Merge pull request #99 from knabben/aws-tf-readme

Initial EKS cluster creation
kubernetes-sigs · Nov 27, 2023 · 5c355f7 · 5c355f7
2 parents 491d565 + 642c113
commit 5c355f7
Show file tree

Hide file tree

Showing 14 changed files with 319 additions and 250 deletions.
diff --git a/Makefile b/Makefile
@@ -65,13 +65,14 @@ build:  ## Build the binary using local golang
 ## Container
 ## --------------------------------------
 ##@ container:
-.PHONY: image_build
-image_build: ## Build the container image
+
+.PHONY: image-build
+image-build: ## Build the container image
 	docker build --build-arg KUBERNETES_VERSION=$(KUBERNETES_VERSION) -t $(IMG_PATH):$(TAG) .
 	docker tag $(IMG_PATH):$(TAG) $(IMG_PATH):latest
 
 .PHONY: image_push
-image_push: ## Push the container image to k8s-staging bucket
+image-push: ## Push the container image to k8s-staging bucket
 	docker push $(IMG_PATH):$(TAG)
 	docker push $(IMG_PATH):latest
 
@@ -85,7 +86,7 @@ release-staging: ## Builds and push container image to k8s-staging bucket
 ##@ setup:
 
 .PHONY: local-kind-test
-local-kind-test: image_build ## Run e2e tests with Kind, useful for development mode
+local-kind-test: image-build ## Run e2e tests with Kind, useful for development mode
 	./hack/kind_run.sh ${IMG_REPO} ${IMG_NAME} ${TAG}
 
 ### --------------------------------------

diff --git a/README.md b/README.md
@@ -144,7 +144,7 @@ To retrieve the sonobuoy result:
 make sonobuoy-results
 ```
 
-The failed results are going to be formatted as follow by default:
+The failed results are going to be formatted as follows by default:
 
 ```
 Plugin: op-readiness
@@ -193,7 +193,7 @@ to render a custom `sonobuoy-plugin.yaml` file.
 
 #### Running on CAPZ upstream
 
-If you want to test your changes on upstream, use the following bot commmand:
+If you want to test your changes on upstream, use the following bot command when opening a new PR:
 
 ```shell
 /test operational-tests-capz-windows-2019

diff --git a/hack/build_k8s_test_binary.sh b/hack/build_k8s_test_binary.sh
@@ -19,7 +19,7 @@ set -o pipefail
 set -x
 
 # todo(knabben) - fetch latest or pass as argument
-KUBERNETES_VERSION=${KUBERNETES_VERSION:-"v1.24.0"}
+KUBERNETES_VERSION=${KUBERNETES_VERSION:-"v1.28.0"}
 KUBERNETES_REPO=${KUBERNETES_REPO:-"https://github.com/kubernetes/kubernetes.git"}
 
 if [ $1 != 0 ]; then

diff --git a/terraform/.gitignore b/terraform/.gitignore
@@ -0,0 +1,2 @@
+terraform.tfstate*
+.terraform*
diff --git a/terraform/README.md b/terraform/README.md
@@ -0,0 +1,92 @@
+## Create a Windows Cluster
+
+In case you don't have a Windows cluster available, this project gives an option to bootstrap a new cluster
+on AWS (initially) via Terraform using AWS managed clusters with EKS. Other projects exists in
+case the user prefer to create the cluster locally with a robust machine, see [here](https://github.com/kubernetes-sigs/sig-windows-dev-tools).
+
+### Pre-requisites
+
+Terraform >= 1.1.0
+AWS Account with proper IAM permissions
+
+### Initializing modules
+
+Under the folder `./terraform` all the resources exists, to initizlie and download the used modules
+call, terraform with init parameter:
+
+```shell
+$ terraform init -backend false
+
+Initializing the backend...
+Initializing modules...
+
+Initializing provider plugins...
+- Reusing previous version of hashicorp/kubernetes from the dependency lock file
+- Reusing previous version of hashicorp/cloudinit from the dependency lock file
+- Reusing previous version of hashicorp/aws from the dependency lock file
+- Reusing previous version of hashicorp/time from the dependency lock file
+- Reusing previous version of hashicorp/tls from the dependency lock file
+- Using previously-installed hashicorp/tls v4.0.4
+- Using previously-installed hashicorp/kubernetes v2.23.0
+- Using previously-installed hashicorp/cloudinit v2.3.2
+- Using previously-installed hashicorp/aws v5.26.0
+- Using previously-installed hashicorp/time v0.9.1
+
+Terraform has been successfully initialized!
+
+You may now begin working with Terraform. Try running "terraform plan" to see
+any changes that are required for your infrastructure. All Terraform commands
+should now work.
+
+If you ever set or change modules or backend configuration for Terraform,
+rerun this command to reinitialize your working directory. If you forget, other
+commands will detect it and remind you to do so if necessary.
+```
+
+If the message `Terraform has been successfully initialized!` appears, proceed to the next
+step, verify the version of the hashicorp plugins.
+
+### Verify the planning
+
+Terraform allows you to verify the resources on `dry-run` style, so you can double-check and verify if all
+resources are being created in the DAG and managed correctly
+
+```shell
+terraform plan
+```
+
+### Creating the cluster
+
+The new infrastructure is created using apply, based on the plan generated the DAG indicated all the AWS
+resources created by this module. It includes a EKS cluster with 2 node groups:
+
+1. Linux node group with 3 nodes `t3.medium` using Amazon Linux
+2. Windows node group with 1 node `t3.large` using Windows 2022 Core
+
+Addons are being installed on this clusters by default, kube-proxy, coredns and vpc-cni (with Windows support)
+
+To start creating, apply your plan with:
+
+```shell
+terraform apply
+...
+Apply complete! Resources: 67 added, 0 changed, 0 destroyed.
+```
+
+## Notes
+
+There's **NO** persistence of the state, so a local `terraform.tfstate` file is created, keep it locally to manage
+your cluster while you are working with it.
+
+To export the KubeConfig file and create new context for the new created cluster:
+
+```shell
+aws eks update-kubeconfig --region us-east-1 --name eks-windows
+```
+
+## Resources 
+
+A few other resources can be consulted in case of doubts or slight modification:
+
+* [Official EKS Documentation](https://docs.aws.amazon.com/eks/latest/userguide/windows-support.html)
+* [Running Windows Containers on AWS: A complete guide to successfully running Windows containers on Amazon ECS, EKS, and AWS Fargate](https://www.amazon.com/Running-Windows-Containers-AWS-successfully/dp/1804614130)
diff --git a/terraform/jumper/data.tf → terraform/data.tf b/terraform/jumper/data.tf → terraform/data.tf
@@ -11,36 +11,6 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-data "aws_caller_identity" "current" {}
-
 data "aws_availability_zones" "available" {}
 
-data "aws_ami" "ubuntu_2204" {
-
-  owners      = ["099720109477"]
-  name_regex  = "ubuntu/images/hvm-ssd/ubuntu-jammy-22.04-amd64-server-\\d+"
-
-  most_recent = true
-
-  filter {
-    name   = "name"
-    values = ["ubuntu/images/hvm-ssd/ubuntu-jammy-22.04-amd64-server-*"]
-  }
-
-  filter {
-    name   = "architecture"
-    values = ["x86_64"]
-  }
-
-  filter {
-    name   = "root-device-type"
-    values = ["ebs"]
-  }
-
-  filter {
-    name   = "virtualization-type"
-    values = ["hvm"]
-  }
-}
-
-
+data "aws_caller_identity" "current" {}
diff --git a/terraform/jumper/.terraform.lock.hcl b/terraform/jumper/.terraform.lock.hcl
diff --git a/terraform/jumper/README.md b/terraform/jumper/README.md
diff --git a/terraform/jumper/main.tf b/terraform/jumper/main.tf