Apply fixes

bonclay7 · bonclay7 · commit b2e631140c41 · 2022-09-03T16:21:15.000+02:00
diff --git a/examples/eks-cluster-with-vpc/main.tf b/examples/eks-cluster-with-vpc/main.tf
@@ -52,7 +52,7 @@ module "eks_blueprints" {
   managed_node_groups = {
     mg_5 = {
       node_group_name = "managed-ondemand"
-      instance_types  = ["m5.large"]
+      instance_types  = ["t3.xlarge"]
       min_size        = 2
       subnet_ids      = module.vpc.private_subnets
     }
diff --git a/examples/existing-cluster-with-base-and-infra/main.tf b/examples/existing-cluster-with-base-and-infra/main.tf
@@ -89,6 +89,7 @@ provider "grafana" {
   auth = var.grafana_api_key
 }
 
+//*
 module "workloads_infra" {
   source = "../../modules/workloads/infra"
   # source = "aws-observability/terrarom-aws-observability-accelerator/workloads/infra"
@@ -107,3 +108,4 @@ module "workloads_infra" {
     module.eks_observability_accelerator
   ]
 }
+//*/
diff --git a/modules/workloads/infra/locals.tf b/modules/workloads/infra/locals.tf
@@ -10,7 +10,7 @@ data "aws_eks_cluster" "eks_cluster" {
 
 locals {
   name      = "adot-collector-kubeprometheus"
-  namespace = try(var.config.helm_config.namespace, local.name)
+  namespace = try(var.helm_config.namespace, local.name)
 
   eks_oidc_issuer_url  = replace(data.aws_eks_cluster.eks_cluster.identity[0].oidc[0].issuer, "https://", "")
   eks_cluster_endpoint = data.aws_eks_cluster.eks_cluster.endpoint
diff --git a/modules/workloads/infra/main.tf b/modules/workloads/infra/main.tf
@@ -9,15 +9,15 @@ terraform {
 
 resource "helm_release" "kube_state_metrics" {
   count            = var.enable_kube_state_metrics ? 1 : 0
-  chart            = var.config.ksm_helm_chart_name
-  create_namespace = var.config.kms_create_namespace
-  namespace        = var.config.ksm_k8s_namespace
-  name             = var.config.ksm_helm_release_name
-  version          = var.config.ksm_helm_chart_version
-  repository       = var.config.ksm_helm_repo_url
+  chart            = var.ksm_config.helm_chart_name
+  create_namespace = var.ksm_config.create_namespace
+  namespace        = var.ksm_config.k8s_namespace
+  name             = var.ksm_config.helm_release_name
+  version          = var.ksm_config.helm_chart_version
+  repository       = var.ksm_config.helm_repo_url
 
   dynamic "set" {
-    for_each = var.config.ksm_helm_settings
+    for_each = var.ksm_config.helm_settings
     content {
       name  = set.key
       value = set.value
@@ -27,15 +27,15 @@ resource "helm_release" "kube_state_metrics" {
 
 resource "helm_release" "prometheus_node_exporter" {
   count            = var.enable_node_exporter ? 1 : 0
-  chart            = var.config.ne_helm_chart_name
-  create_namespace = var.config.ne_create_namespace
-  namespace        = var.config.ne_k8s_namespace
-  name             = var.config.ne_helm_release_name
-  version          = var.config.ne_helm_chart_version
-  repository       = var.config.ne_helm_repo_url
+  chart            = var.ne_config.helm_chart_name
+  create_namespace = var.ne_config.create_namespace
+  namespace        = var.ne_config.k8s_namespace
+  name             = var.ne_config.helm_release_name
+  version          = var.ne_config.helm_chart_version
+  repository       = var.ne_config.helm_repo_url
 
   dynamic "set" {
-    for_each = var.config.ne_helm_settings
+    for_each = var.ne_config.helm_settings
     content {
       name  = set.key
       value = set.value
@@ -46,6 +46,8 @@ resource "helm_release" "prometheus_node_exporter" {
 module "helm_addon" {
   source = "github.com/aws-ia/terraform-aws-eks-blueprints/modules/kubernetes-addons/helm-addon"
 
+  count = 1
+
   helm_config = merge(
     {
       name        = local.name
@@ -90,14 +92,13 @@ module "helm_addon" {
       name  = "ekscluster"
       value = local.context.eks_cluster_id
     },
-
   ]
 
   irsa_config = {
     create_kubernetes_namespace       = true
     kubernetes_namespace              = local.namespace
     create_kubernetes_service_account = true
-    kubernetes_service_account        = try(var.config.helm_config.service_account, local.name)
+    kubernetes_service_account        = try(var.helm_config.service_account, local.name)
     irsa_iam_policies                 = ["arn:${data.aws_partition.current.partition}:iam::aws:policy/AmazonPrometheusRemoteWriteAccess"]
   }
 
diff --git a/modules/workloads/infra/otel-config/templates/opentelemetrycollector.yaml b/modules/workloads/infra/otel-config/templates/opentelemetrycollector.yaml
@@ -265,9 +265,8 @@ spec:
               metrics_path: /metrics
               scheme: https
               tls_config:
-                ca_file: /etc/prometheus/certs/secret_default_kube-prometheus-stack-admission_ca
-                server_name: kube-prometheus-stack-operator
-                insecure_skip_verify: false
+                ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
+                insecure_skip_verify: true
               follow_redirects: true
               enable_http2: true
               relabel_configs:
@@ -594,7 +593,6 @@ spec:
                     own_namespace: false
                     names:
                     - kube-system
-
             - job_name: serviceMonitor/default/kube-prometheus-stack-kubelet/0
               honor_labels: true
               honor_timestamps: true
@@ -1350,7 +1348,6 @@ spec:
                     own_namespace: false
                     names:
                     - kube-system
-
             - job_name: serviceMonitor/default/kube-prometheus-stack-apiserver/0
               honor_timestamps: true
               scrape_interval: 30s
@@ -1565,6 +1562,10 @@ spec:
             - job_name: 'node-exporter'
               kubernetes_sd_configs:
                 - role: endpoints
+              tls_config:
+                ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
+                insecure_skip_verify: true
+
     exporters:
       prometheusremotewrite:
         endpoint: {{ .Values.ampurl }}
diff --git a/modules/workloads/infra/variables.tf b/modules/workloads/infra/variables.tf
@@ -62,62 +62,59 @@ variable "enable_kube_state_metrics" {
   default = true
 }
 
+variable "ksm_config" {
+  type = object({
+    create_namespace   = bool
+    k8s_namespace      = string
+    helm_chart_name    = string
+    helm_chart_version = string
+    helm_release_name  = string
+    helm_repo_url      = string
+    helm_settings      = map(string)
+    helm_values        = map(any)
+  })
+
+  default = {
+    create_namespace   = true
+    helm_chart_name    = "kube-state-metrics"
+    helm_chart_version = "4.16.0"
+    helm_release_name  = "kube-state-metrics"
+    helm_repo_url      = "https://prometheus-community.github.io/helm-charts"
+    helm_settings      = {}
+    helm_values        = {}
+    k8s_namespace      = "kube-system"
+  }
+  nullable = false
+}
+
 variable "enable_node_exporter" {
   type    = bool
   default = true
 }
-
-variable "config" {
+variable "ne_config" {
   type = object({
-    helm_config = map(any)
-
-    kms_create_namespace   = bool
-    ksm_k8s_namespace      = string
-    ksm_helm_chart_name    = string
-    ksm_helm_chart_version = string
-    ksm_helm_release_name  = string
-    ksm_helm_repo_url      = string
-    ksm_helm_settings      = map(string)
-    ksm_helm_values        = map(any)
-
-    ne_create_namespace   = bool
-    ne_k8s_namespace      = string
-    ne_helm_chart_name    = string
-    ne_helm_chart_version = string
-    ne_helm_release_name  = string
-    ne_helm_repo_url      = string
-    ne_helm_settings      = map(string)
-    ne_helm_values        = map(any)
-
+    create_namespace   = bool
+    k8s_namespace      = string
+    helm_chart_name    = string
+    helm_chart_version = string
+    helm_release_name  = string
+    helm_repo_url      = string
+    helm_settings      = map(string)
+    helm_values        = map(any)
   })
 
   default = {
-    enable_kube_state_metrics = true
-    enable_node_exporter      = true
-
-    helm_config = {}
-
-    kms_create_namespace   = true
-    ksm_helm_chart_name    = "kube-state-metrics"
-    ksm_helm_chart_version = "4.9.2"
-    ksm_helm_release_name  = "kube-state-metrics"
-    ksm_helm_repo_url      = "https://prometheus-community.github.io/helm-charts"
-    ksm_helm_settings      = {}
-    ksm_helm_values        = {}
-    ksm_k8s_namespace      = "kube-system"
-
-    ne_create_namespace   = true
-    ne_k8s_namespace      = "prometheus-node-exporter"
-    ne_helm_chart_name    = "prometheus-node-exporter"
-    ne_helm_chart_version = "2.0.3"
-    ne_helm_release_name  = "prometheus-node-exporter"
-    ne_helm_repo_url      = "https://prometheus-community.github.io/helm-charts"
-    ne_helm_settings      = {}
-    ne_helm_values        = {}
+    create_namespace   = true
+    helm_chart_name    = "prometheus-node-exporter"
+    helm_chart_version = "2.0.3"
+    helm_release_name  = "prometheus-node-exporter"
+    helm_repo_url      = "https://prometheus-community.github.io/helm-charts"
+    helm_settings      = {}
+    helm_values        = {}
+    k8s_namespace      = "prometheus-node-exporter"
   }
   nullable = false
 }
-
 variable "tags" {
   description = "Additional tags (e.g. `map('BusinessUnit`,`XYZ`)"
   type        = map(string)

Original file line number	Diff line number	Diff line change
`@@ -52,7 +52,7 @@ module "eks_blueprints" {`
`52`	`52`	`managed_node_groups = {`
`53`	`53`	`mg_5 = {`
`54`	`54`	`node_group_name = "managed-ondemand"`
`55`		`- instance_types = ["m5.large"]`
	`55`	`+ instance_types = ["t3.xlarge"]`
`56`	`56`	`min_size = 2`
`57`	`57`	`subnet_ids = module.vpc.private_subnets`
`58`	`58`	`}`
Original file line number	Diff line number	Diff line change
`@@ -89,6 +89,7 @@ provider "grafana" {`
`89`	`89`	`auth = var.grafana_api_key`
`90`	`90`	`}`
`91`	`91`
	`92`	`+//*`
`92`	`93`	`module "workloads_infra" {`
`93`	`94`	`source = "../../modules/workloads/infra"`
`94`	`95`	`# source = "aws-observability/terrarom-aws-observability-accelerator/workloads/infra"`
`@@ -107,3 +108,4 @@ module "workloads_infra" {`
`107`	`108`	`module.eks_observability_accelerator`
`108`	`109`	`]`
`109`	`110`	`}`
	`111`	`+//*/`