Skip to content

Commit

Permalink
FEATURE: Upgrade k8s version to 1.31.0 (#188)
Browse files Browse the repository at this point in the history
<!--  Thanks for sending a pull request! See below for tips! -->

**Before submitting a pull request**, please make sure the following is
done:

### Checklist

- [ ] Fork [the repository](https://github.com/getamis/vishwakarma) and
create your new branch from `master`.
- [ ] Please mention the name of community in Pull Request title.
- [ ] Git Commit Messages
- [ ] Use the present tense (Also in Pull Request title): "Add feature"
not "Added feature"
- [ ] Use the imperative mood (Also in Pull Request title): "Move cursor
to..." not "Moves cursor to..."
- [ ] Use rebase to squash/fixup dummy/unnecessary commits into only one
commit.
  • Loading branch information
icewhiteHsu authored Sep 19, 2024
1 parent 2dfd27b commit 360ae5f
Show file tree
Hide file tree
Showing 17 changed files with 57 additions and 58 deletions.
16 changes: 8 additions & 8 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ Vishwakarma can be used to create a Kubernetes cluster in AWS by leveraging Hash

## Features

* Kubernetes v1.27.2+.
* Kubernetes v1.31.0+.
* Supported [AWS VPC CNI](https://github.com/aws/amazon-vpc-cni-k8s), [flannel](https://github.com/coreos/flannel), [cilium](https://cilium.io/) networking.
* RBAC-enabled, Audit log, and etcd data encryption.
* etcd v3.5.0+.
Expand All @@ -16,7 +16,7 @@ Vishwakarma can be used to create a Kubernetes cluster in AWS by leveraging Hash

- **Terraform**: All of the AWS resource will be create by Terraform, hence, you need to [**install it**](https://www.terraform.io/intro/getting-started/install.html) and confirm the [**permission setup**](https://www.terraform.io/docs/providers/aws/index.html) correctly, then Terraform have the permission to create AWS resource automatically. **Minimum required version of Terraform is v1.2.0**.

- **kubectl**: After the cluster created completely, there is a Kubernetes ConfigMap aws-auth need to be created through kubectl, so need to [**install it**](https://kubernetes.io/docs/tasks/tools/install-kubectl/#install-kubectl). **Minimum required version of Kubernetes is v1.27.0**.
- **kubectl**: After the cluster created completely, there is a Kubernetes ConfigMap aws-auth need to be created through kubectl, so need to [**install it**](https://kubernetes.io/docs/tasks/tools/install-kubectl/#install-kubectl). **Minimum required version of Kubernetes is v1.31.0**.

- **[aws-iam-authenticator](https://docs.aws.amazon.com/zh_tw/eks/latest/userguide/install-aws-iam-authenticator.html)**: The clsuter access permission integrate with AWS IAM, in order to let the cluster know whether you have the right to access, aws-iam-authenticator need to be [**installed**](https://docs.aws.amazon.com/eks/latest/userguide/configure-kubectl.html) in the client side.

Expand Down Expand Up @@ -74,12 +74,12 @@ $ export KUBECONFIG=#{The Path You Put kubeconfig}/kubeconfig
$ kubectl get node

NAME STATUS ROLES AGE VERSION
ip-10-0-48-247.ec2.internal Ready master 9m v1.27.2
ip-10-0-48-117.ec2.internal Ready master 9m v1.27.2
ip-10-0-66-127.ec2.internal Ready on-demand 5m v1.27.2
ip-10-0-66-127.ec2.internal Ready on-demand 6m v1.27.2
ip-10-0-71-121.ec2.internal Ready spot 3m v1.27.2
ip-10-0-86-182.ec2.internal Ready spot 4m v1.27.2
ip-10-0-48-247.ec2.internal Ready master 9m v1.31.0
ip-10-0-48-117.ec2.internal Ready master 9m v1.31.0
ip-10-0-66-127.ec2.internal Ready on-demand 5m v1.31.0
ip-10-0-66-127.ec2.internal Ready on-demand 6m v1.31.0
ip-10-0-71-121.ec2.internal Ready spot 3m v1.31.0
ip-10-0-86-182.ec2.internal Ready spot 4m v1.31.0
```

## What’s Going On?
Expand Down
2 changes: 1 addition & 1 deletion docs/variables/aws/elastikube.md
Original file line number Diff line number Diff line change
Expand Up @@ -85,7 +85,7 @@ This document gives an overview of variables used in the AWS platform of the ela
| <a name="input_kubelet_extra_config"></a> [kubelet\_extra\_config](#input\_kubelet\_extra\_config) | The user-provided configs to kubelet. See https://kubernetes.io/docs/tasks/administer-cluster/kubelet-config-file/ for more information. | `map` | `{}` | no |
| <a name="input_kubelet_node_labels"></a> [kubelet\_node\_labels](#input\_kubelet\_node\_labels) | Labels to add when registering the node in the cluster. Labels must be key=value pairs. | `list(string)` | `[]` | no |
| <a name="input_kubelet_node_taints"></a> [kubelet\_node\_taints](#input\_kubelet\_node\_taints) | Register the node with the given list of taints ("<key>=<value>:<effect>"). | `list(string)` | `[]` | no |
| <a name="input_kubernetes_version"></a> [kubernetes\_version](#input\_kubernetes\_version) | Desired Kubernetes version. | `string` | `"v1.27.7"` | no |
| <a name="input_kubernetes_version"></a> [kubernetes\_version](#input\_kubernetes\_version) | Desired Kubernetes version. | `string` | `"v1.31.0"` | no |
| <a name="input_lb_security_group_ids"></a> [lb\_security\_group\_ids](#input\_lb\_security\_group\_ids) | (Optional) List of security group IDs for the cross-account elastic network interfaces<br> to use to allow communication to the kubernetes api server load balancer. | `list(string)` | `[]` | no |
| <a name="input_log_level"></a> [log\_level](#input\_log\_level) | Log level and verbosity of each components | <pre>object({<br> aws_cloud_controller_manager = optional(string, "2") # 2: Info, 3: Extended Info, 4: Debug, 5: Trace<br> aws_vpc_cni = optional(string, "DEBUG") # DEBUG, INFO, WARN, ERROR, FATAL<br> containerd = optional(string, "info") # trace, debug, info, warn, error, fatal, panic<br> cilium_cni = optional(string, "DEBUG") # DEBUG: enable debug logging, INFO: disable debug logging<br> docker = optional(string, "info") # debug, info, warn, error, fatal<br> etcd = optional(string, "info") # debug, info, warn, error, panic, fatal<br> kube_apiserver = optional(string, "2") # 2: Info, 3: Extended Info, 4: Debug, 5: Trace<br> kube_controller_manager = optional(string, "2") # 2: Info, 3: Extended Info, 4: Debug, 5: Trace<br> kube_scheduler = optional(string, "2") # 2: Info, 3: Extended Info, 4: Debug, 5: Trace<br> kube_proxy = optional(string, "2") # 2: Info, 3: Extended Info, 4: Debug, 5: Trace<br> kubelet = optional(string, "2") # 2: Info, 3: Extended Info, 4: Debug, 5: Trace<br> systemd_networkd = optional(string, "warning") # emerg, alert, crit, err, warning, notice, info, debug<br> })</pre> | <pre>{<br> "aws_cloud_controller_manager": "2",<br> "aws_vpc_cni": "DEBUG",<br> "cilium_cni": "DEBUG",<br> "containerd": "info",<br> "docker": "info",<br> "etcd": "info",<br> "kube_apiserver": "2",<br> "kube_controller_manager": "2",<br> "kube_proxy": "2",<br> "kube_scheduler": "2",<br> "kubelet": "2",<br> "systemd_networkd": "warning"<br>}</pre> | no |
| <a name="input_master_instance_config"></a> [master\_instance\_config](#input\_master\_instance\_config) | (Optional) Desired master nodes configuration. | <pre>object({<br> count = number<br> image_id = string<br> ec2_type = list(string)<br> root_volume_iops = number<br> root_volume_size = number<br> root_volume_type = string<br><br> default_cooldown = number<br> health_check_grace_period = number<br><br> suspended_processes = list(string)<br><br> instance_refresh = bool<br> instance_warmup = number<br> min_healthy_percentage = number<br><br> on_demand_base_capacity = number<br> on_demand_percentage_above_base_capacity = number<br> spot_instance_pools = number<br> spot_allocation_strategy = string<br> })</pre> | <pre>{<br> "count": 1,<br> "default_cooldown": 300,<br> "ec2_type": [<br> "t3.medium",<br> "t2.medium"<br> ],<br> "health_check_grace_period": 300,<br> "image_id": "ami-0b75e2f157200889f",<br> "instance_refresh": false,<br> "instance_warmup": 30,<br> "min_healthy_percentage": 100,<br> "on_demand_base_capacity": 0,<br> "on_demand_percentage_above_base_capacity": 100,<br> "root_volume_iops": 100,<br> "root_volume_size": 256,<br> "root_volume_type": "gp2",<br> "spot_allocation_strategy": "lowest-price",<br> "spot_instance_pools": 1,<br> "suspended_processes": []<br>}</pre> | no |
Expand Down
20 changes: 10 additions & 10 deletions docs/variables/aws/kube-worker.md
Original file line number Diff line number Diff line change
Expand Up @@ -19,15 +19,15 @@ This document gives an overview of variables used in the AWS platform of the kub

| Name | Source | Version |
|------|--------|---------|
| <a name="module_ignition_containerd"></a> [ignition\_containerd](#module\_ignition\_containerd) | git::ssh://[email protected]/getamis/terraform-ignition-reinforcements//modules/containerd | v1.27.4.0 |
| <a name="module_ignition_docker"></a> [ignition\_docker](#module\_ignition\_docker) | git::ssh://[email protected]/getamis/terraform-ignition-reinforcements//modules/docker | v1.27.4.0 |
| <a name="module_ignition_ecr_credentail_provider"></a> [ignition\_ecr\_credentail\_provider](#module\_ignition\_ecr\_credentail\_provider) | git::ssh://[email protected]/getamis/terraform-ignition-reinforcements//modules/ecr-credential-provider | v1.27.4.0 |
| <a name="module_ignition_kubelet"></a> [ignition\_kubelet](#module\_ignition\_kubelet) | git::ssh://[email protected]/getamis/terraform-ignition-kubernetes//modules/kubelet | v1.27.7.1 |
| <a name="module_ignition_locksmithd"></a> [ignition\_locksmithd](#module\_ignition\_locksmithd) | git::ssh://[email protected]/getamis/terraform-ignition-reinforcements//modules/locksmithd | v1.27.4.0 |
| <a name="module_ignition_sshd"></a> [ignition\_sshd](#module\_ignition\_sshd) | git::ssh://[email protected]/getamis/terraform-ignition-reinforcements//modules/sshd | v1.27.4.0 |
| <a name="module_ignition_systemd_networkd"></a> [ignition\_systemd\_networkd](#module\_ignition\_systemd\_networkd) | git::ssh://[email protected]/getamis/terraform-ignition-reinforcements//modules/systemd-networkd | v1.27.4.0 |
| <a name="module_ignition_update_ca_certificates"></a> [ignition\_update\_ca\_certificates](#module\_ignition\_update\_ca\_certificates) | git::ssh://[email protected]/getamis/terraform-ignition-reinforcements//modules/update-ca-certificates | v1.27.4.0 |
| <a name="module_lifecycle_hook"></a> [lifecycle\_hook](#module\_lifecycle\_hook) | git::ssh://[email protected]/getamis/terraform-aws-asg-lifecycle//modules/kubernetes | v1.27.4.0 |
| <a name="module_ignition_containerd"></a> [ignition\_containerd](#module\_ignition\_containerd) | git::ssh://[email protected]/getamis/terraform-ignition-reinforcements//modules/containerd | v1.31.0.0 |
| <a name="module_ignition_docker"></a> [ignition\_docker](#module\_ignition\_docker) | git::ssh://[email protected]/getamis/terraform-ignition-reinforcements//modules/docker | v1.31.0.0 |
| <a name="module_ignition_ecr_credentail_provider"></a> [ignition\_ecr\_credentail\_provider](#module\_ignition\_ecr\_credentail\_provider) | git::ssh://[email protected]/getamis/terraform-ignition-reinforcements//modules/ecr-credential-provider | v1.31.0.0 |
| <a name="module_ignition_kubelet"></a> [ignition\_kubelet](#module\_ignition\_kubelet) | git::ssh://[email protected]/getamis/terraform-ignition-kubernetes//modules/kubelet | v1.31.0.0 |
| <a name="module_ignition_locksmithd"></a> [ignition\_locksmithd](#module\_ignition\_locksmithd) | git::ssh://[email protected]/getamis/terraform-ignition-reinforcements//modules/locksmithd | v1.31.0.0 |
| <a name="module_ignition_sshd"></a> [ignition\_sshd](#module\_ignition\_sshd) | git::ssh://[email protected]/getamis/terraform-ignition-reinforcements//modules/sshd | v1.31.0.0 |
| <a name="module_ignition_systemd_networkd"></a> [ignition\_systemd\_networkd](#module\_ignition\_systemd\_networkd) | git::ssh://[email protected]/getamis/terraform-ignition-reinforcements//modules/systemd-networkd | v1.31.0.0 |
| <a name="module_ignition_update_ca_certificates"></a> [ignition\_update\_ca\_certificates](#module\_ignition\_update\_ca\_certificates) | git::ssh://[email protected]/getamis/terraform-ignition-reinforcements//modules/update-ca-certificates | v1.31.0.0 |
| <a name="module_lifecycle_hook"></a> [lifecycle\_hook](#module\_lifecycle\_hook) | git::ssh://[email protected]/getamis/terraform-aws-asg-lifecycle//modules/kubernetes | v1.31.0.0 |

## Resources

Expand Down Expand Up @@ -75,7 +75,7 @@ This document gives an overview of variables used in the AWS platform of the kub
| <a name="input_kubelet_flags"></a> [kubelet\_flags](#input\_kubelet\_flags) | The flags of kubelet. The variables need to follow https://kubernetes.io/docs/reference/command-line-tools-reference/kubelet/. Do not use underline. | `map(string)` | `{}` | no |
| <a name="input_kubelet_node_labels"></a> [kubelet\_node\_labels](#input\_kubelet\_node\_labels) | Labels to add when registering the node in the cluster. Labels must be key=value pairs. | `list(string)` | `[]` | no |
| <a name="input_kubelet_node_taints"></a> [kubelet\_node\_taints](#input\_kubelet\_node\_taints) | Register the node with the given list of taints ("<key>=<value>:<effect>"). | `list(string)` | `[]` | no |
| <a name="input_kubernetes_version"></a> [kubernetes\_version](#input\_kubernetes\_version) | Desired Kubernetes version. | `string` | `"v1.27.7"` | no |
| <a name="input_kubernetes_version"></a> [kubernetes\_version](#input\_kubernetes\_version) | Desired Kubernetes version. | `string` | `"v1.31.0"` | no |
| <a name="input_log_level"></a> [log\_level](#input\_log\_level) | Log level and verbosity of each components | <pre>object({<br> containerd = optional(string, "info") # trace, debug, info, warn, error, fatal, panic<br> docker = optional(string, "info") # debug, info, warn, error, fatal<br> kubelet = optional(string, "2") # 2: Info, 3: Extended Info, 4: Debug, 5: Trace<br> systemd_networkd = optional(string, "warning") # emerg, alert, crit, err, warning, notice, info, debug<br> })</pre> | <pre>{<br> "containerd": "info",<br> "docker": "info",<br> "kubelet": "2",<br> "systemd_networkd": "warning"<br>}</pre> | no |
| <a name="input_max_pods"></a> [max\_pods](#input\_max\_pods) | (Optional) the max pod number in the node when enable eni prefix | `string` | `"110"` | no |
| <a name="input_name"></a> [name](#input\_name) | (Required) Name of the cluster. | `string` | n/a | yes |
Expand Down
6 changes: 3 additions & 3 deletions examples/kubernetes-cluster-aws-vpc/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ locals {
module "os_ami" {
source = "../../modules/aws/os-ami"
flavor = "flatcar"
flatcar_version = "3602.2.1"
flatcar_version = "3815.2.5"
}

# ---------------------------------------------------------------------------------------------------------------------
Expand Down Expand Up @@ -126,7 +126,7 @@ module "worker_on_demand" {
name = "on-demand"
count = 1
max_count = null
image_id = "ami-0b8fef69b7bf66b89"
image_id = module.os_ami.image_id
ec2_type = [
"t3.medium",
"t2.medium"
Expand Down Expand Up @@ -194,7 +194,7 @@ module "worker_spot" {

instance_config = {
name = "spot"
image_id = "ami-0b8fef69b7bf66b89"
image_id = module.os_ami.image_id
count = 1
max_count = 10
ec2_type = [
Expand Down
2 changes: 1 addition & 1 deletion examples/kubernetes-cluster-aws-vpc/variables.tf
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ variable "aws_region" {
variable "kubernetes_version" {
description = "Desired Kubernetes version."
type = string
default = "v1.27.7"
default = "v1.31.0"
}

variable "service_cidr" {
Expand Down
6 changes: 3 additions & 3 deletions examples/kubernetes-cluster-cilium-vxlan/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ locals {
module "os_ami" {
source = "../../modules/aws/os-ami"
flavor = "flatcar"
flatcar_version = "3602.2.1"
flatcar_version = "3815.2.5"
}

# ---------------------------------------------------------------------------------------------------------------------
Expand Down Expand Up @@ -123,7 +123,7 @@ module "worker_on_demand" {
name = "on-demand"
count = 1
max_count = null
image_id = "ami-0b8fef69b7bf66b89"
image_id = module.os_ami.image_id
ec2_type = [
"t3.medium",
"t2.medium"
Expand Down Expand Up @@ -190,7 +190,7 @@ module "worker_spot" {

instance_config = {
name = "spot"
image_id = "ami-0b8fef69b7bf66b89"
image_id = module.os_ami.image_id
count = 1
max_count = 10
ec2_type = [
Expand Down
2 changes: 1 addition & 1 deletion examples/kubernetes-cluster-cilium-vxlan/variables.tf
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ variable "aws_region" {
variable "kubernetes_version" {
description = "Desired Kubernetes version."
type = string
default = "v1.27.7"
default = "v1.31.0"
}

variable "service_cidr" {
Expand Down
2 changes: 1 addition & 1 deletion modules/aws/elastikube/variables.tf
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ variable "name" {
variable "kubernetes_version" {
description = "Desired Kubernetes version."
type = string
default = "v1.27.7"
default = "v1.31.0"
}

variable "override_binaries" {
Expand Down
2 changes: 1 addition & 1 deletion modules/aws/iam-authenticator/main.tf
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
module "ignition_iam_auth" {
source = "github.com/getamis/terraform-ignition-kubernetes//modules/extra-addons/aws-iam-authenticator?ref=v1.27.7.0"
source = "github.com/getamis/terraform-ignition-kubernetes//modules/extra-addons/aws-iam-authenticator?ref=v1.31.0.0"

cluster_name = var.name
container = var.container
Expand Down
2 changes: 1 addition & 1 deletion modules/aws/irsa/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ locals {
data "aws_region" "current" {}

module "ignition_pod_idenity_webhook" {
source = "github.com/getamis/terraform-ignition-kubernetes//modules/extra-addons/aws-pod-identity-webhook?ref=v1.27.7.0"
source = "github.com/getamis/terraform-ignition-kubernetes//modules/extra-addons/aws-pod-identity-webhook?ref=v1.31.0.0"

container = var.container
service_name = var.service_name
Expand Down
14 changes: 7 additions & 7 deletions modules/aws/kube-etcd/ignition.tf
Original file line number Diff line number Diff line change
@@ -1,38 +1,38 @@
module "ignition_docker" {
source = "github.com/getamis/terraform-ignition-reinforcements//modules/docker?ref=v1.27.4.0"
source = "github.com/getamis/terraform-ignition-reinforcements//modules/docker?ref=v1.31.0.0"

docker_cgroup_driver = "systemd"
log_level = var.log_level["docker"]
}

module "ignition_containerd" {
source = "github.com/getamis/terraform-ignition-reinforcements//modules/containerd?ref=v1.27.4.0"
source = "github.com/getamis/terraform-ignition-reinforcements//modules/containerd?ref=v1.31.0.0"

log_level = var.log_level["containerd"]
}

module "ignition_locksmithd" {
source = "github.com/getamis/terraform-ignition-reinforcements//modules/locksmithd?ref=v1.27.4.0"
source = "github.com/getamis/terraform-ignition-reinforcements//modules/locksmithd?ref=v1.31.0.0"

reboot_strategy = var.reboot_strategy
}

module "ignition_update_ca_certificates" {
source = "github.com/getamis/terraform-ignition-reinforcements//modules/update-ca-certificates?ref=v1.27.4.0"
source = "github.com/getamis/terraform-ignition-reinforcements//modules/update-ca-certificates?ref=v1.31.0.0"
}

module "ignition_node_exporter" {
source = "github.com/getamis/terraform-ignition-reinforcements//modules/node-exporter?ref=v1.27.4.0"
source = "github.com/getamis/terraform-ignition-reinforcements//modules/node-exporter?ref=v1.31.0.0"
}

module "ignition_sshd" {
source = "github.com/getamis/terraform-ignition-reinforcements//modules/sshd?ref=v1.27.4.0"
source = "github.com/getamis/terraform-ignition-reinforcements//modules/sshd?ref=v1.31.0.0"

enable = var.debug_mode
}

module "ignition_etcd" {
source = "github.com/getamis/terraform-ignition-etcd?ref=v1.27.4.2"
source = "github.com/getamis/terraform-ignition-etcd?ref=v1.31.0.0"

name = var.name
containers = var.containers
Expand Down
Loading

0 comments on commit 360ae5f

Please sign in to comment.