From a632610058e1df1bc3f8b6358b1cf2f537dc4850 Mon Sep 17 00:00:00 2001 From: Utkarsh Mishra <utkarshmishra@tataelxsi.co.in> Date: Mon, 20 Nov 2023 05:45:26 +0000 Subject: [PATCH] Adding helm templates for crossplane-aws manifests, please review. --- .../charts/crossplane-aws/Chart.yaml | 4 +- .../charts/crossplane-aws/README.md | 56 ++++++++ .../charts/crossplane-aws/templates/NOTES.txt | 38 +++--- .../crossplane-aws/templates/eks-cluster.yaml | 25 ---- .../templates/eks-cluster/eks-cluster.yaml | 32 +++++ .../templates/eks-cluster/node-group.yaml | 38 ++++++ .../crossplane-aws/templates/gateways.yaml | 57 -------- .../crossplane-aws/templates/iam-roles.yaml | 55 -------- .../templates/iam/iam-roles.yaml | 32 +++++ .../templates/iam/role-policy-attachment.yaml | 23 ++++ .../templates/network/gateways.yaml | 72 ++++++++++ .../templates/network/route-tables.yaml | 54 ++++++++ .../templates/network/subnet.yaml | 35 +++++ .../templates/{ => network}/vpc.yaml | 10 +- .../crossplane-aws/templates/node-group.yaml | 31 ----- .../templates/role-policy-attachment.yaml | 103 --------------- .../templates/route-tables.yaml | 63 --------- .../crossplane-aws/templates/subnet.yaml | 103 --------------- .../templates/tests/test-connection.yaml | 15 --- .../charts/crossplane-aws/values.yaml | 125 ++++++------------ 20 files changed, 409 insertions(+), 562 deletions(-) create mode 100644 poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/README.md delete mode 100644 poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/eks-cluster.yaml create mode 100644 poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/eks-cluster/eks-cluster.yaml create mode 100644 poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/eks-cluster/node-group.yaml delete mode 100644 poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/gateways.yaml delete mode 100644 poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/iam-roles.yaml create mode 100644 poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/iam/iam-roles.yaml create mode 100644 poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/iam/role-policy-attachment.yaml create mode 100644 poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/network/gateways.yaml create mode 100644 poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/network/route-tables.yaml create mode 100644 poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/network/subnet.yaml rename poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/{ => network}/vpc.yaml (60%) delete mode 100644 poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/node-group.yaml delete mode 100644 poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/role-policy-attachment.yaml delete mode 100644 poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/route-tables.yaml delete mode 100644 poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/subnet.yaml delete mode 100644 poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/tests/test-connection.yaml diff --git a/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/Chart.yaml b/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/Chart.yaml index f6182f5..304f759 100644 --- a/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/Chart.yaml +++ b/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 name: crossplane-aws -description: A Helm chart for Kubernetes +description: A Helm chart for installing all the Custom resources required for creating EKS cluster on AWS using crossplane. The chart is named crossplane-aws and uses the crossplane/provider-aws:version. It is tested for provider crossplane/provider-aws:v0.22.0 to xpkg.upbound.io/crossplane-contrib/provider-aws:v0.34.0. If found any issues please reach out to the owner of the chart. # A chart can be either an 'application' or a 'library' chart. # @@ -21,4 +21,4 @@ version: 0.1.0 # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. # It is recommended to use it with quotes. -appVersion: "1.16.0" +appVersion: "0.1.0" diff --git a/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/README.md b/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/README.md new file mode 100644 index 0000000..32be79e --- /dev/null +++ b/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/README.md @@ -0,0 +1,56 @@ +## Pre-requisites + +* [Kubernetes cluster], minimum version `v1.16.0+` +* [Helm], minimum version `v3.0.0+`. +* [Crossplane], minimum version `v1.13.2`. +* [Crossplane-Provider-AWS], minimum version `v0.22.0`. + +## Installation + +Helm charts for Crossplane AWS can be installed in any kubernetes cluster with the minimum kubernetes version and helm version. + +### Commands for offline installation of crossplane-aws helm chart + +The stable channel is the most recent release of Crossplane that is considered +ready for the community. + + + +```console +To test the helm chart:- +kubectl create namespace crossplane-system + +helm repo add crossplane-stable https://charts.crossplane.io/stable +helm repo update + +helm install crossplane --namespace crossplane-system crossplane-stable/crossplane + +1. Apply provider aws using the following manifest, replace the version of provider if required. + +kubectl apply -f - <<< "apiVersion: pkg.crossplane.io/v1 +kind: Provider +metadata: + name: crossplane-provider-aws +spec: + package: crossplane/provider-aws:v0.22.0" + +2. Create secrets from aws credentials. + +3. Create provider-config aws referring the secrets created in step 2. + +*** Please modify the values.yaml according as required before installing the chart. *** + +helm install crossplane-aws --namespace crossplane-system crossplane-aws/ + +Voila! You should see the eks cluster getting created. +``` + + +## Uninstalling the Chart + +```console +helm uninstall crossplane-aws --namespace crossplane-system +``` + +That command removes all resources associated with crossplane-aws, +including all the crds. diff --git a/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/NOTES.txt b/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/NOTES.txt index 6cb8eb2..1297406 100644 --- a/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/NOTES.txt +++ b/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/NOTES.txt @@ -1,22 +1,16 @@ -1. Get the application URL by running these commands: -{{- if .Values.ingress.enabled }} -{{- range $host := .Values.ingress.hosts }} - {{- range .paths }} - http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} - {{- end }} -{{- end }} -{{- else if contains "NodePort" .Values.service.type }} - export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "crossplane-aws.fullname" . }}) - export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo http://$NODE_IP:$NODE_PORT -{{- else if contains "LoadBalancer" .Values.service.type }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "crossplane-aws.fullname" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "crossplane-aws.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") - echo http://$SERVICE_IP:{{ .Values.service.port }} -{{- else if contains "ClusterIP" .Values.service.type }} - export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "crossplane-aws.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") - echo "Visit http://127.0.0.1:8080 to use your application" - kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT -{{- end }} + +Thank you for installing {{ .Chart.Name }}. + +Your release is named {{ .Release.Name }}. + +To learn more about the release, try: + + $ helm status {{ .Release.Name }} + $ helm get all {{ .Release.Name }}Release: {{.Release.Name}} + +Chart Name: {{.Chart.Name}} +Chart Description: {{.Chart.Description}} +Chart Version: {{.Chart.Version}} +Chart Application Version: {{.Chart.AppVersion}} + +Kube Version: {{.Capabilities.KubeVersion}} diff --git a/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/eks-cluster.yaml b/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/eks-cluster.yaml deleted file mode 100644 index 0fa7ef8..0000000 --- a/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/eks-cluster.yaml +++ /dev/null @@ -1,25 +0,0 @@ -# The following crd uses crossplane provider "crossplane/provider-aws:v0.22.0". - -apiVersion: eks.aws.crossplane.io/v1beta1 -kind: Cluster -metadata: - name: crossplane-cluster - labels: - cluster: crossplane-cluster -spec: - forProvider: - region: "ap-south-1" - version: "1.27" - roleArnSelector: - matchLabels: - role: "crossplane-controlplane" - resourcesVpcConfig: - endpointPrivateAccess: true - endpointPublicAccess: true - subnetIdSelector: - matchLabels: - type: subnet - access: private - writeConnectionSecretToRef: - namespace: crossplane-system - name: eks-cluster-secret \ No newline at end of file diff --git a/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/eks-cluster/eks-cluster.yaml b/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/eks-cluster/eks-cluster.yaml new file mode 100644 index 0000000..af02212 --- /dev/null +++ b/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/eks-cluster/eks-cluster.yaml @@ -0,0 +1,32 @@ + +apiVersion: eks.aws.crossplane.io/v1beta1 +kind: Cluster +metadata: + name: {{ .Chart.Name }} + labels: + provider: aws + cluster: eks + chart: {{ .Chart.Name }} +spec: + forProvider: + region: {{ .Values.region }} + version: "{{ .Values.version }}" + roleArnSelector: + matchLabels: + provider: aws + cluster: eks + chart: {{ .Chart.Name }} + type: eks + resourcesVpcConfig: + endpointPrivateAccess: true + endpointPublicAccess: true + subnetIdSelector: + matchLabels: + provider: aws + cluster: eks + chart: {{ .Chart.Name }} + type: subnet + access: private + writeConnectionSecretToRef: + namespace: {{ .Release.Namespace }} + name: {{ .Chart.Name }} \ No newline at end of file diff --git a/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/eks-cluster/node-group.yaml b/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/eks-cluster/node-group.yaml new file mode 100644 index 0000000..57297b4 --- /dev/null +++ b/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/eks-cluster/node-group.yaml @@ -0,0 +1,38 @@ + +apiVersion: eks.aws.crossplane.io/v1alpha1 +kind: NodeGroup +metadata: + name: {{ .Chart.Name }} + labels: + provider: aws + cluster: eks + chart: {{ .Chart.Name }} +spec: + forProvider: + region: {{ .Values.region }} + clusterNameSelector: + matchLabels: + provider: aws + cluster: eks + chart: {{ .Chart.Name }} + nodeRoleSelector: + matchLabels: + provider: aws + cluster: eks + chart: {{ .Chart.Name }} + type: ec2 + subnetSelector: + matchLabels: + type: subnet + access: private + scalingConfig: + minSize: {{ .Values.minSize }} + desiredSize: {{ .Values.minSize }} + maxSize: 4 + diskSize: 30 + instanceTypes: + - {{ .Values.instanceType }} + remoteAccess: + ec2SSHKey: {{ .Values.sshkey }} + tags: + Name: {{ .Chart.Name }} \ No newline at end of file diff --git a/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/gateways.yaml b/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/gateways.yaml deleted file mode 100644 index 5b17891..0000000 --- a/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/gateways.yaml +++ /dev/null @@ -1,57 +0,0 @@ -# The following crd uses crossplane provider "crossplane/provider-aws:v0.22.0". - -apiVersion: ec2.aws.crossplane.io/v1beta1 -kind: InternetGateway -metadata: - name: crossplane-igw - labels: - type: igw -spec: - forProvider: - region: "ap-south-1" - vpcIdSelector: - matchLabels: - vpc: crossplane-vpc - tags: - - key: Name - value: "crossplane-igw" - ---- - -apiVersion: ec2.aws.crossplane.io/v1beta1 -kind: Address -metadata: - name: crossplane-eip - labels: - type: eip -spec: - forProvider: - region: "ap-south-1" - domain: vpc - tags: - - key: Name - value: crossplane-eip - ---- - -apiVersion: ec2.aws.crossplane.io/v1beta1 -kind: NATGateway -metadata: - name: crossplane-ngw - labels: - type: natgw -spec: - forProvider: - region: "ap-south-1" - connectivityType: public - allocationIdSelector: - matchLabels: - type: eip - subnetIdSelector: - matchLabels: - type: subnet - access: public - zone: 1a - tags: - - key: Name - value: nat-gateway diff --git a/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/iam-roles.yaml b/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/iam-roles.yaml deleted file mode 100644 index d24df52..0000000 --- a/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/iam-roles.yaml +++ /dev/null @@ -1,55 +0,0 @@ -# The following crd uses crossplane provider "crossplane/provider-aws:v0.22.0". - -apiVersion: iam.aws.crossplane.io/v1beta1 -kind: Role -metadata: - name: "crossplane-controlplane" - labels: - role: "crossplane-controlplane" -spec: - forProvider: - assumeRolePolicyDocument: | - { - "Version": "2012-10-17", - "Statement": [ - { - "Effect": "Allow", - "Principal": { - "Service": [ - "eks.amazonaws.com" - ] - }, - "Action": [ - "sts:AssumeRole" - ] - } - ] - } - ---- - -apiVersion: iam.aws.crossplane.io/v1beta1 -kind: Role -metadata: - name: "crossplane-nodegroup" - labels: - role: "crossplane-nodegroup" -spec: - forProvider: - assumeRolePolicyDocument: | - { - "Version": "2012-10-17", - "Statement": [ - { - "Effect": "Allow", - "Principal": { - "Service": [ - "ec2.amazonaws.com" - ] - }, - "Action": [ - "sts:AssumeRole" - ] - } - ] - } \ No newline at end of file diff --git a/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/iam/iam-roles.yaml b/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/iam/iam-roles.yaml new file mode 100644 index 0000000..6f6c942 --- /dev/null +++ b/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/iam/iam-roles.yaml @@ -0,0 +1,32 @@ +{{- $root := . -}} +{{- range .Values.roles }} +--- +apiVersion: iam.aws.crossplane.io/v1beta1 +kind: Role +metadata: + name: "{{ $root.Chart.Name }}-{{ .name }}" + labels: + provider: aws + cluster: eks + chart: {{ $root.Chart.Name }} + type: {{ .name }} +spec: + forProvider: + assumeRolePolicyDocument: | + { + "Version": "2012-10-17", + "Statement": [ + { + "Effect": "Allow", + "Principal": { + "Service": [ + "{{ .name }}.amazonaws.com" + ] + }, + "Action": [ + "sts:AssumeRole" + ] + } + ] + } +{{- end }} \ No newline at end of file diff --git a/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/iam/role-policy-attachment.yaml b/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/iam/role-policy-attachment.yaml new file mode 100644 index 0000000..fb0881e --- /dev/null +++ b/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/iam/role-policy-attachment.yaml @@ -0,0 +1,23 @@ +{{- $root := . -}} +{{- range .Values.policiyAttachments }} +--- + +apiVersion: iam.aws.crossplane.io/v1beta1 +kind: RolePolicyAttachment +metadata: + name: {{ $root.Chart.Name }}-{{ .name }} + labels: + provider: aws + cluster: eks + chart: {{ $root.Chart.Name }} +spec: + forProvider: + policyArn: arn:aws:iam::aws:policy/{{ .arn }} + roleNameSelector: + matchLabels: + provider: aws + cluster: eks + chart: {{ $root.Chart.Name }} + type: {{ .role }} + +{{- end }} \ No newline at end of file diff --git a/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/network/gateways.yaml b/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/network/gateways.yaml new file mode 100644 index 0000000..13b24e1 --- /dev/null +++ b/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/network/gateways.yaml @@ -0,0 +1,72 @@ +{{- $root := . -}} +apiVersion: ec2.aws.crossplane.io/v1beta1 +kind: InternetGateway +metadata: + name: {{ .Chart.Name }} + labels: + provider: aws + cluster: eks + chart: {{ .Chart.Name }} + type: igw +spec: + forProvider: + region: {{ .Values.region }} + vpcIdSelector: + matchLabels: + provider: aws + cluster: eks + chart: {{ .Chart.Name }} + tags: + - key: Name + value: "crossplane-igw" + +--- + +apiVersion: ec2.aws.crossplane.io/v1beta1 +kind: Address +metadata: + name: {{ .Chart.Name }} + labels: + provider: aws + cluster: eks + chart: {{ .Chart.Name }} + type: eip +spec: + forProvider: + region: {{ .Values.region }} + domain: vpc + tags: + - key: Name + value: crossplane-eip + +--- +apiVersion: ec2.aws.crossplane.io/v1beta1 +kind: NATGateway +metadata: + name: {{ .Chart.Name }} + labels: + provider: aws + cluster: eks + chart: {{ .Chart.Name }} + type: natgw +spec: + forProvider: + region: {{ .Values.region }} + connectivityType: public + allocationIdSelector: + matchLabels: + provider: aws + cluster: eks + chart: {{ .Chart.Name }} + type: eip + subnetIdSelector: + matchLabels: + type: subnet + provider: aws + cluster: eks + chart: {{ $root.Chart.Name }} + zone: {{ $root.Values.region }}a + access: public + tags: + - key: Name + value: nat-gateway \ No newline at end of file diff --git a/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/network/route-tables.yaml b/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/network/route-tables.yaml new file mode 100644 index 0000000..5d4bb0f --- /dev/null +++ b/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/network/route-tables.yaml @@ -0,0 +1,54 @@ +{{- $root := . -}} +{{- range $routetables := $root.Values.routetables }} +apiVersion: ec2.aws.crossplane.io/v1beta1 +kind: RouteTable +metadata: + name: {{ .name }}-route-table + labels: + provider: aws + cluster: eks + chart: {{ $root.Chart.Name }} +spec: + forProvider: + region: "ap-south-1" + vpcIdSelector: + matchLabels: + provider: aws + cluster: eks + chart: {{ $root.Chart.Name }} + routes: + {{- if eq .name "public" }} + - destinationCidrBlock: 0.0.0.0/0 + gatewayIdSelector: + matchLabels: + provider: aws + cluster: eks + chart: {{ $root.Chart.Name }} + type: igw + {{- else if eq .name "private" }} + - destinationCidrBlock: 0.0.0.0/0 + natGatewayIdSelector: + matchLabels: + provider: aws + cluster: eks + chart: {{ $root.Chart.Name }} + type: natgw + {{- end }} + associations: + {{- range $zone := $root.Values.zones }} + {{- if eq $zone.access $routetables.name }} + - subnetIdSelector: + matchLabels: + provider: aws + cluster: eks + chart: {{ $root.Chart.Name }} + type: subnet + access: {{ $zone.access }} + zone: {{ $root.Values.region }}{{ $zone.zone }} + {{- end }} + {{- end }} + tags: + - key: Name + value: "crossplane-{{ .name }}route-table" +--- +{{- end }} diff --git a/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/network/subnet.yaml b/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/network/subnet.yaml new file mode 100644 index 0000000..1ae3e15 --- /dev/null +++ b/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/network/subnet.yaml @@ -0,0 +1,35 @@ +{{- $root := . -}} +{{- range .Values.zones }} +--- +apiVersion: ec2.aws.crossplane.io/v1beta1 +kind: Subnet +metadata: + name: {{ $root.Chart.Name }}-{{ .access }}-subnet-{{ $root.Values.region }}{{ .zone }} + labels: + type: subnet + provider: aws + cluster: eks + chart: {{ $root.Chart.Name }} + zone: {{ $root.Values.region }}{{ .zone }} + access: {{ .access }} +spec: + forProvider: + region: {{ $root.Values.region }} + availabilityZone: {{ $root.Values.region }}{{ .zone }} + cidrBlock: {{ .cidr }} + vpcIdSelector: + matchLabels: + provider: aws + cluster: eks + chart: {{ $root.Chart.Name }} + mapPublicIPOnLaunch: {{ if eq .access "public" }}true{{ else }}false{{ end }} + tags: + - key: kubernetes.io/role/elb + value: "1" + - key: Name + value: "crossplane-{{ .access }}-subnet-{{ $root.Values.region }}{{ .zone }}" + {{- if eq .access "private" }} + - key: "kubernetes.io/cluster/{{ $root.Chart.Name }}" + value: "shared" + {{- end }} +{{- end }} \ No newline at end of file diff --git a/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/vpc.yaml b/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/network/vpc.yaml similarity index 60% rename from poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/vpc.yaml rename to poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/network/vpc.yaml index add8943..4006491 100644 --- a/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/vpc.yaml +++ b/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/network/vpc.yaml @@ -1,14 +1,16 @@ -# The following crd uses crossplane provider "crossplane/provider-aws:v0.22.0". +{{- $root := . -}} apiVersion: ec2.aws.crossplane.io/v1beta1 kind: VPC metadata: - name: crossplane-vpc + name: {{ $root.Chart.Name }} labels: - vpc: crossplane-vpc + provider: aws + cluster: eks + chart: {{ .Chart.Name }} spec: forProvider: - region: "ap-south-1" + region: {{ .Values.region }} cidrBlock: 10.10.0.0/16 enableDnsHostNames: true enableDnsSupport: true diff --git a/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/node-group.yaml b/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/node-group.yaml deleted file mode 100644 index 4c1c73f..0000000 --- a/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/node-group.yaml +++ /dev/null @@ -1,31 +0,0 @@ -# The following crd uses crossplane provider "crossplane/provider-aws:v0.22.0". - -apiVersion: eks.aws.crossplane.io/v1alpha1 -kind: NodeGroup -metadata: - name: crossplane-nodegroup -spec: - forProvider: - region: "ap-south-1" - clusterNameSelector: - matchLabels: - cluster: crossplane-cluster - nodeRoleSelector: - matchLabels: - role: "crossplane-nodegroup" - subnetSelector: - matchLabels: - type: subnet - access: private - scalingConfig: - minSize: 1 - maxSize: 4 - desiredSize: 1 - diskSize: 30 - instanceTypes: - - t3.large - remoteAccess: - ec2SSHKey: key_name - tags: - key: Name - value: crossplane-nodegroup \ No newline at end of file diff --git a/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/role-policy-attachment.yaml b/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/role-policy-attachment.yaml deleted file mode 100644 index 92bab2d..0000000 --- a/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/role-policy-attachment.yaml +++ /dev/null @@ -1,103 +0,0 @@ -# The following crd uses crossplane provider "crossplane/provider-aws:v0.22.0". - -apiVersion: iam.aws.crossplane.io/v1beta1 -kind: RolePolicyAttachment -metadata: - name: crossplane-controlplane-cluster -spec: - forProvider: - policyArn: arn:aws:iam::aws:policy/AmazonEKSClusterPolicy - roleNameSelector: - matchLabels: - role: "crossplane-controlplane" - ---- - -apiVersion: iam.aws.crossplane.io/v1beta1 -kind: RolePolicyAttachment -metadata: - name: crossplane-controlplane-service -spec: - forProvider: - policyArn: arn:aws:iam::aws:policy/AmazonEKSServicePolicy - roleNameSelector: - matchLabels: - role: "crossplane-controlplane" - ---- - -apiVersion: iam.aws.crossplane.io/v1beta1 -kind: RolePolicyAttachment -metadata: - name: crossplane-controlplane-vpc-controller -spec: - forProvider: - policyArn: arn:aws:iam::aws:policy/AmazonEKSVPCResourceController - roleNameSelector: - matchLabels: - role: "crossplane-controlplane" - ---- - -apiVersion: iam.aws.crossplane.io/v1beta1 -kind: RolePolicyAttachment -metadata: - name: crossplane-nodegroup-worker -spec: - forProvider: - policyArn: arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy - roleNameSelector: - matchLabels: - role: "crossplane-nodegroup" - ---- - -apiVersion: iam.aws.crossplane.io/v1beta1 -kind: RolePolicyAttachment -metadata: - name: crossplane-nodegroup-cni -spec: - forProvider: - policyArn: arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy - roleNameSelector: - matchLabels: - role: "crossplane-nodegroup" - ---- - -apiVersion: iam.aws.crossplane.io/v1beta1 -kind: RolePolicyAttachment -metadata: - name: crossplane-nodegroup-ecr -spec: - forProvider: - policyArn: arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly - roleNameSelector: - matchLabels: - role: "crossplane-nodegroup" - ---- - -apiVersion: iam.aws.crossplane.io/v1beta1 -kind: RolePolicyAttachment -metadata: - name: crossplane-nodegroup-s3 -spec: - forProvider: - policyArn: arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess - roleNameSelector: - matchLabels: - role: "crossplane-nodegroup" - ---- - -apiVersion: iam.aws.crossplane.io/v1beta1 -kind: RolePolicyAttachment -metadata: - name: crossplane-nodegroup-ssm -spec: - forProvider: - policyArn: arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore - roleNameSelector: - matchLabels: - role: "crossplane-nodegroup" \ No newline at end of file diff --git a/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/route-tables.yaml b/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/route-tables.yaml deleted file mode 100644 index 69148c8..0000000 --- a/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/route-tables.yaml +++ /dev/null @@ -1,63 +0,0 @@ -# The following crd uses crossplane provider "crossplane/provider-aws:v0.22.0". - -apiVersion: ec2.aws.crossplane.io/v1beta1 -kind: RouteTable -metadata: - name: public-route-table -spec: - forProvider: - region: "ap-south-1" - vpcIdSelector: - matchLabels: - vpc: crossplane-vpc - routes: - - destinationCidrBlock: 0.0.0.0/0 - gatewayIdSelector: - matchLabels: - type: igw - associations: - - subnetIdSelector: - matchLabels: - type: subnet - access: public - zone: 1a - - subnetIdSelector: - matchLabels: - type: subnet - access: public - zone: 1b - tags: - - key: Name - value: "crossplane-route-table-public" - ---- - -apiVersion: ec2.aws.crossplane.io/v1beta1 -kind: RouteTable -metadata: - name: private-route-table -spec: - forProvider: - region: "ap-south-1" - vpcIdSelector: - matchLabels: - vpc: crossplane-vpc - routes: - - destinationCidrBlock: 0.0.0.0/0 - natGatewayIdSelector: - matchLabels: - type: natgw - associations: - - subnetIdSelector: - matchLabels: - type: subnet - access: private - zone: 1c - - subnetIdSelector: - matchLabels: - type: subnet - access: private - zone: 1d - tags: - - key: Name - value: "crossplane-route-table-private" \ No newline at end of file diff --git a/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/subnet.yaml b/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/subnet.yaml deleted file mode 100644 index 6b90ee1..0000000 --- a/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/subnet.yaml +++ /dev/null @@ -1,103 +0,0 @@ -# The following crd uses crossplane provider "crossplane/provider-aws:v0.22.0". - -apiVersion: ec2.aws.crossplane.io/v1beta1 -kind: Subnet -metadata: - name: "crossplane-public-subnet-1" - labels: - type: subnet - access: public - zone: 1a -spec: - forProvider: - region: "ap-south-1" - availabilityZone: "ap-south-1a" - cidrBlock: 10.10.0.0/24 - vpcIdSelector: - matchLabels: - vpc: crossplane-vpc - mapPublicIPOnLaunch: true - tags: - - key: kubernetes.io/role/elb - value: "1" - - key: Name - value: "crossplane-public-subnet-1" - ---- - -apiVersion: ec2.aws.crossplane.io/v1beta1 -kind: Subnet -metadata: - name: "crossplane-public-subnet-2" - labels: - type: subnet - access: public - zone: 1b -spec: - forProvider: - region: "ap-south-1" - availabilityZone: "ap-south-1b" - cidrBlock: 10.10.1.0/24 - vpcIdSelector: - matchLabels: - vpc: crossplane-vpc - mapPublicIPOnLaunch: true - tags: - - key: kubernetes.io/role/elb - value: "1" - - key: Name - value: "crossplane-public-subnet-2" - ---- - -apiVersion: ec2.aws.crossplane.io/v1beta1 -kind: Subnet -metadata: - name: "crossplane-private-subnet-1" - labels: - type: subnet - access: private - zone: 1c -spec: - forProvider: - region: "ap-south-1" - availabilityZone: "ap-south-1a" - cidrBlock: 10.10.2.0/24 - vpcIdSelector: - matchLabels: - vpc: crossplane-vpc - mapPublicIPOnLaunch: false - tags: - - key: kubernetes.io/role/internal-elb - value: "1" - - key: Name - value: "crossplane-private-subnet-1" - - key: "kubernetes.io/cluster/crossplane-cluster" - value: "shared" - ---- - -apiVersion: ec2.aws.crossplane.io/v1beta1 -kind: Subnet -metadata: - name: "crossplane-private-subnet-2" - labels: - type: subnet - access: private - zone: 1d -spec: - forProvider: - region: "ap-south-1" - availabilityZone: "ap-south-1b" - cidrBlock: 10.10.3.0/24 - vpcIdSelector: - matchLabels: - vpc: crossplane-vpc - mapPublicIPOnLaunch: false - tags: - - key: kubernetes.io/role/internal-elb - value: "1" - - key: Name - value: "crossplane-private-subnet-2" - - key: "kubernetes.io/cluster/crossplane-cluster" - value: "shared" diff --git a/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/tests/test-connection.yaml b/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/tests/test-connection.yaml deleted file mode 100644 index 7152cc6..0000000 --- a/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/templates/tests/test-connection.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: "{{ include "crossplane-aws.fullname" . }}-test-connection" - labels: - {{- include "crossplane-aws.labels" . | nindent 4 }} - annotations: - "helm.sh/hook": test -spec: - containers: - - name: wget - image: busybox - command: ['wget'] - args: ['{{ include "crossplane-aws.fullname" . }}:{{ .Values.service.port }}'] - restartPolicy: Never diff --git a/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/values.yaml b/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/values.yaml index 7fbb0db..993119a 100644 --- a/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/values.yaml +++ b/poc-osm-ltv/cluster_knf/helm-chart-v3s/supercluster/charts/crossplane-aws/values.yaml @@ -1,82 +1,43 @@ -# Default values for crossplane-aws. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. - -replicaCount: 1 - -image: - repository: nginx - pullPolicy: IfNotPresent - # Overrides the image tag whose default is the chart appVersion. - tag: "" - -imagePullSecrets: [] -nameOverride: "" -fullnameOverride: "" - -serviceAccount: - # Specifies whether a service account should be created - create: true - # Annotations to add to the service account - annotations: {} - # The name of the service account to use. - # If not set and create is true, a name is generated using the fullname template - name: "" - -podAnnotations: {} - -podSecurityContext: {} - # fsGroup: 2000 - -securityContext: {} - # capabilities: - # drop: - # - ALL - # readOnlyRootFilesystem: true - # runAsNonRoot: true - # runAsUser: 1000 - -service: - type: ClusterIP - port: 80 - -ingress: - enabled: false - className: "" - annotations: {} - # kubernetes.io/ingress.class: nginx - # kubernetes.io/tls-acme: "true" - hosts: - - host: chart-example.local - paths: - - path: / - pathType: ImplementationSpecific - tls: [] - # - secretName: chart-example-tls - # hosts: - # - chart-example.local - -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi - -autoscaling: - enabled: false - minReplicas: 1 - maxReplicas: 100 - targetCPUUtilizationPercentage: 80 - # targetMemoryUtilizationPercentage: 80 - -nodeSelector: {} - -tolerations: [] - -affinity: {} +version: 1.27 +region: aws_region +instanceType: aws_instance_type +minSize: 1 +roles: +- name: eks +- name: ec2 +policiyAttachments: +- name: cluster + arn: AmazonEKSClusterPolicy + role: eks +- name: service + arn: AmazonEKSServicePolicy + role: eks +- name: vpccontroller + arn: AmazonEKSVPCResourceController + role: eks +- name: worker + arn: AmazonEKSWorkerNodePolicy + role: ec2 +- name: cni + arn: AmazonEKS_CNI_Policy + role: ec2 +- name: registry + arn: AmazonEC2ContainerRegistryReadOnly + role: ec2 +zones: +- zone: a + cidr: "10.10.0.0/24" + access: public +- zone: b + cidr: "10.10.1.0/24" + access: public +- zone: a + cidr: "10.10.2.0/24" + access: private +- zone: b + cidr: "10.10.3.0/24" + access: private +routetables: +- name: public +- name: private +sshkey: key_pair_name \ No newline at end of file -- GitLab