Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: some fixes for karpenter deploy #358

Merged
merged 3 commits into from
Sep 30, 2024
Merged
Show file tree
Hide file tree
Changes from 1 commit
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
18 changes: 10 additions & 8 deletions terraform/modules/k8s-karpenter/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,8 @@ locals {
karpenter = {
name = try(var.helm.release_name, "karpenter")
enabled = true
chart = try(var.helm.chart_name, "karpenter")
repository = try(var.helm.repository, "oci://public.ecr.aws/karpenter")
chart = try(var.helm.chart_name, "oci://public.ecr.aws/karpenter/karpenter")
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why did you change this? What was the problem here?

Copy link
Author

@kvvit kvvit Sep 26, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This configuration worked for github-runners that also use oci helm repository. And it's working now for deploy karpenter in the some project.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've added information about this changes in the description of the PR

repository = try(var.helm.repository, "")
chart_version = try(var.helm.chart_version, "1.0.0")
namespace = try(var.helm.namespace, "karpenter")
}
Expand All @@ -19,6 +19,12 @@ serviceAccount:
annotations:
eks.amazonaws.com/role-arn: ${module.this[0].iam_role_arn}

postInstallHook:
mglotov marked this conversation as resolved.
Show resolved Hide resolved
image:
repository: bitnami/kubectl
tag: "1.30"
digest: sha256:c85f429088cea9ad968752e6d59e7edbc74b5750526f9a04531dce6b37f3ac87

controller:
resources:
requests:
Expand All @@ -30,8 +36,6 @@ controller:
VALUES
}

data "aws_ecrpublic_authorization_token" "token" {}

module "this" {
count = local.karpenter.enabled ? 1 : 0

Expand Down Expand Up @@ -66,7 +70,7 @@ resource "kubectl_manifest" "ec2nodeclass_private" {
count = local.karpenter.enabled ? 1 : 0

yaml_body = <<EOF
apiVersion: karpenter.sh/v1
apiVersion: karpenter.k8s.aws/v1
kind: EC2NodeClass
metadata:
name: private
Expand Down Expand Up @@ -98,7 +102,7 @@ resource "kubectl_manifest" "ec2nodeclass_public" {
count = local.karpenter.enabled ? 1 : 0

yaml_body = <<EOF
apiVersion: karpenter.sh/v1
apiVersion: karpenter.k8s.aws/v1
kind: EC2NodeClass
metadata:
name: public
Expand Down Expand Up @@ -144,8 +148,6 @@ resource "helm_release" "this" {
version = local.karpenter.chart_version
namespace = module.namespace[count.index].name
max_history = 3
repository_username = data.aws_ecrpublic_authorization_token.token.user_name
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm not sure it works. Let's test it together

Copy link
Author

@kvvit kvvit Sep 26, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I tested this yesterday in the sandbox account, and in the in one of the projects. All works fine. More over, this data works only for us-east-1 region. For other regions we need to use additional aws provider with alias.

repository_password = data.aws_ecrpublic_authorization_token.token.password

values = [
local.karpenter_values
Expand Down

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

6 changes: 6 additions & 0 deletions terragrunt/ACCOUNT_ID/us-east-1/demo/env.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,8 @@ eks_karpenter_nodepools:

spec:
nodeClassRef:
group: karpenter.k8s.aws
kind: EC2NodeClass
name: private

requirements:
Expand Down Expand Up @@ -68,6 +70,7 @@ eks_karpenter_nodepools:

disruption:
consolidationPolicy: WhenEmptyOrUnderutilized
consolidateAfter: 1m

limits:
cpu: "1000"
Expand All @@ -85,6 +88,8 @@ eks_karpenter_nodepools:

spec:
nodeClassRef:
group: karpenter.k8s.aws
kind: EC2NodeClass
name: public

taints:
Expand Down Expand Up @@ -130,6 +135,7 @@ eks_karpenter_nodepools:

disruption:
consolidationPolicy: WhenEmptyOrUnderutilized
consolidateAfter: 1m

limits:
cpu: "1000"
Expand Down

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Loading