Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: Use namespace resource to share across istio charts to avoid conflicts #1768

Merged
merged 2 commits into from
Sep 19, 2023
Merged

fix: Use namespace resource to share across istio charts to avoid conflicts #1768

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
f76b7f1
fix: Use namespace resource to share across `istio` charts to avoid c…
bryantbiggs Sep 19, 2023
dbbd43d
fix: Reduce number of nodes and node size back down
bryantbiggs Sep 19, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 6 additions & 0 deletions patterns/istio/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,12 @@ concepts.

See [here](https://aws-ia.github.io/terraform-aws-eks-blueprints/getting-started/#prerequisites) for the prerequisites and steps to deploy this pattern.

Once the resources have been provisioned, you will need to replace the `istio-ingress` pods due to a [`istiod` dependency issue](https://github.com/istio/istio/issues/35789). Use the following command to perform a rolling restart of the `istio-ingress` pods:

```sh
kubectl rollout restart deployment istio-ingress -n istio-ingress
```

### Observability Add-ons

Use the following code snippet to add the Istio Observability Add-ons on the EKS
Expand Down
44 changes: 25 additions & 19 deletions patterns/istio/main.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -58,6 +58,14 @@ module "eks" {
cluster_version = "1.27"
cluster_endpoint_public_access = true

cluster_addons = {
coredns = {}
kube-proxy = {}
vpc-cni = {
preserve = true
}
}

vpc_id = module.vpc.vpc_id
subnet_ids = module.vpc.private_subnets

Expand All @@ -67,7 +75,7 @@ module "eks" {

min_size = 1
max_size = 5
desired_size = 3 # When < 3, the coredns add-on ends up in a degraded state
desired_size = 2
}
}

Expand Down Expand Up @@ -99,6 +107,12 @@ module "eks" {
# EKS Blueprints Addons
################################################################################

resource "kubernetes_namespace_v1" "istio_system" {
metadata {
name = "istio-system"
}
}

module "eks_blueprints_addons" {
source = "aws-ia/eks-blueprints-addons/aws"
version = "~> 1.0"
Expand All @@ -108,32 +122,24 @@ module "eks_blueprints_addons" {
cluster_version = module.eks.cluster_version
oidc_provider_arn = module.eks.oidc_provider_arn

eks_addons = {
coredns = {}
vpc-cni = {}
kube-proxy = {}
}

# This is required to expose Istio Ingress Gateway
enable_aws_load_balancer_controller = true

helm_releases = {
istio-base = {
chart = "base"
version = local.istio_chart_version
repository = local.istio_chart_url
name = "istio-base"
namespace = "istio-system"
create_namespace = true
chart = "base"
version = local.istio_chart_version
repository = local.istio_chart_url
name = "istio-base"
namespace = kubernetes_namespace_v1.istio_system.metadata[0].name
}

istiod = {
chart = "istiod"
version = local.istio_chart_version
repository = local.istio_chart_url
name = "istiod"
namespace = "istio-system"
create_namespace = false
chart = "istiod"
version = local.istio_chart_version
repository = local.istio_chart_url
name = "istiod"
namespace = kubernetes_namespace_v1.istio_system.metadata[0].name

set = [
{
Expand Down