From 865ff58acfd0f71c0a4880ff90eca6ec23fcc0e9 Mon Sep 17 00:00:00 2001 From: Andrej Kislovskij Date: Thu, 6 Jun 2024 10:44:50 +0300 Subject: [PATCH] feat: Backported support for 'self_managed' parameter --- main.tf | 275 ++++++++++++++++++++++++++++++++++++++++++++++++--- variables.tf | 36 +++++-- 2 files changed, 291 insertions(+), 20 deletions(-) diff --git a/main.tf b/main.tf index e35f4b2..42e3317 100644 --- a/main.tf +++ b/main.tf @@ -178,21 +178,36 @@ resource "helm_release" "castai_agent" { } } -resource "helm_release" "castai_evictor" { - name = "castai-evictor" +resource "helm_release" "castai_cluster_controller" { + count = var.self_managed ? 0 : 1 + + name = "cluster-controller" repository = "https://castai.github.io/helm-charts" - chart = "castai-evictor" + chart = "castai-cluster-controller" namespace = "castai-agent" create_namespace = true cleanup_on_fail = true wait = true - version = var.evictor_version - values = var.evictor_values + version = var.cluster_controller_version + values = var.cluster_controller_values set { - name = "replicaCount" - value = "0" + name = "aks.enabled" + value = "true" + } + + set { + name = "castai.clusterID" + value = castai_aks_cluster.castai_cluster.id + } + + dynamic "set" { + for_each = var.api_url != "" ? [var.api_url] : [] + content { + name = "castai.apiURL" + value = var.api_url + } } dynamic "set" { @@ -211,6 +226,11 @@ resource "helm_release" "castai_evictor" { } } + set_sensitive { + name = "castai.apiKey" + value = castai_aks_cluster.castai_cluster.cluster_token + } + depends_on = [helm_release.castai_agent] lifecycle { @@ -218,7 +238,9 @@ resource "helm_release" "castai_evictor" { } } -resource "helm_release" "castai_cluster_controller" { +resource "helm_release" "castai_cluster_controller_self_managed" { + count = var.self_managed ? 1 : 0 + name = "cluster-controller" repository = "https://castai.github.io/helm-charts" chart = "castai-cluster-controller" @@ -270,10 +292,6 @@ resource "helm_release" "castai_cluster_controller" { } depends_on = [helm_release.castai_agent] - - lifecycle { - ignore_changes = [version] - } } resource "null_resource" "wait_for_cluster" { @@ -301,7 +319,114 @@ resource "null_resource" "wait_for_cluster" { } } +resource "helm_release" "castai_evictor" { + count = var.self_managed ? 0 : 1 + + name = "castai-evictor" + repository = "https://castai.github.io/helm-charts" + chart = "castai-evictor" + namespace = "castai-agent" + create_namespace = true + cleanup_on_fail = true + wait = true + + version = var.evictor_version + values = var.evictor_values + + set { + name = "replicaCount" + value = "0" + } + + set { + name = "castai-evictor-ext.enabled" + value = "false" + } + + dynamic "set" { + for_each = var.castai_components_labels + content { + name = "podLabels.${set.key}" + value = set.value + } + } + + dynamic "set" { + for_each = var.castai_components_sets + content { + name = set.key + value = set.value + } + } + + depends_on = [helm_release.castai_agent] + + lifecycle { + ignore_changes = [set, version] + } +} + +resource "helm_release" "castai_evictor_self_managed" { + count = var.self_managed ? 1 : 0 + + name = "castai-evictor" + repository = "https://castai.github.io/helm-charts" + chart = "castai-evictor" + namespace = "castai-agent" + create_namespace = true + cleanup_on_fail = true + wait = true + + version = var.evictor_version + values = var.evictor_values + + set { + name = "replicaCount" + value = "0" + } + + set { + name = "castai-evictor-ext.enabled" + value = "false" + } + + dynamic "set" { + for_each = var.castai_components_labels + content { + name = "podLabels.${set.key}" + value = set.value + } + } + + dynamic "set" { + for_each = var.castai_components_sets + content { + name = set.key + value = set.value + } + } + + depends_on = [helm_release.castai_agent] +} + +resource "helm_release" "castai_evictor_ext" { + name = "castai-evictor-ext" + repository = "https://castai.github.io/helm-charts" + chart = "castai-evictor-ext" + namespace = "castai-agent" + create_namespace = false + cleanup_on_fail = true + wait = true + + version = var.evictor_ext_version + values = var.evictor_ext_values + + depends_on = [helm_release.castai_evictor] +} + resource "helm_release" "castai_pod_pinner" { + count = var.self_managed ? 0 : 1 + name = "castai-pod-pinner" repository = "https://castai.github.io/helm-charts" chart = "castai-pod-pinner" @@ -310,6 +435,8 @@ resource "helm_release" "castai_pod_pinner" { cleanup_on_fail = true wait = true + version = var.pod_pinner_version + set { name = "castai.clusterID" value = castai_aks_cluster.castai_cluster.id @@ -360,10 +487,73 @@ resource "helm_release" "castai_pod_pinner" { depends_on = [helm_release.castai_agent] lifecycle { - ignore_changes = [set, version] + ignore_changes = [version] } } +resource "helm_release" "castai_pod_pinner_self_managed" { + count = var.self_managed ? 1 : 0 + + name = "castai-pod-pinner" + repository = "https://castai.github.io/helm-charts" + chart = "castai-pod-pinner" + namespace = "castai-agent" + create_namespace = true + cleanup_on_fail = true + wait = true + + version = var.pod_pinner_version + + set { + name = "castai.clusterID" + value = castai_aks_cluster.castai_cluster.id + } + + dynamic "set" { + for_each = var.api_url != "" ? [var.api_url] : [] + content { + name = "castai.apiURL" + value = var.api_url + } + } + + set_sensitive { + name = "castai.apiKey" + value = castai_aks_cluster.castai_cluster.cluster_token + } + + dynamic "set" { + for_each = var.grpc_url != "" ? [var.grpc_url] : [] + content { + name = "castai.grpcURL" + value = var.grpc_url + } + } + + dynamic "set" { + for_each = var.castai_components_labels + content { + name = "podLabels.${set.key}" + value = set.value + } + } + + dynamic "set" { + for_each = var.castai_components_sets + content { + name = set.key + value = set.value + } + } + + set { + name = "replicaCount" + value = "0" + } + + depends_on = [helm_release.castai_agent] +} + resource "helm_release" "castai_spot_handler" { name = "castai-spot-handler" repository = "https://castai.github.io/helm-charts" @@ -419,7 +609,7 @@ resource "helm_release" "castai_spot_handler" { } resource "helm_release" "castai_kvisor" { - count = var.install_security_agent ? 1 : 0 + count = var.install_security_agent && !var.self_managed ? 1 : 0 name = "castai-kvisor" repository = "https://castai.github.io/helm-charts" @@ -479,6 +669,63 @@ resource "helm_release" "castai_kvisor" { } } +resource "helm_release" "castai_kvisor_self_managed" { + count = var.install_security_agent && var.self_managed ? 1 : 0 + + name = "castai-kvisor" + repository = "https://castai.github.io/helm-charts" + chart = "castai-kvisor" + namespace = "castai-agent" + create_namespace = true + cleanup_on_fail = true + + version = var.kvisor_version + values = var.kvisor_values + + set { + name = "castai.clusterID" + value = castai_aks_cluster.castai_cluster.id + } + + set_sensitive { + name = "castai.apiKey" + value = castai_aks_cluster.castai_cluster.cluster_token + } + + set { + name = "castai.grpcAddr" + value = var.api_grpc_addr + } + + set { + name = "controller.extraArgs.kube-linter-enabled" + value = "true" + } + + set { + name = "controller.extraArgs.image-scan-enabled" + value = "true" + } + + set { + name = "controller.extraArgs.kube-bench-enabled" + value = "true" + } + + set { + name = "controller.extraArgs.kube-bench-cloud-provider" + value = "aks" + } + + dynamic "set" { + for_each = var.castai_components_sets + content { + name = set.key + value = set.value + } + } +} + resource "castai_autoscaler" "castai_autoscaler_policies" { autoscaler_policies_json = var.autoscaler_policies_json cluster_id = castai_aks_cluster.castai_cluster.id diff --git a/variables.tf b/variables.tf index c51feea..02ae629 100644 --- a/variables.tf +++ b/variables.tf @@ -126,6 +126,12 @@ variable "evictor_values" { default = [] } +variable "evictor_ext_values" { + description = "List of YAML formatted string with evictor-ext values" + type = list(string) + default = [] +} + variable "kvisor_values" { description = "List of YAML formatted string values for kvisor helm chart" type = list(string) @@ -138,12 +144,6 @@ variable "agent_version" { default = null } -variable "spot_handler_version" { - description = "Version of castai-spot-handler helm chart. If not provided, latest version will be used." - type = string - default = null -} - variable "cluster_controller_version" { description = "Version of castai-cluster-controller helm chart. If not provided, latest version will be used." type = string @@ -156,12 +156,36 @@ variable "evictor_version" { default = null } +variable "evictor_ext_version" { + description = "Version of castai-evictor-ext chart. Default latest" + type = string + default = null +} + +variable "pod_pinner_version" { + description = "Version of pod-pinner helm chart. Default latest" + type = string + default = null +} + +variable "spot_handler_version" { + description = "Version of castai-spot-handler helm chart. If not provided, latest version will be used." + type = string + default = null +} + variable "kvisor_version" { description = "Version of kvisor chart. If not provided, latest version will be used." type = string default = null } +variable "self_managed" { + type = bool + default = false + description = "Whether CAST AI components' upgrades are managed by a customer; by default upgrades are managed CAST AI central system." +} + variable "wait_for_cluster_ready" { type = bool description = "Wait for cluster to be ready before finishing the module execution, this option requires `castai_api_token` to be set"