-
Notifications
You must be signed in to change notification settings - Fork 71
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update AWS setup instructions #1636
Conversation
Provide aws secrets for kustomize via file. This prevents accidental commit of secrets. Signed-off-by: Pradipta Banerjee <pradipta.banerjee@gmail.com>
Add EKS cluster setup and update CAA deployment instructions Signed-off-by: Pradipta Banerjee <pradipta.banerjee@gmail.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM, i'm not able to test it though
curl -LO https://raw.githubusercontent.com/confidential-containers/cloud-api-adaptor/staging/podvm/hack/download-image.sh | ||
### Update the `kustomization.yaml` file | ||
|
||
Run the following command to update the [`kustomization.yaml`](../install/overlays/aws/kustomization.yaml) file: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hey Pradipta - is this intended to be a point in time reference, or something longer lasting? If it's the later then I don't know whether it would be better to instruction them to edit the existing install/overlays/aws/kustomization.yaml
file rather than overwrite it, so things like the CAA new are not fixed?
You might be able to do something with the caa provisioner to help with the config, but I understand if you don't want to get into that.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for the suggestion Steve. It does make sense to instruct direct editing of the kustomization.yaml. However, currently for AWS we only need one variable to be provided and the rewriting helps to get started quickly.
Going forward, I will explore sed
commands to edit the values from CLI instead of re-writing. Hope this is ok..
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sure, if it's a short-term hard-coded doc then that's fine - I just don't want AWS users to get stuck on the 0.8 release of CAA once we've updated to 0.9 based on main
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
BTW, another option would be to modify CM after creation, can be done in 2 commands, not sure it's better though...
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't have an AWS account to test, but the doc looks reasonable to me apart from the version hard-coding which Pradipta is planning to review in future. Thanks!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM, thanks!
curl -LO https://raw.githubusercontent.com/confidential-containers/cloud-api-adaptor/staging/podvm/hack/download-image.sh | ||
### Update the `kustomization.yaml` file | ||
|
||
Run the following command to update the [`kustomization.yaml`](../install/overlays/aws/kustomization.yaml) file: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
BTW, another option would be to modify CM after creation, can be done in 2 commands, not sure it's better though...
|
||
``` | ||
aws ec2 describe-images --query "Images[*].[ImageId]" --filters "Name=name,Values=peer-pod-ami" --region ${AWS_REGION} --output text | ||
cat > ekscluster-config.yaml <<EOF |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
maybe it worth considering having some templates folder and then using something like envsubst < tmps/eks-config.yaml| oc apply -f-
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeah, either this or some sed fu to make changes
This series provides the following