From c4664aaf6134f9cb9fbbedcf6df13864fdf576e7 Mon Sep 17 00:00:00 2001 From: Nidhi Gupta Date: Fri, 24 Jan 2025 13:18:02 -0500 Subject: [PATCH 1/6] code --- .github/workflows/cd.yaml | 38 ++++ nginx/eks_auto/hpa.yaml | 13 ++ nginx/eks_auto/load_generator.yaml | 20 ++ nginx/fargate/deploy_fargate.yaml | 6 +- nginx/kubectl.txt | 10 +- retail/nodeclass.yaml | 23 ++ retail/nodepool.yaml | 24 +++ retail/readme.md | 3 + retail/test.yaml | 0 terraform/eks.tf | 39 ---- terraform/{ => eks_nodegroup}/data.tf | 4 + terraform/eks_nodegroup/eks.tf | 60 ++++++ terraform/eks_nodegroup/providers.tf | 10 + terraform/{ => eks_nodegroup}/vpc.tf | 10 +- terraform/iam.tf | 68 ------ terraform/main.tf | 289 -------------------------- terraform/providers.tf | 3 - terraform/variables.tf | 3 - 18 files changed, 212 insertions(+), 411 deletions(-) create mode 100644 .github/workflows/cd.yaml create mode 100644 nginx/eks_auto/hpa.yaml create mode 100644 nginx/eks_auto/load_generator.yaml create mode 100644 retail/nodeclass.yaml create mode 100644 retail/nodepool.yaml create mode 100644 retail/test.yaml delete mode 100644 terraform/eks.tf rename terraform/{ => eks_nodegroup}/data.tf (78%) create mode 100644 terraform/eks_nodegroup/eks.tf create mode 100644 terraform/eks_nodegroup/providers.tf rename terraform/{ => eks_nodegroup}/vpc.tf (100%) delete mode 100644 terraform/iam.tf delete mode 100644 terraform/main.tf delete mode 100644 terraform/providers.tf delete mode 100644 terraform/variables.tf diff --git a/.github/workflows/cd.yaml b/.github/workflows/cd.yaml new file mode 100644 index 0000000..1da7422 --- /dev/null +++ b/.github/workflows/cd.yaml @@ -0,0 +1,38 @@ +name: Terraform Deployment + +on: + push: + paths: + - 'terraform/**' + pull_request: + branches: + - main + +jobs: + terraform: + runs-on: ubuntu-latest + defaults: + run: + working-directory: ./terraform/eks_nodegroup + + steps: + - name: Checkout repository + uses: actions/checkout@v2 + + - name: Set up Terraform + uses: hashicorp/setup-terraform@v1 + with: + terraform_wrapper: true + + - name: Initialize Terraform + run: terraform init + + - name: Validate Terraform + run: terraform validate + + - name: Plan Terraform + run: terraform plan + + - name: Apply Terraform + if: github.ref == 'refs/heads/main' + run: terraform apply -auto-approve diff --git a/nginx/eks_auto/hpa.yaml b/nginx/eks_auto/hpa.yaml new file mode 100644 index 0000000..056560b --- /dev/null +++ b/nginx/eks_auto/hpa.yaml @@ -0,0 +1,13 @@ +apiVersion: autoscaling/v1 +kind: HorizontalPodAutoscaler +metadata: + name: hpa-2048 + namespace: game-2048 +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: deployment-2048 + minReplicas: 2 + maxReplicas: 10 + targetCPUUtilizationPercentage: 50 diff --git a/nginx/eks_auto/load_generator.yaml b/nginx/eks_auto/load_generator.yaml new file mode 100644 index 0000000..0914d75 --- /dev/null +++ b/nginx/eks_auto/load_generator.yaml @@ -0,0 +1,20 @@ +apiVersion: v1 +kind: Pod +metadata: + name: load-generator + namespace: game-2048 +spec: + containers: + - name: stress + image: progrium/stress + resources: + requests: + cpu: 500m # Request 0.5 CPU core + limits: + cpu: 1000m # Limit to 1 CPU core + command: + - stress + - --cpu + - "1" # Generate CPU load on 1 core + - --timeout + - "600s" # Run the stress test for 10 minutes (600 seconds) diff --git a/nginx/fargate/deploy_fargate.yaml b/nginx/fargate/deploy_fargate.yaml index 8aaeef9..d673e31 100644 --- a/nginx/fargate/deploy_fargate.yaml +++ b/nginx/fargate/deploy_fargate.yaml @@ -2,13 +2,13 @@ apiVersion: v1 kind: Namespace metadata: - name: fargate + name: default --- apiVersion: apps/v1 kind: Deployment metadata: name: eks-sample-linux-deployment - namespace: fargate + namespace: default labels: app: eks-sample-linux-app spec: @@ -45,7 +45,7 @@ apiVersion: v1 kind: Service metadata: name: eks-sample-linux-service - namespace: fargate + namespace: default labels: app: eks-sample-linux-app spec: diff --git a/nginx/kubectl.txt b/nginx/kubectl.txt index cd1b19d..9ebeceb 100644 --- a/nginx/kubectl.txt +++ b/nginx/kubectl.txt @@ -12,7 +12,8 @@ kubectl get deployment -n kube-system aws-load-balancer-controller helm uninstall aws-load-balancer-controller -n kube-system -kubectl get events -n eks-sample-app --sort-by='.metadata.creationTimestamp' | tail -n 10 +kubectl get events --sort-by='.metadata.creationTimestamp' | tail -n 10 +-n eks-sample-app kubectl annotate serviceaccount aws-load-balancer-controller -n kube-system eks.amazonaws.com/role-arn=arn:aws:iam::936379345511:role/acct-managed/AmazonEKSLoadBalancerControllerRole @@ -29,3 +30,10 @@ kubectl get pods -n kube-system -l app.kubernetes.io/name=aws-load-balancer-cont kubectl exec -it aws-load-balancer-controller-577d7f46d5-49w87 -n kube-system -- cat /var/run/secrets/eks.amazonaws.com/serviceaccount/token aws eks --region us-east-1 update-kubeconfig --name test + +kubectl run -i \ + --tty load-generator \ + --rm --image=busybox \ + --restart=Never \ + -- /bin/sh -c "while sleep 0.01; do wget -q -O- http://k8s-game2048-ingress2-2d00d5bb4b-1483018925.us-east-1.elb.amazonaws.com/; done" + diff --git a/retail/nodeclass.yaml b/retail/nodeclass.yaml new file mode 100644 index 0000000..64188ac --- /dev/null +++ b/retail/nodeclass.yaml @@ -0,0 +1,23 @@ +apiVersion: eks.amazonaws.com/v1 +kind: NodeClass +metadata: + name: custom +spec: + + # Required: Name of IAM Role for Nodes + role: "AmazonEKSAutoNodeRole" + + # Required: Subnet selection for node placement + subnetSelectorTerms: + - tags: + kubernetes.io/role/internal-elb: "1" + # Alternative using direct subnet ID + # - id: "subnet-0123456789abcdef0" + + # Required: Security group selection for nodes + securityGroupSelectorTerms: + - name: "eks-cluster-sg-eks-100493" + + # Alternative approaches: + # - id: "sg-0123456789abcdef0" + # - name: "eks-cluster-node-security-group" \ No newline at end of file diff --git a/retail/nodepool.yaml b/retail/nodepool.yaml new file mode 100644 index 0000000..6608a98 --- /dev/null +++ b/retail/nodepool.yaml @@ -0,0 +1,24 @@ +apiVersion: karpenter.sh/v1 +kind: NodePool +metadata: + name: custom +spec: + template: + metadata: + labels: + billing-team: custom-class + spec: + nodeClassRef: + group: eks.amazonaws.com + kind: NodeClass + name: private-compute + requirements: + - key: "eks.amazonaws.com/instance-category" + operator: In + values: ["t"] + - key: "eks.amazonaws.com/instance-cpu" + operator: In + values: ["4", "8", "16", "32"] + limits: + cpu: "1000" + memory: 1000Gi \ No newline at end of file diff --git a/retail/readme.md b/retail/readme.md index 1af15f0..8c3064a 100644 --- a/retail/readme.md +++ b/retail/readme.md @@ -9,3 +9,6 @@ helm install -f values.yaml retail-store-app oci://public.ecr.aws/aws-containers kubectl get statefulset retail-store-app-catalog-mysql \ -o jsonpath='{.spec.volumeClaimTemplates}' | jq . + +ndition transitioned, Type: NodeClassReady, Status: Unknown -> False, Reason: NodeClassNotFound, Message: NodeClass not found on cluster +46s Normal Ready nodepool/default \ No newline at end of file diff --git a/retail/test.yaml b/retail/test.yaml new file mode 100644 index 0000000..e69de29 diff --git a/terraform/eks.tf b/terraform/eks.tf deleted file mode 100644 index c5c812b..0000000 --- a/terraform/eks.tf +++ /dev/null @@ -1,39 +0,0 @@ -module "eks" { - source = "terraform-aws-modules/eks/aws" - version = "~> 20.0" - cluster_name = "eks-cluster" - cluster_version = "1.31" - bootstrap_self_managed_addons = false - cluster_addons = { - coredns = {} - eks-pod-identity-agent = {} - kube-proxy = {} - vpc-cni = {} - } - - # Optional - cluster_endpoint_public_access = true - - # Optional: Adds the current caller identity as an administrator via cluster access entry - enable_cluster_creator_admin_permissions = true - - vpc_id = module.vpc.id - subnet_ids = [data.aws_subnets.private_subnets.ids] - control_plane_subnet_ids = [data.aws_subnets.private_subnets.ids] - eks_managed_node_groups = { - example = { - # Starting on 1.30, AL2023 is the default AMI type for EKS managed node groups - ami_type = "AL2023_x86_64_STANDARD" - instance_types = ["t3.medium"] - - min_size = 2 - max_size = 2 - desired_size = 2 - } - } - - tags = { - Environment = "dev" - Terraform = "true" - } -} \ No newline at end of file diff --git a/terraform/data.tf b/terraform/eks_nodegroup/data.tf similarity index 78% rename from terraform/data.tf rename to terraform/eks_nodegroup/data.tf index aba4313..d623a46 100644 --- a/terraform/data.tf +++ b/terraform/eks_nodegroup/data.tf @@ -3,6 +3,10 @@ data "aws_subnets" "private_subnets" { name = "vpc-id" values = [module.vpc.vpc_id] } + filter { + name = "availability-zone" + values = ["us-east-1b", "us-east-1c"] # Replace with your cluster AZs + } filter { name = "tag:Name" values = ["*private*"] # This matches all subnets with a Name tag diff --git a/terraform/eks_nodegroup/eks.tf b/terraform/eks_nodegroup/eks.tf new file mode 100644 index 0000000..8e120ff --- /dev/null +++ b/terraform/eks_nodegroup/eks.tf @@ -0,0 +1,60 @@ + +module "eks" { + source = "terraform-aws-modules/eks/aws" + version = "~> 20.0" + cluster_name = "eks" + cluster_version = "1.31" + bootstrap_self_managed_addons = true + cluster_upgrade_policy = { + support_type = "STANDARD" + } + cluster_addons = { + coredns = {} + eks-pod-identity-agent = {} + kube-proxy = {} + vpc-cni = {} + } + + # Optional + cluster_endpoint_public_access = true + + # Optional: Adds the current caller identity as an administrator via cluster access entry + enable_cluster_creator_admin_permissions = true + + vpc_id = module.vpc.vpc_id + subnet_ids = data.aws_subnets.private_subnets.ids + control_plane_subnet_ids = data.aws_subnets.private_subnets.ids + tags = { + Environment = "dev" + Terraform = "true" + } +} + +module "eks_managed_node_group" { + source = "terraform-aws-modules/eks/aws//modules/eks-managed-node-group" +cluster_service_cidr = module.eks.cluster_service_cidr + name = "separate-eks-mng" + cluster_name = module.eks.cluster_name + cluster_version = "1.31" + + subnet_ids = data.aws_subnets.private_subnets.ids + cluster_primary_security_group_id = module.eks.cluster_primary_security_group_id + vpc_security_group_ids = [module.eks.node_security_group_id] + min_size = 1 + max_size = 2 + desired_size = 1 + + instance_types = ["t3.large"] + capacity_type = "SPOT" + + labels = { + Environment = "test" + GithubRepo = "terraform-aws-eks" + GithubOrg = "terraform-aws-modules" + } + + tags = { + Environment = "dev" + Terraform = "true" + } +} diff --git a/terraform/eks_nodegroup/providers.tf b/terraform/eks_nodegroup/providers.tf new file mode 100644 index 0000000..dd0c12d --- /dev/null +++ b/terraform/eks_nodegroup/providers.tf @@ -0,0 +1,10 @@ +provider "aws" { + region = "us-east-1" +} +terraform { + backend "s3" { + region = "us-east-1" + bucket = "devops4solutions-terraform" + key = "eks_cluster.tfstate" + } +} \ No newline at end of file diff --git a/terraform/vpc.tf b/terraform/eks_nodegroup/vpc.tf similarity index 100% rename from terraform/vpc.tf rename to terraform/eks_nodegroup/vpc.tf index ed0cc00..301cbfc 100644 --- a/terraform/vpc.tf +++ b/terraform/eks_nodegroup/vpc.tf @@ -1,6 +1,5 @@ module "vpc" { source = "terraform-aws-modules/vpc/aws" - name = "eks-vpc" cidr = "11.0.0.0/16" @@ -10,10 +9,7 @@ module "vpc" { enable_nat_gateway = true single_nat_gateway = true one_nat_gateway_per_az = false - tags = { - Terraform = "true" - Environment = "dev" - } + public_subnet_tags = { "kubernetes.io/role/elb" = 1 } @@ -21,4 +17,8 @@ module "vpc" { private_subnet_tags = { "kubernetes.io/role/internal-elb" = 1 } + tags = { + Terraform = "true" + Environment = "dev" + } } \ No newline at end of file diff --git a/terraform/iam.tf b/terraform/iam.tf deleted file mode 100644 index e03808d..0000000 --- a/terraform/iam.tf +++ /dev/null @@ -1,68 +0,0 @@ -module "lb_role" { - source = "terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks" - - role_name = "${var.env_name}_eks_lb" - attach_load_balancer_controller_policy = true - - oidc_providers = { - main = { - provider_arn = var.oidc_provider_arn - namespace_service_accounts = ["kube-system:aws-load-balancer-controller"] - } - } - } - - resource "kubernetes_service_account" "service-account" { - metadata { - name = "aws-load-balancer-controller" - namespace = "kube-system" - labels = { - "app.kubernetes.io/name" = "aws-load-balancer-controller" - "app.kubernetes.io/component" = "controller" - } - annotations = { - "eks.amazonaws.com/role-arn" = module.lb_role.iam_role_arn - "eks.amazonaws.com/sts-regional-endpoints" = "true" - } - } - } - - resource "helm_release" "alb-controller" { - name = "aws-load-balancer-controller" - repository = "https://aws.github.io/eks-charts" - chart = "aws-load-balancer-controller" - namespace = "kube-system" - depends_on = [ - kubernetes_service_account.service-account - ] - - set { - name = "region" - value = var.main-region - } - - set { - name = "vpcId" - value = var.vpc_id - } - - set { - name = "image.repository" - value = "602401143452.dkr.ecr.${var.main-region}.amazonaws.com/amazon/aws-load-balancer-controller" - } - - set { - name = "serviceAccount.create" - value = "false" - } - - set { - name = "serviceAccount.name" - value = "aws-load-balancer-controller" - } - - set { - name = "clusterName" - value = var.cluster_name - } - } \ No newline at end of file diff --git a/terraform/main.tf b/terraform/main.tf deleted file mode 100644 index ad6614b..0000000 --- a/terraform/main.tf +++ /dev/null @@ -1,289 +0,0 @@ -/*resource "aws_eks_cluster" "example" { - name = "example-cluster" - role_arn = aws_iam_role.example.arn - vpc_config { - subnet_ids = data.aws_subnets.private_subnets.ids - } - # Ensure that IAM Role permissions are created before and deleted - # after EKS Cluster handling. Otherwise, EKS will not be able to - # properly delete EKS managed EC2 infrastructure such as Security Groups. - depends_on = [ - aws_iam_role_policy_attachment.example-AmazonEKSClusterPolicy, - ] -}*/ - -resource "alks_iamrole" "role" { - name = "eks-alb-role" - - assume_role_policy = jsonencode({ - Version = "2012-10-17" - Statement = [ - { - Action = "sts:AssumeRole" - Effect = "Allow" - Principal = { - Service = "eks.amazonaws.com" - } - }, - ] - }) -} - -resource "aws_iam_policy_attachment" "test-attach" { - name = "test-attachment" - - roles = [alks_iamrole.role.name] - policy_arn = aws_iam_policy.policy.arn -} -resource "aws_iam_policy" "policy" { - name = "eks_alb_policy" - path = "/" - description = "eks_alb_policy" - policy = jsonencode({ - "Version": "2012-10-17", - "Statement": [ - { - "Effect": "Allow", - "Action": [ - "iam:CreateServiceLinkedRole" - ], - "Resource": "*", - "Condition": { - "StringEquals": { - "iam:AWSServiceName": "elasticloadbalancing.amazonaws.com" - } - } - }, - { - "Effect": "Allow", - "Action": [ - "ec2:DescribeAccountAttributes", - "ec2:DescribeAddresses", - "ec2:DescribeAvailabilityZones", - "ec2:DescribeInternetGateways", - "ec2:DescribeVpcs", - "ec2:DescribeVpcPeeringConnections", - "ec2:DescribeSubnets", - "ec2:DescribeSecurityGroups", - "ec2:DescribeInstances", - "ec2:DescribeNetworkInterfaces", - "ec2:DescribeTags", - "ec2:GetCoipPoolUsage", - "ec2:DescribeCoipPools", - "ec2:GetSecurityGroupsForVpc", - "elasticloadbalancing:DescribeLoadBalancers", - "elasticloadbalancing:DescribeLoadBalancerAttributes", - "elasticloadbalancing:DescribeListeners", - "elasticloadbalancing:DescribeListenerCertificates", - "elasticloadbalancing:DescribeSSLPolicies", - "elasticloadbalancing:DescribeRules", - "elasticloadbalancing:DescribeTargetGroups", - "elasticloadbalancing:DescribeTargetGroupAttributes", - "elasticloadbalancing:DescribeTargetHealth", - "elasticloadbalancing:DescribeTags", - "elasticloadbalancing:DescribeTrustStores", - "elasticloadbalancing:DescribeListenerAttributes", - "elasticloadbalancing:DescribeCapacityReservation" - ], - "Resource": "*" - }, - { - "Effect": "Allow", - "Action": [ - "cognito-idp:DescribeUserPoolClient", - "acm:ListCertificates", - "acm:DescribeCertificate", - "iam:ListServerCertificates", - "iam:GetServerCertificate", - "waf-regional:GetWebACL", - "waf-regional:GetWebACLForResource", - "waf-regional:AssociateWebACL", - "waf-regional:DisassociateWebACL", - "wafv2:GetWebACL", - "wafv2:GetWebACLForResource", - "wafv2:AssociateWebACL", - "wafv2:DisassociateWebACL", - "shield:GetSubscriptionState", - "shield:DescribeProtection", - "shield:CreateProtection", - "shield:DeleteProtection" - ], - "Resource": "*" - }, - { - "Effect": "Allow", - "Action": [ - "ec2:AuthorizeSecurityGroupIngress", - "ec2:RevokeSecurityGroupIngress" - ], - "Resource": "*" - }, - { - "Effect": "Allow", - "Action": [ - "ec2:CreateSecurityGroup" - ], - "Resource": "*" - }, - { - "Effect": "Allow", - "Action": [ - "ec2:CreateTags" - ], - "Resource": "arn:aws:ec2:*:*:security-group/*", - "Condition": { - "StringEquals": { - "ec2:CreateAction": "CreateSecurityGroup" - }, - "Null": { - "aws:RequestTag/elbv2.k8s.aws/cluster": "false" - } - } - }, - { - "Effect": "Allow", - "Action": [ - "ec2:CreateTags", - "ec2:DeleteTags" - ], - "Resource": "arn:aws:ec2:*:*:security-group/*", - "Condition": { - "Null": { - "aws:RequestTag/elbv2.k8s.aws/cluster": "true", - "aws:ResourceTag/elbv2.k8s.aws/cluster": "false" - } - } - }, - { - "Effect": "Allow", - "Action": [ - "ec2:AuthorizeSecurityGroupIngress", - "ec2:RevokeSecurityGroupIngress", - "ec2:DeleteSecurityGroup" - ], - "Resource": "*", - "Condition": { - "Null": { - "aws:ResourceTag/elbv2.k8s.aws/cluster": "false" - } - } - }, - { - "Effect": "Allow", - "Action": [ - "elasticloadbalancing:CreateLoadBalancer", - "elasticloadbalancing:CreateTargetGroup" - ], - "Resource": "*", - "Condition": { - "Null": { - "aws:RequestTag/elbv2.k8s.aws/cluster": "false" - } - } - }, - { - "Effect": "Allow", - "Action": [ - "elasticloadbalancing:CreateListener", - "elasticloadbalancing:DeleteListener", - "elasticloadbalancing:CreateRule", - "elasticloadbalancing:DeleteRule" - ], - "Resource": "*" - }, - { - "Effect": "Allow", - "Action": [ - "elasticloadbalancing:AddTags", - "elasticloadbalancing:RemoveTags" - ], - "Resource": [ - "arn:aws:elasticloadbalancing:*:*:targetgroup/*/*", - "arn:aws:elasticloadbalancing:*:*:loadbalancer/net/*/*", - "arn:aws:elasticloadbalancing:*:*:loadbalancer/app/*/*" - ], - "Condition": { - "Null": { - "aws:RequestTag/elbv2.k8s.aws/cluster": "true", - "aws:ResourceTag/elbv2.k8s.aws/cluster": "false" - } - } - }, - { - "Effect": "Allow", - "Action": [ - "elasticloadbalancing:AddTags", - "elasticloadbalancing:RemoveTags" - ], - "Resource": [ - "arn:aws:elasticloadbalancing:*:*:listener/net/*/*/*", - "arn:aws:elasticloadbalancing:*:*:listener/app/*/*/*", - "arn:aws:elasticloadbalancing:*:*:listener-rule/net/*/*/*", - "arn:aws:elasticloadbalancing:*:*:listener-rule/app/*/*/*" - ] - }, - { - "Effect": "Allow", - "Action": [ - "elasticloadbalancing:ModifyLoadBalancerAttributes", - "elasticloadbalancing:SetIpAddressType", - "elasticloadbalancing:SetSecurityGroups", - "elasticloadbalancing:SetSubnets", - "elasticloadbalancing:DeleteLoadBalancer", - "elasticloadbalancing:ModifyTargetGroup", - "elasticloadbalancing:ModifyTargetGroupAttributes", - "elasticloadbalancing:DeleteTargetGroup", - "elasticloadbalancing:ModifyListenerAttributes", - "elasticloadbalancing:ModifyCapacityReservation" - ], - "Resource": "*", - "Condition": { - "Null": { - "aws:ResourceTag/elbv2.k8s.aws/cluster": "false" - } - } - }, - { - "Effect": "Allow", - "Action": [ - "elasticloadbalancing:AddTags" - ], - "Resource": [ - "arn:aws:elasticloadbalancing:*:*:targetgroup/*/*", - "arn:aws:elasticloadbalancing:*:*:loadbalancer/net/*/*", - "arn:aws:elasticloadbalancing:*:*:loadbalancer/app/*/*" - ], - "Condition": { - "StringEquals": { - "elasticloadbalancing:CreateAction": [ - "CreateTargetGroup", - "CreateLoadBalancer" - ] - }, - "Null": { - "aws:RequestTag/elbv2.k8s.aws/cluster": "false" - } - } - }, - { - "Effect": "Allow", - "Action": [ - "elasticloadbalancing:RegisterTargets", - "elasticloadbalancing:DeregisterTargets" - ], - "Resource": "arn:aws:elasticloadbalancing:*:*:targetgroup/*/*" - }, - { - "Effect": "Allow", - "Action": [ - "elasticloadbalancing:SetWebAcl", - "elasticloadbalancing:ModifyListener", - "elasticloadbalancing:AddListenerCertificates", - "elasticloadbalancing:RemoveListenerCertificates", - "elasticloadbalancing:ModifyRule" - ], - "Resource": "*" - } - ] - }) -} diff --git a/terraform/providers.tf b/terraform/providers.tf deleted file mode 100644 index e70fb2f..0000000 --- a/terraform/providers.tf +++ /dev/null @@ -1,3 +0,0 @@ -provider "aws" { - region = "us-east-1" -} \ No newline at end of file diff --git a/terraform/variables.tf b/terraform/variables.tf deleted file mode 100644 index 0f570b8..0000000 --- a/terraform/variables.tf +++ /dev/null @@ -1,3 +0,0 @@ -variable "vpc_id"{ - default = "" -} \ No newline at end of file From 458c4721d95df415b1fc5662ce1d2c23ba2a4dab Mon Sep 17 00:00:00 2001 From: Nidhi Gupta Date: Sat, 25 Jan 2025 20:20:23 -0500 Subject: [PATCH 2/6] test --- .github/workflows/cd.yaml | 22 +++++++++++++++++----- 1 file changed, 17 insertions(+), 5 deletions(-) diff --git a/.github/workflows/cd.yaml b/.github/workflows/cd.yaml index 1da7422..ff64320 100644 --- a/.github/workflows/cd.yaml +++ b/.github/workflows/cd.yaml @@ -1,19 +1,31 @@ name: Terraform Deployment - on: push: - paths: - - 'terraform/**' + branches: + - main + path: + - 'terraform/eks_nodegroup' pull_request: branches: - main - + paths: + - 'terraform/eks_nodegroup' +env: + AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + AWS_DEFAULT_REGION: us-west-2 +- name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: us-west-2 jobs: terraform: runs-on: ubuntu-latest defaults: run: - working-directory: ./terraform/eks_nodegroup + working-directory: terraform/eks_nodegroup steps: - name: Checkout repository From 75cd7770588f147dff48f3b5b8523b7f6423fb9e Mon Sep 17 00:00:00 2001 From: Nidhi Gupta Date: Sat, 25 Jan 2025 20:22:27 -0500 Subject: [PATCH 3/6] test --- .github/workflows/cd.yaml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/workflows/cd.yaml b/.github/workflows/cd.yaml index ff64320..b230222 100644 --- a/.github/workflows/cd.yaml +++ b/.github/workflows/cd.yaml @@ -13,21 +13,21 @@ on: env: AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - AWS_DEFAULT_REGION: us-west-2 -- name: Configure AWS credentials - uses: aws-actions/configure-aws-credentials@v1 - with: - aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} - aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - aws-region: us-west-2 + AWS_DEFAULT_REGION: us-east-1 + jobs: terraform: runs-on: ubuntu-latest defaults: run: working-directory: terraform/eks_nodegroup - steps: + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: us-east-1 - name: Checkout repository uses: actions/checkout@v2 From ff5ecf3d3103458894b7cb48aa457b18ad33ed9f Mon Sep 17 00:00:00 2001 From: Nidhi Gupta Date: Sat, 25 Jan 2025 20:23:36 -0500 Subject: [PATCH 4/6] test --- .github/workflows/cd.yaml | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/.github/workflows/cd.yaml b/.github/workflows/cd.yaml index b230222..2f7ccb9 100644 --- a/.github/workflows/cd.yaml +++ b/.github/workflows/cd.yaml @@ -1,15 +1,17 @@ name: Terraform Deployment + on: push: branches: - - main - path: - - 'terraform/eks_nodegroup' + - main + paths: + - 'terraform/eks_nodegroup/**' pull_request: branches: - main paths: - - 'terraform/eks_nodegroup' + - 'terraform/eks_nodegroup/**' + env: AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} @@ -22,14 +24,15 @@ jobs: run: working-directory: terraform/eks_nodegroup steps: + - name: Checkout repository + uses: actions/checkout@v2 + - name: Configure AWS credentials uses: aws-actions/configure-aws-credentials@v1 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - aws-region: us-east-1 - - name: Checkout repository - uses: actions/checkout@v2 + aws-region: $AWS_DEFAULT_REGION - name: Set up Terraform uses: hashicorp/setup-terraform@v1 From 19f382d49fd7896607c79ec38c15c4ee05483074 Mon Sep 17 00:00:00 2001 From: Nidhi Gupta Date: Sat, 25 Jan 2025 20:25:58 -0500 Subject: [PATCH 5/6] test --- .github/workflows/cd.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/cd.yaml b/.github/workflows/cd.yaml index 2f7ccb9..ea3c24d 100644 --- a/.github/workflows/cd.yaml +++ b/.github/workflows/cd.yaml @@ -15,7 +15,7 @@ on: env: AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - AWS_DEFAULT_REGION: us-east-1 + AWS_DEFAULT_REGION: us-east-1a jobs: terraform: From 25dcd045eb1e3d926f7abe755d25da3ac70c2fb5 Mon Sep 17 00:00:00 2001 From: Nidhi Gupta Date: Sat, 25 Jan 2025 20:27:03 -0500 Subject: [PATCH 6/6] test --- .github/workflows/cd.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/cd.yaml b/.github/workflows/cd.yaml index ea3c24d..31bdbae 100644 --- a/.github/workflows/cd.yaml +++ b/.github/workflows/cd.yaml @@ -15,7 +15,7 @@ on: env: AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - AWS_DEFAULT_REGION: us-east-1a + AWS_DEFAULT_REGION: us-east-1 jobs: terraform: @@ -32,7 +32,7 @@ jobs: with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - aws-region: $AWS_DEFAULT_REGION + aws-region: us-east-1 - name: Set up Terraform uses: hashicorp/setup-terraform@v1