diff --git a/patterns/blue-green-upgrade/bootstrap/addons.yaml b/patterns/blue-green-upgrade/bootstrap/addons.yaml new file mode 100644 index 0000000000..1c010e4a0c --- /dev/null +++ b/patterns/blue-green-upgrade/bootstrap/addons.yaml @@ -0,0 +1,33 @@ +--- +apiVersion: argoproj.io/v1alpha1 +kind: ApplicationSet +metadata: + name: bootstrap-addons + namespace: argocd +spec: + syncPolicy: + preserveResourcesOnDeletion: true + generators: + - clusters: + selector: + matchExpressions: + - key: akuity.io/argo-cd-cluster-name + operator: NotIn + values: [in-cluster] + template: + metadata: + name: 'bootstrap-addons' + spec: + project: default + source: + repoURL: '{{metadata.annotations.addons_repo_url}}' + path: '{{metadata.annotations.addons_repo_path}}' + targetRevision: '{{metadata.annotations.addons_repo_revision}}' + directory: + recurse: true + exclude: exclude/* + destination: + namespace: 'argocd' + name: '{{name}}' + syncPolicy: + automated: {} diff --git a/patterns/blue-green-upgrade/bootstrap/workloads.yaml b/patterns/blue-green-upgrade/bootstrap/workloads.yaml new file mode 100644 index 0000000000..8552278f9a --- /dev/null +++ b/patterns/blue-green-upgrade/bootstrap/workloads.yaml @@ -0,0 +1,68 @@ +--- +apiVersion: argoproj.io/v1alpha1 +kind: ApplicationSet +metadata: + name: bootstrap-workloads + namespace: argocd +spec: + goTemplate: true + syncPolicy: + preserveResourcesOnDeletion: true + generators: + - matrix: + generators: + - clusters: + selector: + matchExpressions: + - key: akuity.io/argo-cd-cluster-name + operator: NotIn + values: + - in-cluster + - git: + repoURL: '{{.metadata.annotations.gitops_workloads_url}}' + revision: '{{.metadata.annotations.gitops_workloads_revision}}' + directories: + - path: '{{.metadata.annotations.gitops_workloads_path}}/*' + template: + metadata: + name: 'bootstrap-workload-{{.name}}' + spec: + project: default + sources: + - repoURL: '{{.metadata.annotations.gitops_workloads_url}}' + targetRevision: '{{.metadata.annotations.gitops_workloads_revision}}' + ref: values + path: '{{.metadata.annotations.gitops_workloads_path}}' + helm: + releaseName: 'bootstrap-workload-{{.name}}' + ignoreMissingValueFiles: true + values: | + "account": "{{.metadata.annotations.aws_account_id}}" + "clusterName": "{{.metadata.annotations.cluster_name}}" + "labels": + "env": "{{.metadata.annotations.env}}" + "region": "{{.metadata.annotations.aws_region}}" + "repoUrl": "{{.metadata.annotations.gitops_workloads_url}}" + "spec": + "source": + "repoURL": "{{.metadata.annotations.gitops_workloads_url}}" + "targetRevision": "{{.metadata.annotations.gitops_workloads_revision}}" + "blueprint": "terraform" + "clusterName": "{{.metadata.annotations.cluster_name}}" + "env": "{{.metadata.annotations.env}}" + "ingress": + "route53_weight": {{default "0" .metadata.annotations.route53_weight}} + "argocd_route53_weight": {{default "0" .metadata.annotations.argocd_route53_weight}} + "ecsfrontend_route53_weight": {{default "0" .metadata.annotations.ecsfrontend_route53_weight}} + "host": {{ default "" .metadata.annotations.eks_cluster_domain }} + "type": "{{.metadata.annotations.ingress_type}}" + "karpenterInstanceProfile": "{{.metadata.annotations.karpenter_node_instance_profile_name}}" + "target_group_arn": {{ default "" .metadata.annotations.target_group_arn }} + "external_lb_url": {{ if index .metadata.annotations "external_lb_dns" }} http://{{ .metadata.annotations.external_lb_dns }}{{ else }}{{ end }} + destination: + name: '{{.name}}' + syncPolicy: + automated: {} + syncOptions: + - CreateNamespace=true + - ServerSideApply=true # Big CRDs. diff --git a/patterns/blue-green-upgrade/eks-blue/main.tf b/patterns/blue-green-upgrade/eks-blue/main.tf index d13f2c4e16..9c12ae32c6 100644 --- a/patterns/blue-green-upgrade/eks-blue/main.tf +++ b/patterns/blue-green-upgrade/eks-blue/main.tf @@ -38,27 +38,35 @@ provider "kubectl" { args = ["eks", "get-token", "--cluster-name", module.eks_cluster.eks_cluster_id] } } + module "eks_cluster" { source = "../modules/eks_cluster" aws_region = var.aws_region service_name = "blue" - cluster_version = "1.25" + cluster_version = "1.26" argocd_route53_weight = "100" route53_weight = "100" ecsfrontend_route53_weight = "100" - environment_name = var.environment_name - hosted_zone_name = var.hosted_zone_name - eks_admin_role_name = var.eks_admin_role_name - workload_repo_url = var.workload_repo_url - workload_repo_secret = var.workload_repo_secret - workload_repo_revision = var.workload_repo_revision - workload_repo_path = var.workload_repo_path + environment_name = var.environment_name + hosted_zone_name = var.hosted_zone_name + eks_admin_role_name = var.eks_admin_role_name + + aws_secret_manager_git_private_ssh_key_name = var.aws_secret_manager_git_private_ssh_key_name + argocd_secret_manager_name_suffix = var.argocd_secret_manager_name_suffix + ingress_type = var.ingress_type + + gitops_addons_org = var.gitops_addons_org + gitops_addons_repo = var.gitops_addons_repo + gitops_addons_basepath = var.gitops_addons_basepath + gitops_addons_path = var.gitops_addons_path + gitops_addons_revision = var.gitops_addons_revision - addons_repo_url = var.addons_repo_url + gitops_workloads_org = var.gitops_workloads_org + gitops_workloads_repo = var.gitops_workloads_repo + gitops_workloads_revision = var.gitops_workloads_revision + gitops_workloads_path = var.gitops_workloads_path - iam_platform_user = var.iam_platform_user - argocd_secret_manager_name_suffix = var.argocd_secret_manager_name_suffix } diff --git a/patterns/blue-green-upgrade/eks-blue/outputs.tf b/patterns/blue-green-upgrade/eks-blue/outputs.tf index 7e166f24e2..06ac616086 100644 --- a/patterns/blue-green-upgrade/eks-blue/outputs.tf +++ b/patterns/blue-green-upgrade/eks-blue/outputs.tf @@ -3,13 +3,18 @@ output "eks_cluster_id" { value = module.eks_cluster.eks_cluster_id } +output "configure_kubectl" { + description = "Configure kubectl: make sure you're logged in with the correct AWS profile and run the following command to update your kubeconfig" + value = module.eks_cluster.configure_kubectl +} + output "eks_blueprints_platform_teams_configure_kubectl" { - description = "Configure kubectl for each Application Teams: make sure you're logged in with the correct AWS profile and run the following command to update your kubeconfig" + description = "Configure kubectl for Platform Team: make sure you're logged in with the correct AWS profile and run the following command to update your kubeconfig" value = module.eks_cluster.eks_blueprints_platform_teams_configure_kubectl } output "eks_blueprints_dev_teams_configure_kubectl" { - description = "Configure kubectl for each Application Teams: make sure you're logged in with the correct AWS profile and run the following command to update your kubeconfig" + description = "Configure kubectl for each Dev Application Teams: make sure you're logged in with the correct AWS profile and run the following command to update your kubeconfig" value = module.eks_cluster.eks_blueprints_dev_teams_configure_kubectl } @@ -17,3 +22,14 @@ output "eks_blueprints_ecsdemo_teams_configure_kubectl" { description = "Configure kubectl for each Application Teams: make sure you're logged in with the correct AWS profile and run the following command to update your kubeconfig" value = module.eks_cluster.eks_blueprints_ecsdemo_teams_configure_kubectl } + +output "access_argocd" { + description = "ArgoCD Access" + value = module.eks_cluster.access_argocd +} + +output "gitops_metadata" { + description = "export gitops_metadata" + value = module.eks_cluster.gitops_metadata + sensitive = true +} diff --git a/patterns/blue-green-upgrade/eks-blue/providers.tf b/patterns/blue-green-upgrade/eks-blue/providers.tf index 68943de818..fac76269c2 100644 --- a/patterns/blue-green-upgrade/eks-blue/providers.tf +++ b/patterns/blue-green-upgrade/eks-blue/providers.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 1.0.1" + required_version = ">= 1.4.0" required_providers { aws = { diff --git a/patterns/blue-green-upgrade/eks-blue/variables.tf b/patterns/blue-green-upgrade/eks-blue/variables.tf index 98e8976dff..e95e6a4683 100644 --- a/patterns/blue-green-upgrade/eks-blue/variables.tf +++ b/patterns/blue-green-upgrade/eks-blue/variables.tf @@ -10,6 +10,12 @@ variable "environment_name" { default = "eks-blueprint" } +variable "ingress_type" { + type = string + description = "Type of ingress to uses (alb | nginx | ...). this parameter will be sent to arocd via gitops bridge" + default = "alb" +} + variable "hosted_zone_name" { type = string description = "Route53 domain for the cluster." @@ -22,44 +28,63 @@ variable "eks_admin_role_name" { default = "" } -variable "workload_repo_url" { +variable "aws_secret_manager_git_private_ssh_key_name" { type = string - description = "Git repo URL for the ArgoCD workload deployment" - default = "https://github.com/aws-samples/eks-blueprints-workloads.git" + description = "Secret Manager secret name for hosting Github SSH-Key to Access private repository" + default = "github-blueprint-ssh-key" } -variable "workload_repo_secret" { +variable "argocd_secret_manager_name_suffix" { type = string - description = "Secret Manager secret name for hosting Github SSH-Key to Access private repository" - default = "github-blueprint-ssh-key" + description = "Name of secret manager secret for ArgoCD Admin UI Password" + default = "argocd-admin-secret" +} + +variable "gitops_workloads_org" { + type = string + description = "Git repository org/user contains for workloads" + default = "https://github.com/aws-samples" } -variable "workload_repo_revision" { +variable "gitops_workloads_repo" { + type = string + description = "Git repository contains for workloads" + default = "eks-blueprints-workloads" +} + +variable "gitops_workloads_revision" { type = string description = "Git repo revision in workload_repo_url for the ArgoCD workload deployment" default = "main" } -variable "workload_repo_path" { +variable "gitops_workloads_path" { type = string description = "Git repo path in workload_repo_url for the ArgoCD workload deployment" default = "envs/dev" } - -variable "addons_repo_url" { +variable "gitops_addons_org" { type = string - description = "Git repo URL for the ArgoCD addons deployment" - default = "https://github.com/aws-samples/eks-blueprints-add-ons.git" + description = "Git repository org/user contains for addons" + default = "https://github.com/gitops-bridge-dev" } - -variable "iam_platform_user" { +variable "gitops_addons_repo" { + type = string + description = "Git repository contains for addons" + default = "gitops-bridge-argocd-control-plane-template" +} +variable "gitops_addons_basepath" { type = string - description = "IAM user used as platform-user" + description = "Git repository base path for addons" default = "" } - -variable "argocd_secret_manager_name_suffix" { +variable "gitops_addons_path" { type = string - description = "Name of secret manager secret for ArgoCD Admin UI Password" - default = "argocd-admin-secret" + description = "Git repository path for addons" + default = "bootstrap/control-plane/addons" +} +variable "gitops_addons_revision" { + type = string + description = "Git repository revision/branch/ref for addons" + default = "HEAD" } diff --git a/patterns/blue-green-upgrade/eks-green/main.tf b/patterns/blue-green-upgrade/eks-green/main.tf index 7d4e0c900b..0ecbb15c81 100644 --- a/patterns/blue-green-upgrade/eks-green/main.tf +++ b/patterns/blue-green-upgrade/eks-green/main.tf @@ -44,22 +44,29 @@ module "eks_cluster" { aws_region = var.aws_region service_name = "green" - cluster_version = "1.26" # Here, we deploy the cluster with the N+1 Kubernetes Version + cluster_version = "1.27" # Here, we deploy the cluster with the N+1 Kubernetes Version argocd_route53_weight = "0" # We control with theses parameters how we send traffic to the workloads in the new cluster route53_weight = "0" ecsfrontend_route53_weight = "0" - environment_name = var.environment_name - hosted_zone_name = var.hosted_zone_name - eks_admin_role_name = var.eks_admin_role_name - workload_repo_url = var.workload_repo_url - workload_repo_secret = var.workload_repo_secret - workload_repo_revision = var.workload_repo_revision - workload_repo_path = var.workload_repo_path + environment_name = var.environment_name + hosted_zone_name = var.hosted_zone_name + eks_admin_role_name = var.eks_admin_role_name - addons_repo_url = var.addons_repo_url + aws_secret_manager_git_private_ssh_key_name = var.aws_secret_manager_git_private_ssh_key_name + argocd_secret_manager_name_suffix = var.argocd_secret_manager_name_suffix + ingress_type = var.ingress_type + + gitops_addons_org = var.gitops_addons_org + gitops_addons_repo = var.gitops_addons_repo + gitops_addons_basepath = var.gitops_addons_basepath + gitops_addons_path = var.gitops_addons_path + gitops_addons_revision = var.gitops_addons_revision + + gitops_workloads_org = var.gitops_workloads_org + gitops_workloads_repo = var.gitops_workloads_repo + gitops_workloads_revision = var.gitops_workloads_revision + gitops_workloads_path = var.gitops_workloads_path - iam_platform_user = var.iam_platform_user - argocd_secret_manager_name_suffix = var.argocd_secret_manager_name_suffix } diff --git a/patterns/blue-green-upgrade/eks-green/outputs.tf b/patterns/blue-green-upgrade/eks-green/outputs.tf index 210da14f30..06ac616086 100644 --- a/patterns/blue-green-upgrade/eks-green/outputs.tf +++ b/patterns/blue-green-upgrade/eks-green/outputs.tf @@ -3,8 +3,13 @@ output "eks_cluster_id" { value = module.eks_cluster.eks_cluster_id } +output "configure_kubectl" { + description = "Configure kubectl: make sure you're logged in with the correct AWS profile and run the following command to update your kubeconfig" + value = module.eks_cluster.configure_kubectl +} + output "eks_blueprints_platform_teams_configure_kubectl" { - description = "Configure kubectl Platform Team: make sure you're logged in with the correct AWS profile and run the following command to update your kubeconfig" + description = "Configure kubectl for Platform Team: make sure you're logged in with the correct AWS profile and run the following command to update your kubeconfig" value = module.eks_cluster.eks_blueprints_platform_teams_configure_kubectl } @@ -14,6 +19,17 @@ output "eks_blueprints_dev_teams_configure_kubectl" { } output "eks_blueprints_ecsdemo_teams_configure_kubectl" { - description = "Configure kubectl for each ECSDEMO Application Teams: make sure you're logged in with the correct AWS profile and run the following command to update your kubeconfig" + description = "Configure kubectl for each Application Teams: make sure you're logged in with the correct AWS profile and run the following command to update your kubeconfig" value = module.eks_cluster.eks_blueprints_ecsdemo_teams_configure_kubectl } + +output "access_argocd" { + description = "ArgoCD Access" + value = module.eks_cluster.access_argocd +} + +output "gitops_metadata" { + description = "export gitops_metadata" + value = module.eks_cluster.gitops_metadata + sensitive = true +} diff --git a/patterns/blue-green-upgrade/eks-green/providers.tf b/patterns/blue-green-upgrade/eks-green/providers.tf index 30c08a8dfc..fac76269c2 100644 --- a/patterns/blue-green-upgrade/eks-green/providers.tf +++ b/patterns/blue-green-upgrade/eks-green/providers.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 1.4" + required_version = ">= 1.4.0" required_providers { aws = { diff --git a/patterns/blue-green-upgrade/eks-green/variables.tf b/patterns/blue-green-upgrade/eks-green/variables.tf index 98e8976dff..d7b1f6125a 100644 --- a/patterns/blue-green-upgrade/eks-green/variables.tf +++ b/patterns/blue-green-upgrade/eks-green/variables.tf @@ -22,44 +22,63 @@ variable "eks_admin_role_name" { default = "" } -variable "workload_repo_url" { +variable "aws_secret_manager_git_private_ssh_key_name" { type = string - description = "Git repo URL for the ArgoCD workload deployment" - default = "https://github.com/aws-samples/eks-blueprints-workloads.git" + description = "Secret Manager secret name for hosting Github SSH-Key to Access private repository" + default = "github-blueprint-ssh-key" } -variable "workload_repo_secret" { +variable "argocd_secret_manager_name_suffix" { type = string - description = "Secret Manager secret name for hosting Github SSH-Key to Access private repository" - default = "github-blueprint-ssh-key" + description = "Name of secret manager secret for ArgoCD Admin UI Password" + default = "argocd-admin-secret" +} + +variable "gitops_workloads_org" { + type = string + description = "Git repository org/user contains for workloads" + default = "https://github.com/aws-samples" } -variable "workload_repo_revision" { +variable "gitops_workloads_repo" { + type = string + description = "Git repository contains for workloads" + default = "eks-blueprints-workloads" +} + +variable "gitops_workloads_revision" { type = string description = "Git repo revision in workload_repo_url for the ArgoCD workload deployment" default = "main" } -variable "workload_repo_path" { +variable "gitops_workloads_path" { type = string description = "Git repo path in workload_repo_url for the ArgoCD workload deployment" default = "envs/dev" } - -variable "addons_repo_url" { +variable "gitops_addons_org" { type = string - description = "Git repo URL for the ArgoCD addons deployment" - default = "https://github.com/aws-samples/eks-blueprints-add-ons.git" + description = "Git repository org/user contains for addons" + default = "https://github.com/gitops-bridge-dev" } - -variable "iam_platform_user" { +variable "gitops_addons_repo" { type = string - description = "IAM user used as platform-user" + description = "Git repository contains for addons" + default = "gitops-bridge-argocd-control-plane-template" +} +variable "gitops_addons_basepath" { + type = string + description = "Git repository base path for addons" default = "" } - -variable "argocd_secret_manager_name_suffix" { +variable "gitops_addons_path" { type = string - description = "Name of secret manager secret for ArgoCD Admin UI Password" - default = "argocd-admin-secret" + description = "Git repository path for addons" + default = "bootstrap/control-plane/addons" +} +variable "gitops_addons_revision" { + type = string + description = "Git repository revision/branch/ref for addons" + default = "HEAD" } diff --git a/patterns/blue-green-upgrade/environment/main.tf b/patterns/blue-green-upgrade/environment/main.tf index cdf3503a36..ee29c7803d 100644 --- a/patterns/blue-green-upgrade/environment/main.tf +++ b/patterns/blue-green-upgrade/environment/main.tf @@ -12,6 +12,8 @@ locals { argocd_secret_manager_name = var.argocd_secret_manager_name_suffix + hosted_zone_name = var.hosted_zone_name + tags = { Blueprint = local.name GithubRepo = "github.com/aws-ia/terraform-aws-eks-blueprints" @@ -47,18 +49,18 @@ module "vpc" { # Retrieve existing root hosted zone data "aws_route53_zone" "root" { - name = var.hosted_zone_name + name = local.hosted_zone_name } # Create Sub HostedZone four our deployment resource "aws_route53_zone" "sub" { - name = "${local.name}.${var.hosted_zone_name}" + name = "${local.name}.${local.hosted_zone_name}" } # Validate records for the new HostedZone resource "aws_route53_record" "ns" { zone_id = data.aws_route53_zone.root.zone_id - name = "${local.name}.${var.hosted_zone_name}" + name = "${local.name}.${local.hosted_zone_name}" type = "NS" ttl = "30" records = aws_route53_zone.sub.name_servers @@ -68,17 +70,17 @@ module "acm" { source = "terraform-aws-modules/acm/aws" version = "~> 4.0" - domain_name = "${local.name}.${var.hosted_zone_name}" + domain_name = "${local.name}.${local.hosted_zone_name}" zone_id = aws_route53_zone.sub.zone_id subject_alternative_names = [ - "*.${local.name}.${var.hosted_zone_name}" + "*.${local.name}.${local.hosted_zone_name}" ] wait_for_validation = true tags = { - Name = "${local.name}.${var.hosted_zone_name}" + Name = "${local.name}.${local.hosted_zone_name}" } } diff --git a/patterns/blue-green-upgrade/modules/eks_cluster/outputs.tf b/patterns/blue-green-upgrade/modules/eks_cluster/outputs.tf index dba52fc9fd..8c8c5f5a90 100644 --- a/patterns/blue-green-upgrade/modules/eks_cluster/outputs.tf +++ b/patterns/blue-green-upgrade/modules/eks_cluster/outputs.tf @@ -3,6 +3,11 @@ output "eks_cluster_id" { value = module.eks.cluster_name } +output "configure_kubectl" { + description = "Configure kubectl: make sure you're logged in with the correct AWS profile and run the following command to update your kubeconfig" + value = "aws eks --region ${var.aws_region} update-kubeconfig --name ${module.eks.cluster_name}" +} + output "eks_blueprints_platform_teams_configure_kubectl" { description = "Configure kubectl Platform Team: make sure you're logged in with the correct AWS profile and run the following command to update your kubeconfig" value = "aws eks --region ${var.aws_region} update-kubeconfig --name ${module.eks.cluster_name} --role-arn ${module.eks_blueprints_platform_teams.iam_role_arn}" @@ -27,3 +32,27 @@ output "cluster_certificate_authority_data" { description = "cluster_certificate_authority_data" value = module.eks.cluster_certificate_authority_data } + +output "access_argocd" { + description = "ArgoCD Access" + value = <<-EOT + export KUBECONFIG="/tmp/${module.eks.cluster_name}" + aws eks --region ${local.region} update-kubeconfig --name ${module.eks.cluster_name} + echo "ArgoCD URL: https://$(kubectl get svc -n argocd argo-cd-argocd-server -o jsonpath='{.status.loadBalancer.ingress[0].hostname}')" + echo "ArgoCD Username: admin" + echo "ArgoCD Password: $(aws secretsmanager get-secret-value --secret-id argocd-admin-secret.${local.environment} --query SecretString --output text --region ${local.region})" + EOT +} + +output "gitops_metadata" { + description = "export gitops_metadata" + value = local.addons_metadata + sensitive = true +} + +# output "debug" { +# description = "debug output" +# #value = data.template_file.addons_template.rendered +# value = data.template_file.workloads_template.rendered +# #value = file("${path.module}/../../bootstrap/addons.yaml") +# } diff --git a/patterns/blue-green-upgrade/modules/eks_cluster/variables.tf b/patterns/blue-green-upgrade/modules/eks_cluster/variables.tf index dbd4fca8fe..b23b3ca254 100644 --- a/patterns/blue-green-upgrade/modules/eks_cluster/variables.tf +++ b/patterns/blue-green-upgrade/modules/eks_cluster/variables.tf @@ -21,52 +21,78 @@ variable "cluster_version" { default = "1.25" } +variable "gitops_addons_org" { + type = string + description = "Git repository org/user contains for addons" + default = "https://github.com/gitops-bridge-dev" +} +variable "gitops_addons_repo" { + type = string + description = "Git repository contains for addons" + default = "gitops-bridge-argocd-control-plane-template" +} +variable "gitops_addons_basepath" { + type = string + description = "Git repository base path for addons" + default = "" +} +variable "gitops_addons_path" { + type = string + description = "Git repository path for addons" + default = "bootstrap/control-plane/addons" +} +variable "gitops_addons_revision" { + type = string + description = "Git repository revision/branch/ref for addons" + default = "HEAD" +} + variable "hosted_zone_name" { type = string description = "Route53 domain for the cluster." default = "" } -variable "eks_admin_role_name" { +variable "ingress_type" { type = string - description = "Additional IAM role to be admin in the cluster" - default = "" + description = "Type of ingress to uses (alb | nginx | ...). this parameter will be sent to arocd via gitops bridge" + default = "alb" } -variable "workload_repo_url" { +variable "eks_admin_role_name" { type = string - description = "Git repo URL for the ArgoCD workload deployment" - default = "https://github.com/aws-samples/eks-blueprints-workloads.git" + description = "Additional IAM role to be admin in the cluster" + default = "" } -variable "workload_repo_secret" { +variable "aws_secret_manager_git_private_ssh_key_name" { type = string description = "Secret Manager secret name for hosting Github SSH-Key to Access private repository" default = "github-blueprint-ssh-key" } -variable "workload_repo_revision" { +variable "gitops_workloads_org" { type = string - description = "Git repo revision in workload_repo_url for the ArgoCD workload deployment" - default = "main" + description = "Git repository org/user contains for workloads" + default = "https://github.com/aws-samples" } -variable "workload_repo_path" { +variable "gitops_workloads_repo" { type = string - description = "Git repo path in workload_repo_url for the ArgoCD workload deployment" - default = "envs/dev" + description = "Git repository contains for workloads" + default = "eks-blueprints-workloads" } -variable "addons_repo_url" { +variable "gitops_workloads_path" { type = string - description = "Git repo URL for the ArgoCD addons deployment" - default = "https://github.com/aws-samples/eks-blueprints-add-ons.git" + description = "Git repo path in workload_repo_url for the ArgoCD workload deployment" + default = "envs/dev" } -variable "iam_platform_user" { +variable "gitops_workloads_revision" { type = string - description = "IAM user used as platform-user" - default = "" + description = "Git repo revision in gitops_workloads_url for the ArgoCD workload deployment" + default = "main" } variable "argocd_secret_manager_name_suffix" { diff --git a/patterns/blue-green-upgrade/modules/eks_cluster/versions.tf b/patterns/blue-green-upgrade/modules/eks_cluster/versions.tf index 729454b581..eda2864d1e 100644 --- a/patterns/blue-green-upgrade/modules/eks_cluster/versions.tf +++ b/patterns/blue-green-upgrade/modules/eks_cluster/versions.tf @@ -1,10 +1,19 @@ terraform { - required_version = ">= 1.0" + required_version = ">= 1.4.0" required_providers { aws = { source = "hashicorp/aws" version = ">= 5.0.0" } + + kubernetes = { + source = "hashicorp/kubernetes" + version = "2.22.0" + } + template = { + source = "hashicorp/template" + version = ">= 2.2.0" + } } } diff --git a/patterns/blue-green-upgrade/tear-down-applications.sh b/patterns/blue-green-upgrade/tear-down-applications.sh new file mode 100755 index 0000000000..0cdf0fe830 --- /dev/null +++ b/patterns/blue-green-upgrade/tear-down-applications.sh @@ -0,0 +1,21 @@ +#!/bin/bash +set -e + +# First tear down Applications +kubectl delete provisioners.karpenter.sh --all # this is ok if no addons are deployed on Karpenter. +kubectl delete application bootstrap-workloads -n argocd || (echo "error deleting bootstrap-workloads application" && exit -1) +kubectl delete application -l argocd.argoproj.io/application-set-name=eks-blueprints-workloads -n argocd || (echo "error deleting workloads application"; exit -1) + +#kubectl delete application ecsdemo -n argocd || (echo "error deleting ecsdemo application" && exit -1) + +#namespace geordie was stuck +#kubectl get applications -o=jsonpath='{range .items[*]}{.metadata.name}{"\n"}' | xargs -I {} kubectl patch application {} --type=json -p='[{"op": "remove", "path": "/metadata/finalizers"}]' + +for x in $(kubectl get namespaces -o=jsonpath='{range .items[*]}{.metadata.name}{"\n"}') ; do + echo $x + kubectl get -n $x ingress -o=jsonpath='{range .items[*]}{.metadata.name}{"\n"}' | xargs -I {} kubectl patch -n $x ingress {} --type=json -p='[{"op": "remove", "path": "/metadata/finalizers"}]' +done + +#Error from server (InternalError): Internal error occurred: failed calling webhook "vingress.elbv2.k8s.aws": failed to call webhook: Post "https://aws-load-balancer-webhook-service.kube-system.svc:443/validate-networking-v1-ingress?timeout=10s": no endpoints available for service "aws-load-balancer-webhook-service" + +echo "Tear Down Applications OK" diff --git a/patterns/blue-green-upgrade/tear-down.sh b/patterns/blue-green-upgrade/tear-down.sh index 66fe877400..826a5d3165 100755 --- a/patterns/blue-green-upgrade/tear-down.sh +++ b/patterns/blue-green-upgrade/tear-down.sh @@ -1,10 +1,28 @@ #!/bin/bash set -e -# First tear down Applications -kubectl delete provisioners.karpenter.sh --all # this is ok if no addons are deployed on Karpenter. -kubectl delete application workloads -n argocd || (echo "error deleting workloads application"; exit -1) -kubectl delete application ecsdemo -n argocd || (echo "error deleting ecsdemo application" && exit -1) +# Get the directory of the currently executing script (shell1.sh) +SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" + +{ "$SCRIPT_DIR/tear-down-applications.sh"; } || { + echo "Error occurred while deleting application" + + # Ask the user if they want to continue + read -p "Do you want to continue with cluster deletion (y/n)? " choice + case "$choice" in + y|Y ) echo "Continuing with the rest of shell1.sh";; + * ) echo "Exiting.."; exit;; + esac +} + +kubectl delete svc -n argocd argo-cd-argocd-server + +# terraform destroy -target="module.gitops_bridge_bootstrap" -auto-approve +# terraform destroy -target="module.eks_blueprints_addons" -auto-approve +# terraform destroy -target="module.eks" -auto-approve +# terraform destroy -target="module.vpc" -auto-approve +# terraform destroy -auto-approve + # Then Tear down the cluster terraform apply -destroy -target="module.eks_cluster.module.kubernetes_addons" -auto-approve || (echo "error deleting module.eks_cluster.module.kubernetes_addons" && exit -1) diff --git a/patterns/blue-green-upgrade/terraform.tfvars.example b/patterns/blue-green-upgrade/terraform.tfvars.example index 6ff5fcc5c3..4687c83db5 100644 --- a/patterns/blue-green-upgrade/terraform.tfvars.example +++ b/patterns/blue-green-upgrade/terraform.tfvars.example @@ -6,7 +6,8 @@ hosted_zone_name = "eks.mydomain.org" # your Existing Hosted Zone eks_admin_role_name = "Admin" # Additional role admin in the cluster (usually the role I use in the AWS console) # EKS Blueprint AddOns ArgoCD App of App repository -addons_repo_url = "git@github.com:aws-samples/eks-blueprints-add-ons.git" +gitops_bridge_repo_url = "git@github.com:gitops-bridge-dev/gitops-bridge-argocd-control-plane-template" +gitops_bridge_repo_revision = "HEAD" # EKS Blueprint Workloads ArgoCD App of App repository workload_repo_url = "git@github.com:aws-samples/eks-blueprints-workloads.git"