Releases: anyscale/terraform-kubernetes-anyscale-foundation-modules
Releases · anyscale/terraform-kubernetes-anyscale-foundation-modules
v0.6.9
📚 Documentation/Examples
Revert "Merge pull request #50 from alimaazamat/improve-terraform-outputs" @sys13 (#62)
Summary
- Reverts PR #50 (
alimaazamat/improve-terraform-outputs) which added extra outputs toexamples/azure/aks-new_cluster/outputs.tf - Removes the 15 lines of outputs that were added in that PR
Test plan
- Verify
examples/azure/aks-new_cluster/outputs.tfno longer contains the outputs added in #50 - Run
terraform validateinexamples/azure/aks-new_cluster/to confirm no issues
Made with Cursor
Contributors
sys13
Assets 2
v0.6.8
📚 Documentation/Examples
EKS node groups: unify subnet, security groups and allow all outbound traffic to itself @hongchaodeng (#60)
This is what looks like after apply:
Node Groups
All 3 node groups share the same subnets and same security groups.
┌──────────────┬────────────────────────┬───────────┬─────────────────┬──────────────────────────────────────────────────────┐
│ Node Group │ Instance Types │ Capacity │ Min/Max/Desired │ Taints │
├──────────────┼────────────────────────┼───────────┼─────────────────┼──────────────────────────────────────────────────────┤
│ default │ t3.medium │ ON_DEMAND │ 1/10/2 │ none │
├──────────────┼────────────────────────┼───────────┼─────────────────┼──────────────────────────────────────────────────────┤
│ ondemand_cpu │ m5.8xlarge, m5.4xlarge │ ON_DEMAND │ 0/10/0 │ node.anyscale.com/capacity-type=ON_DEMAND:NoSchedule │
├──────────────┼────────────────────────┼───────────┼─────────────────┼──────────────────────────────────────────────────────┤
│ spot_cpu │ m5.8xlarge, m5.4xlarge │ SPOT │ 0/10/0 │ node.anyscale.com/capacity-type=SPOT:NoSchedule │
└──────────────┴────────────────────────┴───────────┴─────────────────┴──────────────────────────────────────────────────────┘
---
Subnets (shared by all node groups)
┌─────────────────────┬───────────────────────────────────────────┬────────────────┬────────────┬───────────┐
│ Subnet ID │ Name │ CIDR │ AZ │ Public IP │
├─────────────────────┼───────────────────────────────────────────┼────────────────┼────────────┼───────────┤
│ subnet-<SUBNET_A> │ example-cluster-private-us-west-1a │ 172.24.20.0/24 │ us-west-1a │ No │
├─────────────────────┼───────────────────────────────────────────┼────────────────┼────────────┼───────────┤
│ subnet-<SUBNET_B> │ example-cluster-private-us-west-1b │ 172.24.21.0/24 │ us-west-1b │ No │
└─────────────────────┴───────────────────────────────────────────┴────────────────┴────────────┴───────────┘
---
Security Groups
1. Node SG — sg-<NODE_SG> (example-node-sg)
EKS node shared security group, attached to all node groups.
Ingress:
┌──────────────────────────────┬──────────┬────────────┬────────────────────────────────────┐
│ Source │ Protocol │ Ports │ Description │
├──────────────────────────────┼──────────┼────────────┼────────────────────────────────────┤
│ Self (node SG) │ All │ All │ Node to node ingress - all traffic │
├──────────────────────────────┼──────────┼────────────┼────────────────────────────────────┤
│ Self (node SG) │ TCP │ 53 │ Node to node CoreDNS │
├──────────────────────────────┼──────────┼────────────┼────────────────────────────────────┤
│ Self (node SG) │ UDP │ 53 │ Node to node CoreDNS UDP │
├──────────────────────────────┼──────────┼────────────┼────────────────────────────────────┤
│ Self (node SG) │ TCP │ 1025-65535 │ Node to node ephemeral ports │
├──────────────────────────────┼──────────┼────────────┼────────────────────────────────────┤
│ Cluster SG (sg-<CLUSTER_SG>) │ TCP │ 443 │ Cluster API to node groups │
├──────────────────────────────┼──────────┼────────────┼────────────────────────────────────┤
│ Cluster SG │ TCP │ 4443 │ Cluster API to node webhook │
├──────────────────────────────┼──────────┼────────────┼────────────────────────────────────┤
│ Cluster SG │ TCP │ 6443 │ Cluster API to node webhook │
├──────────────────────────────┼──────────┼────────────┼────────────────────────────────────┤
│ Cluster SG │ TCP │ 8443 │ Cluster API to node webhook │
├──────────────────────────────┼──────────┼────────────┼────────────────────────────────────┤
│ Cluster SG │ TCP │ 9443 │ Cluster API to node webhook │
├──────────────────────────────┼──────────┼────────────┼────────────────────────────────────┤
│ Cluster SG │ TCP │ 10250 │ Cluster API to node kubelets │
└──────────────────────────────┴──────────┴────────────┴────────────────────────────────────┘
Egress:
┌────────────────┬──────────┬───────┬───────────────────────────────────┐
│ Destination │ Protocol │ Ports │ Description │
├────────────────┼──────────┼───────┼───────────────────────────────────┤
│ 0.0.0.0/0 │ All │ All │ Allow all egress │
├────────────────┼──────────┼───────┼───────────────────────────────────┤
│ Self (node SG) │ All │ All │ Node to node egress - all traffic │
└────────────────┴──────────┴───────┴───────────────────────────────────┘
2. Cluster SG — sg-<CLUSTER_SG> (example-cluster-sg)
Attached to the EKS control plane.
Ingress:
┌──────────────────────────┬──────────┬───────┬────────────────────────────┐
│ Source │ Protocol │ Ports │ Description │
├──────────────────────────┼──────────┼───────┼────────────────────────────┤
│ Node SG (sg-<NODE_SG>) │ TCP │ 443 │ Node groups to cluster API │
└──────────────────────────┴──────────┴───────┴────────────────────────────┘
Egress: None explicit.
3. EKS-managed Cluster SG — sg-<EKS_MANAGED_SG>
Auto-created by EKS, applied to control plane ENIs and managed workloads.
Ingress:
┌────────┬──────────┬───────┬──────────────────┐
│ Source │ Protocol │ Ports │ Description │
├────────┼──────────┼───────┼──────────────────┤
│ Self │ All │ All │ Self-referencing │
└────────┴──────────┴───────┴──────────────────┘
Egress:
┌─────────────┬──────────┬───────┬──────────────────┐
│ Destination │ Protocol │ Ports │ Description │
├─────────────┼──────────┼───────┼──────────────────┤
│ 0.0.0.0/0 │ All │ All │ Allow all egress │
Pull request checklist
Please check if your PR fulfills the following requirements:
- pre-commit has been run
- Tests for the changes have been added (for bug fixes / features)
- All tests passing
- Docs have been reviewed and added / updated if needed (for bug fixes / features)
Pull Request Type
- Bugfix
- New feature
- Refactoring (no functional changes)
- Documentation change
- Other (please describe):
Does this introduce a breaking change?
- Yes
- No
Other information
chore: more descriptive outputs for easier use in portal @alimaazamat (#50)
Pull request checklist
Please check if your PR fulfills the following requirements:
- pre-commit has been run
- Tests for the changes have been added (for bug fixes / features)
- All tests passing
- Docs have been reviewed and added / updated if needed (for bug fixes / features)
Pull Request Type
- Bugfix
- New feature
- Refactoring (no functional changes)
- Documentation change
- Other (please describe):
Does this introduce a breaking change?
- Yes
- No
Other information
Contributors
hongchaodeng and alimaazamat
Assets 2
v0.6.7
📚 Documentation/Examples
fix: add var for azure provider auth @chrisfellowes-anyscale (#59)
Pull request checklist
Please check if your PR fulfills the following requirements:
- pre-commit has been run
- Tests for the changes have been added (for bug fixes / features)
- All tests passing
- Docs have been reviewed and added / updated if needed (for bug fixes / features)
Pull Request Type
- Bugfix
- New feature
- Refactoring (no functional changes)
- Documentation change
- Other (please describe):
Does this introduce a breaking change?
- Yes
- No
add variable so users can configure whether the provider will use Shared Key or AzureAD for auth, this is required for some environments where SharedKey is disabled
Other information
Contributors
chrisfellowes-anyscale
Assets 2
v0.6.6
📚 Documentation/Examples
add claude skills to deploy eks/gke/aks @hongchaodeng (#58)
- Add Claude Code skills (/deploy-aws-eks, /deploy-gcp-gke, /deploy-azure-aks) that provide interactive, step-by-step deployment guidance for each cloud provider's Kubernetes example
- Update READMEs for all three examples (examples/aws/eks-public/, examples/gcp/gke-new_cluster/, examples/azure/aks-new_cluster/) with a Claude Code Guided Deployment section
Pull request checklist
Please check if your PR fulfills the following requirements:
- pre-commit has been run
- Tests for the changes have been added (for bug fixes / features)
- All tests passing
- Docs have been reviewed and added / updated if needed (for bug fixes / features)
Pull Request Type
- Bugfix
- New feature
- Refactoring (no functional changes)
- Documentation change
- Other (please describe):
Does this introduce a breaking change?
- Yes
- No
Other information
Contributors
hongchaodeng
Assets 2
v0.6.5
📚 Documentation/Examples
make vm_sizes input vars @chrisfellowes-anyscale (#57)
Pull request checklist
Please check if your PR fulfills the following requirements:
- pre-commit has been run
- Tests for the changes have been added (for bug fixes / features)
- All tests passing
- Docs have been reviewed and added / updated if needed (for bug fixes / features)
Pull Request Type
- Bugfix
- New feature
- Refactoring (no functional changes)
- Documentation change
- Other (please describe):
Does this introduce a breaking change?
- Yes
- [] No
If user had configured node_group_gpu_types to be non-default they will now need to edit gpu_pool_configs since the former has been removed.
if this value was left to default no change is required, t4 and a100 are provisioned by default
Other information
- add validations on gpu pool inputs to prevent user errors
attempted to run with my cluster provisioned by this PR, and got no changes. I updated the input var file to go from
variable "node_group_gpu_types" {
description = "GPU types to deploy"
type = list(string)
default = ["T4"]
}
to
variable "gpu_pool_configs" {
description = "GPU pool configurations"
type = map(object({
name = string
vm_size = string
product_name = string
gpu_count = string
}))
default = {
T4 = {
name = "gput4"
vm_size = "Standard_NC16as_T4_v3"
product_name = "NVIDIA-T4"
gpu_count = "1"
}
}
}
Contributors
chrisfellowes-anyscale
Assets 2
v0.6.4
📚 Documentation/Examples
refactor + update azure module @chrisfellowes-anyscale (#56)
Pull request checklist
Please check if your PR fulfills the following requirements:
- pre-commit has been run
- Tests for the changes have been added (for bug fixes / features)
- All tests passing
- Docs have been reviewed and added / updated if needed (for bug fixes / features)
Pull Request Type
- Bugfix
- New feature
- Refactoring (no functional changes)
- Documentation change
- Other (please describe):
Does this introduce a breaking change?
- Yes
- No
The module will now skip provisioning infrastructure required for the operator if enable_operator_infrastructure is set to false. By default this is currently set to true but may be changed in a future update. I have used moved blocks to allow for this to be backwards compatible
The module will also now add additional Azure spot annotations to spot node pools, which will trigger node pool restarts.
Other information
- change hard-coded network CIDRs to be variables
- add optional logic to provision NFS
- add optional logic to provision blob-driver for AKS
- make operator infrastructure optional and disabled by default, this is not required when using the Anyscale on Azure since the resource provider will use ARM templates to provision these
- add azure spot taints to spot pools
- add additional outputs, misc other small fixes
with enable_operator_infrastructure = false the new Azure ARM templates successfully provision the operator automatically
Contributors
chrisfellowes-anyscale
Assets 2
v0.6.3
📚 Documentation/Examples
update azure outputs (helm commands) and readme @hongchaodeng (#53)
Pull request checklist
Please check if your PR fulfills the following requirements:
- pre-commit has been run
- Tests for the changes have been added (for bug fixes / features)
- All tests passing
- Docs have been reviewed and added / updated if needed (for bug fixes / features)
Pull Request Type
- Bugfix
- New feature
- Refactoring (no functional changes)
- Documentation change
- Other (please describe):
Does this introduce a breaking change?
- Yes
- No
Other information
Contributors
hongchaodeng
Assets 2
v0.6.2
📚 Documentation/Examples
Add CORS to Azure bucket storage @brycehuang30 (#52)
Changes
This PR adds blob storage CORS config for Azure cloud, to codify the existing CORS + required CORS for enabling partial read from blob object (to support Optimized File Viewer).
S3 config is updated here: anyscale/terraform-aws-anyscale-cloudfoundation-modules#86
GCS config already has it; doesn't require update: https://github.com/anyscale/terraform-google-anyscale-cloudfoundation-modules/blob/main/modules/google-anyscale-cloudstorage/variables.tf#L233-L240
Test
$ terraform plan
...
+ blob_properties {
+ change_feed_enabled = false
+ default_service_version = (known after apply)
+ last_access_time_enabled = false
+ versioning_enabled = false
+ cors_rule {
+ allowed_headers = [
+ "*",
]
+ allowed_methods = [
+ "GET",
+ "POST",
+ "PUT",
+ "HEAD",
+ "DELETE",
]
+ allowed_origins = [
+ "https://*.anyscale.com",
]
+ exposed_headers = [
+ "Accept-Ranges",
+ "Content-Range",
+ "Content-Length",
]
+ max_age_in_seconds = 0
}
}
...
Pull request checklist
Please check if your PR fulfills the following requirements:
- pre-commit has been run
- Tests for the changes have been added (for bug fixes / features)
- All tests passing
- Docs have been reviewed and added / updated if needed (for bug fixes / features)
Pull Request Type
- Bugfix
- New feature
- Refactoring (no functional changes)
- Documentation change
- Other (please describe):
Does this introduce a breaking change?
- Yes
- No
Other information
Contributors
brycehuang30
Assets 2
v0.6.1
📚 Documentation/Examples
Added Azure on Variable.tf and Readme.MD for Terraform configuration @bobmital (#49)
Pull request checklist
Please check if your PR fulfills the following requirements:
- pre-commit has been run
- Tests for the changes have been added (for bug fixes / features)
- All tests passing
- Docs have been reviewed and added / updated if needed (for bug fixes / features)
Pull Request Type
- Bugfix
- New feature
- Refactoring (no functional changes)
- Documentation change
- Other (please describe):
Does this introduce a breaking change?
- Yes
- No
Other information
Contributors
bobmital
Assets 2
v0.6.0
🚀 Enhancements
Update EKS examples to use new AMI and Variable for Disk Size @brent-anyscale (#48)
Pull request checklist
Please check if your PR fulfills the following requirements:
- pre-commit has been run
- Tests for the changes have been added (for bug fixes / features)
- All tests passing
- Docs have been reviewed and added / updated if needed (for bug fixes / features)
Pull Request Type
- Bugfix
- New feature
- Refactoring (no functional changes)
- Documentation change
- Other (please describe):
Does this introduce a breaking change?
- Yes
- No
This will upgrade the node pool disk size and the AMI in use by GPU node pools. Terraform will replace existing node pools.
📚 Documentation/Examples
Update EKS examples to use new AMI and Variable for Disk Size @brent-anyscale (#48)
Pull request checklist
Please check if your PR fulfills the following requirements:
- pre-commit has been run
- Tests for the changes have been added (for bug fixes / features)
- All tests passing
- Docs have been reviewed and added / updated if needed (for bug fixes / features)
Pull Request Type
- Bugfix
- New feature
- Refactoring (no functional changes)
- Documentation change
- Other (please describe):
Does this introduce a breaking change?
- Yes
- No
This will upgrade the node pool disk size and the AMI in use by GPU node pools. Terraform will replace existing node pools.
Contributors
brent-anyscale