argo-helm
terraform-aws-eks
argo-helm | terraform-aws-eks | |
---|---|---|
17 | 69 | |
1,547 | 4,168 | |
2.5% | 1.2% | |
9.5 | 8.7 | |
6 days ago | 12 days ago | |
Mustache | HCL | |
Apache License 2.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
argo-helm
-
Introducing ArgoCD: A GitOps Approach to Continuous Deployment
kubectl create namespace argocd helm repo add argo https://argoproj.github.io/argo-helm helm repo update helm install argocd argo/argo-cd --namespace argocd
-
2- Your first ARGO-CD
We will use Helm to install Argo CD with the community-maintained chart from argoproj/argo-helm because The Argo project doesn't provide an official Helm chart. We will render thier helm chart for argocd locally on our side, manipulate it and overrides its default values, and also we can helm lint the chart and templating to see if there is some errors or not, We gonna use the chart version 5.50.0 which matches appVersion: v2.8.6 you can find all details for the chart and also we gonna override some values @ default-values.yaml
-
Having an issue connecting to git repo configured through helm using ssh private key
resource "helm_release" "argocd" { name = "${var.environment}-argocd" namespace = "${var.environment}-argocd" create_namespace = true repository = "https://argoproj.github.io/argo-helm" version = "${var.helm_version}" chart = "argo-cd" set { name = "server.service.type" value = "LoadBalancer" } set { name = "server.service.loadBalancerIP" value = "${var.loadBalancerIP}" } values = [ <<-YAML --- global: image: tag: "${var.image_tag}" configs: repositories: gitops-homelab: url: [email protected]:myprivaterepo/gitops-homelab.git name: private-repo type: git sshPrivateKey: file("${path.module}/sa_keys/private/${var.environment}_id_rsa") server: extraArgs: - --insecure YAML ] } output "file_location" { value = file("${path.module}/sa_keys/private/${var.environment}_id_rsa") }
-
Issue with helm_release on terraform destroy
"argo-cd" = { repository = "https://argoproj.github.io/argo-helm", chart = "argo-cd", namespace = "argocd" values_file = templatefile("./values/argocd.yml", { ingress_scheme = "internal" #internet-facing or internal elb_name = aws_lb.this["${local.name}-int-a"].name })
-
How to Install ArgoCD using Helm through Terraform
repository = "https://argoproj.github.io/argo-helm" chart = "argo-cd" namespace = "argo" version = "5.34.5"
- How to determine ordering in a bunch of helm sub charts?
-
Dump Kustomize with 20 lines of TypeScript
I think your example with the ArgoCD Helm chart says it all. It can get incredibly complicated, and I had tremendous trouble getting it working, it broke all the time, getting the indentation right was a nightmare ... very unpleasant experience. I mean look at that chart, the authors have to constantly specify the indentation level everywhere.
-
Can I use a values.yaml file with my argocd application?
plugin: name: argocd-vault-helm env: - name: release_name value: argocd - name: chart_name value: argo-cd - name: chart_repo value: https://argoproj.github.io/argo-helm - name: chart_version value: 5.17.1 - name: chart_values value: -f applicationset.yaml -f configs.yaml -f controller.yaml -f dex.yaml -f redis.yaml -f reposerver.yaml -f server.yaml -f notifications.yaml - name: args value: --include-crds
-
Templating the Matrix
Another folder I want to discuss shortly is the Terraform folder. This project was installed by terraform basically but it can deployed easily with simple helm installation of ArgoCD . In the next attachment we can see the relevant values neccesary to apply our ArgoCD system : values-override.tpl
-
Injecting secrets from Vault into Helm charts with ArgoCD
Finally, we have to install ArgoCD from the official Helm Chart but with extra configuration that provides modifications required to install Vault plugin via sidecar container.
terraform-aws-eks
- Feat: Made it clear that we stand with Ukraine
- Need suggestions for managing eks terraform module
-
What's everyone's favorite EKS Terraform module these days?
cloudposse module was popular but most have moved to https://github.com/terraform-aws-modules/terraform-aws-eks also eks blueprints will be moving to this module. use eks blueprints v5
-
The Future of Terraform: ClickOps
That's a very simplistic view. Let's do a small thought exercise. Is this module not infrastructure?
-
Failed to marshal state to json
I think there is an issue with the module eks : https://github.com/terraform-aws-modules/terraform-aws-eks
-
☸️ How to deploy a cost-efficient AWS/EKS Kubernetes cluster using Terraform in 2023
module "eks" { source = "terraform-aws-modules/eks/aws" cluster_name = var.cluster_name cluster_version = var.kubernetes_version cluster_endpoint_private_access = true cluster_endpoint_public_access = true cluster_addons = { coredns = { most_recent = true timeouts = { create = "2m" # default 20m. Times out on first launch while being effectively created } } kube-proxy = { most_recent = true } vpc-cni = { most_recent = true } aws-ebs-csi-driver = { most_recent = true } } vpc_id = module.vpc.vpc_id subnet_ids = module.vpc.private_subnets # Self managed node groups will not automatically create the aws-auth configmap so we need to create_aws_auth_configmap = true manage_aws_auth_configmap = true aws_auth_users = var.aws_auth_users enable_irsa = true node_security_group_additional_rules = { ingress_self_all = { description = "Node to node all ports/protocols" protocol = "-1" from_port = 0 to_port = 0 type = "ingress" self = true } egress_all = { # by default, only https urls can be reached from inside the cluster description = "Node all egress" protocol = "-1" from_port = 0 to_port = 0 type = "egress" cidr_blocks = ["0.0.0.0/0"] ipv6_cidr_blocks = ["::/0"] } } self_managed_node_group_defaults = { # enable discovery of autoscaling groups by cluster-autoscaler autoscaling_group_tags = { "k8s.io/cluster-autoscaler/enabled" : true, "k8s.io/cluster-autoscaler/${var.cluster_name}" : "owned", } # from https://github.com/terraform-aws-modules/terraform-aws-eks/issues/2207#issuecomment-1220679414 # to avoid "waiting for a volume to be created, either by external provisioner "ebs.csi.aws.com" or manually created by system administrator" iam_role_additional_policies = { AmazonEBSCSIDriverPolicy = "arn:aws:iam::aws:policy/service-role/AmazonEBSCSIDriverPolicy" } } # possible values : https://github.com/terraform-aws-modules/terraform-aws-eks/blob/master/node_groups.tf self_managed_node_groups = { default_node_group = { create = false } # fulltime-az-a = { # name = "fulltime-az-a" # subnets = [module.vpc.private_subnets[0]] # instance_type = "t3.medium" # desired_size = 1 # bootstrap_extra_args = "--kubelet-extra-args '--node-labels=node.kubernetes.io/lifecycle=normal'" # } spot-az-a = { name = "spot-az-a" subnet_ids = [module.vpc.private_subnets[0]] # only one subnet to simplify PV usage # availability_zones = ["${var.region}a"] # conflict with previous option. TODO try subnet_ids=null at creation (because at modification it fails) desired_size = 2 min_size = 1 max_size = 10 bootstrap_extra_args = "--kubelet-extra-args '--node-labels=node.kubernetes.io/lifecycle=spot'" use_mixed_instances_policy = true mixed_instances_policy = { instances_distribution = { on_demand_base_capacity = 0 on_demand_percentage_above_base_capacity = 0 spot_allocation_strategy = "lowest-price" # "capacity-optimized" described here : https://aws.amazon.com/blogs/compute/introducing-the-capacity-optimized-allocation-strategy-for-amazon-ec2-spot-instances/ } override = [ { instance_type = "t3.xlarge" weighted_capacity = "1" }, { instance_type = "t3a.xlarge" weighted_capacity = "1" }, ] } } } tags = local.tags }
-
How are most EKS clusters deployed?
If you want somewhat viable setup - I'd go for terraform-aws-modules (Anton did an awesome job), and aws-ia blueprints, especially those multi-tenant ones.
-
I am stuck on learning how to provision K8s in AWS. Security groups? ALB? ACM? R53?
https://github.com/terraform-aws-modules/terraform-aws-eks
-
Deal with external managed resources destruction
I tried using explicit depends_on between my modules but this practise is not recommended since it cause issues during planning.
-
How to Upgrade EKS Cluster and its Nodes via Terraform without disruption?
If you use https://github.com/terraform-aws-modules/terraform-aws-eks it is designed to upgrade the components in the correct order when the cluster version is changed
What are some alternatives?
charts - Public helm charts
terragrunt-infrastructure-modules-example - A repo used to show examples file/folder structures you can use with Terragrunt and Terraform
cp-helm-charts - The Confluent Platform Helm charts enable you to deploy Confluent Platform services on Kubernetes for development, test, and proof of concept environments.
eksctl - The official CLI for Amazon EKS
argo-cd - Declarative Continuous Deployment for Kubernetes
terraform-aws-cloudwatch - Terraform module to create AWS Cloudwatch resources 🇺🇦
helm-charts - OpenSourced Helm charts
terraform-aws-eks-blueprints - Configure and deploy complete EKS clusters.
charts - OpenEBS Helm Charts and other utilities
eks-alb-istio-with-tls - This repository demonstrate how to configure end-to-end encryption on EKS platform using TLS certificate from Amazon Certificate Manager, AWS Application LoadBalancer and Istio as service mesh.
argocd-vault-plugin - An Argo CD plugin to retrieve secrets from Secret Management tools and inject them into Kubernetes secrets
terraform-aws-security-group - This terraform module creates set of Security Group and Security Group Rules resources in various combinations.