Merge pull request #3 from karimzakzouk/Marwan-HPA-1

HPA Added

Author: karimzakzouk

Terraform/1-provider.tf

@@ -1,4 +1,4 @@
 # Configure the AWS Provider
 provider "aws" {
   region = "us-east-1"
-}
+}

Terraform/3-main.tf

@@ -1,19 +1,27 @@
 module "vpc" {
-  source                = "./modules/vpc"
-  
-  vpc_cidr              = var.vpc_cidr
-  availability_zones    = var.availability_zones
-  public_subnet_cidrs   = var.public_subnet_cidrs
-  private_subnet_cidrs  = var.private_subnet_cidrs
-  cluster_name          = var.cluster_name
+  source = "./modules/vpc"
+
+  vpc_cidr             = var.vpc_cidr
+  availability_zones   = var.availability_zones
+  public_subnet_cidrs  = var.public_subnet_cidrs
+  private_subnet_cidrs = var.private_subnet_cidrs
+  cluster_name         = var.cluster_name
 }
 
 module "eks" {
-  source                = "./modules/eks"
-  
-  cluster_name          = var.cluster_name
-  cluster_version       = var.cluster_version
-  vpc_id                = module.vpc.vpc_id
-  subnet_ids            = module.vpc.private_subnet_ids
-  node_groups           = var.node_groups
+  source = "./modules/eks"
+
+  cluster_name    = var.cluster_name
+  cluster_version = var.cluster_version
+  vpc_id          = module.vpc.vpc_id
+  subnet_ids      = module.vpc.private_subnet_ids
+  node_groups     = var.node_groups
+}
+
+# EKS Addon: metrics-server (enables HPA CPU/memory metrics)
+resource "aws_eks_addon" "metrics_server" {
+  cluster_name      = module.eks.cluster_name
+  addon_name        = "metrics-server"
+  addon_version     = null
+  resolve_conflicts = "OVERWRITE"
 }

Terraform/modules/eks/main.tf

@@ -1,11 +1,11 @@
 resource "aws_eks_cluster" "main" {
-  name          = var.cluster_name
-  version       = var.cluster_version
-  role_arn      = aws_iam_role.cluster.arn
+  name     = var.cluster_name
+  version  = var.cluster_version
+  role_arn = aws_iam_role.cluster.arn
 
   access_config {
-    authentication_mode                           = "API_AND_CONFIG_MAP"
-    bootstrap_cluster_creator_admin_permissions   = true
+    authentication_mode                         = "API_AND_CONFIG_MAP"
+    bootstrap_cluster_creator_admin_permissions = true
   }
 
   vpc_config {
@@ -72,11 +72,11 @@ resource "aws_iam_role_policy_attachment" "node_policy" {
 
 
 resource "aws_eks_node_group" "main" {
-  for_each          = var.node_groups
-  cluster_name      = aws_eks_cluster.main.name
-  node_group_name   = each.key
-  node_role_arn     = aws_iam_role.node.arn
-  subnet_ids        = var.subnet_ids
+  for_each        = var.node_groups
+  cluster_name    = aws_eks_cluster.main.name
+  node_group_name = each.key
+  node_role_arn   = aws_iam_role.node.arn
+  subnet_ids      = var.subnet_ids
 
   scaling_config {
     desired_size = each.value.scaling_config.desired_size
@@ -92,4 +92,3 @@ resource "aws_eks_node_group" "main" {
     aws_iam_role_policy_attachment.node_policy
   ]
 }
-

argocd/application.yml

@@ -6,12 +6,15 @@ metadata:
 spec:
   project: default
   source:
-    repoURL: 'https://github.com/KarimZakzouk/Graduation-Project-Devops'
+    repoURL: "https://github.com/KarimZakzouk/Graduation-Project-Devops"
     targetRevision: main
     path: helm
     helm:
       valueFiles:
         - values.yaml
+      parameters:
+        - name: namespace
+          value: ${APP_NAMESPACE}
   destination:
     server: https://kubernetes.default.svc
     namespace: ${APP_NAMESPACE}

backend/main.tf

@@ -20,9 +20,9 @@ resource "aws_s3_bucket" "terraform_state" {
 
 # DynamoDB Table for state locking
 resource "aws_dynamodb_table" "terraform_locks" {
-  name           = "solar-system-terraform-locks"
-  billing_mode   = "PAY_PER_REQUEST"
-  hash_key       = "LockID"
+  name         = "solar-system-terraform-locks"
+  billing_mode = "PAY_PER_REQUEST"
+  hash_key     = "LockID"
 
   attribute {
     name = "LockID"
@@ -37,8 +37,8 @@ resource "aws_dynamodb_table" "terraform_locks" {
 # IAM OIDC Provider for GitHub
 # ----------------------------
 resource "aws_iam_openid_connect_provider" "github" {
-  url            = "https://token.actions.githubusercontent.com"
-  client_id_list = ["sts.amazonaws.com"]
+  url             = "https://token.actions.githubusercontent.com"
+  client_id_list  = ["sts.amazonaws.com"]
   thumbprint_list = ["1c58a3a8518e8759bf075b76b750d4f2df264fcd"]
 }
 
@@ -96,7 +96,7 @@ resource "aws_iam_role_policy" "github_actions_infra_policy" {
           "s3:DeleteBucket",
           "s3:GetBucketLocation",
           "s3:ListAllMyBuckets",
-          
+
           # DynamoDB for state locking
           "dynamodb:GetItem",
           "dynamodb:PutItem",
@@ -107,13 +107,13 @@ resource "aws_iam_role_policy" "github_actions_infra_policy" {
           "dynamodb:TagResource",
           "dynamodb:UntagResource",
           "dynamodb:ListTagsOfResource",
-          
+
           # EC2/VPC permissions
           "ec2:*",
-          
+
           # EKS permissions
           "eks:*",
-          
+
           # IAM permissions (be more specific in production)
           "iam:CreateRole",
           "iam:DeleteRole",
@@ -146,7 +146,7 @@ resource "aws_iam_role_policy" "github_actions_infra_policy" {
           "iam:TagRole",
           "iam:UntagRole",
           "iam:ListRoleTags",
-          
+
           # Additional permissions for EKS
           "autoscaling:*",
           "logs:*",
@@ -156,4 +156,4 @@ resource "aws_iam_role_policy" "github_actions_infra_policy" {
       }
     ]
   })
-}
+}

helm/templates/deployment.yaml

@@ -3,7 +3,9 @@ kind: Deployment
 metadata:
   name: {{ .Release.Name }}
 spec:
+  {{- if not .Values.autoscaling.enabled }}
   replicas: {{ .Values.replicaCount }}
+  {{- end }}
   selector:
     matchLabels:
       app: {{ .Release.Name }}
@@ -33,4 +35,4 @@ spec:
               valueFrom:
                 secretKeyRef:
                   name: mongo-secrets
-                  key: MONGO_PASSWORD
+                  key: MONGO_PASSWORD

helm/templates/hpa.yaml

@@ -0,0 +1,30 @@
+apiVersion: autoscaling/v2
+
+kind: HorizontalPodAutoscaler
+
+metadata:
+  name: {{ .Release.Name }}
+  namespace: {{ .Release.Namespace }}
+
+spec:
+  scaleTargetRef:
+    apiVersion: apps/v1
+    kind: Deployment
+    name: {{ .Release.Name }}
+
+  minReplicas: {{ .Values.autoscaling.minReplicas }}
+  maxReplicas: {{ .Values.autoscaling.maxReplicas }}
+
+  metrics:
+  - type: Resource
+    resource:
+      name: cpu
+      target:
+        type: Utilization
+        averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }}
+  - type: Resource
+    resource:
+      name: memory
+      target:
+        type: Utilization
+        averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }}

helm/values.yaml

@@ -11,4 +11,19 @@ service:
   port: 80
   targetPort: 3000
 
-namespace: "" 
+namespace: ""
+
+resources:
+  requests:
+    cpu: 100m
+    memory: 128Mi
+  limits:
+    cpu: 500m
+    memory: 512Mi
+
+autoscaling:
+  enabled: true
+  minReplicas: 1
+  maxReplicas: 10
+  targetCPUUtilizationPercentage: 80
+  targetMemoryUtilizationPercentage: 80