Merge pull request #46 from sparkfabrik/feat/2819_add_documentation_e…

…ks_addon_patches feat(documentation): add documentation about patching the EKS add-ons
sparkfabrik · Apr 23, 2024 · 5f41109 · 5f41109
2 parents ec94eee + db47d68
commit 5f41109
Show file tree

Hide file tree

Showing 4 changed files with 27 additions and 12 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -7,6 +7,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+### Added
+
+- refs platform/#2819: add documentation about patching the EKS cluster add-ons.
+
 ## [3.0.0] - 2023-12-21
 
 [Compare with previous version](https://github.com/sparkfabrik/terraform-aws-eks-bootstrap/compare/2.1.0...3.0.0)

diff --git a/README.md b/README.md
@@ -4,26 +4,23 @@ Bootstrap module for AWS EKS cluster.
 
 ## Known Issues
 
-Due to issue on [amazon-cloudwatch-observability](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/Container-Insights-setup-EKS-addon.html) EKS addon, the fluent-bit and the CloudWatch Agent are not deployed on tainted nodes. 
+Due to issue on [amazon-cloudwatch-observability](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/Container-Insights-setup-EKS-addon.html) EKS addon, the fluent-bit and the CloudWatch Agent are not deployed on tainted nodes.
 
 The feature is in "Proposed" state https://github.com/aws/containers-roadmap/issues/2195.
 
 Ultil the feature is released, you must manually add tolerations in the AmazonCloudWatchAgent CRD and fluent-bit daemonset resources.
 
-Edit:
-- kubectl edit daemonset.apps/fluent-bit -n amazon-cloudwatch
-- kubectl edit AmazonCloudWatchAgent -n amazon-cloudwatch
+You can find the patch files in the `eks-add-ons-patches` directory. You can apply the patches using the `kubectl` as follows:
 
-and add tolerations, eg:
-
-```yaml
-      tolerations:
-      - effect: NoSchedule
-        key: stable-pool-performance
-        operator: Equal
-        value: high
+```bash
+# Patch the FluentBit DaemonSet
+kubectl -n amazon-cloudwatch patch daemonset fluent-bit --type merge --patch-file eks-add-ons-patches/fluent-bit.yaml
+# Patch the AmazonCloudWatchAgent resource (which produces the cloudwatch-agent daemonset)
+kubectl -n amazon-cloudwatch patch AmazonCloudWatchAgent cloudwatch-agent --type merge --patch-file eks-add-ons-patches/cloudwatch-agent.yaml
 ```
 
+Remember to change the `tolerations` patches according to your node groups.
+
 <!-- BEGIN_TF_DOCS -->
 ## Providers
 

diff --git a/eks-add-ons-patches/cloudwatch-agent.yaml b/eks-add-ons-patches/cloudwatch-agent.yaml
@@ -0,0 +1,6 @@
+spec:
+  tolerations:
+    - effect: NoSchedule
+      key: my-tainted-key
+      operator: Equal
+      value: my-tainted-value
diff --git a/eks-add-ons-patches/fluent-bit.yaml b/eks-add-ons-patches/fluent-bit.yaml
@@ -0,0 +1,8 @@
+spec:
+  template:
+    spec:
+      tolerations:
+        - effect: NoSchedule
+          key: my-tainted-key
+          operator: Equal
+          value: my-tainted-value