From a632610058e1df1bc3f8b6358b1cf2f537dc4850 Mon Sep 17 00:00:00 2001
From: Utkarsh Mishra <utkarshmishra@tataelxsi.co.in>
Date: Mon, 20 Nov 2023 05:45:26 +0000
Subject: [PATCH] Adding helm templates for crossplane-aws manifests, please
review.
---
.../charts/crossplane-aws/Chart.yaml | 4 +-
.../charts/crossplane-aws/README.md | 56 ++++++++
.../charts/crossplane-aws/templates/NOTES.txt | 38 +++---
.../crossplane-aws/templates/eks-cluster.yaml | 25 ----
.../templates/eks-cluster/eks-cluster.yaml | 32 +++++
.../templates/eks-cluster/node-group.yaml | 38 ++++++
.../crossplane-aws/templates/gateways.yaml | 57 --------
.../crossplane-aws/templates/iam-roles.yaml | 55 --------
.../templates/iam/iam-roles.yaml | 32 +++++
.../templates/iam/role-policy-attachment.yaml | 23 ++++
.../templates/network/gateways.yaml | 72 ++++++++++
.../templates/network/route-tables.yaml | 54 ++++++++
.../templates/network/subnet.yaml | 35 +++++
.../templates/{ => network}/vpc.yaml | 10 +-
.../crossplane-aws/templates/node-group.yaml | 31 -----
.../templates/role-policy-attachment.yaml | 103 ---------------
.../templates/route-tables.yaml | 63 ---------
.../crossplane-aws/templates/subnet.yaml | 103 ---------------
.../templates/tests/test-connection.yaml | 15 ---
.../charts/crossplane-aws/values.yaml | 125 ++++++------------
20 files changed, 409 insertions(+), 562 deletions(-)
create mode 100644 poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/README.md
delete mode 100644 poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/eks-cluster.yaml
create mode 100644 poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/eks-cluster/eks-cluster.yaml
create mode 100644 poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/eks-cluster/node-group.yaml
delete mode 100644 poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/gateways.yaml
delete mode 100644 poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/iam-roles.yaml
create mode 100644 poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/iam/iam-roles.yaml
create mode 100644 poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/iam/role-policy-attachment.yaml
create mode 100644 poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/network/gateways.yaml
create mode 100644 poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/network/route-tables.yaml
create mode 100644 poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/network/subnet.yaml
rename poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/{ => network}/vpc.yaml (60%)
delete mode 100644 poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/node-group.yaml
delete mode 100644 poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/role-policy-attachment.yaml
delete mode 100644 poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/route-tables.yaml
delete mode 100644 poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/subnet.yaml
delete mode 100644 poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/tests/test-connection.yaml
diff --git a/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/Chart.yaml b/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/Chart.yaml
index f6182f5..304f759 100644
--- a/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/Chart.yaml
+++ b/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/Chart.yaml
@@ -1,6 +1,6 @@
apiVersion: v2
name: crossplane-aws
-description: A Helm chart for Kubernetes
+description: A Helm chart for installing all the Custom resources required for creating EKS cluster on AWS using crossplane. The chart is named crossplane-aws and uses the crossplane/provider-aws:version. It is tested for provider crossplane/provider-aws:v0.22.0 to xpkg.upbound.io/crossplane-contrib/provider-aws:v0.34.0. If found any issues please reach out to the owner of the chart.
# A chart can be either an 'application' or a 'library' chart.
#
@@ -21,4 +21,4 @@ version: 0.1.0
# incremented each time you make changes to the application. Versions are not expected to
# follow Semantic Versioning. They should reflect the version the application is using.
# It is recommended to use it with quotes.
-appVersion: "1.16.0"
+appVersion: "0.1.0"
diff --git a/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/README.md b/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/README.md
new file mode 100644
index 0000000..32be79e
--- /dev/null
+++ b/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/README.md
@@ -0,0 +1,56 @@
+## Pre-requisites
+
+* [Kubernetes cluster], minimum version `v1.16.0+`
+* [Helm], minimum version `v3.0.0+`.
+* [Crossplane], minimum version `v1.13.2`.
+* [Crossplane-Provider-AWS], minimum version `v0.22.0`.
+
+## Installation
+
+Helm charts for Crossplane AWS can be installed in any kubernetes cluster with the minimum kubernetes version and helm version.
+
+### Commands for offline installation of crossplane-aws helm chart
+
+The stable channel is the most recent release of Crossplane that is considered
+ready for the community.
+
+
+
+```console
+To test the helm chart:-
+kubectl create namespace crossplane-system
+
+helm repo add crossplane-stable https://charts.crossplane.io/stable
+helm repo update
+
+helm install crossplane --namespace crossplane-system crossplane-stable/crossplane
+
+1. Apply provider aws using the following manifest, replace the version of provider if required.
+
+kubectl apply -f - <<< "apiVersion: pkg.crossplane.io/v1
+kind: Provider
+metadata:
+ name: crossplane-provider-aws
+spec:
+ package: crossplane/provider-aws:v0.22.0"
+
+2. Create secrets from aws credentials.
+
+3. Create provider-config aws referring the secrets created in step 2.
+
+*** Please modify the values.yaml according as required before installing the chart. ***
+
+helm install crossplane-aws --namespace crossplane-system crossplane-aws/
+
+Voila! You should see the eks cluster getting created.
+```
+
+
+## Uninstalling the Chart
+
+```console
+helm uninstall crossplane-aws --namespace crossplane-system
+```
+
+That command removes all resources associated with crossplane-aws,
+including all the crds.
diff --git a/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/NOTES.txt b/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/NOTES.txt
index 6cb8eb2..1297406 100644
--- a/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/NOTES.txt
+++ b/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/NOTES.txt
@@ -1,22 +1,16 @@
-1. Get the application URL by running these commands:
-{{- if .Values.ingress.enabled }}
-{{- range $host := .Values.ingress.hosts }}
- {{- range .paths }}
- http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }}
- {{- end }}
-{{- end }}
-{{- else if contains "NodePort" .Values.service.type }}
- export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "crossplane-aws.fullname" . }})
- export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
- echo http://$NODE_IP:$NODE_PORT
-{{- else if contains "LoadBalancer" .Values.service.type }}
- NOTE: It may take a few minutes for the LoadBalancer IP to be available.
- You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "crossplane-aws.fullname" . }}'
- export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "crossplane-aws.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}")
- echo http://$SERVICE_IP:{{ .Values.service.port }}
-{{- else if contains "ClusterIP" .Values.service.type }}
- export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "crossplane-aws.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
- export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}")
- echo "Visit http://127.0.0.1:8080 to use your application"
- kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT
-{{- end }}
+
+Thank you for installing {{ .Chart.Name }}.
+
+Your release is named {{ .Release.Name }}.
+
+To learn more about the release, try:
+
+ $ helm status {{ .Release.Name }}
+ $ helm get all {{ .Release.Name }}Release: {{.Release.Name}}
+
+Chart Name: {{.Chart.Name}}
+Chart Description: {{.Chart.Description}}
+Chart Version: {{.Chart.Version}}
+Chart Application Version: {{.Chart.AppVersion}}
+
+Kube Version: {{.Capabilities.KubeVersion}}
diff --git a/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/eks-cluster.yaml b/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/eks-cluster.yaml
deleted file mode 100644
index 0fa7ef8..0000000
--- a/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/eks-cluster.yaml
+++ /dev/null
@@ -1,25 +0,0 @@
-# The following crd uses crossplane provider "crossplane/provider-aws:v0.22.0".
-
-apiVersion: eks.aws.crossplane.io/v1beta1
-kind: Cluster
-metadata:
- name: crossplane-cluster
- labels:
- cluster: crossplane-cluster
-spec:
- forProvider:
- region: "ap-south-1"
- version: "1.27"
- roleArnSelector:
- matchLabels:
- role: "crossplane-controlplane"
- resourcesVpcConfig:
- endpointPrivateAccess: true
- endpointPublicAccess: true
- subnetIdSelector:
- matchLabels:
- type: subnet
- access: private
- writeConnectionSecretToRef:
- namespace: crossplane-system
- name: eks-cluster-secret
\ No newline at end of file
diff --git a/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/eks-cluster/eks-cluster.yaml b/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/eks-cluster/eks-cluster.yaml
new file mode 100644
index 0000000..af02212
--- /dev/null
+++ b/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/eks-cluster/eks-cluster.yaml
@@ -0,0 +1,32 @@
+
+apiVersion: eks.aws.crossplane.io/v1beta1
+kind: Cluster
+metadata:
+ name: {{ .Chart.Name }}
+ labels:
+ provider: aws
+ cluster: eks
+ chart: {{ .Chart.Name }}
+spec:
+ forProvider:
+ region: {{ .Values.region }}
+ version: "{{ .Values.version }}"
+ roleArnSelector:
+ matchLabels:
+ provider: aws
+ cluster: eks
+ chart: {{ .Chart.Name }}
+ type: eks
+ resourcesVpcConfig:
+ endpointPrivateAccess: true
+ endpointPublicAccess: true
+ subnetIdSelector:
+ matchLabels:
+ provider: aws
+ cluster: eks
+ chart: {{ .Chart.Name }}
+ type: subnet
+ access: private
+ writeConnectionSecretToRef:
+ namespace: {{ .Release.Namespace }}
+ name: {{ .Chart.Name }}
\ No newline at end of file
diff --git a/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/eks-cluster/node-group.yaml b/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/eks-cluster/node-group.yaml
new file mode 100644
index 0000000..57297b4
--- /dev/null
+++ b/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/eks-cluster/node-group.yaml
@@ -0,0 +1,38 @@
+
+apiVersion: eks.aws.crossplane.io/v1alpha1
+kind: NodeGroup
+metadata:
+ name: {{ .Chart.Name }}
+ labels:
+ provider: aws
+ cluster: eks
+ chart: {{ .Chart.Name }}
+spec:
+ forProvider:
+ region: {{ .Values.region }}
+ clusterNameSelector:
+ matchLabels:
+ provider: aws
+ cluster: eks
+ chart: {{ .Chart.Name }}
+ nodeRoleSelector:
+ matchLabels:
+ provider: aws
+ cluster: eks
+ chart: {{ .Chart.Name }}
+ type: ec2
+ subnetSelector:
+ matchLabels:
+ type: subnet
+ access: private
+ scalingConfig:
+ minSize: {{ .Values.minSize }}
+ desiredSize: {{ .Values.minSize }}
+ maxSize: 4
+ diskSize: 30
+ instanceTypes:
+ - {{ .Values.instanceType }}
+ remoteAccess:
+ ec2SSHKey: {{ .Values.sshkey }}
+ tags:
+ Name: {{ .Chart.Name }}
\ No newline at end of file
diff --git a/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/gateways.yaml b/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/gateways.yaml
deleted file mode 100644
index 5b17891..0000000
--- a/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/gateways.yaml
+++ /dev/null
@@ -1,57 +0,0 @@
-# The following crd uses crossplane provider "crossplane/provider-aws:v0.22.0".
-
-apiVersion: ec2.aws.crossplane.io/v1beta1
-kind: InternetGateway
-metadata:
- name: crossplane-igw
- labels:
- type: igw
-spec:
- forProvider:
- region: "ap-south-1"
- vpcIdSelector:
- matchLabels:
- vpc: crossplane-vpc
- tags:
- - key: Name
- value: "crossplane-igw"
-
----
-
-apiVersion: ec2.aws.crossplane.io/v1beta1
-kind: Address
-metadata:
- name: crossplane-eip
- labels:
- type: eip
-spec:
- forProvider:
- region: "ap-south-1"
- domain: vpc
- tags:
- - key: Name
- value: crossplane-eip
-
----
-
-apiVersion: ec2.aws.crossplane.io/v1beta1
-kind: NATGateway
-metadata:
- name: crossplane-ngw
- labels:
- type: natgw
-spec:
- forProvider:
- region: "ap-south-1"
- connectivityType: public
- allocationIdSelector:
- matchLabels:
- type: eip
- subnetIdSelector:
- matchLabels:
- type: subnet
- access: public
- zone: 1a
- tags:
- - key: Name
- value: nat-gateway
diff --git a/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/iam-roles.yaml b/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/iam-roles.yaml
deleted file mode 100644
index d24df52..0000000
--- a/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/iam-roles.yaml
+++ /dev/null
@@ -1,55 +0,0 @@
-# The following crd uses crossplane provider "crossplane/provider-aws:v0.22.0".
-
-apiVersion: iam.aws.crossplane.io/v1beta1
-kind: Role
-metadata:
- name: "crossplane-controlplane"
- labels:
- role: "crossplane-controlplane"
-spec:
- forProvider:
- assumeRolePolicyDocument: |
- {
- "Version": "2012-10-17",
- "Statement": [
- {
- "Effect": "Allow",
- "Principal": {
- "Service": [
- "eks.amazonaws.com"
- ]
- },
- "Action": [
- "sts:AssumeRole"
- ]
- }
- ]
- }
-
----
-
-apiVersion: iam.aws.crossplane.io/v1beta1
-kind: Role
-metadata:
- name: "crossplane-nodegroup"
- labels:
- role: "crossplane-nodegroup"
-spec:
- forProvider:
- assumeRolePolicyDocument: |
- {
- "Version": "2012-10-17",
- "Statement": [
- {
- "Effect": "Allow",
- "Principal": {
- "Service": [
- "ec2.amazonaws.com"
- ]
- },
- "Action": [
- "sts:AssumeRole"
- ]
- }
- ]
- }
\ No newline at end of file
diff --git a/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/iam/iam-roles.yaml b/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/iam/iam-roles.yaml
new file mode 100644
index 0000000..6f6c942
--- /dev/null
+++ b/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/iam/iam-roles.yaml
@@ -0,0 +1,32 @@
+{{- $root := . -}}
+{{- range .Values.roles }}
+---
+apiVersion: iam.aws.crossplane.io/v1beta1
+kind: Role
+metadata:
+ name: "{{ $root.Chart.Name }}-{{ .name }}"
+ labels:
+ provider: aws
+ cluster: eks
+ chart: {{ $root.Chart.Name }}
+ type: {{ .name }}
+spec:
+ forProvider:
+ assumeRolePolicyDocument: |
+ {
+ "Version": "2012-10-17",
+ "Statement": [
+ {
+ "Effect": "Allow",
+ "Principal": {
+ "Service": [
+ "{{ .name }}.amazonaws.com"
+ ]
+ },
+ "Action": [
+ "sts:AssumeRole"
+ ]
+ }
+ ]
+ }
+{{- end }}
\ No newline at end of file
diff --git a/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/iam/role-policy-attachment.yaml b/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/iam/role-policy-attachment.yaml
new file mode 100644
index 0000000..fb0881e
--- /dev/null
+++ b/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/iam/role-policy-attachment.yaml
@@ -0,0 +1,23 @@
+{{- $root := . -}}
+{{- range .Values.policiyAttachments }}
+---
+
+apiVersion: iam.aws.crossplane.io/v1beta1
+kind: RolePolicyAttachment
+metadata:
+ name: {{ $root.Chart.Name }}-{{ .name }}
+ labels:
+ provider: aws
+ cluster: eks
+ chart: {{ $root.Chart.Name }}
+spec:
+ forProvider:
+ policyArn: arn:aws:iam::aws:policy/{{ .arn }}
+ roleNameSelector:
+ matchLabels:
+ provider: aws
+ cluster: eks
+ chart: {{ $root.Chart.Name }}
+ type: {{ .role }}
+
+{{- end }}
\ No newline at end of file
diff --git a/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/network/gateways.yaml b/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/network/gateways.yaml
new file mode 100644
index 0000000..13b24e1
--- /dev/null
+++ b/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/network/gateways.yaml
@@ -0,0 +1,72 @@
+{{- $root := . -}}
+apiVersion: ec2.aws.crossplane.io/v1beta1
+kind: InternetGateway
+metadata:
+ name: {{ .Chart.Name }}
+ labels:
+ provider: aws
+ cluster: eks
+ chart: {{ .Chart.Name }}
+ type: igw
+spec:
+ forProvider:
+ region: {{ .Values.region }}
+ vpcIdSelector:
+ matchLabels:
+ provider: aws
+ cluster: eks
+ chart: {{ .Chart.Name }}
+ tags:
+ - key: Name
+ value: "crossplane-igw"
+
+---
+
+apiVersion: ec2.aws.crossplane.io/v1beta1
+kind: Address
+metadata:
+ name: {{ .Chart.Name }}
+ labels:
+ provider: aws
+ cluster: eks
+ chart: {{ .Chart.Name }}
+ type: eip
+spec:
+ forProvider:
+ region: {{ .Values.region }}
+ domain: vpc
+ tags:
+ - key: Name
+ value: crossplane-eip
+
+---
+apiVersion: ec2.aws.crossplane.io/v1beta1
+kind: NATGateway
+metadata:
+ name: {{ .Chart.Name }}
+ labels:
+ provider: aws
+ cluster: eks
+ chart: {{ .Chart.Name }}
+ type: natgw
+spec:
+ forProvider:
+ region: {{ .Values.region }}
+ connectivityType: public
+ allocationIdSelector:
+ matchLabels:
+ provider: aws
+ cluster: eks
+ chart: {{ .Chart.Name }}
+ type: eip
+ subnetIdSelector:
+ matchLabels:
+ type: subnet
+ provider: aws
+ cluster: eks
+ chart: {{ $root.Chart.Name }}
+ zone: {{ $root.Values.region }}a
+ access: public
+ tags:
+ - key: Name
+ value: nat-gateway
\ No newline at end of file
diff --git a/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/network/route-tables.yaml b/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/network/route-tables.yaml
new file mode 100644
index 0000000..5d4bb0f
--- /dev/null
+++ b/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/network/route-tables.yaml
@@ -0,0 +1,54 @@
+{{- $root := . -}}
+{{- range $routetables := $root.Values.routetables }}
+apiVersion: ec2.aws.crossplane.io/v1beta1
+kind: RouteTable
+metadata:
+ name: {{ .name }}-route-table
+ labels:
+ provider: aws
+ cluster: eks
+ chart: {{ $root.Chart.Name }}
+spec:
+ forProvider:
+ region: "ap-south-1"
+ vpcIdSelector:
+ matchLabels:
+ provider: aws
+ cluster: eks
+ chart: {{ $root.Chart.Name }}
+ routes:
+ {{- if eq .name "public" }}
+ - destinationCidrBlock: 0.0.0.0/0
+ gatewayIdSelector:
+ matchLabels:
+ provider: aws
+ cluster: eks
+ chart: {{ $root.Chart.Name }}
+ type: igw
+ {{- else if eq .name "private" }}
+ - destinationCidrBlock: 0.0.0.0/0
+ natGatewayIdSelector:
+ matchLabels:
+ provider: aws
+ cluster: eks
+ chart: {{ $root.Chart.Name }}
+ type: natgw
+ {{- end }}
+ associations:
+ {{- range $zone := $root.Values.zones }}
+ {{- if eq $zone.access $routetables.name }}
+ - subnetIdSelector:
+ matchLabels:
+ provider: aws
+ cluster: eks
+ chart: {{ $root.Chart.Name }}
+ type: subnet
+ access: {{ $zone.access }}
+ zone: {{ $root.Values.region }}{{ $zone.zone }}
+ {{- end }}
+ {{- end }}
+ tags:
+ - key: Name
+ value: "crossplane-{{ .name }}route-table"
+---
+{{- end }}
diff --git a/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/network/subnet.yaml b/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/network/subnet.yaml
new file mode 100644
index 0000000..1ae3e15
--- /dev/null
+++ b/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/network/subnet.yaml
@@ -0,0 +1,35 @@
+{{- $root := . -}}
+{{- range .Values.zones }}
+---
+apiVersion: ec2.aws.crossplane.io/v1beta1
+kind: Subnet
+metadata:
+ name: {{ $root.Chart.Name }}-{{ .access }}-subnet-{{ $root.Values.region }}{{ .zone }}
+ labels:
+ type: subnet
+ provider: aws
+ cluster: eks
+ chart: {{ $root.Chart.Name }}
+ zone: {{ $root.Values.region }}{{ .zone }}
+ access: {{ .access }}
+spec:
+ forProvider:
+ region: {{ $root.Values.region }}
+ availabilityZone: {{ $root.Values.region }}{{ .zone }}
+ cidrBlock: {{ .cidr }}
+ vpcIdSelector:
+ matchLabels:
+ provider: aws
+ cluster: eks
+ chart: {{ $root.Chart.Name }}
+ mapPublicIPOnLaunch: {{ if eq .access "public" }}true{{ else }}false{{ end }}
+ tags:
+ - key: kubernetes.io/role/elb
+ value: "1"
+ - key: Name
+ value: "crossplane-{{ .access }}-subnet-{{ $root.Values.region }}{{ .zone }}"
+ {{- if eq .access "private" }}
+ - key: "kubernetes.io/cluster/{{ $root.Chart.Name }}"
+ value: "shared"
+ {{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/vpc.yaml b/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/network/vpc.yaml
similarity index 60%
rename from poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/vpc.yaml
rename to poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/network/vpc.yaml
index add8943..4006491 100644
--- a/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/vpc.yaml
+++ b/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/network/vpc.yaml
@@ -1,14 +1,16 @@
-# The following crd uses crossplane provider "crossplane/provider-aws:v0.22.0".
+{{- $root := . -}}
apiVersion: ec2.aws.crossplane.io/v1beta1
kind: VPC
metadata:
- name: crossplane-vpc
+ name: {{ $root.Chart.Name }}
labels:
- vpc: crossplane-vpc
+ provider: aws
+ cluster: eks
+ chart: {{ .Chart.Name }}
spec:
forProvider:
- region: "ap-south-1"
+ region: {{ .Values.region }}
cidrBlock: 10.10.0.0/16
enableDnsHostNames: true
enableDnsSupport: true
diff --git a/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/node-group.yaml b/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/node-group.yaml
deleted file mode 100644
index 4c1c73f..0000000
--- a/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/node-group.yaml
+++ /dev/null
@@ -1,31 +0,0 @@
-# The following crd uses crossplane provider "crossplane/provider-aws:v0.22.0".
-
-apiVersion: eks.aws.crossplane.io/v1alpha1
-kind: NodeGroup
-metadata:
- name: crossplane-nodegroup
-spec:
- forProvider:
- region: "ap-south-1"
- clusterNameSelector:
- matchLabels:
- cluster: crossplane-cluster
- nodeRoleSelector:
- matchLabels:
- role: "crossplane-nodegroup"
- subnetSelector:
- matchLabels:
- type: subnet
- access: private
- scalingConfig:
- minSize: 1
- maxSize: 4
- desiredSize: 1
- diskSize: 30
- instanceTypes:
- - t3.large
- remoteAccess:
- ec2SSHKey: key_name
- tags:
- key: Name
- value: crossplane-nodegroup
\ No newline at end of file
diff --git a/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/role-policy-attachment.yaml b/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/role-policy-attachment.yaml
deleted file mode 100644
index 92bab2d..0000000
--- a/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/role-policy-attachment.yaml
+++ /dev/null
@@ -1,103 +0,0 @@
-# The following crd uses crossplane provider "crossplane/provider-aws:v0.22.0".
-
-apiVersion: iam.aws.crossplane.io/v1beta1
-kind: RolePolicyAttachment
-metadata:
- name: crossplane-controlplane-cluster
-spec:
- forProvider:
- policyArn: arn:aws:iam::aws:policy/AmazonEKSClusterPolicy
- roleNameSelector:
- matchLabels:
- role: "crossplane-controlplane"
-
----
-
-apiVersion: iam.aws.crossplane.io/v1beta1
-kind: RolePolicyAttachment
-metadata:
- name: crossplane-controlplane-service
-spec:
- forProvider:
- policyArn: arn:aws:iam::aws:policy/AmazonEKSServicePolicy
- roleNameSelector:
- matchLabels:
- role: "crossplane-controlplane"
-
----
-
-apiVersion: iam.aws.crossplane.io/v1beta1
-kind: RolePolicyAttachment
-metadata:
- name: crossplane-controlplane-vpc-controller
-spec:
- forProvider:
- policyArn: arn:aws:iam::aws:policy/AmazonEKSVPCResourceController
- roleNameSelector:
- matchLabels:
- role: "crossplane-controlplane"
-
----
-
-apiVersion: iam.aws.crossplane.io/v1beta1
-kind: RolePolicyAttachment
-metadata:
- name: crossplane-nodegroup-worker
-spec:
- forProvider:
- policyArn: arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy
- roleNameSelector:
- matchLabels:
- role: "crossplane-nodegroup"
-
----
-
-apiVersion: iam.aws.crossplane.io/v1beta1
-kind: RolePolicyAttachment
-metadata:
- name: crossplane-nodegroup-cni
-spec:
- forProvider:
- policyArn: arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy
- roleNameSelector:
- matchLabels:
- role: "crossplane-nodegroup"
-
----
-
-apiVersion: iam.aws.crossplane.io/v1beta1
-kind: RolePolicyAttachment
-metadata:
- name: crossplane-nodegroup-ecr
-spec:
- forProvider:
- policyArn: arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly
- roleNameSelector:
- matchLabels:
- role: "crossplane-nodegroup"
-
----
-
-apiVersion: iam.aws.crossplane.io/v1beta1
-kind: RolePolicyAttachment
-metadata:
- name: crossplane-nodegroup-s3
-spec:
- forProvider:
- policyArn: arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess
- roleNameSelector:
- matchLabels:
- role: "crossplane-nodegroup"
-
----
-
-apiVersion: iam.aws.crossplane.io/v1beta1
-kind: RolePolicyAttachment
-metadata:
- name: crossplane-nodegroup-ssm
-spec:
- forProvider:
- policyArn: arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore
- roleNameSelector:
- matchLabels:
- role: "crossplane-nodegroup"
\ No newline at end of file
diff --git a/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/route-tables.yaml b/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/route-tables.yaml
deleted file mode 100644
index 69148c8..0000000
--- a/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/route-tables.yaml
+++ /dev/null
@@ -1,63 +0,0 @@
-# The following crd uses crossplane provider "crossplane/provider-aws:v0.22.0".
-
-apiVersion: ec2.aws.crossplane.io/v1beta1
-kind: RouteTable
-metadata:
- name: public-route-table
-spec:
- forProvider:
- region: "ap-south-1"
- vpcIdSelector:
- matchLabels:
- vpc: crossplane-vpc
- routes:
- - destinationCidrBlock: 0.0.0.0/0
- gatewayIdSelector:
- matchLabels:
- type: igw
- associations:
- - subnetIdSelector:
- matchLabels:
- type: subnet
- access: public
- zone: 1a
- - subnetIdSelector:
- matchLabels:
- type: subnet
- access: public
- zone: 1b
- tags:
- - key: Name
- value: "crossplane-route-table-public"
-
----
-
-apiVersion: ec2.aws.crossplane.io/v1beta1
-kind: RouteTable
-metadata:
- name: private-route-table
-spec:
- forProvider:
- region: "ap-south-1"
- vpcIdSelector:
- matchLabels:
- vpc: crossplane-vpc
- routes:
- - destinationCidrBlock: 0.0.0.0/0
- natGatewayIdSelector:
- matchLabels:
- type: natgw
- associations:
- - subnetIdSelector:
- matchLabels:
- type: subnet
- access: private
- zone: 1c
- - subnetIdSelector:
- matchLabels:
- type: subnet
- access: private
- zone: 1d
- tags:
- - key: Name
- value: "crossplane-route-table-private"
\ No newline at end of file
diff --git a/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/subnet.yaml b/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/subnet.yaml
deleted file mode 100644
index 6b90ee1..0000000
--- a/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/subnet.yaml
+++ /dev/null
@@ -1,103 +0,0 @@
-# The following crd uses crossplane provider "crossplane/provider-aws:v0.22.0".
-
-apiVersion: ec2.aws.crossplane.io/v1beta1
-kind: Subnet
-metadata:
- name: "crossplane-public-subnet-1"
- labels:
- type: subnet
- access: public
- zone: 1a
-spec:
- forProvider:
- region: "ap-south-1"
- availabilityZone: "ap-south-1a"
- cidrBlock: 10.10.0.0/24
- vpcIdSelector:
- matchLabels:
- vpc: crossplane-vpc
- mapPublicIPOnLaunch: true
- tags:
- - key: kubernetes.io/role/elb
- value: "1"
- - key: Name
- value: "crossplane-public-subnet-1"
-
----
-
-apiVersion: ec2.aws.crossplane.io/v1beta1
-kind: Subnet
-metadata:
- name: "crossplane-public-subnet-2"
- labels:
- type: subnet
- access: public
- zone: 1b
-spec:
- forProvider:
- region: "ap-south-1"
- availabilityZone: "ap-south-1b"
- cidrBlock: 10.10.1.0/24
- vpcIdSelector:
- matchLabels:
- vpc: crossplane-vpc
- mapPublicIPOnLaunch: true
- tags:
- - key: kubernetes.io/role/elb
- value: "1"
- - key: Name
- value: "crossplane-public-subnet-2"
-
----
-
-apiVersion: ec2.aws.crossplane.io/v1beta1
-kind: Subnet
-metadata:
- name: "crossplane-private-subnet-1"
- labels:
- type: subnet
- access: private
- zone: 1c
-spec:
- forProvider:
- region: "ap-south-1"
- availabilityZone: "ap-south-1a"
- cidrBlock: 10.10.2.0/24
- vpcIdSelector:
- matchLabels:
- vpc: crossplane-vpc
- mapPublicIPOnLaunch: false
- tags:
- - key: kubernetes.io/role/internal-elb
- value: "1"
- - key: Name
- value: "crossplane-private-subnet-1"
- - key: "kubernetes.io/cluster/crossplane-cluster"
- value: "shared"
-
----
-
-apiVersion: ec2.aws.crossplane.io/v1beta1
-kind: Subnet
-metadata:
- name: "crossplane-private-subnet-2"
- labels:
- type: subnet
- access: private
- zone: 1d
-spec:
- forProvider:
- region: "ap-south-1"
- availabilityZone: "ap-south-1b"
- cidrBlock: 10.10.3.0/24
- vpcIdSelector:
- matchLabels:
- vpc: crossplane-vpc
- mapPublicIPOnLaunch: false
- tags:
- - key: kubernetes.io/role/internal-elb
- value: "1"
- - key: Name
- value: "crossplane-private-subnet-2"
- - key: "kubernetes.io/cluster/crossplane-cluster"
- value: "shared"
diff --git a/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/tests/test-connection.yaml b/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/tests/test-connection.yaml
deleted file mode 100644
index 7152cc6..0000000
--- a/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/tests/test-connection.yaml
+++ /dev/null
@@ -1,15 +0,0 @@
-apiVersion: v1
-kind: Pod
-metadata:
- name: "{{ include "crossplane-aws.fullname" . }}-test-connection"
- labels:
- {{- include "crossplane-aws.labels" . | nindent 4 }}
- annotations:
- "helm.sh/hook": test
-spec:
- containers:
- - name: wget
- image: busybox
- command: ['wget']
- args: ['{{ include "crossplane-aws.fullname" . }}:{{ .Values.service.port }}']
- restartPolicy: Never
diff --git a/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/values.yaml b/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/values.yaml
index 7fbb0db..993119a 100644
--- a/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/values.yaml
+++ b/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/values.yaml
@@ -1,82 +1,43 @@
-# Default values for crossplane-aws.
-# This is a YAML-formatted file.
-# Declare variables to be passed into your templates.
-
-replicaCount: 1
-
-image:
- repository: nginx
- pullPolicy: IfNotPresent
- # Overrides the image tag whose default is the chart appVersion.
- tag: ""
-
-imagePullSecrets: []
-nameOverride: ""
-fullnameOverride: ""
-
-serviceAccount:
- # Specifies whether a service account should be created
- create: true
- # Annotations to add to the service account
- annotations: {}
- # The name of the service account to use.
- # If not set and create is true, a name is generated using the fullname template
- name: ""
-
-podAnnotations: {}
-
-podSecurityContext: {}
- # fsGroup: 2000
-
-securityContext: {}
- # capabilities:
- # drop:
- # - ALL
- # readOnlyRootFilesystem: true
- # runAsNonRoot: true
- # runAsUser: 1000
-
-service:
- type: ClusterIP
- port: 80
-
-ingress:
- enabled: false
- className: ""
- annotations: {}
- # kubernetes.io/ingress.class: nginx
- # kubernetes.io/tls-acme: "true"
- hosts:
- - host: chart-example.local
- paths:
- - path: /
- pathType: ImplementationSpecific
- tls: []
- # - secretName: chart-example-tls
- # hosts:
- # - chart-example.local
-
-resources: {}
- # We usually recommend not to specify default resources and to leave this as a conscious
- # choice for the user. This also increases chances charts run on environments with little
- # resources, such as Minikube. If you do want to specify resources, uncomment the following
- # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
- # limits:
- # cpu: 100m
- # memory: 128Mi
- # requests:
- # cpu: 100m
- # memory: 128Mi
-
-autoscaling:
- enabled: false
- minReplicas: 1
- maxReplicas: 100
- targetCPUUtilizationPercentage: 80
- # targetMemoryUtilizationPercentage: 80
-
-nodeSelector: {}
-
-tolerations: []
-
-affinity: {}
+version: 1.27
+region: aws_region
+instanceType: aws_instance_type
+minSize: 1
+roles:
+- name: eks
+- name: ec2
+policiyAttachments:
+- name: cluster
+ arn: AmazonEKSClusterPolicy
+ role: eks
+- name: service
+ arn: AmazonEKSServicePolicy
+ role: eks
+- name: vpccontroller
+ arn: AmazonEKSVPCResourceController
+ role: eks
+- name: worker
+ arn: AmazonEKSWorkerNodePolicy
+ role: ec2
+- name: cni
+ arn: AmazonEKS_CNI_Policy
+ role: ec2
+- name: registry
+ arn: AmazonEC2ContainerRegistryReadOnly
+ role: ec2
+zones:
+- zone: a
+ cidr: "10.10.0.0/24"
+ access: public
+- zone: b
+ cidr: "10.10.1.0/24"
+ access: public
+- zone: a
+ cidr: "10.10.2.0/24"
+ access: private
+- zone: b
+ cidr: "10.10.3.0/24"
+ access: private
+routetables:
+- name: public
+- name: private
+sshkey: key_pair_name
\ No newline at end of file
--
GitLab