Merge pull request #242 from Telecominfraproject/WIFI-13130

Wifi 13130

eksctl/wifi-289708231103/tip-wlan-main/cluster.tip-wlan-qa.yaml

@@ -114,6 +114,31 @@ nodeGroups:
     k8s.io/cluster-autoscaler/tip-wlan-qa: "owned"
     kubernetes.io/cluster-autoscaler/enabled: "true"
     kubernetes.io/cluster-autoscaler/tip-wlan-qa: "owned"
+- name: gw
+  instanceType: m5.4xlarge
+  amiFamily: AmazonLinux2
+  minSize: 1
+  maxSize: 8
+  desiredCapacity: 1
+  volumeSize: 100
+  ssh: # import public key from file
+    allow: true
+    publicKeyPath: id_rsa_tip-wlan-qa.pub
+  kubeletExtraConfig:
+    allowedUnsafeSysctls:
+      - "net.ipv4.tcp_keepalive_intvl"
+      - "net.ipv4.tcp_keepalive_probes"
+      - "net.ipv4.tcp_keepalive_time"
+  taints:
+    - key: tip.main/onlygw
+      value: "true"
+      effect: NoSchedule
+  tags:
+    # EC2 tags required for cluster-autoscaler auto-discovery
+    k8s.io/cluster-autoscaler/enabled: "true"
+    k8s.io/cluster-autoscaler/tip-wlan-qa: "owned"
+    kubernetes.io/cluster-autoscaler/enabled: "true"
+    kubernetes.io/cluster-autoscaler/tip-wlan-qa: "owned"
 
 iamIdentityMappings:
   - arn: arn:aws:iam::289708231103:user/gha-wlan-testing

eksctl/wifi-289708231103/tip-wlan-main/cluster.yaml

@@ -114,6 +114,31 @@ nodeGroups:
     k8s.io/cluster-autoscaler/${CLUSTER_NAME}: "owned"
     kubernetes.io/cluster-autoscaler/enabled: "true"
     kubernetes.io/cluster-autoscaler/${CLUSTER_NAME}: "owned"
+- name: gw
+  instanceType: ${CLUSTER_INSTANCE_TYPE2}
+  amiFamily: AmazonLinux2
+  minSize: 1
+  maxSize: ${CLUSTER_MAX_NODES}
+  desiredCapacity: ${CLUSTER_NODES2}
+  volumeSize: ${CLUSTER_VOLUME_SIZE}
+  ssh: # import public key from file
+    allow: true
+    publicKeyPath: id_rsa_${CLUSTER_NAME}.pub
+  kubeletExtraConfig:
+    allowedUnsafeSysctls:
+      - "net.ipv4.tcp_keepalive_intvl"
+      - "net.ipv4.tcp_keepalive_probes"
+      - "net.ipv4.tcp_keepalive_time"
+  taints:
+    - key: tip.main/onlygw
+      value: "true"
+      effect: NoSchedule
+  tags:
+    # EC2 tags required for cluster-autoscaler auto-discovery
+    k8s.io/cluster-autoscaler/enabled: "true"
+    k8s.io/cluster-autoscaler/${CLUSTER_NAME}: "owned"
+    kubernetes.io/cluster-autoscaler/enabled: "true"
+    kubernetes.io/cluster-autoscaler/${CLUSTER_NAME}: "owned"
 
 iamIdentityMappings:
   - arn: arn:aws:iam::${AWS_ACCOUNT_ID}:user/gha-wlan-testing

eksctl/wifi-289708231103/tip-wlan-main/env_qa2

@@ -4,10 +4,12 @@ export AWS_REGION="$AWS_DEFAULT_REGION"
 export AWS_ACCOUNT_ID="289708231103"
 export CLUSTER_DOMAIN="lab.wlan.tip.build"
 export CLUSTER_ZONE_ID="Z09534373UTXT2L1YL912"
-export CLUSTER_INSTANCE_TYPE="c5.xlarge"
+#export CLUSTER_INSTANCE_TYPE="c5.xlarge"
 export CLUSTER_INSTANCE_TYPE="m5.2xlarge"
+export CLUSTER_INSTANCE_TYPE2="m5.4xlarge"
 export CLUSTER_NAME="tip-wlan-qa"
 export CLUSTER_NODES=2
+export CLUSTER_NODES2=1
 export CLUSTER_MIN_NODES=2
 export CLUSTER_MAX_NODES=8
 export CLUSTER_VOLUME_SIZE=100

eksctl/wifi-289708231103/tip-wlan-main/scale_it

@@ -34,9 +34,10 @@ if [ -z "$account_id" ] ; then
 fi
 
 config_file="cluster.$CLUSTER_NAME.yaml"
-nextstep "Generating cluster.yml file -> $config_file"
+echo "Generating cluster.yml file -> $config_file"
 envsubst < cluster.yaml > $config_file
 
+#eksctl create nodegroup -f cluster.$CLUSTER_NAME.yaml
 eksctl scale nodegroup -f cluster.$CLUSTER_NAME.yaml
 logv scaled $CLUSTER_NAME
 logv endscale "$(date)"

helmfile/cloud-sdk/README.md

@@ -97,3 +97,7 @@ kubectl edit ingressclass alb
 # add under: metadata.annotations:
 #   ingressclass.kubernetes.io/is-default-class: "true"
 ```
+
+## Known issues
+
+- When installing prometheus-operator the ingress class is not properly set and the host names may be wrong. To work this out run `kubectl -n monitoring edit ingress` and make sure each has ingressClassName set, and all host names are set appropriately. This is more likely for any other environment other than the default environment.

helmfile/cloud-sdk/helmfile.yaml

@@ -17,6 +17,7 @@ environments:
         certificateARNCICD: arn:aws:acm:ap-south-1:289708231103:certificate/2cc8c764-11fd-411d-bf7d-a93f488f3f6c
         certificateARNLab: arn:aws:acm:ap-south-1:289708231103:certificate/5281be14-c5e6-45c5-8d5c-e8660c76fbcb
     - monitoring:
+        receiver: "slack-notifications"
         namespace: monitoring
         publicNamespaces: ['openwifi-qa01', 'openwifi-qa02', 'openwifi-dev01', 'openwifi-demo']
         clusterName: TIP WLAN CI/CD
@@ -45,8 +46,6 @@ environments:
         enabled: true
     - k8s-dashboard:
         enabled: true
-    - portainer:
-        enabled: false
     - metrics-server:
         enabled: true
     - external-dns:
@@ -89,6 +88,7 @@ environments:
         certificateARNLab: arn:aws:acm:us-east-2:289708231103:certificate/299d7444-acc4-46c2-ae83-40d2cd5f49be
     - monitoring:
         namespace: monitoring
+        receiver: "null"
         publicNamespaces: ['openwifi-qa03', 'openwifi-dev03']
         clusterName: TIP QA
     - domain: lab.wlan.tip.build
@@ -116,8 +116,6 @@ environments:
         enabled: true
     - k8s-dashboard:
         enabled: true
-    - portainer:
-        enabled: false
     - metrics-server:
         enabled: true
     - external-dns:
@@ -172,8 +170,6 @@ repositories:
   url: https://braedon.github.io/helm
 - name: core-dump-handler
   url: https://ibm.github.io/core-dump-handler
-- name: portainer
-  url: https://portainer.github.io/k8s/
 
 helmDefaults:
   force: false
@@ -497,7 +493,7 @@ releases:
           routes:
           - match:
               area: testbed
-            receiver: "slack-notifications"
+            receiver: "{{ .Environment.Values.monitoring.receiver }}"
 
         receivers:
         - name: "null"
@@ -901,30 +897,6 @@ releases:
           targetPort: 5514
           protocol: TCP
 
-- name: portainer
-  condition: portainer.enabled
-  namespace: {{ .Environment.Values.monitoring.namespace }}
-  chart: portainer/portainer
-  version: 1.0.49
-  labels:
-    role: setup
-    group: monitoring
-    app: portainer
-  values:
-    - service:
-        type: ClusterIP
-    - tls:
-        force: true
-    - ingress:
-        ingressClassName: nginx-sso
-        enabled: true
-        annotations:
-          nginx.ingress.kubernetes.io/backend-protocol: HTTPS
-        hosts:
-        - host: k8s-admin{{ .Environment.Values.hostSuffix }}
-          paths:
-          - path: "/"
-
 - name: simple-auth-roles
   condition: ingress.enabled
   namespace: {{ .Environment.Values.monitoring.namespace }}
@@ -992,7 +964,7 @@ releases:
   <<: *default
   condition: alb-ingress.enabled
   chart: eks/aws-load-balancer-controller
-  version: 1.6.1
+  version: 1.6.2
   labels:
     role: setup
     group: system