devops4solutions · devops4solutions · Jan 26, 2025 · Jan 24, 2025 · Jan 24, 2025 · Jan 26, 2025
diff --git a/.github/workflows/cd.yaml b/.github/workflows/cd.yaml
@@ -0,0 +1,53 @@
+name: Terraform Deployment
+
+on:
+  push:
+    branches:
+      - main
+    paths:
+      - 'terraform/eks_nodegroup/**'
+  pull_request:
+    branches:
+      - main
+    paths:
+      - 'terraform/eks_nodegroup/**'
+
+env:
+  AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
+  AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+  AWS_DEFAULT_REGION: us-east-1
+
+jobs:
+  terraform:
+    runs-on: ubuntu-latest
+    defaults:
+      run:
+        working-directory: terraform/eks_nodegroup
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v2
+
+    - name: Configure AWS credentials
+      uses: aws-actions/configure-aws-credentials@v1
+      with:
+        aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+        aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+        aws-region: us-east-1
+
+    - name: Set up Terraform
+      uses: hashicorp/setup-terraform@v1
+      with:
+        terraform_wrapper: true
+
+    - name: Initialize Terraform
+      run: terraform init
+
+    - name: Validate Terraform
+      run: terraform validate
+
+    - name: Plan Terraform
+      run: terraform plan
+
+    - name: Apply Terraform
+      if: github.ref == 'refs/heads/main'
+      run: terraform apply -auto-approve
diff --git a/nginx/eks_auto/hpa.yaml b/nginx/eks_auto/hpa.yaml
@@ -0,0 +1,13 @@
+apiVersion: autoscaling/v1
+kind: HorizontalPodAutoscaler
+metadata:
+  name: hpa-2048
+  namespace: game-2048
+spec:
+  scaleTargetRef:
+    apiVersion: apps/v1
+    kind: Deployment
+    name: deployment-2048
+  minReplicas: 2
+  maxReplicas: 10
+  targetCPUUtilizationPercentage: 50
diff --git a/nginx/eks_auto/load_generator.yaml b/nginx/eks_auto/load_generator.yaml
@@ -0,0 +1,20 @@
+apiVersion: v1
+kind: Pod
+metadata:
+  name: load-generator
+  namespace: game-2048
+spec:
+  containers:
+    - name: stress
+      image: progrium/stress
+      resources:
+        requests:
+          cpu: 500m   # Request 0.5 CPU core
+        limits:
+          cpu: 1000m  # Limit to 1 CPU core
+      command:
+        - stress
+        - --cpu
+        - "1"     # Generate CPU load on 1 core
+        - --timeout
+        - "600s"  # Run the stress test for 10 minutes (600 seconds)
diff --git a/nginx/fargate/deploy_fargate.yaml b/nginx/fargate/deploy_fargate.yaml
@@ -2,13 +2,13 @@
 apiVersion: v1
 kind: Namespace
 metadata:
-  name: fargate
+  name: default
 ---
 apiVersion: apps/v1
 kind: Deployment
 metadata:
   name: eks-sample-linux-deployment
-  namespace: fargate
+  namespace: default
   labels:
     app: eks-sample-linux-app
 spec:
@@ -45,7 +45,7 @@ apiVersion: v1
 kind: Service
 metadata:
   name: eks-sample-linux-service
-  namespace: fargate
+  namespace: default
   labels:
     app: eks-sample-linux-app
 spec:

diff --git a/nginx/kubectl.txt b/nginx/kubectl.txt
@@ -12,7 +12,8 @@ kubectl get deployment -n kube-system aws-load-balancer-controller
 
 helm uninstall aws-load-balancer-controller -n kube-system
 
-kubectl get events -n eks-sample-app --sort-by='.metadata.creationTimestamp' | tail -n 10
+kubectl get events --sort-by='.metadata.creationTimestamp' | tail -n 10
+-n eks-sample-app 
 
 kubectl annotate serviceaccount aws-load-balancer-controller -n kube-system eks.amazonaws.com/role-arn=arn:aws:iam::936379345511:role/acct-managed/AmazonEKSLoadBalancerControllerRole
 
@@ -29,3 +30,10 @@ kubectl get pods -n kube-system -l app.kubernetes.io/name=aws-load-balancer-cont
 kubectl exec -it aws-load-balancer-controller-577d7f46d5-49w87 -n kube-system -- cat /var/run/secrets/eks.amazonaws.com/serviceaccount/token
 
 aws eks --region us-east-1 update-kubeconfig --name test
+
+kubectl run -i \
+    --tty load-generator \
+    --rm --image=busybox \
+    --restart=Never \
+    -- /bin/sh -c "while sleep 0.01; do wget -q -O- http://k8s-game2048-ingress2-2d00d5bb4b-1483018925.us-east-1.elb.amazonaws.com/; done"
+
diff --git a/retail/nodeclass.yaml b/retail/nodeclass.yaml
@@ -0,0 +1,23 @@
+apiVersion: eks.amazonaws.com/v1
+kind: NodeClass
+metadata:
+  name: custom
+spec:
+
+  # Required: Name of IAM Role for Nodes
+  role: "AmazonEKSAutoNodeRole"
+
+  # Required: Subnet selection for node placement
+  subnetSelectorTerms:
+    - tags:
+        kubernetes.io/role/internal-elb: "1"
+    # Alternative using direct subnet ID
+    # - id: "subnet-0123456789abcdef0"
+
+  # Required: Security group selection for nodes
+  securityGroupSelectorTerms:
+    - name: "eks-cluster-sg-eks-100493"
+
+    # Alternative approaches:
+    # - id: "sg-0123456789abcdef0"
+    # - name: "eks-cluster-node-security-group"
diff --git a/retail/nodepool.yaml b/retail/nodepool.yaml
@@ -0,0 +1,24 @@
+apiVersion: karpenter.sh/v1
+kind: NodePool
+metadata:
+  name: custom
+spec:
+  template:
+    metadata:
+      labels:
+        billing-team: custom-class
+    spec:
+      nodeClassRef:
+        group: eks.amazonaws.com
+        kind: NodeClass
+        name: private-compute
+      requirements:
+        - key: "eks.amazonaws.com/instance-category"
+          operator: In
+          values: ["t"]
+        - key: "eks.amazonaws.com/instance-cpu"
+          operator: In
+          values: ["4", "8", "16", "32"]
+  limits:
+    cpu: "1000"
+    memory: 1000Gi
diff --git a/retail/readme.md b/retail/readme.md
@@ -9,3 +9,6 @@ helm install -f values.yaml retail-store-app oci://public.ecr.aws/aws-containers
 
 kubectl get statefulset retail-store-app-catalog-mysql \
   -o jsonpath='{.spec.volumeClaimTemplates}' | jq .
+
+ndition transitioned, Type: NodeClassReady, Status: Unknown -> False, Reason: NodeClassNotFound, Message: NodeClass not found on cluster
+46s         Normal    Ready                            nodepool/default          
diff --git a/retail/test.yaml b/retail/test.yaml
diff --git a/terraform/eks.tf b/terraform/eks.tf
diff --git a/terraform/data.tf → terraform/eks_nodegroup/data.tf b/terraform/data.tf → terraform/eks_nodegroup/data.tf
@@ -3,6 +3,10 @@ data "aws_subnets" "private_subnets" {
     name   = "vpc-id"
     values = [module.vpc.vpc_id]
   }
+  filter {
+    name   = "availability-zone"
+    values = ["us-east-1b", "us-east-1c"] # Replace with your cluster AZs
+  }
   filter {
     name   = "tag:Name"
     values = ["*private*"] # This matches all subnets with a Name tag

diff --git a/terraform/eks_nodegroup/eks.tf b/terraform/eks_nodegroup/eks.tf
@@ -0,0 +1,60 @@
+
+module "eks" {
+  source  = "terraform-aws-modules/eks/aws"
+  version = "~> 20.0"
+  cluster_name    = "eks"
+  cluster_version = "1.31"
+  bootstrap_self_managed_addons = true
+  cluster_upgrade_policy = {
+   support_type = "STANDARD"
+  }
+  cluster_addons = {
+    coredns                = {}
+    eks-pod-identity-agent = {}
+    kube-proxy             = {}
+    vpc-cni                = {}
+  }
+
+  # Optional
+  cluster_endpoint_public_access = true
+
+  # Optional: Adds the current caller identity as an administrator via cluster access entry
+  enable_cluster_creator_admin_permissions = true
+
+  vpc_id                   =  module.vpc.vpc_id
+  subnet_ids               = data.aws_subnets.private_subnets.ids
+  control_plane_subnet_ids = data.aws_subnets.private_subnets.ids
+  tags = {
+    Environment = "dev"
+    Terraform   = "true"
+  }
+}
+
+module "eks_managed_node_group" {
+  source = "terraform-aws-modules/eks/aws//modules/eks-managed-node-group"
+cluster_service_cidr = module.eks.cluster_service_cidr
+  name            = "separate-eks-mng"
+  cluster_name    = module.eks.cluster_name
+  cluster_version = "1.31"
+
+  subnet_ids = data.aws_subnets.private_subnets.ids
+  cluster_primary_security_group_id = module.eks.cluster_primary_security_group_id
+  vpc_security_group_ids            = [module.eks.node_security_group_id]
+  min_size     = 1
+  max_size     = 2
+  desired_size = 1
+
+  instance_types = ["t3.large"]
+  capacity_type  = "SPOT"
+
+  labels = {
+    Environment = "test"
+    GithubRepo  = "terraform-aws-eks"
+    GithubOrg   = "terraform-aws-modules"
+  }
+
+  tags = {
+    Environment = "dev"
+    Terraform   = "true"
+  }
+}
diff --git a/terraform/eks_nodegroup/providers.tf b/terraform/eks_nodegroup/providers.tf
@@ -0,0 +1,10 @@
+provider "aws" {
+  region = "us-east-1"
+}
+terraform {
+  backend "s3" {
+    region = "us-east-1"
+    bucket = "devops4solutions-terraform"
+    key    = "eks_cluster.tfstate"
+  }
+}
diff --git a/terraform/vpc.tf → terraform/eks_nodegroup/vpc.tf b/terraform/vpc.tf → terraform/eks_nodegroup/vpc.tf
@@ -1,6 +1,5 @@
 module "vpc" {
   source = "terraform-aws-modules/vpc/aws"
-
   name = "eks-vpc"
   cidr = "11.0.0.0/16"
 
@@ -10,15 +9,16 @@ module "vpc" {
   enable_nat_gateway = true
   single_nat_gateway  = true
   one_nat_gateway_per_az = false
-  tags = {
-    Terraform = "true"
-    Environment = "dev"
-  }
+
   public_subnet_tags = {
      "kubernetes.io/role/elb" = 1
  }
 
  private_subnet_tags = {
      "kubernetes.io/role/internal-elb" = 1
  }
+  tags = {
+    Terraform = "true"
+    Environment = "dev"
+  }
 }