From f001bf0064b7b2225b8e6697c41c2351b49f3a36 Mon Sep 17 00:00:00 2001 From: imo-ininder Date: Mon, 26 Jun 2023 16:04:24 +0800 Subject: [PATCH 1/2] FEAT: add ecr-cred-provider --- docs/variables/aws/kube-worker.md | 2 +- modules/aws/kube-etcd/ignition.tf | 3 ++- modules/aws/kube-master/ignition.tf | 16 +++++++++++----- modules/aws/kube-worker/ignition.tf | 3 ++- 4 files changed, 16 insertions(+), 8 deletions(-) diff --git a/docs/variables/aws/kube-worker.md b/docs/variables/aws/kube-worker.md index 9e94a55..e04fa6f 100644 --- a/docs/variables/aws/kube-worker.md +++ b/docs/variables/aws/kube-worker.md @@ -19,7 +19,7 @@ This document gives an overview of variables used in the AWS platform of the kub | Name | Source | Version | |------|--------|---------| -| [ignition\_docker](#module\_ignition\_docker) | github.com/getamis/terraform-ignition-reinforcements//modules/docker | v1.23.10.1 | +| [ignition\_docker](#module\_ignition\_docker) | github.com/getamis/terraform-ignition-reinforcements//modules/docker | v1.27.2.0 | | [ignition\_kubelet](#module\_ignition\_kubelet) | github.com/getamis/terraform-ignition-kubernetes//modules/kubelet | v1.27.2.0 | | [ignition\_legacy\_cgroups](#module\_ignition\_legacy\_cgroups) | github.com/getamis/terraform-ignition-reinforcements//modules/legacy-cgroups | v1.23.10.1 | | [ignition\_locksmithd](#module\_ignition\_locksmithd) | github.com/getamis/terraform-ignition-reinforcements//modules/locksmithd | v1.23.10.1 | diff --git a/modules/aws/kube-etcd/ignition.tf b/modules/aws/kube-etcd/ignition.tf index d6e4769..55e8b08 100644 --- a/modules/aws/kube-etcd/ignition.tf +++ b/modules/aws/kube-etcd/ignition.tf @@ -1,5 +1,6 @@ module "ignition_docker" { - source = "github.com/getamis/terraform-ignition-reinforcements//modules/docker?ref=v1.23.10.1" + source = "github.com/getamis/terraform-ignition-reinforcements//modules/docker?ref=v1.27.2.0" + docker_cgroup_driver = "systemd" } module "ignition_locksmithd" { diff --git a/modules/aws/kube-master/ignition.tf b/modules/aws/kube-master/ignition.tf index fbd9420..28ca196 100644 --- a/modules/aws/kube-master/ignition.tf +++ b/modules/aws/kube-master/ignition.tf @@ -95,20 +95,21 @@ module "ignition_kubernetes" { } module "ignition_docker" { - source = "github.com/getamis/terraform-ignition-reinforcements//modules/docker?ref=v1.23.10.1" + source = "github.com/getamis/terraform-ignition-reinforcements//modules/docker?ref=v1.27.2.0" + docker_cgroup_driver = "systemd" } module "ignition_locksmithd" { - source = "github.com/getamis/terraform-ignition-reinforcements//modules/locksmithd?ref=v1.23.10.1" + source = "github.com/getamis/terraform-ignition-reinforcements//modules/locksmithd?ref=v1.27.2.0" reboot_strategy = var.reboot_strategy } module "ignition_update_ca_certificates" { - source = "github.com/getamis/terraform-ignition-reinforcements//modules/update-ca-certificates?ref=v1.23.10.1" + source = "github.com/getamis/terraform-ignition-reinforcements//modules/update-ca-certificates?ref=v1.27.2.0" } module "ignition_sshd" { - source = "github.com/getamis/terraform-ignition-reinforcements//modules/sshd?ref=v1.23.10.1" + source = "github.com/getamis/terraform-ignition-reinforcements//modules/sshd?ref=v1.27.2.0" enable = var.debug_mode } @@ -118,8 +119,12 @@ module "ignition_containerd" { } +module "ignition_ecr_credentail_provider" { + source = "github.com/getamis/terraform-ignition-reinforcements//modules/ecr-credential-provider?ref=v1.27.2.0" +} + module "ignition_systemd_networkd" { - source = "github.com/getamis/terraform-ignition-reinforcements//modules/systemd-networkd?ref=v1.23.10.1" + source = "github.com/getamis/terraform-ignition-reinforcements//modules/systemd-networkd?ref=v1.27.2.0" debug = var.debug_mode } @@ -133,6 +138,7 @@ data "ignition_config" "main" { module.ignition_kubernetes.files, module.ignition_kubernetes.cert_files, module.ignition_containerd.files, + module.ignition_ecr_credentail_provider.files, var.extra_ignition_file_ids, )) diff --git a/modules/aws/kube-worker/ignition.tf b/modules/aws/kube-worker/ignition.tf index 9beabc8..035a9a2 100644 --- a/modules/aws/kube-worker/ignition.tf +++ b/modules/aws/kube-worker/ignition.tf @@ -8,7 +8,8 @@ locals { } module "ignition_docker" { - source = "github.com/getamis/terraform-ignition-reinforcements//modules/docker?ref=v1.23.10.1" + source = "github.com/getamis/terraform-ignition-reinforcements//modules/docker?ref=v1.27.2.0" + docker_cgroup_driver = "systemd" } module "ignition_locksmithd" { From a72f29abd08c110cb2ddd50df6e9437664545a0d Mon Sep 17 00:00:00 2001 From: imo-ininder Date: Mon, 26 Jun 2023 16:58:24 +0800 Subject: [PATCH 2/2] FEAT: add ecr-cred-provider at worker node --- modules/aws/kube-worker/ignition.tf | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/modules/aws/kube-worker/ignition.tf b/modules/aws/kube-worker/ignition.tf index 035a9a2..8972fb2 100644 --- a/modules/aws/kube-worker/ignition.tf +++ b/modules/aws/kube-worker/ignition.tf @@ -39,6 +39,10 @@ module "ignition_containerd" { } +module "ignition_ecr_credentail_provider" { + source = "github.com/getamis/terraform-ignition-reinforcements//modules/ecr-credential-provider?ref=v1.27.2.0" +} + data "aws_s3_object" "bootstrapping_kubeconfig" { bucket = var.s3_bucket key = "bootstrap-kubelet.conf" @@ -78,6 +82,7 @@ data "ignition_config" "main" { module.ignition_systemd_networkd.files, module.ignition_kubelet.files, module.ignition_containerd.files, + module.ignition_ecr_credentail_provider.files, var.extra_ignition_file_ids, ))