From b6348c8eca5d648c22d78d0352cacd8a44806f3a Mon Sep 17 00:00:00 2001 From: sarvesh-cast Date: Thu, 7 Nov 2024 13:18:04 +0530 Subject: [PATCH] Update readme & Gitops housekeeping (#415) --- examples/eks/eks_cluster_existing/README.MD | 6 ++++-- examples/eks/eks_cluster_existing/tf.vars.example | 3 ++- examples/eks/eks_cluster_gitops/README.md | 12 +++++++++++- examples/eks/eks_cluster_gitops/castai.tf | 15 ++------------- examples/eks/eks_cluster_gitops/tf.vars.example | 1 + 5 files changed, 20 insertions(+), 17 deletions(-) diff --git a/examples/eks/eks_cluster_existing/README.MD b/examples/eks/eks_cluster_existing/README.MD index 8f620d2c..4a6f539d 100644 --- a/examples/eks/eks_cluster_existing/README.MD +++ b/examples/eks/eks_cluster_existing/README.MD @@ -36,10 +36,12 @@ terraform destroy -var-file=tf.vars > **Note** > -> If you are onboarding existing cluster to CAST AI +> If you are onboarding existing eks cluster to CAST AI +0. Set Profile in AWS CLI +AWS CLI profile is already set to default, override if only required. 1. If your eks cluster authentication mode is API/API_CONFIGMAP - TF will update role in IAM access entries (No user action needed) 2. If your eks cluster authentication mode is CONFIGMAP - you need to also update [aws-auth](https://docs.aws.amazon.com/eks/latest/userguide/add-user-role.html) configmap. In the configmap instance profile > used by CAST AI has to be present. Example of entry can be found [here](https://github.com/castai/terraform-provider-castai/blob/157babd57b0977f499eb162e9bee27bee51d292a/examples/eks/eks_cluster_autoscaler_polices/eks.tf#L28-L38). -Please refer to this guide if you run into any issues https://docs.cast.ai/docs/terraform-troubleshooting +Please refer to this guide if you run into any issues https://docs.cast.ai/docs/terraform-troubleshooting \ No newline at end of file diff --git a/examples/eks/eks_cluster_existing/tf.vars.example b/examples/eks/eks_cluster_existing/tf.vars.example index 39bb654b..a51b495b 100644 --- a/examples/eks/eks_cluster_existing/tf.vars.example +++ b/examples/eks/eks_cluster_existing/tf.vars.example @@ -5,4 +5,5 @@ grpc_url = "" vpc_id = "" cluster_security_group_id = "" node_security_group_id = "" -subnets = ["", ""] \ No newline at end of file +subnets = ["", ""] +profile = "default" # default aws cli profile is used, override if needed. \ No newline at end of file diff --git a/examples/eks/eks_cluster_gitops/README.md b/examples/eks/eks_cluster_gitops/README.md index 2e7a9bea..5303a85a 100644 --- a/examples/eks/eks_cluster_gitops/README.md +++ b/examples/eks/eks_cluster_gitops/README.md @@ -10,7 +10,13 @@ Helm Managed ==> All Castware components such as `castai-agent`, `castai-cluste +-------------------------+ | Start | +-------------------------+ - | + | Set Profile in AWS CLI + | + +-------------------------+ + | 0. AWS CLI profile is already set to default,override if only required + | + +-------------------------+ + | | AWS CLI +-------------------------+ | 1.Check EKS Auth Mode is API/API_CONFIGMAP @@ -52,6 +58,10 @@ Prerequisites: - Obtained CAST AI [API Access key](https://docs.cast.ai/docs/authentication#obtaining-api-access-key) with Full Access +### Step 0: Set Profile in AWS CLI +AWS CLI profile is already set to default, override if only required. + + ### Step 1: Get EKS cluster authentication mode ``` CLUSTER_NAME="" diff --git a/examples/eks/eks_cluster_gitops/castai.tf b/examples/eks/eks_cluster_gitops/castai.tf index 57d100f1..4ed81691 100644 --- a/examples/eks/eks_cluster_gitops/castai.tf +++ b/examples/eks/eks_cluster_gitops/castai.tf @@ -1,15 +1,4 @@ # Create IAM resources required for connecting cluster to CAST AI. -locals { - resource_name_postfix = var.aws_cluster_name - account_id = data.aws_caller_identity.current.account_id - partition = data.aws_partition.current.partition - - instance_profile_role_name = "castai-eks-${local.resource_name_postfix}-node-role" - iam_role_name = "castai-eks-${local.resource_name_postfix}-cluster-role" - iam_inline_policy_name = "CastEKSRestrictedAccess" - role_name = "castai-eks-role" -} - data "aws_caller_identity" "current" {} data "aws_partition" "current" {} @@ -49,7 +38,7 @@ locals { resource "aws_eks_access_entry" "access_entry" { count = local.access_entry ? 1 : 0 - cluster_name = local.resource_name_postfix + cluster_name = var.aws_cluster_name principal_arn = module.castai-eks-role-iam.instance_profile_role_arn type = "EC2_LINUX" } @@ -58,7 +47,7 @@ resource "aws_eks_access_entry" "access_entry" { resource "castai_eks_cluster" "my_castai_cluster" { account_id = var.aws_account_id region = var.aws_cluster_region - name = local.resource_name_postfix + name = var.aws_cluster_name delete_nodes_on_disconnect = var.delete_nodes_on_disconnect assume_role_arn = module.castai-eks-role-iam.role_arn } diff --git a/examples/eks/eks_cluster_gitops/tf.vars.example b/examples/eks/eks_cluster_gitops/tf.vars.example index 80db8c2c..90b36cd7 100644 --- a/examples/eks/eks_cluster_gitops/tf.vars.example +++ b/examples/eks/eks_cluster_gitops/tf.vars.example @@ -6,3 +6,4 @@ subnets = ["PLACEHOLDER1", "PLACEHOLDER2"] vpc_id = "PLACEHOLDER" cluster_security_group_id = ["PLACEHOLDER1"] node_security_group_id = ["PLACEHOLDER1] +profile = "default" # default aws cli profile is used, override if needed.