upgrading production kustomize (#2515)

cds-snc · Apr 9, 2024 · 5257ca8 · 5257ca8
1 parent 24bd499
commit 5257ca8
Show file tree

Hide file tree

Showing 36 changed files with 484 additions and 521 deletions.
diff --git a/env/production/cwagent-patch.yaml → ...ion/cwagent/cwagent-deployment-patch.yaml b/env/production/cwagent-patch.yaml → ...ion/cwagent/cwagent-deployment-patch.yaml
diff --git a/env/production/karpenter.yaml b/env/production/karpenter.yaml
diff --git a/env/production/karpenter/aws-node-template-patch.yaml b/env/production/karpenter/aws-node-template-patch.yaml
@@ -0,0 +1,11 @@
+apiVersion: karpenter.k8s.aws/v1alpha1
+kind: AWSNodeTemplate
+metadata:
+  name: default
+spec:
+  subnetSelector:
+    karpenter.sh/discovery: notification-canada-ca-production-eks-cluster
+  securityGroupSelector:
+    karpenter.sh/discovery: notification-canada-ca-production-eks-cluster    
+  metadataOptions:
+    httpTokens: optional
diff --git a/env/production/karpenter/configmap-patch.yaml b/env/production/karpenter/configmap-patch.yaml
@@ -0,0 +1,24 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: karpenter-global-settings
+  namespace: karpenter
+  labels:
+    app.kubernetes.io/name: karpenter
+    app.kubernetes.io/instance: karpenter
+    app.kubernetes.io/version: "0.30.0"
+data:  
+    "aws.assumeRoleARN": ""
+    "aws.assumeRoleDuration": "15m"
+    "aws.clusterCABundle": ""
+    "aws.clusterEndpoint": ""
+    "aws.clusterName": "notification-canada-ca-production-eks-cluster"
+    "aws.defaultInstanceProfile": "KarpenterNodeInstanceProfile-karpenter-controller-eks"
+    "aws.enableENILimitedPodDensity": "true"
+    "aws.enablePodENI": "false"
+    "aws.interruptionQueueName": ""
+    "aws.isolatedVPC": "false"
+    "aws.vmMemoryOverheadPercent": "0.075"
+    "batchIdleDuration": "1s"
+    "batchMaxDuration": "10s"
+    "featureGates.driftEnabled": "false"
diff --git a/env/production/karpenter/provisioner-patch.yaml b/env/production/karpenter/provisioner-patch.yaml
@@ -0,0 +1,18 @@
+apiVersion: karpenter.sh/v1alpha5
+kind: Provisioner
+metadata:
+  name: default
+spec:
+  requirements:
+    - key: karpenter.sh/capacity-type
+      operator: In
+      values: ["spot"]
+    - key: node.kubernetes.io/instance-type
+      operator: In
+      values: ["r5.xlarge", "r5.large"]      
+  limits:
+    resources:
+      cpu: 1000
+  providerRef:
+    name: default
+  ttlSecondsAfterEmpty: 300
diff --git a/env/production/karpenter/service-account-patch.yaml b/env/production/karpenter/service-account-patch.yaml
@@ -0,0 +1,11 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: karpenter
+  namespace: karpenter
+  labels:
+    app.kubernetes.io/name: karpenter
+    app.kubernetes.io/instance: karpenter
+    app.kubernetes.io/version: "0.30.0"
+  annotations:
+    eks.amazonaws.com/role-arn: arn:aws:iam::296255494825:role/karpenter-controller-eks
diff --git a/env/production/kustomization.yaml b/env/production/kustomization.yaml
@@ -28,10 +28,41 @@ resources:
   - aws-auth-configmap.yaml
 
 patches:
-  - performance.yaml
-  - cwagent-patch.yaml
-  - node-selector-patch.yaml
-  - karpenter.yaml
+  - path: cwagent/cwagent-deployment-patch.yaml
+
+  - path: performance/admin-deployment-patch.yaml
+  - path: performance/admin-hpa-patch.yaml
+  - path: performance/api-deployment-patch.yaml
+  - path: performance/api-hpa-patch.yaml
+  - path: performance/celery-email-send-primary-deployment-patch.yaml
+  - path: performance/celery-email-send-scalable-deployment-patch.yaml
+  - path: performance/celery-email-send-scalable-hpa-patch.yaml
+  - path: performance/celery-primary-deployment-patch.yaml
+  - path: performance/celery-scalable-deployment-patch.yaml
+  - path: performance/celery-scalable-hpa-patch.yaml
+  - path: performance/celery-sms-send-primary-deployment-patch.yaml
+  - path: performance/celery-sms-send-scalable-deployment-patch.yaml
+  - path: performance/celery-sms-send-scalable-hpa-patch.yaml
+  - path: performance/document-download-hpa-patch.yaml
+  - path: performance/documentation-deployment-patch.yaml
+
+  - path: nodeselectors/admin-node-selector-patch.yaml
+  - path: nodeselectors/api-node-selector-patch.yaml
+  - path: nodeselectors/celery-beat-node-selector-patch.yaml
+  - path: nodeselectors/celery-email-send-primary-node-selector-patch.yaml
+  - path: nodeselectors/celery-email-send-scalable-node-selector-patch.yaml
+  - path: nodeselectors/celery-primary-node-selector-patch.yaml
+  - path: nodeselectors/celery-scalable-node-selector-patch.yaml
+  - path: nodeselectors/celery-sms-node-selector-patch.yaml
+  - path: nodeselectors/celery-sms-send-primary-node-selector-patch.yaml
+  - path: nodeselectors/celery-sms-send-scalable-node-selector-patch.yaml
+  - path: nodeselectors/document-download-api-node-selector-patch.yaml
+  - path: nodeselectors/documentation-node-selector-patch.yaml
+
+  - path: karpenter/aws-node-template-patch.yaml
+  - path: karpenter/configmap-patch.yaml
+  - path: karpenter/provisioner-patch.yaml
+  - path: karpenter/service-account-patch.yaml
 
 images:
   - name: admin

diff --git a/env/production/node-selector-patch.yaml b/env/production/node-selector-patch.yaml
diff --git a/env/production/nodeselectors/admin-node-selector-patch.yaml b/env/production/nodeselectors/admin-node-selector-patch.yaml
@@ -0,0 +1,12 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  labels:
+    app: admin
+  name:  admin
+  namespace: notification-canada-ca
+spec:
+  template:
+    spec:
+      nodeSelector:
+        eks.amazonaws.com/capacityType: ON_DEMAND
diff --git a/env/production/nodeselectors/api-node-selector-patch.yaml b/env/production/nodeselectors/api-node-selector-patch.yaml
@@ -0,0 +1,12 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  labels:
+    app: api
+  name:  api
+  namespace: notification-canada-ca
+spec:
+  template:
+    spec:
+      nodeSelector:
+        eks.amazonaws.com/capacityType: ON_DEMAND