-workflow calling module * Updated aws nth module, added notification functionality as optional * Updated calling module * Fixed ingress-nginx destroying issue * Ran pre-commit checks * ran pre-commit checks * Updated example calling module in readme file * Updated karpenter version and added bottlerocket ami support * Added cert-manager dependency on vpc-cni * Added argocd and workflow dependency on ingress module * Update main.tf --------- Co-authored-by: AkankshaSquareops <akanksha.singh@squareops.com> Co-authored-by: Divyanshu jain <divyanshu.jain@squareops.com> Co-authored-by: Akanksha Singh <akanksha.singh@squareops.in> Co-authored-by: vinayakgautamops <95210787+vinayakgautamops@users.noreply.github.com> Co-authored-by: jshre898 <shreya.jain@squareops.com> Co-authored-by: Monachawla1712 <chawalamona44@gmail.com> Co-authored-by: vinayakops <vinayak.gautam@revnue.com> Co-authored-by: Monachawla1712 <146841568+Monachawla1712@users.noreply.github.com>
1 parent 402a6b2 commit 4edeae5

106 files changed

Lines changed: 1939 additions & 404 deletions

File tree

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

README.md

Lines changed: 65 additions & 67 deletions
Large diffs are not rendered by default.

examples/complete/README.md

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -21,7 +21,7 @@
2121

2222
| Name | Source | Version |
2323
|------|--------|---------|
24-
| <a name="module_eks-addons"></a> [eks-addons](#module\_eks-addons) | squareops/eks-addons/aws | n/a |
24+
| <a name="module_eks-addons"></a> [eks-addons](#module\_eks-addons) | squareops/eks-addons/aws | 3.1.1 |
2525

2626
## Resources
2727

@@ -38,12 +38,14 @@ No inputs.
3838

3939
| Name | Description |
4040
|------|-------------|
41+
| <a name="output_argocd"></a> [argocd](#output\_argocd) | ArgoCD Credentials |
42+
| <a name="output_argoworkflow_credentials"></a> [argoworkflow\_credentials](#output\_argoworkflow\_credentials) | Argocd Workflow credentials |
43+
| <a name="output_argoworkflow_hostname"></a> [argoworkflow\_hostname](#output\_argoworkflow\_hostname) | Argocd Workflow hostname |
4144
| <a name="output_defectdojo"></a> [defectdojo](#output\_defectdojo) | DefectDojo endpoint and credentials |
4245
| <a name="output_ebs_encryption_enable"></a> [ebs\_encryption\_enable](#output\_ebs\_encryption\_enable) | Whether Amazon Elastic Block Store (EBS) encryption is enabled or not. |
4346
| <a name="output_efs_id"></a> [efs\_id](#output\_efs\_id) | ID of the Amazon Elastic File System (EFS) that has been created for the EKS cluster. |
4447
| <a name="output_environment"></a> [environment](#output\_environment) | Environment Name for the EKS cluster |
4548
| <a name="output_internal_nginx_ingress_controller_dns_hostname"></a> [internal\_nginx\_ingress\_controller\_dns\_hostname](#output\_internal\_nginx\_ingress\_controller\_dns\_hostname) | DNS hostname of the NGINX Ingress Controller that can be used to access it from within the cluster. |
46-
| <a name="output_istio_ingressgateway_dns_hostname"></a> [istio\_ingressgateway\_dns\_hostname](#output\_istio\_ingressgateway\_dns\_hostname) | DNS hostname of the Istio Ingress Gateway |
4749
| <a name="output_k8s_dashboard_admin_token"></a> [k8s\_dashboard\_admin\_token](#output\_k8s\_dashboard\_admin\_token) | Kubernetes-Dashboard Admin Token |
4850
| <a name="output_k8s_dashboard_read_only_token"></a> [k8s\_dashboard\_read\_only\_token](#output\_k8s\_dashboard\_read\_only\_token) | Kubernetes-Dashboard Read Only Token |
4951
| <a name="output_kubeclarity"></a> [kubeclarity](#output\_kubeclarity) | Kubeclarity endpoint and credentials |
Lines changed: 46 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,46 @@
1+
controller:
2+
affinity:
3+
nodeAffinity:
4+
requiredDuringSchedulingIgnoredDuringExecution:
5+
nodeSelectorTerms:
6+
- matchExpressions:
7+
- key: "Addons-Services"
8+
operator: In
9+
values:
10+
- "true"
11+
12+
executor:
13+
resources:
14+
limits:
15+
cpu: 20m
16+
memory: 100Mi
17+
requests:
18+
cpu: 10m
19+
memory: 50Mi
20+
21+
server:
22+
resources:
23+
limits:
24+
cpu: 20m
25+
memory: 100Mi
26+
requests:
27+
cpu: 10m
28+
memory: 50Mi
29+
30+
logging:
31+
resources:
32+
limits:
33+
cpu: 20m
34+
memory: 100Mi
35+
requests:
36+
cpu: 10m
37+
memory: 50Mi
38+
39+
mainContainer:
40+
resources:
41+
limits:
42+
cpu: 20m
43+
memory: 100Mi
44+
requests:
45+
cpu: 10m
46+
memory: 50Mi
Lines changed: 137 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,137 @@
1+
configs:
2+
cm:
3+
accounts.admin: apiKey
4+
5+
controller:
6+
resources:
7+
limits:
8+
cpu: 100m
9+
memory: 500Mi
10+
requests:
11+
cpu: 50m
12+
memory: 250Mi
13+
14+
affinity:
15+
nodeAffinity:
16+
requiredDuringSchedulingIgnoredDuringExecution:
17+
nodeSelectorTerms:
18+
- matchExpressions:
19+
- key: "Addons-Services"
20+
operator: In
21+
values:
22+
- "true"
23+
repoServer:
24+
affinity:
25+
nodeAffinity:
26+
requiredDuringSchedulingIgnoredDuringExecution:
27+
nodeSelectorTerms:
28+
- matchExpressions:
29+
- key: "Addons-Services"
30+
operator: In
31+
values:
32+
- "true"
33+
resources:
34+
limits:
35+
cpu: 20m
36+
memory: 200Mi
37+
requests:
38+
cpu: 10m
39+
memory: 100Mi
40+
41+
42+
notifications:
43+
resources:
44+
limits:
45+
cpu: 20m
46+
memory: 100Mi
47+
requests:
48+
cpu: 10m
49+
memory: 50Mi
50+
affinity:
51+
nodeAffinity:
52+
requiredDuringSchedulingIgnoredDuringExecution:
53+
nodeSelectorTerms:
54+
- matchExpressions:
55+
- key: "Addons-Services"
56+
operator: In
57+
values:
58+
- "true"
59+
60+
server:
61+
resources:
62+
limits:
63+
cpu: 100m
64+
memory: 200Mi
65+
requests:
66+
cpu: 50m
67+
memory: 100Mi
68+
69+
affinity:
70+
nodeAffinity:
71+
requiredDuringSchedulingIgnoredDuringExecution:
72+
nodeSelectorTerms:
73+
- matchExpressions:
74+
- key: "Addons-Services"
75+
operator: In
76+
values:
77+
- "true"
78+
79+
redis:
80+
resources:
81+
limits:
82+
cpu: 100m
83+
memory: 150Mi
84+
requests:
85+
cpu: 50m
86+
memory: 75Mi
87+
88+
89+
affinity:
90+
nodeAffinity:
91+
requiredDuringSchedulingIgnoredDuringExecution:
92+
nodeSelectorTerms:
93+
- matchExpressions:
94+
- key: "Addons-Services"
95+
operator: In
96+
values:
97+
- "true"
98+
99+
dex:
100+
resources:
101+
limits:
102+
cpu: 40m
103+
memory: 100Mi
104+
requests:
105+
cpu: 20m
106+
memory: 50Mi
107+
108+
109+
affinity:
110+
nodeAffinity:
111+
requiredDuringSchedulingIgnoredDuringExecution:
112+
nodeSelectorTerms:
113+
- matchExpressions:
114+
- key: "Addons-Services"
115+
operator: In
116+
values:
117+
- "true"
118+
119+
applicationSet:
120+
resources:
121+
limits:
122+
cpu: 40m
123+
memory: 100Mi
124+
requests:
125+
cpu: 20m
126+
memory: 50Mi
127+
128+
129+
affinity:
130+
nodeAffinity:
131+
requiredDuringSchedulingIgnoredDuringExecution:
132+
nodeSelectorTerms:
133+
- matchExpressions:
134+
- key: "Addons-Services"
135+
operator: In
136+
values:
137+
- "true"

examples/complete/config/cert-manager.yaml

Lines changed: 12 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,7 @@ crds:
55
# This option decides if the CRDs should be installed
66
# as part of the Helm installation.
77
enabled: true
8+
keep: false
89
## Node affinity for particular node in which labels key is "Infra-Services" and value is "true"
910

1011
affinity:
@@ -19,11 +20,11 @@ affinity:
1920

2021
resources:
2122
limits:
22-
cpu: 20m
23-
memory: 400Mi
24-
requests:
2523
cpu: 10m
2624
memory: 200Mi
25+
requests:
26+
cpu: 5m
27+
memory: 100Mi
2728

2829
webhook:
2930
affinity:
@@ -38,11 +39,11 @@ webhook:
3839

3940
resources:
4041
limits:
41-
cpu: 20m
42-
memory: 150Mi
43-
requests:
4442
cpu: 10m
45-
memory: 75Mi
43+
memory: 100Mi
44+
requests:
45+
cpu: 8m
46+
memory: 50Mi
4647

4748
cainjector:
4849
affinity:
@@ -57,8 +58,8 @@ cainjector:
5758

5859
resources:
5960
limits:
60-
cpu: 20m
61-
memory: 480Mi
61+
cpu: 16m
62+
memory: 300Mi
6263
requests:
63-
cpu: 10m
64-
memory: 240Mi
64+
cpu: 8m
65+
memory: 150Mi

examples/complete/config/cluster-autoscaler.yaml

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -14,8 +14,8 @@ affinity:
1414

1515
resources:
1616
limits:
17-
cpu: 20m
18-
memory: 200Mi
17+
cpu: 50m
18+
memory: 250Mi
1919
requests:
20-
cpu: 10m
21-
memory: 100Mi
20+
cpu: 25m
21+
memory: 250Mi

examples/complete/config/external-secret.yaml

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -1,9 +1,9 @@
11
resources:
22
limits:
3-
cpu: 20m
3+
cpu: 10m
44
memory: 100Mi
55
requests:
6-
cpu: 10m
6+
cpu: 5m
77
memory: 50Mi
88

99
affinity:
@@ -19,10 +19,10 @@ affinity:
1919
webhook:
2020
resources:
2121
limits:
22-
cpu: 20m
22+
cpu: 10m
2323
memory: 100Mi
2424
requests:
25-
cpu: 10m
25+
cpu: 8m
2626
memory: 50Mi
2727

2828
affinity:
@@ -38,10 +38,10 @@ webhook:
3838
certController:
3939
resources:
4040
limits:
41-
cpu: 20m
41+
cpu: 10m
4242
memory: 100Mi
4343
requests:
44-
cpu: 10m
44+
cpu: 8m
4545
memory: 50Mi
4646

4747
affinity:

examples/complete/config/ingress-nginx.yaml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,4 @@
1+
controller:
12
resources:
23
limits:
34
cpu: 100m

examples/complete/config/karpenter-management.yaml

Lines changed: 0 additions & 4 deletions
This file was deleted.

examples/complete/config/keda.yaml

Lines changed: 9 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -35,24 +35,24 @@ webhooks:
3535
resources:
3636
operator:
3737
limits:
38-
cpu: 200m
39-
memory: 200Mi
38+
cpu: 20m
39+
memory: 180Mi
4040
requests:
41-
cpu: 100m
42-
memory: 100Mi
41+
cpu: 10m
42+
memory: 60Mi
4343
metricServer:
4444
limits:
45-
cpu: 200m
46-
memory: 200Mi
47-
requests:
4845
cpu: 100m
4946
memory: 100Mi
47+
requests:
48+
cpu: 50m
49+
memory: 50Mi
5050
webhooks:
5151
limits:
52-
cpu: 20m
52+
cpu: 10m
5353
memory: 20Mi
5454
requests:
55-
cpu: 10m
55+
cpu: 5m
5656
memory: 10Mi
5757

5858
affinity:

0 commit comments

Comments
 (0)