From bd46ce86af9337d96fc478cf3f4085e9cfbc7ead Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gon=C3=A7alo=20Heleno?= Date: Wed, 3 Apr 2024 11:34:19 +0200 Subject: [PATCH 1/2] feat: add variable to set resources with default values Having default values is good practice to prevent that our components could eventually starve other workloads on the cluster. However, these should probably be adapted in production clusters and are only a safeguard in case someone forgets to set them. --- locals.tf | 10 ++++++++++ variables.tf | 35 ++++++++++++++++++++++++++++++++++- 2 files changed, 44 insertions(+), 1 deletion(-) diff --git a/locals.tf b/locals.tf index fcd495f..0aa0b58 100644 --- a/locals.tf +++ b/locals.tf @@ -7,6 +7,16 @@ locals { "eks.amazonaws.com/role-arn" = var.iam_role_arn != null ? var.iam_role_arn : module.iam_assumable_role_ebs.iam_role_arn } } + resources = { + requests = { for k, v in var.resources.controller.requests : k => v if v != null } + limits = { for k, v in var.resources.controller.limits : k => v if v != null } + } + } + node = { + resources = { + requests = { for k, v in var.resources.node.requests : k => v if v != null } + limits = { for k, v in var.resources.node.limits : k => v if v != null } + } } } }] diff --git a/variables.tf b/variables.tf index 69560cb..c1e4628 100644 --- a/variables.tf +++ b/variables.tf @@ -62,6 +62,40 @@ variable "dependency_ids" { ## Module variables ####################### +variable "resources" { + description = <<-EOT + Resource limits and requests for aws-ebs-csi-driver's components. Follow the style on https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/[official documentation] to understand the format of the values." + + NOTE: These are the same values as the defaults on the Helm chart aws-ebs-csi-driver. + EOT + type = object({ + + controller = optional(object({ + requests = optional(object({ + cpu = optional(string, "10m") + memory = optional(string, "40Mi") + }), {}) + limits = optional(object({ + cpu = optional(string) + memory = optional(string, "256Mi") + }), {}) + }), {}) + + node = optional(object({ + requests = optional(object({ + cpu = optional(string, "10m") + memory = optional(string, "40Mi") + }), {}) + limits = optional(object({ + cpu = optional(string) + memory = optional(string, "256Mi") + }), {}) + }), {}) + + }) + default = {} +} + variable "create_role" { description = "Boolean to indicate that the OIDC assumable IAM role should be created. **If passing `iam_role_arn` this should be false, otherwise if you want to create the OIDC assumable IAM role provided by this module, you will need to specify the variable `cluster_oidc_issuer_url`.**" type = bool @@ -78,4 +112,3 @@ variable "cluster_oidc_issuer_url" { type = string default = "" # Use empty string instead of null because of the replace() that uses this variable. } - From 80b6ed6f034331b4621248e6065491d13c8eb002 Mon Sep 17 00:00:00 2001 From: lentidas Date: Wed, 3 Apr 2024 11:55:48 +0000 Subject: [PATCH 2/2] docs(terraform-docs): generate docs and write to README.adoc --- README.adoc | 87 ++++++++++++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 82 insertions(+), 5 deletions(-) diff --git a/README.adoc b/README.adoc index 7f0833e..75e8873 100644 --- a/README.adoc +++ b/README.adoc @@ -76,12 +76,12 @@ The following requirements are needed by this module: The following providers are used by this module: +- [[provider_null]] <> (>= 3) + - [[provider_utils]] <> (>= 1) - [[provider_argocd]] <> (>= 5) -- [[provider_null]] <> (>= 3) - === Modules The following Modules are called: @@ -154,7 +154,7 @@ Description: Override of target revision of the application chart. Type: `string` -Default: `"v2.4.0"` +Default: `"v3.1.0"` ==== [[input_helm_values]] <> @@ -196,6 +196,44 @@ Type: `map(string)` Default: `{}` +==== [[input_resources]] <> + +Description: Resource limits and requests for aws-ebs-csi-driver's components. Follow the style on https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/[official documentation] to understand the format of the values." + +NOTE: These are the same values as the defaults on the Helm chart aws-ebs-csi-driver. + +Type: +[source,hcl] +---- +object({ + + controller = optional(object({ + requests = optional(object({ + cpu = optional(string, "10m") + memory = optional(string, "40Mi") + }), {}) + limits = optional(object({ + cpu = optional(string) + memory = optional(string, "256Mi") + }), {}) + }), {}) + + node = optional(object({ + requests = optional(object({ + cpu = optional(string, "10m") + memory = optional(string, "40Mi") + }), {}) + limits = optional(object({ + cpu = optional(string) + memory = optional(string, "256Mi") + }), {}) + }), {}) + + }) +---- + +Default: `{}` + ==== [[input_iam_role_arn]] <> Description: ARN of an OIDC assumable IAM role that has access to the EBS volumes. When specified, this is added as an annotation to the EBS CSI driver controller ServiceAccount, to allow the driver to manage EBS access points for dynamic volumes provisioning. @@ -242,9 +280,9 @@ Description: ID to pass other modules in order to refer to this module as a depe [cols="a,a",options="header,autowidth"] |=== |Name |Version -|[[provider_null]] <> |>= 3 |[[provider_utils]] <> |>= 1 |[[provider_argocd]] <> |>= 5 +|[[provider_null]] <> |>= 3 |=== = Modules @@ -299,7 +337,7 @@ Description: ID to pass other modules in order to refer to this module as a depe |[[input_target_revision]] <> |Override of target revision of the application chart. |`string` -|`"v2.4.0"` +|`"v3.1.0"` |no |[[input_helm_values]] <> @@ -340,6 +378,45 @@ object({ |`{}` |no +|[[input_resources]] <> +|Resource limits and requests for aws-ebs-csi-driver's components. Follow the style on https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/[official documentation] to understand the format of the values." + +NOTE: These are the same values as the defaults on the Helm chart aws-ebs-csi-driver. + +| + +[source] +---- +object({ + + controller = optional(object({ + requests = optional(object({ + cpu = optional(string, "10m") + memory = optional(string, "40Mi") + }), {}) + limits = optional(object({ + cpu = optional(string) + memory = optional(string, "256Mi") + }), {}) + }), {}) + + node = optional(object({ + requests = optional(object({ + cpu = optional(string, "10m") + memory = optional(string, "40Mi") + }), {}) + limits = optional(object({ + cpu = optional(string) + memory = optional(string, "256Mi") + }), {}) + }), {}) + + }) +---- + +|`{}` +|no + |[[input_create_role]] <> |Boolean to indicate that the OIDC assumable IAM role should be created. **If passing `iam_role_arn` this should be false, otherwise if you want to create the OIDC assumable IAM role provided by this module, you will need to specify the variable `cluster_oidc_issuer_url`.** |`bool`