From 83aed5f6e9abd002746458163b82d599579a5215 Mon Sep 17 00:00:00 2001 From: Niall Thomson Date: Thu, 31 Aug 2023 19:43:44 +0000 Subject: [PATCH 1/2] Port FSxN lab to new workshop structure --- .../storage/fsxn/.workshop/terraform/addon.tf | 116 ++++++++++++++++++ .../fsxn/.workshop/terraform/locals.tf | 23 ---- .../storage/fsxn/.workshop/terraform/main.tf | 7 -- .../fsxn/.workshop/terraform/outputs.tf | 4 - .../fsxn/.workshop/terraform/variables.tf | 20 --- .../fsxn/.workshop/terraform/versions.tf | 10 -- .../storage/fsxn/deployment/deployment.yaml | 2 +- .../fsxn/deployment/kustomization.yaml | 2 +- .../storage/fsx-for-netapp-ontap/.notest | 0 .../deployment-with-fsxn.md | 6 +- .../fsx-for-netapp-ontap/fsxn-csi-driver.md | 14 +-- .../storage/fsx-for-netapp-ontap/index.md | 10 +- website/docusaurus.config.js | 5 +- 13 files changed, 136 insertions(+), 83 deletions(-) create mode 100644 manifests/modules/fundamentals/storage/fsxn/.workshop/terraform/addon.tf delete mode 100644 manifests/modules/fundamentals/storage/fsxn/.workshop/terraform/locals.tf delete mode 100644 manifests/modules/fundamentals/storage/fsxn/.workshop/terraform/main.tf delete mode 100644 manifests/modules/fundamentals/storage/fsxn/.workshop/terraform/outputs.tf delete mode 100644 manifests/modules/fundamentals/storage/fsxn/.workshop/terraform/variables.tf delete mode 100644 manifests/modules/fundamentals/storage/fsxn/.workshop/terraform/versions.tf delete mode 100644 website/docs/fundamentals/storage/fsx-for-netapp-ontap/.notest diff --git a/manifests/modules/fundamentals/storage/fsxn/.workshop/terraform/addon.tf b/manifests/modules/fundamentals/storage/fsxn/.workshop/terraform/addon.tf new file mode 100644 index 000000000..854a4f6fd --- /dev/null +++ b/manifests/modules/fundamentals/storage/fsxn/.workshop/terraform/addon.tf @@ -0,0 +1,116 @@ +locals { + helm_config = { + name = "trident-operator" + chart = "trident-operator" + repository = "https://netapp.github.io/trident-helm-chart" + version = "23.01.0" + namespace = "trident" + create_namespace = true + values = local.default_helm_values + set = [] + description = "Amazon FSx for NetApp ONTAP CSI storage provisioner using the Trident Operator." + wait = false + } + + default_helm_values = [templatefile("${path.module}/values.yaml", {})] +} + +module "helm_addon" { + source = "github.com/aws-ia/terraform-aws-eks-blueprints//modules/kubernetes-addons/helm-addon?ref=v4.16.0" + manage_via_gitops = false + helm_config = local.helm_config + irsa_config = [] + addon_context = local.addon_context +} + +data "aws_vpc" "selected_vpc_fsx" { + tags = { + created-by = "eks-workshop-v2" + env = local.addon_context.eks_cluster_id + } +} + +data "aws_subnets" "private_subnets_fsx" { + tags = { + created-by = "eks-workshop-v2" + env = local.addon_context.eks_cluster_id + } + + filter { + name = "tag:Name" + values = ["*Private*"] + } +} + +resource "random_string" "fsx_password" { + length = 10 + special = false +} + +data "aws_route_table" "private" { + count = length(data.aws_subnets.private_subnets_fsx.ids) + + vpc_id = data.aws_vpc.selected_vpc_fsx.id + subnet_id = data.aws_subnets.private_subnets_fsx.ids[count.index] +} + +resource "aws_fsx_ontap_file_system" "fsxnassets" { + storage_capacity = 2048 + subnet_ids = slice(data.aws_subnets.private_subnets_fsx.ids, 0, 2) + deployment_type = "MULTI_AZ_1" + throughput_capacity = 512 + preferred_subnet_id = data.aws_subnets.private_subnets_fsx.ids[0] + security_group_ids = [aws_security_group.fsxn.id] + fsx_admin_password = random_string.fsx_password.result + route_table_ids = data.aws_route_table.private.*.id + + tags = merge( + local.tags, + { + Name = "${local.addon_context.eks_cluster_id}-fsxn-assets" + } + ) +} + +resource "aws_fsx_ontap_storage_virtual_machine" "fsxnsvm" { + file_system_id = aws_fsx_ontap_file_system.fsxnassets.id + name = "fsxnsvm" +} + +resource "aws_security_group" "fsxn" { + name_prefix = "security group for fsx access" + vpc_id = data.aws_vpc.selected_vpc_fsx.id + tags = merge( + local.tags, + { + Name = "${local.addon_context.eks_cluster_id}-fsxnsecuritygroup" + } + ) +} + +resource "aws_security_group_rule" "fsxn_inbound" { + description = "allow inbound traffic to eks" + from_port = 0 + protocol = "-1" + to_port = 0 + security_group_id = aws_security_group.fsxn.id + type = "ingress" + cidr_blocks = [data.aws_vpc.selected_vpc_fsx.cidr_block] +} + +resource "aws_security_group_rule" "fsxn_outbound" { + description = "allow outbound traffic to anywhere" + from_port = 0 + protocol = "-1" + security_group_id = aws_security_group.fsxn.id + to_port = 0 + type = "egress" + cidr_blocks = [data.aws_vpc.selected_vpc_fsx.cidr_block] +} + +output "environment" { + value = < Date: Mon, 9 Oct 2023 03:37:08 +0000 Subject: [PATCH 2/2] Use correct credentials for FsXN --- .../storage/fsxn/.workshop/terraform/addon.tf | 26 +++---------------- .../storage/fsxn/backend/config.env | 3 ++- .../fsxn/backend/env-var-transformer.yaml | 4 ++- .../storage/fsxn/backend/fsxn-secret.yaml | 2 +- .../storage/fsxn/backend/kustomization.yaml | 7 +++++ 5 files changed, 16 insertions(+), 26 deletions(-) diff --git a/manifests/modules/fundamentals/storage/fsxn/.workshop/terraform/addon.tf b/manifests/modules/fundamentals/storage/fsxn/.workshop/terraform/addon.tf index 854a4f6fd..99379c5ad 100644 --- a/manifests/modules/fundamentals/storage/fsxn/.workshop/terraform/addon.tf +++ b/manifests/modules/fundamentals/storage/fsxn/.workshop/terraform/addon.tf @@ -1,26 +1,5 @@ -locals { - helm_config = { - name = "trident-operator" - chart = "trident-operator" - repository = "https://netapp.github.io/trident-helm-chart" - version = "23.01.0" - namespace = "trident" - create_namespace = true - values = local.default_helm_values - set = [] - description = "Amazon FSx for NetApp ONTAP CSI storage provisioner using the Trident Operator." - wait = false - } - - default_helm_values = [templatefile("${path.module}/values.yaml", {})] -} - -module "helm_addon" { - source = "github.com/aws-ia/terraform-aws-eks-blueprints//modules/kubernetes-addons/helm-addon?ref=v4.16.0" - manage_via_gitops = false - helm_config = local.helm_config - irsa_config = [] - addon_context = local.addon_context +module "fsxn_driver" { + source = "github.com/NetApp/terraform-aws-netapp-fsxn-eks-addon.git?ref=v1.0" } data "aws_vpc" "selected_vpc_fsx" { @@ -111,6 +90,7 @@ resource "aws_security_group_rule" "fsxn_outbound" { output "environment" { value = <