Skip to content

Commit

Permalink
Update Curated Packages documentation to point to latest version (#8892)
Browse files Browse the repository at this point in the history 
* Update Curated Packages documentation to point to latest version

* Update packages command in best practice section
  • Loading branch information
@jhaanvi5
jhaanvi5 authored Oct 29, 2024
1 parent 7f98b2b commit 920ddea
Show file tree
Hide file tree
Showing 13 changed files with 1,030 additions and 11 deletions.
128 changes: 128 additions & 0 deletions docs/content/en/docs/packages/adot/v0.41.1.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,128 @@
---
title: "v0.41.1"
linkTitle: "v0.41.1"
weight: 20
aliases:
/docs/reference/packagespec/adot/v0.41.1/
description: >
---

### Configuring ADOT in EKS Anywhere package spec

#### Example

We included a sample configuration below for reference. For in-depth examples and use cases, please refer to [ADOT with AMP and AMG.]({{< relref "adot_amp_amg.md" >}})

```
apiVersion: packages.eks.amazonaws.com/v1alpha1
kind: Package
metadata:
name: my-adot
namespace: eksa-packages-<cluster-name>
spec:
packageName: adot
targetNamespace: observability
config: |
mode: daemonset
```

#### Configurable parameters and default values under `spec.config`

| Parameter | Description | Default |
|-----|---------|-------------|
|**General**|
| hostNetwork | Indicates if the pod should run in the host networking namespace. | `false` |
| image.pullPolicy | Specifies image pull policy: `IfNotPresent`, `Always`, `Never`. | `"IfNotPresent"` |
| mode | Specifies Collector deployment options: `daemonset`, `deployment`, or `statefulset`. | `"daemonset"` |
| ports.[\*].containerPort | Specifies containerPort used. | See footnote [^1] |
| ports.[\*].enabled | Indicates if a port is enabled. | See footnote [^1] |
| ports.[\*].hostPort | Specifies hostPort used. | See footnote [^1] |
| ports.[\*].protocol | Specifies protocol used. | See footnote [^1] |
| ports.[\*].servicePort | Specifies servicePort used. | See footnote [^1] |
| resources.limits.cpu | Specifies CPU resource limits for containers. | `1` |
| resources.limits.memory | Specifies memory resource limits for containers. | `"2Gi"` |
|**Config**|
| config.config | Specifies Collector receiver, processor, exporter, and extensions configurations. Refer to [aws-otel-collector](https://github.com/aws-observability/aws-otel-collector) for full details. **Note EKS Anywhere ADOT package version matches the exact aws-otel-collector version.** | See footnote [^2] |
| config.config.receiver | Specifies how data gets in the Collector. Receivers can be either push or pull based, and support one or more data source. | See footnote [^2] |
| config.config.processor | Specifies how processors are run on data between the stage of being received and being exported. Processors are optional though some are [recommended.](https://github.com/open-telemetry/opentelemetry-collector/tree/main/processor#recommended-processors) | See footnote [^2] |
| config.config.exporters | Specifies how data gets sent to backends/destinations. Exporters can be either push or pull based, and support one or more data source. | See footnote [^2] |
| config.config.extensions | Specifies tasks that do not involve processing telemetry data. Examples of extensions include health monitoring, service discovery, and data forwarding. Extensions are optional. | See footnote [^2] |
| config.config.service | Specifies what components are enabled in the Collector based on the configuration found in the receivers, processors, exporters, and extensions sections. **If a component is configured, but not defined within the service section, then it is not enabled.** | See footnote [^2] |
|**Deployment mode only**|
| replicaCount | Specifies replicaCount for pods. | `1` |
| service.type | Specifies service types: `ClusterIP`, `NodePort`, `LoadBalancer`, `ExternalName`. |`"ClusterIP"` |

[^1]:
The default `ports` enables `otlp` and `otlp-http`. See below specification for details.
```yaml
apiVersion: packages.eks.amazonaws.com/v1alpha1
kind: Package
...
spec:
config: |
ports:
otlp:
enabled: true
containerPort: 4317
servicePort: 4317
hostPort: 4317
protocol: TCP
otlp-http:
enabled: true
containerPort: 4318
servicePort: 4318
hostPort: 4318
protocol: TCP
```
[^2]:
The default `config.config` deploys an ADOT Collector with the metrics pipeline, which includes otlp and prometheus receiver, and logging exporter. See below specification for details.
```yaml
apiVersion: packages.eks.amazonaws.com/v1alpha1
kind: Package
...
spec:
config: |
config:
receivers:
otlp:
protocols:
grpc:
endpoint: 0.0.0.0:4317
http:
endpoint: 0.0.0.0:4318
prometheus:
config:
scrape_configs:
- job_name: opentelemetry-collector
scrape_interval: 10s
static_configs:
- targets:
- ${MY_POD_IP}:8888
processors:
batch: {}
memory_limiter: null
exporters:
logging:
loglevel: info
extensions:
health_check: {}
memory_ballast: {}
service:
telemetry:
metrics:
address: 0.0.0.0:8888
extensions:
- health_check
- memory_ballast
pipelines:
metrics:
exporters:
- logging
processors:
- memory_limiter
- batch
receivers:
- otlp
- prometheus
```
2 changes: 1 addition & 1 deletion docs/content/en/docs/packages/best_practice.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,6 @@ description: >

### Best Practice

Any supported EKS Anywhere curated package should be modified through package yaml files (with `kind: Package`) and applied through the command `eksctl anywhere apply package -f packageFileName`. Modifying objects outside of package yaml files may lead to unpredictable behaviors.
Any supported EKS Anywhere curated package should be modified through package yaml files (with `kind: Package`) and applied through the command `kubectl apply -f packageFileName`. Modifying objects outside of package yaml files may lead to unpredictable behaviors.

For automatic namespace (targetNamespace) creation, see `createNamespace` field: [PackagebundleController.spec]({{< ref "packages.md/#packagebundlecontrollerspec" >}})
2 changes: 1 addition & 1 deletion docs/content/en/docs/packages/cert-manager/v1.14.5.md
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
---
title: "v1.14.5"
linkTitle: "v1.14.5"
weight: 20
weight: 30
aliases:
/docs/reference/packagespec/cert-manager/v1.14.5/
description: >
Expand Down
36 changes: 36 additions & 0 deletions docs/content/en/docs/packages/cert-manager/v1.15.3.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
---
title: "v1.15.3"
linkTitle: "v1.15.3"
weight: 40
aliases:
/docs/reference/packagespec/cert-manager/v1.15.3/
description: >
---

### Configuring Cert-Manager in EKS Anywhere package spec

#### Example
```
apiVersion: packages.eks.amazonaws.com/v1alpha1
kind: Package
metadata:
name: my-cert-manager
namespace: eksa-packages-<cluster-name>
spec:
packageName: cert-manager
config: |
global:
logLevel: 4
```

The following table lists the configurable parameters of the cert-manager package spec and the default values.

| Parameter | Description | Default |
|--------------------------|------------------------------------------------------------------------------------------------------|----------------|
| **General** | | |
| `namespace` | The namespace to use for installing cert-manager package | `cert-manager` |
| `imagePullPolicy` | The image pull policy | `IfNotPresent` |
| **global** | | |
| `global.logLevel` | The log level: integer from 0-6 | `2` |
| **Webhook** | | |
| `webhook.timeoutSeconds` | The time in seconds to wait for the webhook to connect with the kube-api server | `0` |
19 changes: 19 additions & 0 deletions docs/content/en/docs/packages/cluster-autoscaler/v9.43.0.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
---
title: "v9.43.0"
linkTitle: "v9.43.0"
weight: 20
aliases:
/docs/reference/packagespec/cluster-autoscaler/v9.43.0/
description: >
---

### Configuring Cluster Autoscaler in EKS Anywhere package spec

| Parameter | Description | Default |
|---|---|---|
|**General**|||
| cloudProvider | Cluster Autoscaler cloud provider. This should always be clusterapi. <br/>Example:<br/> <pre>cloudProvider: "clusterapi"</pre>| "clusterapi"
| autoDiscovery.clusterName | Name of the kubernetes cluster this autoscaler package should autoscale. <br/>Example:<br/> <pre>autoDiscovery.clusterName: "mgmt-cluster"</pre>| false
| clusterAPIMode | Where Cluster Autoscaler should look for a kubeconfig to communicate with the cluster it will manage. See https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/cloudprovider/clusterapi/README.md#connecting-cluster-autoscaler-to-cluster-api-management-and-workload-clusters <br/>Example:<br/> <pre>clusterAPIMode: "incluster-kubeconfig"</pre>| "incluster-incluster"
| clusterAPICloudConfigPath | Path to kubeconfig for connecting to Cluster API Management Cluster, only used if `clusterAPIMode=kubeconfig-kubeconfig or incluster-kubeconfig` <br/>Example:<br/> <pre>clusterAPICloudConfigPath: "/etc/kubernetes/value"</pre>| "/etc/kubernetes/mgmt-kubeconfig"
| extraVolumeSecrets | Additional volumes to mount from Secrets. <br/>Example:<br/> <pre>extraVolumeSecrets: {}</pre>| {}
96 changes: 96 additions & 0 deletions docs/content/en/docs/packages/credential-provider-package/v0.4.4.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,96 @@
---
title: "v0.4.4"
linkTitle: "v0.4.4"
weight: 20
aliases:
/docs/reference/packagespec/credential-provider-package/v0.4.4/
description: >
---

### Configuring Credential Provider Package in EKS Anywhere package spec

#### Example

The following is the sample configuration for the credential provider package that is installed by default with the package controller.
Please refer to [Credential Provider Package with IAM Roles Anywhere.]({{< relref "iam_roles_anywhere" >}})

```
apiVersion: packages.eks.amazonaws.com/v1alpha1
kind: Package
metadata:
name: ecr-credential-provider-package
namespace: eksa-packages-<clusterName>
annotations:
"helm.sh/resource-policy": keep
"anywhere.eks.aws.com/internal": "true"
spec:
packageName: credential-provider-package
targetNamespace: eksa-packages
config: |-
tolerations:
- key: "node-role.kubernetes.io/master"
operator: "Exists"
effect: "NoSchedule"
- key: "node-role.kubernetes.io/control-plane"
operator: "Exists"
effect: "NoSchedule"
sourceRegistry: public.ecr.aws/eks-anywhere
credential:
- matchImages:
- 783794618700.dkr.ecr.us-west-2.amazonaws.com
profile: "default"
secretName: aws-secret
defaultCacheDuration: "5h"
```

In this example, the credential provider will use the secret provided in aws-secret (created automatically on cluster creation) to authenticate to the repository from which curated package images are pulled. Tolerations were also added so that the control plane nodes would also be configured with authentication.

The secret can exist in two forms: either a base64 encoding of a credential config or individual keys for fields.

Example credential
```
[default]
aws_access_key_id=EXAMPLE_ACCESS_KEY
aws_secret_access_key=EXAMPLE_SECRET_KEY
region=us-west-2
```

##### Example secret with separate keys
```
apiVersion: v1
kind: Secret
metadata:
name: aws-secret
namespace: eksa-packages
data:
AWS_ACCESS_KEY_ID: "QUtJQUlPU0ZPRE5ON0VYQU1QTEUK"
AWS_SECRET_ACCESS_KEY: "d0phbHJYVXRuRkVNSS9LN01ERU5HL2JQeFJmaUNZRVhBTVBMRUtFWQo="
REGION: dXMtd2VzdC0yCg==
```

##### Example secret in config form
```
apiVersion: v1
kind: Secret
metadata:
name: aws-secret
namespace: eksa-packages
data:
config: W2RlZmF1bHRdCmF3c19hY2Nlc3Nfa2V5X2lkPUFLSUFJT1NGT0ROTjdFWEFNUExFCmF3c19zZWNyZXRfYWNjZXNzX2tleT13SmFsclhVdG5GRU1JL0s3TURFTkcvYlB4UmZpQ1lFWEFNUExFS0VZCnJlZ2lvbj11cy13ZXN0LTI=
type: Opaque
```

#### Configurable parameters and default values under `spec.config`

| Parameter | Description | Default |
|----------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------|
| **General** | | |
| image.pullPolicy | Specifies image pull policy: `IfNotPresent`, `Always`, `Never`. | `"IfNotPresent"` |
| tolerations | [Kubernetes tolerations](https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/) for pod scheduling | `{}` |
| **Credential** | | |
| credential | List of credential providers for authenticating with ECR. Currently only one is supported | <pre>credential: <br/> - secretName: "aws-secret"<br/> matchImages: []<br/> defaultCacheDuration: "1h"<br/> profile: "default</pre> |
| secretName | Name of secret that contains the aws credentials | `"aws-secret"` |
| profile | AWS Profile for secretName | `"default"` |
| matchImages | List of strings used to match against images. See [here](https://kubernetes.io/docs/tasks/administer-cluster/kubelet-credential-provider/#configure-image-matching) for more info <br/>Example to match against any account across multiple regions for ECR:<br/></pre>`"*.dkr.ecr.*.amazonaws.com"`</pre> | `"[]"` |
| defaultCacheDuration | Duration the kubelet will cache credentials in-memory. For ECR it is recommended to keep this value less then 12 hours. | `"5h"` |

2 changes: 1 addition & 1 deletion docs/content/en/docs/packages/harbor/v2.10.2.md
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
---
title: "v2.10.2"
linkTitle: "v2.10.2"
weight: 50
weight: 60
aliases:
/docs/reference/packagespec/harbor/v2.10.2/
description: >
Expand Down
Loading

0 comments on commit 920ddea

Please sign in to comment.