From d77c876298120e09537b264db29f7cf915fca458 Mon Sep 17 00:00:00 2001 From: Edgar Costa Date: Fri, 31 May 2024 21:24:38 -0300 Subject: [PATCH 01/14] fixing the github pages to use readme --- docs/.pages | 2 +- docs/getting-started.md | 4 +--- docs/index.md | 3 --- 3 files changed, 2 insertions(+), 7 deletions(-) delete mode 100644 docs/index.md diff --git a/docs/.pages b/docs/.pages index b2e60dfd..2442ee3e 100644 --- a/docs/.pages +++ b/docs/.pages @@ -1,5 +1,5 @@ nav: - - Overview: index.md + - Overview: ../README.md - Getting Started: getting-started.md - Patterns: patterns - FAQ: faq.md diff --git a/docs/getting-started.md b/docs/getting-started.md index 4e410a4c..613fb421 100644 --- a/docs/getting-started.md +++ b/docs/getting-started.md @@ -18,9 +18,7 @@ Ensure that you have installed the following tools locally: ### terraform -1. For consuming Crossplane Blueprints, please see the [Getting Started](https://awslabs.github.io/crossplane-on-eks/#getting-started) section. For exploring and trying out the patterns provided, please -clone the project locally to quickly get up and running with a pattern. After cloning the project locally, `cd` into the pattern -directory of your choice. +1. For consuming Crossplane Blueprints, please see the [Getting Started](https://awslabs.github.io/crossplane-on-eks/#getting-started) section. For exploring and trying out the patterns provided, please clone the project locally to quickly get up and running with a pattern. After cloning the project locally, `cd` into the pattern directory of your choice. 2. To provision the pattern, the typical steps of execution are as follows: diff --git a/docs/index.md b/docs/index.md deleted file mode 100644 index 4129e67e..00000000 --- a/docs/index.md +++ /dev/null @@ -1,3 +0,0 @@ -{% - include-markdown "../README.md" -%} From bde46dd4cbbd5d8e668f077c091cf28573e184ae Mon Sep 17 00:00:00 2001 From: Edgar Costa Date: Fri, 31 May 2024 21:29:10 -0300 Subject: [PATCH 02/14] fixing getting started to point to the readme --- docs/getting-started.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/getting-started.md b/docs/getting-started.md index 613fb421..8c11c42e 100644 --- a/docs/getting-started.md +++ b/docs/getting-started.md @@ -18,7 +18,7 @@ Ensure that you have installed the following tools locally: ### terraform -1. For consuming Crossplane Blueprints, please see the [Getting Started](https://awslabs.github.io/crossplane-on-eks/#getting-started) section. For exploring and trying out the patterns provided, please clone the project locally to quickly get up and running with a pattern. After cloning the project locally, `cd` into the pattern directory of your choice. +1. For consuming Crossplane Blueprints, please see the [Getting Started](https://github.com/awslabs/crossplane-on-eks/blob/main/README.md) section. For exploring and trying out the patterns provided, please clone the project locally to quickly get up and running with a pattern. After cloning the project locally, `cd` into the pattern directory of your choice. 2. To provision the pattern, the typical steps of execution are as follows: From 465a024d897c69e795a3cf24470bc9106999d2b4 Mon Sep 17 00:00:00 2001 From: Edgar Costa Date: Fri, 31 May 2024 23:07:08 -0300 Subject: [PATCH 03/14] removing empty lines --- docs/patterns/vault-integration.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/docs/patterns/vault-integration.md b/docs/patterns/vault-integration.md index ff71992b..3c20ff03 100644 --- a/docs/patterns/vault-integration.md +++ b/docs/patterns/vault-integration.md @@ -127,7 +127,6 @@ For our test cases to work, we need to configure additional Vault policy and rol ```bash # create policy and role for applications to use. ACCESSOR=$(vault auth list | grep kubernetes | tr -s ' ' | cut -d ' ' -f3) - vault policy write k8s-application - << EOF path "secret/data/crossplane-system/{{identity.entity.aliases.${ACCESSOR}.metadata.service_account_namespace}}/*" { capabilities = ["read", "list"] @@ -136,7 +135,6 @@ path "secret/metadata/crossplane-system/{{identity.entity.aliases.${ACCESSOR}.me capabilities = ["read", "list"] } EOF - vault write auth/kubernetes/role/k8s-application \ bound_service_account_names="*" \ bound_service_account_namespaces="*" \ From ca2bc0a1ca1c69c34efaeb8afdcccefa2c6c8f69 Mon Sep 17 00:00:00 2001 From: Edgar Costa Date: Fri, 31 May 2024 23:10:32 -0300 Subject: [PATCH 04/14] adding raw and endraw tags --- docs/patterns/vault-integration.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/docs/patterns/vault-integration.md b/docs/patterns/vault-integration.md index 3c20ff03..99d05e5a 100644 --- a/docs/patterns/vault-integration.md +++ b/docs/patterns/vault-integration.md @@ -125,8 +125,10 @@ vault write auth/kubernetes/role/crossplane \ For our test cases to work, we need to configure additional Vault policy and role. Run the following commands in your vault pod or VM. ```bash +# {% raw %} # create policy and role for applications to use. ACCESSOR=$(vault auth list | grep kubernetes | tr -s ' ' | cut -d ' ' -f3) + vault policy write k8s-application - << EOF path "secret/data/crossplane-system/{{identity.entity.aliases.${ACCESSOR}.metadata.service_account_namespace}}/*" { capabilities = ["read", "list"] @@ -135,11 +137,14 @@ path "secret/metadata/crossplane-system/{{identity.entity.aliases.${ACCESSOR}.me capabilities = ["read", "list"] } EOF + vault write auth/kubernetes/role/k8s-application \ bound_service_account_names="*" \ bound_service_account_namespaces="*" \ policies=k8s-application \ ttl=1h + +# {% endraw %} ``` ## Install and configure Crossplane From aa26bba855df11b334293c0f98ce6717a4b523bc Mon Sep 17 00:00:00 2001 From: Edgar Costa Date: Fri, 31 May 2024 23:31:19 -0300 Subject: [PATCH 05/14] fixing mkdocs file --- docs/.pages | 5 ----- mkdocs.yml | 54 ++++++++++++++++++++++++++++++++++++++++++++++++++--- 2 files changed, 51 insertions(+), 8 deletions(-) delete mode 100644 docs/.pages diff --git a/docs/.pages b/docs/.pages deleted file mode 100644 index 2442ee3e..00000000 --- a/docs/.pages +++ /dev/null @@ -1,5 +0,0 @@ -nav: - - Overview: ../README.md - - Getting Started: getting-started.md - - Patterns: patterns - - FAQ: faq.md diff --git a/mkdocs.yml b/mkdocs.yml index 71d755cc..58dbc80a 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -1,5 +1,5 @@ site_name: Amazon Crossplane Blueprints -docs_dir: docs/ +docs_dir: docs copyright: Copyright © Amazon 2024 site_author: AWS site_url: https://awslabs.github.io/crossplane-on-eks/ @@ -13,8 +13,20 @@ theme: font: text: ember palette: - primary: orange - accent: orange + - media: "(prefers-color-scheme: light)" + scheme: default + toggle: + icon: material/weather-night + name: Switch to dark mode + primary: orange + accent: orange + - media: "(prefers-color-scheme: dark)" + scheme: slate + toggle: + icon: material/weather-sunny + name: Switch to light mode + primary: orange + accent: orange icon: repo: fontawesome/brands/github admonition: @@ -31,13 +43,32 @@ theme: example: octicons/beaker-16 quote: octicons/quote-16 features: + - header.autohide - navigation.tabs.sticky + - navigation.instant + - navigation.sections + - navigation.top + - search.highlight + - search.share + - search.suggest + - content.code.annotate + - content.tooltips + - content.tabs.link + - content.code.copy highlightjs: true hljs_languages: - yaml - json + - bash plugins: + - glightbox + - minify: + minify_html: true + - social: + cards: true + cards_layout_options: + font_family: Roboto - include-markdown - search: lang: @@ -47,6 +78,9 @@ plugins: extra: version: provider: mike + social: + - icon: fontawesome/brands/github-alt + link: https://github.com/awslabs/crossplane-on-eks markdown_extensions: - attr_list @@ -63,5 +97,19 @@ markdown_extensions: - pymdownx.inlinehilite - pymdownx.snippets - pymdownx.superfences + - pymdownx.tasklist: + custom_checkbox: true - toc: permalink: true + - pymdownx.emoji: + emoji_index: !!python/name:materialx.emoji.twemoji + emoji_generator: !!python/name:materialx.emoji.to_svg + +extra_javascript: + - https://cdn.jsdelivr.net/npm/@glidejs/glide + +nav: + - Overview: ../README.md + - Getting Started: getting-started.md + - Patterns: patterns + - FAQ: faq.md From 08c4327210456012c3420ba947710a33a757adac Mon Sep 17 00:00:00 2001 From: Edgar Costa Date: Fri, 31 May 2024 23:36:38 -0300 Subject: [PATCH 06/14] fixing ci file to install deps --- .github/workflows/publish-docs.yml | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/.github/workflows/publish-docs.yml b/.github/workflows/publish-docs.yml index af4ea97d..c6375496 100644 --- a/.github/workflows/publish-docs.yml +++ b/.github/workflows/publish-docs.yml @@ -37,7 +37,12 @@ jobs: python -m pip install --upgrade pip python -m pip install mkdocs-material==9.5.21 \ mkdocs-include-markdown-plugin==6.0.6 \ - mkdocs-awesome-pages-plugin==2.9.2 + mkdocs-awesome-pages-plugin==2.9.2\ + mkdocs-glightbox==0.1.0 \ + mkdocs-minify-plugin==0.8.0 \ + mkdocs-material-extensions==1.3.1 \ + pillow==10.3.0 \ + cairosvg==2.7.1 - name: git config run: | From 3ed12a93f89e5dc81b5513395348fd96aad81abc Mon Sep 17 00:00:00 2001 From: Edgar Costa Date: Fri, 31 May 2024 23:40:09 -0300 Subject: [PATCH 07/14] fixing syntax error in the pip install --- .github/workflows/publish-docs.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/publish-docs.yml b/.github/workflows/publish-docs.yml index c6375496..0ba07f87 100644 --- a/.github/workflows/publish-docs.yml +++ b/.github/workflows/publish-docs.yml @@ -37,13 +37,13 @@ jobs: python -m pip install --upgrade pip python -m pip install mkdocs-material==9.5.21 \ mkdocs-include-markdown-plugin==6.0.6 \ - mkdocs-awesome-pages-plugin==2.9.2\ + mkdocs-awesome-pages-plugin==2.9.2 \ mkdocs-glightbox==0.1.0 \ mkdocs-minify-plugin==0.8.0 \ mkdocs-material-extensions==1.3.1 \ - pillow==10.3.0 \ - cairosvg==2.7.1 - + pillow==10.3.0 \ + cairosvg==2.7.1 + - name: git config run: | git config --local user.email "action@github.com" From aa3871d4f606b0beec64936d74b0de764d0a8c2b Mon Sep 17 00:00:00 2001 From: Edgar Costa Date: Sat, 1 Jun 2024 00:02:26 -0300 Subject: [PATCH 08/14] adding back the index file --- docs/.pages | 5 +++++ docs/index.md | 3 +++ mkdocs.yml | 6 ------ 3 files changed, 8 insertions(+), 6 deletions(-) create mode 100644 docs/.pages create mode 100644 docs/index.md diff --git a/docs/.pages b/docs/.pages new file mode 100644 index 00000000..b2e60dfd --- /dev/null +++ b/docs/.pages @@ -0,0 +1,5 @@ +nav: + - Overview: index.md + - Getting Started: getting-started.md + - Patterns: patterns + - FAQ: faq.md diff --git a/docs/index.md b/docs/index.md new file mode 100644 index 00000000..6601cbc9 --- /dev/null +++ b/docs/index.md @@ -0,0 +1,3 @@ +{% + include-markdown "../README.md" +%} \ No newline at end of file diff --git a/mkdocs.yml b/mkdocs.yml index 58dbc80a..7d1f240f 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -107,9 +107,3 @@ markdown_extensions: extra_javascript: - https://cdn.jsdelivr.net/npm/@glidejs/glide - -nav: - - Overview: ../README.md - - Getting Started: getting-started.md - - Patterns: patterns - - FAQ: faq.md From 1344d25910c008af5a5a98fd3b6a7f67209f7d0b Mon Sep 17 00:00:00 2001 From: Edgar Costa Date: Sat, 1 Jun 2024 00:16:38 -0300 Subject: [PATCH 09/14] fixing broken link --- docs/getting-started.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/getting-started.md b/docs/getting-started.md index 8c11c42e..fec583c5 100644 --- a/docs/getting-started.md +++ b/docs/getting-started.md @@ -18,7 +18,7 @@ Ensure that you have installed the following tools locally: ### terraform -1. For consuming Crossplane Blueprints, please see the [Getting Started](https://github.com/awslabs/crossplane-on-eks/blob/main/README.md) section. For exploring and trying out the patterns provided, please clone the project locally to quickly get up and running with a pattern. After cloning the project locally, `cd` into the pattern directory of your choice. +1. For consuming Crossplane Blueprints, please see the [Getting Started](https://edgarsilva948.github.io/crossplane-on-eks/getting-started/) section. For exploring and trying out the patterns provided, please clone the project locally to quickly get up and running with a pattern. After cloning the project locally, `cd` into the pattern directory of your choice. 2. To provision the pattern, the typical steps of execution are as follows: From e70d7853b13188276e5d9f43ac6fcb9e55c705c9 Mon Sep 17 00:00:00 2001 From: Edgar Costa Date: Sat, 1 Jun 2024 00:30:02 -0300 Subject: [PATCH 10/14] fixing github org --- docs/getting-started.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/getting-started.md b/docs/getting-started.md index fec583c5..8f09f4f0 100644 --- a/docs/getting-started.md +++ b/docs/getting-started.md @@ -18,7 +18,7 @@ Ensure that you have installed the following tools locally: ### terraform -1. For consuming Crossplane Blueprints, please see the [Getting Started](https://edgarsilva948.github.io/crossplane-on-eks/getting-started/) section. For exploring and trying out the patterns provided, please clone the project locally to quickly get up and running with a pattern. After cloning the project locally, `cd` into the pattern directory of your choice. +1. For consuming Crossplane Blueprints, please see the [Getting Started](https://awslabs.github.io/crossplane-on-eks/getting-started/) section. For exploring and trying out the patterns provided, please clone the project locally to quickly get up and running with a pattern. After cloning the project locally, `cd` into the pattern directory of your choice. 2. To provision the pattern, the typical steps of execution are as follows: From da29ef49c1493e162635a554d0d4159564e4a3ca Mon Sep 17 00:00:00 2001 From: Edgar Costa Date: Sun, 2 Jun 2024 02:30:13 -0300 Subject: [PATCH 11/14] adding gatekeeper to a dedicated addon module --- bootstrap/terraform/main.tf | 30 +++++++++++++++++++++++------- 1 file changed, 23 insertions(+), 7 deletions(-) diff --git a/bootstrap/terraform/main.tf b/bootstrap/terraform/main.tf index 4f51e50e..ee6bea6f 100644 --- a/bootstrap/terraform/main.tf +++ b/bootstrap/terraform/main.tf @@ -159,12 +159,6 @@ module "eks_blueprints_addons" { crossplane_kubernetes_provider_enable = local.kubernetes_provider.enable })] } - enable_gatekeeper = true - gatekeeper = { - wait = true - wait_for_jobs = true - timeout = "600" - } enable_metrics_server = true enable_aws_load_balancer_controller = true @@ -180,6 +174,26 @@ module "eks_blueprints_addons" { depends_on = [module.eks.eks_managed_node_groups] } +#--------------------------------------------------------------- +# Gatekeeper +#--------------------------------------------------------------- +module "gatekeeper" { + source = "aws-ia/eks-blueprints-addon/aws" + version = "1.1.1" + + name = "gatekeeper" + description = "A Helm chart to deploy gatekeeper project" + namespace = "gatekeeper-system" + create_namespace = true + chart = "gatekeeper" + chart_version = "3.16.3" + repository = "https://open-policy-agent.github.io/gatekeeper/charts" + wait = true + timeout = "600" + + depends_on = [module.eks_blueprints_addons] +} + #--------------------------------------------------------------- # Crossplane #--------------------------------------------------------------- @@ -194,9 +208,11 @@ module "crossplane" { chart = "crossplane" chart_version = "1.16.0" repository = "https://charts.crossplane.io/stable/" + wait = true + timeout = "600" values = [file("${path.module}/values/crossplane.yaml")] - depends_on = [module.eks.eks_managed_node_groups] + depends_on = [module.eks_blueprints_addons] } resource "kubectl_manifest" "environmentconfig" { From 4a862f64d134850be595dda631358484edff0e74 Mon Sep 17 00:00:00 2001 From: Edgar Costa Date: Sun, 2 Jun 2024 16:58:13 -0300 Subject: [PATCH 12/14] adding the Kubernetes and Control Plane dashboards --- .gitignore | 2 ++ bootstrap/terraform/values/prometheus.yaml | 8 ++++++++ 2 files changed, 10 insertions(+) diff --git a/.gitignore b/.gitignore index bbb1f65c..ad30e6b9 100644 --- a/.gitignore +++ b/.gitignore @@ -15,3 +15,5 @@ kubeconfig_* *.tfplan cluster-keys.json + +.vscode \ No newline at end of file diff --git a/bootstrap/terraform/values/prometheus.yaml b/bootstrap/terraform/values/prometheus.yaml index b83c6275..c9feb697 100644 --- a/bootstrap/terraform/values/prometheus.yaml +++ b/bootstrap/terraform/values/prometheus.yaml @@ -56,3 +56,11 @@ grafana: gnetId: 14584 revision: 1 datasource: prometheusdatasource + eks: + gnetId: 14623 + revision: 1 + datasource: prometheusdatasource + ekscontrolplane: + gnetId: 21192 + revision: 1 + datasource: prometheusdatasource From 64a02b88e17bd52d8d85dc62b328021e1a932402 Mon Sep 17 00:00:00 2001 From: Edgar Costa Date: Sun, 2 Jun 2024 20:35:26 -0300 Subject: [PATCH 13/14] adding the argocd pod monitor --- bootstrap/terraform/values/prometheus.yaml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/bootstrap/terraform/values/prometheus.yaml b/bootstrap/terraform/values/prometheus.yaml index c9feb697..f7c374cb 100644 --- a/bootstrap/terraform/values/prometheus.yaml +++ b/bootstrap/terraform/values/prometheus.yaml @@ -11,6 +11,13 @@ prometheus: podMetricsEndpoints: - port: "metrics" selector: {} + - name: "argocd" + namespaceSelector: + matchNames: + - "argocd" + podMetricsEndpoints: + - port: "metrics" + selector: {} grafana: service: type: "LoadBalancer" From fc6bd5a612d506e7029b0d3f8d0f074e3441d515 Mon Sep 17 00:00:00 2001 From: Edgar Costa Date: Sun, 2 Jun 2024 23:36:33 -0300 Subject: [PATCH 14/14] adjusting podmonitor to servicemonitor --- bootstrap/terraform/values/prometheus.yaml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/bootstrap/terraform/values/prometheus.yaml b/bootstrap/terraform/values/prometheus.yaml index f7c374cb..4757df85 100644 --- a/bootstrap/terraform/values/prometheus.yaml +++ b/bootstrap/terraform/values/prometheus.yaml @@ -11,13 +11,16 @@ prometheus: podMetricsEndpoints: - port: "metrics" selector: {} + additionalServiceMonitors: - name: "argocd" namespaceSelector: matchNames: - "argocd" - podMetricsEndpoints: + endpoints: - port: "metrics" - selector: {} + selector: + matchLabels: + prometheus.io/scrape: "true" grafana: service: type: "LoadBalancer"