diff --git a/infra/modules/kubevela/addons.tf b/infra/modules/kubevela-addons/addons.tf similarity index 100% rename from infra/modules/kubevela/addons.tf rename to infra/modules/kubevela-addons/addons.tf diff --git a/infra/modules/kubevela-addons/cardano.tf b/infra/modules/kubevela-addons/cardano.tf new file mode 100644 index 00000000..7bf4f82f --- /dev/null +++ b/infra/modules/kubevela-addons/cardano.tf @@ -0,0 +1,7 @@ +resource "helm_release" "cardano" { + name = "cardano" + + chart = "./cardano" + namespace = var.namespace +} + diff --git a/infra/modules/kubevela/cardano/Chart.yaml b/infra/modules/kubevela-addons/cardano/Chart.yaml similarity index 100% rename from infra/modules/kubevela/cardano/Chart.yaml rename to infra/modules/kubevela-addons/cardano/Chart.yaml diff --git a/infra/modules/kubevela/cardano/templates/cardano-node.yaml b/infra/modules/kubevela-addons/cardano/templates/cardano-node.yaml similarity index 100% rename from infra/modules/kubevela/cardano/templates/cardano-node.yaml rename to infra/modules/kubevela-addons/cardano/templates/cardano-node.yaml diff --git a/infra/modules/kubevela/cardano/values.yaml b/infra/modules/kubevela-addons/cardano/values.yaml similarity index 100% rename from infra/modules/kubevela/cardano/values.yaml rename to infra/modules/kubevela-addons/cardano/values.yaml diff --git a/infra/modules/kubevela/definitions.tf b/infra/modules/kubevela-addons/definitions.tf similarity index 100% rename from infra/modules/kubevela/definitions.tf rename to infra/modules/kubevela-addons/definitions.tf diff --git a/infra/modules/kubevela/definitions/build-nix-image.cue b/infra/modules/kubevela-addons/definitions/build-nix-image.cue similarity index 100% rename from infra/modules/kubevela/definitions/build-nix-image.cue rename to infra/modules/kubevela-addons/definitions/build-nix-image.cue diff --git a/infra/modules/kubevela/definitions/helm.yaml b/infra/modules/kubevela-addons/definitions/helm.yaml similarity index 100% rename from infra/modules/kubevela/definitions/helm.yaml rename to infra/modules/kubevela-addons/definitions/helm.yaml diff --git a/infra/modules/kubevela/definitions/helmrelease.cue b/infra/modules/kubevela-addons/definitions/helmrelease.cue similarity index 100% rename from infra/modules/kubevela/definitions/helmrelease.cue rename to infra/modules/kubevela-addons/definitions/helmrelease.cue diff --git a/infra/modules/kubevela/definitions/http-route.cue b/infra/modules/kubevela-addons/definitions/http-route.cue similarity index 100% rename from infra/modules/kubevela/definitions/http-route.cue rename to infra/modules/kubevela-addons/definitions/http-route.cue diff --git a/infra/modules/kubevela/definitions/https-route.cue b/infra/modules/kubevela-addons/definitions/https-route.cue similarity index 100% rename from infra/modules/kubevela/definitions/https-route.cue rename to infra/modules/kubevela-addons/definitions/https-route.cue diff --git a/infra/modules/kubevela/definitions/resource.cue b/infra/modules/kubevela-addons/definitions/resource.cue similarity index 100% rename from infra/modules/kubevela/definitions/resource.cue rename to infra/modules/kubevela-addons/definitions/resource.cue diff --git a/infra/modules/kubevela/otel-operator.yaml b/infra/modules/kubevela-addons/otel-operator.yaml similarity index 100% rename from infra/modules/kubevela/otel-operator.yaml rename to infra/modules/kubevela-addons/otel-operator.yaml diff --git a/infra/modules/kubevela/secretUI.cue b/infra/modules/kubevela-addons/secretUI.cue similarity index 100% rename from infra/modules/kubevela/secretUI.cue rename to infra/modules/kubevela-addons/secretUI.cue diff --git a/infra/modules/kubevela-addons/variables.tf b/infra/modules/kubevela-addons/variables.tf new file mode 100644 index 00000000..b2fe2a10 --- /dev/null +++ b/infra/modules/kubevela-addons/variables.tf @@ -0,0 +1,17 @@ +variable "namespace" { + description = "Set the namespace that kubevela is deployed to" + type = string + default = "vela-system" +} + +variable "helm_defaults" { + description = "Customize default Helm behavior" + type = any + default = {} +} + +variable "cluster-name" { + description = "Name of the Kubernetes cluster" + default = "sample-cluster" + type = string +} diff --git a/infra/modules/kubevela-addons/versions.tf b/infra/modules/kubevela-addons/versions.tf new file mode 100644 index 00000000..cb6cee36 --- /dev/null +++ b/infra/modules/kubevela-addons/versions.tf @@ -0,0 +1,14 @@ +terraform { + required_providers { + helm = "~> 2.0" + kubernetes = "~> 2.0, != 2.12" + kubectl = { + source = "gavinbunney/kubectl" + version = "~> 1.0" + } + kustomization = { + source = "kbst/kustomize" + version = "0.2.0-beta.3" + } + } +} diff --git a/infra/modules/kubevela/cardano.tf b/infra/modules/kubevela/cardano.tf deleted file mode 100644 index d8604a6e..00000000 --- a/infra/modules/kubevela/cardano.tf +++ /dev/null @@ -1,7 +0,0 @@ -resource "helm_release" "cardano" { - name = "cardano" - - chart = "./cardano" - namespace = kubernetes_namespace.vela-system.metadata[0].name -} - diff --git a/infra/modules/kubevela/definitions/postgres.cue b/infra/modules/kubevela/definitions/postgres.cue deleted file mode 100644 index 8f2cabb1..00000000 --- a/infra/modules/kubevela/definitions/postgres.cue +++ /dev/null @@ -1,168 +0,0 @@ -output: { - kind: "postgresql" - apiVersion: "acid.zalan.do/v1" - metadata: { - name: context.name - namespace: context.namespace - // default namespace will be "prod" - } - spec: { - dockerImage: parameter.image //ghcr.io/zalando/spilo-15:2.1-p9 - numberOfInstances: parameter.replicas //By default it's 2 - teamId: parameter.teamId - postgresql: parameter.postgresql - databases: parameter.databases - preparedDatabases: parameter.preparedDatabases - users: parameter.users - enableMasterLoadBalancer: parameter.enableMasterLoadBalancer - enableReplicaLoadBalancer: parameter.enableReplicaLoadBalancer - enableConnectionPooler: parameter.enableConnectionPooler - enableReplicaConnectionPooler: parameter.enableReplicaConnectionPooler - enableMasterPoolerLoadBalancer: parameter.enableReplicaConnectionPooler - enableReplicaPoolerLoadBalancer: parameter.enableReplicaPoolerLoadBalancer - allowedSourceRanges: [ // load balancers' source ranges for both master and replica services - "127.0.0.1/32" - ] - volume: parameter.volume - additionalVolumes: [ - { - name: "empty" - mountPath: "/opt/empty" - targetContainers: [ - "all" - ] - volumeSource: { - emptyDir: {} - } - } - ] - enableShmVolume: parameter.enableShmVolume - resources: parameter.resources - patroni: parameter.patroni - ttl: parameter.ttl - loop_wait: parameter.loopWait - retry_timeout: parameter.retryTimeout - synchronous_mode: parameter.synchronousMode - synchronous_mode_strict: parameter.synchronousModeStrict - synchronous_node_count: parameter.synchronousNodeCount - maximum_lag_on_failover: 33554432 - initContainers: [ - { - name: "date" - image: "busybox" - command: [ "/bin/date" ] - } - ] - // Custom TLS certificate. Disabled unless tls.secretName has a value. - tls: parameter.tls - } -} -parameter: { - //+usage=configure postgresql. - postgresql: { - //+usage=the version of the postgresql to be used. - version: *"15" | string - parameters: { - // Expert section - shared_buffers: *"32MB" | string - max_connections: *"10" | string - log_statement: *"all" | string - } - } - //+usage=the size of the postgres cluster. - replicas: *2 | int - //+usage=set team Id. - teamId: *"acid" | string - //+usage=the image of the spilo. - image: *"ghcr.io/zalando/spilo-15:2.1-p9" | string - //+usage=configure volume. - volume: { - //+usage=the size of the volume used of postgres. - size: *"1Gi" | string - } - //+usage=define databases to be used. - databases: *{ - foo: "zalando" // dbname: owner - } | {...} - //+usage=configure created databases. - preparedDatabases: *{ - bar: { - defaultUsers: true - extensions: { - pg_partman: "public" - pgcrypto: "public" - } - schemas: { - data: {} - history: { - defaultRoles: true - defaultUsers: false - } - } - } - } | {...} - //+usage=configure users for the databases. - users: *{ - zalando: ["superuser", "createdb"] - foo_user: [] - } | {...} - //+usage=configure patroni. - patroni: { - failsafe_mode: *false | bool - initdb: { - encoding: *"UTF8" | string - locale: *"en_US.UTF-8" | string - "data-checksums": *"true" | string - } - } - //+usage=enable SHM volume if set true. - enableShmVolume: *true | bool - //+usage=enable master as load balancer if set true. - enableMasterLoadBalancer: *false | bool - //+usage=enable replica as load balancer if set true. - enableReplicaLoadBalancer: *false | bool - //+usage=enable/disable connection pooler deployment. - enableConnectionPooler: *false | bool - //+usage=set to enable connection pooler for replica service. - enableReplicaConnectionPooler: *false | bool - //+usage=set to enable master pooler as load balancer. - enableMasterPoolerLoadBalancer: *false | bool - //+usage=set to enable replica pooler as load balancer. - enableReplicaPoolerLoadBalancer: *false | bool - //+usage=set ttl(Time to live) by dedault it's 30 days. - ttl: *30 | int - //+usage=set loop wait time by dedault it's 10. - loopWait: *10 | int - //+usage=set retry timeout by dedault it's 10. - retryTimeout: *10 | int - //+usage=set to enable synchronous mode. - synchronousMode: *false | bool - //+usage=set to enable synchronous mode strictly. - synchronousModeStrict: *false | bool - //+usage=set how many nodes to be synchronized. - synchronousNodeCount: *1 | int - //+usage=configure resources. - resources: { - requests: { - cpu: *"10m" | string - memory: *"100Mi" | string - } - limits: { - cpu: *"500m" | string - memory: *"500Mi" | string - } - } - //+usage=configure custom TLS. - tls: { - //+usage=sets custom TLS secret name, It should correspond to a Kubernetes Secret resource to load. - secretName: *"" | string - //+usage=sets custom TLS certificate file. - certificateFile: *"tls.crt" | string - //+usage=sets custom TLS private key file. - privateKeyFile: *"tls.key" | string - //+usage=optionally configure Postgres with a CA certificate. - caFile: *"" | string - //+usage=optionally the ca.crt can come from this secret instead. - caSecretName: *"" | string - } - } diff --git a/infra/modules/kubevela/outputs.tf b/infra/modules/kubevela/outputs.tf index e69de29b..369bdaed 100644 --- a/infra/modules/kubevela/outputs.tf +++ b/infra/modules/kubevela/outputs.tf @@ -0,0 +1,3 @@ +output "namespace" { + value = var.namespace +} diff --git a/infra/modules/kubevela/postgres-operator.yaml b/infra/modules/kubevela/postgres-operator.yaml deleted file mode 100644 index 059f9905..00000000 --- a/infra/modules/kubevela/postgres-operator.yaml +++ /dev/null @@ -1,124 +0,0 @@ -apiVersion: core.oam.dev/v1beta1 -kind: Application -metadata: - annotations: - addon.oam.dev/componentDefinitions: postgres-cluster - creationTimestamp: null - labels: - addons.oam.dev/name: postgres-operator - addons.oam.dev/registry: experimental - addons.oam.dev/version: 1.0.0 - name: addon-postgres-operator - namespace: vela-system -spec: - components: - - name: ns-postgres-operator - properties: - objects: - - apiVersion: v1 - kind: Namespace - metadata: - name: postgres-operator - type: k8s-objects - - name: postgres-operator - properties: - chart: postgres-operator - repoType: helm - url: https://opensource.zalando.com/postgres-operator/charts/postgres-operator - version: 1.9.0 - type: helm - policies: - - name: postgres-operator-ns - properties: - rules: - - selector: - resourceTypes: - - Namespace - type: shared-resource - - name: deploy-postgres-operator - properties: - clusterLabelSelector: {} - namespace: postgres-operator - type: topology -status: {} - ---- -apiVersion: core.oam.dev/v1beta1 -kind: ComponentDefinition -metadata: - annotations: - definition.oam.dev/alias: "" - definition.oam.dev/description: postgres cluster component - labels: {} - name: postgres-cluster - namespace: vela-system -spec: - schematic: - cue: - template: "output: {\n\tkind: \"postgresql\"\n\tapiVersion: \"acid.zalan.do/v1\"\n\tmetadata: - {\n\t\tname: context.name\n\t\tnamespace: context.namespace\n\t\t// default - namespace will be \"prod\"\n\t}\n\tspec: {\n\t\tdockerImage: parameter.image - \ //ghcr.io/zalando/spilo-15:2.1-p9\n\t\tnumberOfInstances: parameter.replicas - //By default it's 2\n\t\tteamId: parameter.teamId\n\t\tpostgresql: - \ parameter.postgresql\n\t\tdatabases: parameter.databases\n\t\tpreparedDatabases: - \ parameter.preparedDatabases\n\t\tusers: parameter.users\n\t\tenableMasterLoadBalancer: - \ parameter.enableMasterLoadBalancer\n\t\tenableReplicaLoadBalancer: - \ parameter.enableReplicaLoadBalancer\n\t\tenableConnectionPooler: parameter.enableConnectionPooler\n\t\tenableReplicaConnectionPooler: - \ parameter.enableReplicaConnectionPooler\n\t\tenableMasterPoolerLoadBalancer: - \ parameter.enableReplicaConnectionPooler\n\t\tenableReplicaPoolerLoadBalancer: - parameter.enableReplicaPoolerLoadBalancer\n\t\tallowedSourceRanges: [ // load - balancers' source ranges for both master and replica services\n\t\t\t\t\t\"127.0.0.1/32\",\n\t\t]\n\t\tvolume: - parameter.volume\n\t\tadditionalVolumes: [\n\t\t\t{\n\t\t\t\tname: \"empty\"\n\t\t\t\tmountPath: - \"/opt/empty\"\n\t\t\t\ttargetContainers: [\n\t\t\t\t\t\"all\",\n\t\t\t\t]\n\t\t\t\tvolumeSource: - emptyDir: {}\n\t\t\t},\n\t\t]\n\t\tenableShmVolume: parameter.enableShmVolume\n\t\tresources: - \ parameter.resources\n\t\tpatroni: parameter.patroni\n\t\tttl: - \ parameter.ttl\n\t\tloop_wait: parameter.loopWait\n\t\tretry_timeout: - \ parameter.retryTimeout\n\t\tsynchronous_mode: parameter.synchronousMode\n\t\tsynchronous_mode_strict: - parameter.synchronousModeStrict\n\t\tsynchronous_node_count: parameter.synchronousNodeCount\n\t\tmaximum_lag_on_failover: - 33554432\n\t\tinitContainers: [\n\t\t\t{\n\t\t\t\tname: \"date\"\n\t\t\t\timage: - \"busybox\"\n\t\t\t\tcommand: [ \"/bin/date\"]\n\t\t\t},\n\t\t]\n\t\t// Custom - TLS certificate. Disabled unless tls.secretName has a value.\n\t\ttls: parameter.tls\n\t}\n}\nparameter: - {\n\t//+usage=configure postgresql.\n\tpostgresql: {\n\t\t//+usage=the version - of the postgresql to be used.\n\t\tversion: *\"15\" | string\n\t\tparameters: - {\n\t\t\t// Expert section\n\t\t\tshared_buffers: *\"32MB\" | string\n\t\t\tmax_connections: - *\"10\" | string\n\t\t\tlog_statement: *\"all\" | string\n\t\t}\n\t}\n\t//+usage=the - size of the postgres cluster.\n\treplicas: *2 | int\n\t//+usage=set team Id.\n\tteamId: - *\"acid\" | string\n\t//+usage=the image of the spilo.\n\timage: *\"ghcr.io/zalando/spilo-15:2.1-p9\" - | string\n\t//+usage=configure volume.\n\tvolume: {\n\t\t//+usage=the size - of the volume used of postgres.\n\t\tsize: *\"1Gi\" | string\n\t}\n\t//+usage=define - databases to be used.\n\tdatabases: *{\n\t\tfoo: \"zalando\" // dbname: owner\n\t} - | {...}\n\t//+usage=configure created databases.\n\tpreparedDatabases: *{\n\t\tbar: - {\n\t\t\tdefaultUsers: true\n\t\t\textensions: {\n\t\t\t\tpg_partman: \"public\"\n\t\t\t\tpgcrypto: - \ \"public\"\n\t\t\t}\n\t\t\tschemas: {\n\t\t\t\tdata: {}\n\t\t\t\thistory: - {\n\t\t\t\t\tdefaultRoles: true\n\t\t\t\t\tdefaultUsers: false\n\t\t\t\t}\n\t\t\t}\n\t\t}\n\t} - | {...}\n\t//+usage=configure users for the databases.\n\tusers: *{\n\t\tzalando: - [\"superuser\", \"createdb\"]\n\t\tfoo_user: []\n\t} | {...}\n\t//+usage=configure - patroni.\n\tpatroni: {\n\t\tfailsafe_mode: *false | bool\n\t\tinitdb: {\n\t\t\tencoding: - \ *\"UTF8\" | string\n\t\t\tlocale: *\"en_US.UTF-8\" | string\n\t\t\t\"data-checksums\": - *\"true\" | string\n\t\t}\n\t}\n\t//+usage=enable SHM volume if set true. - \ \n\tenableShmVolume: *true | bool\n\t//+usage=enable master - as load balancer if set true.\n\tenableMasterLoadBalancer: *false | bool\n\t//+usage=enable - replica as load balancer if set true.\n\tenableReplicaLoadBalancer: *false - | bool\n\t//+usage=enable/disable connection pooler deployment.\n\tenableConnectionPooler: - *false | bool\n\t//+usage=set to enable connection pooler for replica service.\n\tenableReplicaConnectionPooler: - *false | bool\n\t//+usage=set to enable master pooler as load balancer.\n\tenableMasterPoolerLoadBalancer: - *false | bool\n\t//+usage=set to enable replica pooler as load balancer.\n\tenableReplicaPoolerLoadBalancer: - *false | bool\n\t//+usage=set ttl(Time to live) by dedault it's 30 days.\n\tttl: - *30 | int\n\t//+usage=set loop wait time by dedault it's 10.\n\tloopWait: - *10 | int\n\t//+usage=set retry timeout by dedault it's 10.\n\tretryTimeout: - *10 | int\n\t//+usage=set to enable synchronous mode.\n\tsynchronousMode: - *false | bool\n\t//+usage=set to enable synchronous mode strictly.\n\tsynchronousModeStrict: - *false | bool\n\t//+usage=set how many nodes to be synchronized.\n\tsynchronousNodeCount: - *1 | int\n\t//+usage=configure resources.\n\tresources: {\n\t\trequests: {\n\t\t\tcpu: - \ *\"10m\" | string\n\t\t\tmemory: *\"100Mi\" | string\n\t\t}\n\t\tlimits: - {\n\t\t\tcpu: *\"500m\" | string\n\t\t\tmemory: *\"500Mi\" | string\n\t\t}\n\t}\n\t//+usage=configure - custom TLS.\n\ttls: {\n\t\t//+usage=sets custom TLS secret name, It should - correspond to a Kubernetes Secret resource to load.\n\t\tsecretName: *\"\" - | string\n\t\t//+usage=sets custom TLS certificate file.\n\t\tcertificateFile: - *\"tls.crt\" | string\n\t\t//+usage=sets custom TLS private key file.\n\t\tprivateKeyFile: - *\"tls.key\" | string\n\t\t//+usage=optionally configure Postgres with a CA - certificate.\n\t\tcaFile: *\"\" | string\n\t\t//+usage=optionally the ca.crt - can come from this secret instead.\n\t\tcaSecretName: *\"\" | string\n\t}\n}\n" - workload: - type: autodetects.core.oam.dev - diff --git a/infra/prod-new-us-east-1/k8s/kubevela-addons/terragrunt.hcl b/infra/prod-new-us-east-1/k8s/kubevela-addons/terragrunt.hcl new file mode 100644 index 00000000..bc24702a --- /dev/null +++ b/infra/prod-new-us-east-1/k8s/kubevela-addons/terragrunt.hcl @@ -0,0 +1,40 @@ +include "root" { + path = find_in_parent_folders() +} + +locals { + # Get provider configs + k8s = read_terragrunt_config("${get_parent_terragrunt_dir()}/provider-configs/k8s.hcl") + helm = read_terragrunt_config("${get_parent_terragrunt_dir()}/provider-configs/helm.hcl") + kubectl = read_terragrunt_config("${get_parent_terragrunt_dir()}/provider-configs/kubectl.hcl") + + environment_vars = read_terragrunt_config(find_in_parent_folders("env.hcl")) + dapps_namespaces = local.environment_vars.locals.namespaces +} + +# Generate provider blocks +generate = merge(local.k8s.generate, local.helm.generate, local.kubectl.generate) + +terraform { + source = "../../../modules/kubevela-addons" +} + +dependency "eks" { + config_path = "../eks" + + mock_outputs = { + cluster_id = "cluster-name" + cluster_oidc_issuer_url = "https://oidc.eks.eu-west-3.amazonaws.com/id/0000000000000000" + } +} + +dependency "kubevela" { + config_path = "../kubevela" +} + +inputs = { + # cluster-name = local.cluster + cluster-name = dependency.eks.outputs.cluster_name + k8s-cluster-name = dependency.eks.outputs.cluster_name # for provider block + namespace = dependency.kubevela.outputs.namespace +}