Adds single-node module (#141)

* Adds single-node module
dominodatalab · Sep 27, 2023 · cda9881 · cda9881
1 parent 0babe6d
commit cda9881
Show file tree

Hide file tree

Showing 40 changed files with 1,074 additions and 220 deletions.
diff --git a/.circleci/config.yml b/.circleci/config.yml
@@ -47,13 +47,20 @@ commands:
           environment:
             HCLEDIT_VERSION: << parameters.hcledit_version >>
           command: bash ci-deploy.sh install_hcledit
-  set_current_mod_source:
+  set_mod_source_current:
     description: "Set up module source to current branch."
     steps:
       - run:
           name: "Set module source to current branch"
           working_directory: tests/deploy
           command: bash ci-deploy.sh set_mod_src_circle_branch
+  set_mod_source_latest_rel:
+    description: "Set up module source to current branch."
+    steps:
+      - run:
+          name: "Set module source to latest published release"
+          working_directory: tests/deploy
+          command: bash ci-deploy.sh set_mod_src_latest_rel
   set_aws_creds:
     description: "Sets short-lived creds"
     steps:
@@ -72,7 +79,6 @@ commands:
           command: |
             bash ci-deploy.sh setup_modules
             bash ci-deploy.sh set_tf_vars
-      - set_current_mod_source
   install_helm:
     description: "Install Helm"
     parameters:
@@ -120,6 +126,24 @@ commands:
               echo "Running ci-deploy.sh deploy"
               bash ci-deploy.sh deploy
             fi
+  tf_deploy_single_node:
+    description: "Terraform deploy single-node"
+    steps:
+      - run:
+          name: "Setup single-node module"
+          working_directory: tests/deploy
+          command: bash ci-deploy.sh setup_single_node_tf
+      - run:
+          name: "Deploy single-node"
+          working_directory: tests/deploy
+          command: bash ci-deploy.sh deploy_single_node
+  tf_destroy_single_node:
+    description: "Terraform destroy single-node"
+    steps:
+      - run:
+          name: "Destroy single-node"
+          working_directory: tests/deploy
+          command: bash ci-deploy.sh destroy_single_node
   tf_deploy:
     description: "Terraform deploy"
     steps:
@@ -169,7 +193,10 @@ jobs:
       - install_helm:
           helm_version: << parameters.helm_version >>
       - set_tf_vars
+      - set_mod_source_current
       - tf_deploy
+      - tf_deploy_single_node
+      - tf_destroy_single_node
       - tf_destroy
   test-upgrade:
     docker:
@@ -187,14 +214,10 @@ jobs:
           terraform_version: << parameters.terraform_version >>
       - install_helm:
           helm_version: << parameters.helm_version >>
-      - install_hcledit
       - set_tf_vars
-      - run:
-          name: "Set module source to latest published release"
-          working_directory: tests/deploy
-          command: bash ci-deploy.sh set_mod_src_latest_rel
+      - set_mod_source_latest_rel
       - tf_deploy
-      - set_current_mod_source
+      - set_mod_source_current
       - tf_init_apply
       - tf_destroy
 

diff --git a/README.md b/README.md
@@ -153,7 +153,6 @@ Configure terraform variables at:
 * `domino-deploy/terraform/nodes.tfvars`
 
 **NOTE**: The `eks` configuration is required in both the `infra` and `cluster` modules because the Kubernetes version is used for installing the `kubectl` binary on the bastion host. Similarly, `default_node_groups` and `additional_node_groups` must be defined in both the `infra` and `nodes` modules, as the `availability zones` for the `nodes` are necessary for setting up the network infrastructure.
-The `eks` module will source its information from the `infra` outputs if it is not configured on `cluster.tfvars`, as will the `nodes` module if the variables are not configured on `nodes.tfvars`. We recommended setting the variables in `eks` and `nodes` from the beggining as future kubernetes upgrades will be driven from `cluster.tfvars` and `nodes.tfvars`.
 
 
 ### 4. Create SSH Key pair

diff --git a/examples/deploy/terraform/cluster.tfvars b/examples/deploy/terraform/cluster.tfvars
@@ -1,2 +1,19 @@
-eks      = null
+eks = {
+  cluster_addons     = null
+  creation_role_name = null
+  custom_role_maps   = null
+  identity_providers = null
+  k8s_version        = "1.27"
+  kubeconfig = {
+    extra_args = null
+    path       = null
+  }
+  master_role_names = null
+  public_access = {
+    cidrs   = null
+    enabled = null
+  }
+  ssm_log_group_name = null
+  vpc_cni            = null
+}
 kms_info = null
diff --git a/examples/deploy/terraform/cluster/README.md b/examples/deploy/terraform/cluster/README.md
@@ -30,7 +30,7 @@
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
-| <a name="input_eks"></a> [eks](#input\_eks) | creation\_role\_name = Name of the role to import.<br>    k8s\_version = EKS cluster k8s version.<br>    kubeconfig = {<br>      extra\_args = Optional extra args when generating kubeconfig.<br>      path       = Fully qualified path name to write the kubeconfig file.<br>    }<br>    public\_access = {<br>      enabled = Enable EKS API public endpoint.<br>      cidrs   = List of CIDR ranges permitted for accessing the EKS public endpoint.<br>    }<br>    Custom role maps for aws auth configmap<br>    custom\_role\_maps = {<br>      rolearn  = string<br>      username = string<br>      groups   = list(string)<br>    }<br>    master\_role\_names  = IAM role names to be added as masters in eks.<br>    cluster\_addons     = EKS cluster addons. vpc-cni is installed separately.<br>    vpc\_cni            = Configuration for AWS VPC CNI<br>    ssm\_log\_group\_name = CloudWatch log group to send the SSM session logs to.<br>    identity\_providers = Configuration for IDP(Identity Provider).<br>  } | <pre>object({<br>    creation_role_name = optional(string, null)<br>    k8s_version        = optional(string)<br>    kubeconfig = optional(object({<br>      extra_args = optional(string)<br>      path       = optional(string)<br>    }), {})<br>    public_access = optional(object({<br>      enabled = optional(bool)<br>      cidrs   = optional(list(string))<br>    }), {})<br>    custom_role_maps = optional(list(object({<br>      rolearn  = string<br>      username = string<br>      groups   = list(string)<br>    })))<br>    master_role_names  = optional(list(string))<br>    cluster_addons     = optional(list(string))<br>    ssm_log_group_name = optional(string)<br>    vpc_cni = optional(object({<br>      prefix_delegation = optional(bool)<br>      annotate_pod_ip   = optional(bool)<br>    }))<br>    identity_providers = optional(list(object({<br>      client_id                     = string<br>      groups_claim                  = optional(string)<br>      groups_prefix                 = optional(string)<br>      identity_provider_config_name = string<br>      issuer_url                    = optional(string)<br>      required_claims               = optional(string)<br>      username_claim                = optional(string)<br>      username_prefix               = optional(string)<br>    })))<br>  })</pre> | `null` | no |
+| <a name="input_eks"></a> [eks](#input\_eks) | creation\_role\_name = Name of the role to import.<br>    k8s\_version = EKS cluster k8s version.<br>    kubeconfig = {<br>      extra\_args = Optional extra args when generating kubeconfig.<br>      path       = Fully qualified path name to write the kubeconfig file.<br>    }<br>    public\_access = {<br>      enabled = Enable EKS API public endpoint.<br>      cidrs   = List of CIDR ranges permitted for accessing the EKS public endpoint.<br>    }<br>    Custom role maps for aws auth configmap<br>    custom\_role\_maps = {<br>      rolearn  = string<br>      username = string<br>      groups   = list(string)<br>    }<br>    master\_role\_names  = IAM role names to be added as masters in eks.<br>    cluster\_addons     = EKS cluster addons. vpc-cni is installed separately.<br>    vpc\_cni            = Configuration for AWS VPC CNI<br>    ssm\_log\_group\_name = CloudWatch log group to send the SSM session logs to.<br>    identity\_providers = Configuration for IDP(Identity Provider).<br>  } | <pre>object({<br>    creation_role_name = optional(string, null)<br>    k8s_version        = optional(string)<br>    kubeconfig = optional(object({<br>      extra_args = optional(string)<br>      path       = optional(string)<br>    }), {})<br>    public_access = optional(object({<br>      enabled = optional(bool)<br>      cidrs   = optional(list(string))<br>    }), {})<br>    custom_role_maps = optional(list(object({<br>      rolearn  = string<br>      username = string<br>      groups   = list(string)<br>    })))<br>    master_role_names  = optional(list(string))<br>    cluster_addons     = optional(list(string))<br>    ssm_log_group_name = optional(string)<br>    vpc_cni = optional(object({<br>      prefix_delegation = optional(bool)<br>      annotate_pod_ip   = optional(bool)<br>    }))<br>    identity_providers = optional(list(object({<br>      client_id                     = string<br>      groups_claim                  = optional(string)<br>      groups_prefix                 = optional(string)<br>      identity_provider_config_name = string<br>      issuer_url                    = optional(string)<br>      required_claims               = optional(string)<br>      username_claim                = optional(string)<br>      username_prefix               = optional(string)<br>    })))<br>  })</pre> | `{}` | no |
 | <a name="input_kms_info"></a> [kms\_info](#input\_kms\_info) | Overrides the KMS key information. Meant for migrated configurations.<br>    {<br>      key\_id  = KMS key id.<br>      key\_arn = KMS key arn.<br>      enabled = KMS key is enabled.<br>    } | <pre>object({<br>    key_id  = string<br>    key_arn = string<br>    enabled = bool<br>  })</pre> | `null` | no |
 
 ## Outputs

diff --git a/examples/deploy/terraform/cluster/main.tf b/examples/deploy/terraform/cluster/main.tf
@@ -8,7 +8,6 @@ data "terraform_remote_state" "infra" {
 
 locals {
   infra = data.terraform_remote_state.infra.outputs.infra
-  eks   = var.eks != null ? var.eks : local.infra.eks
   kms   = var.kms_info != null ? var.kms_info : local.infra.kms
 }
 
@@ -20,7 +19,7 @@ module "eks" {
   ssh_key             = local.infra.ssh_key
   node_iam_policies   = local.infra.node_iam_policies
   efs_security_group  = local.infra.efs_security_group
-  eks                 = local.eks
+  eks                 = var.eks
   network_info        = local.infra.network
   kms_info            = local.kms
   bastion_info        = local.infra.bastion

diff --git a/examples/deploy/terraform/cluster/variables.tf b/examples/deploy/terraform/cluster/variables.tf
@@ -61,7 +61,7 @@ variable "eks" {
     })))
   })
 
-  default = null
+  default = {}
 }
 
 variable "kms_info" {

diff --git a/examples/deploy/terraform/infra.tfvars b/examples/deploy/terraform/infra.tfvars
@@ -13,7 +13,7 @@ default_node_groups = {
     availability_zone_ids = ["usw2-az1", "usw2-az2"]
   }
 }
-deploy_id = "dominoeks001"
+deploy_id = "dominoeks003"
 eks = {
   cluster_addons     = null
   creation_role_name = null
-Original file line number
+Diff line change
@@ Expand Up / @@ -61,7 +61,7 @@ variable "eks" { @@
         })))
       })
-      default = null
+      default = {}
     }
     variable "kms_info" {
@@ Expand Down @@