From 2aff76973ddc68b99c2af2102a8a16d2b6fb2666 Mon Sep 17 00:00:00 2001
From: xiangyanw <xiangyan.w@hotmail.com>
Date: Fri, 13 Dec 2024 14:17:26 +0000
Subject: [PATCH 1/3] upgrade to terraform eks blueprints v5

---
 topology-aware-hints/terraform/main.tf      | 74 +++++++++++++--------
 topology-aware-hints/terraform/variables.tf |  7 +-
 2 files changed, 54 insertions(+), 27 deletions(-)

diff --git a/topology-aware-hints/terraform/main.tf b/topology-aware-hints/terraform/main.tf
index 6bde206..125388f 100644
--- a/topology-aware-hints/terraform/main.tf
+++ b/topology-aware-hints/terraform/main.tf
@@ -20,23 +20,29 @@ terraform {
 provider "aws" {}
 
 provider "kubernetes" {
-  host                   = module.eks_blueprints.eks_cluster_endpoint
-  cluster_ca_certificate = base64decode(module.eks_blueprints.eks_cluster_certificate_authority_data)
-  token                  = data.aws_eks_cluster_auth.this.token
+  host                   = module.eks_blueprints.cluster_endpoint
+  cluster_ca_certificate = base64decode(module.eks_blueprints.cluster_certificate_authority_data)
+  exec {
+    api_version = "client.authentication.k8s.io/v1beta1"
+    command     = "aws"
+    # This requires the awscli to be installed locally where Terraform is executed
+    args = ["eks", "get-token", "--cluster-name", module.eks_blueprints.cluster_name]
+  }
 }
 
 provider "helm" {
   kubernetes {
-    host                   = module.eks_blueprints.eks_cluster_endpoint
-    cluster_ca_certificate = base64decode(module.eks_blueprints.eks_cluster_certificate_authority_data)
-    token                  = data.aws_eks_cluster_auth.this.token
+    host                   = module.eks_blueprints.cluster_endpoint
+    cluster_ca_certificate = base64decode(module.eks_blueprints.cluster_certificate_authority_data)
+    exec {
+      api_version = "client.authentication.k8s.io/v1beta1"
+      command     = "aws"
+      # This requires the awscli to be installed locally where Terraform is executed
+      args = ["eks", "get-token", "--cluster-name", module.eks_blueprints.cluster_name]
+    }
   }
 }
 
-data "aws_eks_cluster_auth" "this" {
-  name = module.eks_blueprints.eks_cluster_id
-}
-
 data "aws_availability_zones" "available" {
   filter {
     name   = "opt-in-status"
@@ -61,17 +67,19 @@ locals {
 #---------------------------------------------------------------
 
 module "eks_blueprints" {
-  source = "github.com/aws-ia/terraform-aws-eks-blueprints?ref=v4.27.0"
+  source = "terraform-aws-modules/eks/aws"
+  version = "~> 19.13"
 
   cluster_name    = local.cluster_name
-  cluster_version = "1.24"
+  cluster_version = var.cluster_version
 
   vpc_id             = module.vpc.vpc_id
-  private_subnet_ids = module.vpc.private_subnets
+  subnet_ids = module.vpc.private_subnets
 
   cluster_endpoint_private_access = true
+  cluster_endpoint_public_access  = true
 
-  managed_node_groups = {
+  eks_managed_node_groups = {
     mg_5a = {
       node_group_name = "managed-ondemand-a"
       instance_types  = ["m5.xlarge"]
@@ -120,23 +128,37 @@ module "eks_blueprints" {
 }
 
 module "eks_blueprints_kubernetes_addons" {
-  source = "github.com/aws-ia/terraform-aws-eks-blueprints?ref=v4.27.0/modules/kubernetes-addons"
+  source = "aws-ia/eks-blueprints-addons/aws"
+  version = "~> 1.0"
 
-  eks_cluster_id       = module.eks_blueprints.eks_cluster_id
-  eks_cluster_endpoint = module.eks_blueprints.eks_cluster_endpoint
-  eks_oidc_provider    = module.eks_blueprints.oidc_provider
-  eks_cluster_version  = module.eks_blueprints.eks_cluster_version
+  cluster_name         = module.eks_blueprints.cluster_name
+  cluster_endpoint     = module.eks_blueprints.cluster_endpoint
+  cluster_version      = module.eks_blueprints.cluster_version
+  oidc_provider_arn    = module.eks_blueprints.oidc_provider_arn
 
   # EKS Managed Add-ons
-  enable_amazon_eks_vpc_cni            = true
-  enable_amazon_eks_coredns            = true
-  enable_amazon_eks_kube_proxy         = true
-  enable_amazon_eks_aws_ebs_csi_driver = true
+  eks_addons = {
+    aws-ebs-csi-driver = {
+      most_recent = true
+    }
+    coredns = {
+      most_recent = true
+    }
+    vpc-cni = {
+      most_recent = true
+    }
+    kube-proxy = {
+      most_recent = true
+    }
+    adot = {
+      most_recent = true
+    }
+  }
 
   # Add-ons
   enable_aws_load_balancer_controller = true
   enable_metrics_server               = true
-  enable_amazon_eks_adot              = true
+  enable_cert_manager                 = true
 
   tags = local.tags
 
@@ -151,7 +173,7 @@ module "eks_blueprints_kubernetes_addons" {
 
 module "vpc" {
   source  = "terraform-aws-modules/vpc/aws"
-  version = "~> 3.0"
+  version = "~> 5.0"
 
   name = local.name
   cidr = local.vpc_cidr
@@ -188,5 +210,5 @@ module "vpc" {
 
 output "configure_kubectl" {
   description = "Configure kubectl: make sure you're logged in with the correct AWS profile and run the following command to update your kubeconfig"
-  value       = module.eks_blueprints.configure_kubectl
+  value       = "aws eks update-kubeconfig --name ${module.eks_blueprints.cluster_name}"
 }
diff --git a/topology-aware-hints/terraform/variables.tf b/topology-aware-hints/terraform/variables.tf
index baa016d..4851510 100644
--- a/topology-aware-hints/terraform/variables.tf
+++ b/topology-aware-hints/terraform/variables.tf
@@ -11,4 +11,9 @@ variable "num_nodes_az2" {
 variable "num_nodes_az3" {
   type    = number
   default = 1 
-}
\ No newline at end of file
+}
+
+variable "cluster_version" {
+  type = string
+  default = "1.31"
+}

From 2fce88b241a9d55e71aa824e0c216aa6c9cec7bd Mon Sep 17 00:00:00 2001
From: xiangyanw <xiangyan.w@hotmail.com>
Date: Fri, 13 Dec 2024 14:19:04 +0000
Subject: [PATCH 2/3] update ADOT collector to v0.41.1

---
 topology-aware-hints/kubernetes/common.yaml | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/topology-aware-hints/kubernetes/common.yaml b/topology-aware-hints/kubernetes/common.yaml
index f8106f4..91d6204 100644
--- a/topology-aware-hints/kubernetes/common.yaml
+++ b/topology-aware-hints/kubernetes/common.yaml
@@ -130,6 +130,7 @@ metadata:
   name: catalog
   namespace: catalog
 spec:
+  trafficDistribution: PreferClose
   ports:
   - name: http
     port: 80
@@ -278,6 +279,6 @@ spec:
     \     http:\n        endpoint: 0.0.0.0:4318\n        \nexporters:\n  awsxray:\n\nextensions:\n
     \ awsproxy:\n\nservice:\n  extensions: [awsproxy]\n  pipelines:\n    traces:\n
     \     receivers: [otlp]\n      processors: []\n      exporters: [awsxray]"
-  image: public.ecr.aws/aws-observability/aws-otel-collector:v0.21.0
+  image: public.ecr.aws/aws-observability/aws-otel-collector:v0.41.1
   mode: deployment
-  serviceAccount: opentelemetry-collector
\ No newline at end of file
+  serviceAccount: opentelemetry-collector

From 1986c362ac830df46e6a0f473fdbd0b41648e78c Mon Sep 17 00:00:00 2001
From: Xiangyan Wang <31614724+xiangyanw@users.noreply.github.com>
Date: Sat, 14 Dec 2024 10:32:28 +0800
Subject: [PATCH 3/3] Remove trafficDistribution config from common.yaml

This line was introduced for another Kubernetes feature. It should be removed for the "topology aware hints" blog.
---
 topology-aware-hints/kubernetes/common.yaml | 1 -
 1 file changed, 1 deletion(-)

diff --git a/topology-aware-hints/kubernetes/common.yaml b/topology-aware-hints/kubernetes/common.yaml
index 91d6204..608b95b 100644
--- a/topology-aware-hints/kubernetes/common.yaml
+++ b/topology-aware-hints/kubernetes/common.yaml
@@ -130,7 +130,6 @@ metadata:
   name: catalog
   namespace: catalog
 spec:
-  trafficDistribution: PreferClose
   ports:
   - name: http
     port: 80