From fe3621952766f5c3ee49cec4f2c988b4ade2b124 Mon Sep 17 00:00:00 2001 From: David Houck Date: Thu, 14 Nov 2024 13:25:49 -0500 Subject: [PATCH 1/4] feat: (PSKD-349) OSS Tool Version Updates (#133) Signed-off-by: David.Houck --- CodingStandards.txt | 2 ++ Dockerfile | 8 ++++---- docs/REQUIREMENTS.md | 4 ++-- docs/user/Dependencies.md | 4 ++-- linting-configs/.tflint.hcl | 2 +- versions.tf | 2 +- 6 files changed, 12 insertions(+), 10 deletions(-) diff --git a/CodingStandards.txt b/CodingStandards.txt index c561669..c6a482c 100644 --- a/CodingStandards.txt +++ b/CodingStandards.txt @@ -50,5 +50,7 @@ For Terraform-related files the standards are: When coding has completed, run the following command: - terraform fmt -recursive + +When committing your changes, use the "git commit -s" form to sign your changes. This is required for the DCO ci/cd step that runs for all PRs. This ensures everyone on the team has the same and consistent file formatting prior to pushing the code into git. diff --git a/Dockerfile b/Dockerfile index d0450b2..794f72e 100644 --- a/Dockerfile +++ b/Dockerfile @@ -8,9 +8,9 @@ RUN apt-get update && apt-get upgrade -y --no-install-recommends \ # Layers used for building/downloading/installing tools FROM baseline as tool_builder -ARG HELM_VERSION=3.14.4 -ARG KUBECTL_VERSION=1.29.7 -ARG TERRAFORM_VERSION=1.8.5-* +ARG HELM_VERSION=3.16.2 +ARG KUBECTL_VERSION=1.29.10 +ARG TERRAFORM_VERSION=1.9.8-* WORKDIR /build @@ -18,7 +18,7 @@ SHELL ["/bin/bash", "-o", "pipefail", "-c"] RUN curl -fsSL https://apt.releases.hashicorp.com/gpg | apt-key add - \ && echo "deb [arch=amd64] https://apt.releases.hashicorp.com focal main" > /etc/apt/sources.list.d/tf.list \ && apt-get update \ - && curl -sLO https://storage.googleapis.com/kubernetes-release/release/v$KUBECTL_VERSION/bin/linux/amd64/kubectl && chmod 755 ./kubectl \ + && curl -sLO https://dl.k8s.io/release/v$KUBECTL_VERSION/bin/linux/amd64/kubectl && chmod 755 ./kubectl \ && curl -ksLO https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 && chmod 755 get-helm-3 \ && ./get-helm-3 --version v$HELM_VERSION --no-sudo \ && apt-get install -y terraform=$TERRAFORM_VERSION --no-install-recommends \ diff --git a/docs/REQUIREMENTS.md b/docs/REQUIREMENTS.md index e4a8e0c..59908b5 100644 --- a/docs/REQUIREMENTS.md +++ b/docs/REQUIREMENTS.md @@ -684,6 +684,6 @@ The third-party applications that are listed in the following table are supporte | Application | Minimum Version | | ---: | ---: | | [Ansible](https://www.ansible.com/) | Core 2.16.1 | -| [Terraform](https://www.terraform.io/) | 1.8.5 | +| [Terraform](https://www.terraform.io/) | 1.9.8 | | [Docker](https://www.docker.com/) | 20.10.17 | -| [Helm](https://helm.sh/) | 3.14.4 | +| [Helm](https://helm.sh/) | 3.16.2 | diff --git a/docs/user/Dependencies.md b/docs/user/Dependencies.md index 39438de..0d3b9b5 100644 --- a/docs/user/Dependencies.md +++ b/docs/user/Dependencies.md @@ -8,10 +8,10 @@ For dependency installation instructions and sources, links have been provided i |----------------|------------------------------------------------------------------------------------------------------------------------------------------------|-------------| | ~ | [python](https://www.python.org/downloads/) | >=3.10 | | ~ | [pip](https://packaging.python.org/en/latest/guides/installing-using-linux-tools/#installing-pip-setuptools-wheel-with-linux-package-managers) | >=22.0 | -| ~ | [terraform](https://www.terraform.io/downloads) | >=1.4.5 | +| ~ | [terraform](https://www.terraform.io/downloads) | >=1.9.8 | | ~ | [docker](https://docs.docker.com/engine/install/) | >=20.10.17 | | ~ | [helm](https://helm.sh/docs/intro/install/) | >=3 | -| ~ | [kubectl](https://kubernetes.io/docs/tasks/tools/) | 1.26 - 1.28 | +| ~ | [kubectl](https://kubernetes.io/docs/tasks/tools/) | 1.28 - 1.30 | | ~ | [git](https://git-scm.com/book/en/v2/Getting-Started-Installing-Git) | any | | ~ | [jq](https://jqlang.github.io/jq/download/) | >=1.6 | | pip | ansible-core | 2.16.4 | diff --git a/linting-configs/.tflint.hcl b/linting-configs/.tflint.hcl index 337cfd6..02e587e 100644 --- a/linting-configs/.tflint.hcl +++ b/linting-configs/.tflint.hcl @@ -8,7 +8,7 @@ config { # Enables module inspection. - module = true + call_module_type = "all" } plugin "terraform" { diff --git a/versions.tf b/versions.tf index 228a060..a92f7e0 100644 --- a/versions.tf +++ b/versions.tf @@ -2,7 +2,7 @@ # SPDX-License-Identifier: Apache-2.0 terraform { - required_version = ">= 1.4.5" + required_version = ">= 1.9.8" required_providers { vsphere = { source = "hashicorp/vsphere" From 80acbeb6f07f5f1839ab3164cbef0af087c87e4e Mon Sep 17 00:00:00 2001 From: Vincent Illiano Date: Tue, 19 Nov 2024 10:17:20 -0500 Subject: [PATCH 2/4] fix: permissions set in dockerfile (PSKD-903) Signed-off-by: Vincent Illiano --- Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 794f72e..1c0f956 100644 --- a/Dockerfile +++ b/Dockerfile @@ -43,8 +43,8 @@ RUN pip install -r ./requirements.txt --no-cache-dir \ && ansible-galaxy install -r ./requirements.yaml \ && chmod 755 /viya4-iac-k8s/docker-entrypoint.sh /viya4-iac-k8s/oss-k8s.sh \ && terraform init \ - && chmod g=u -R /etc/passwd /etc/group /viya4-iac-k8s \ - && git config --system --add safe.directory /viya4-iac-k8s + && git config --system --add safe.directory /viya4-iac-k8s \ + && chmod g=u -R /etc/passwd /etc/group /viya4-iac-k8s ENV IAC_TOOLING=docker ENV TF_VAR_iac_tooling=docker From dea2b5b8ca04dab0e7554c59ed7126a73bbc7c7b Mon Sep 17 00:00:00 2001 From: David Houck Date: Fri, 20 Dec 2024 13:38:49 -0500 Subject: [PATCH 3/4] feat: (PSKD-917) update calico for k8s 1.31 support (#137) Signed-off-by: David.Houck --- .github/workflows/linter-analysis.yaml | 6 + docs/CONFIG-VARS.md | 4 +- docs/REQUIREMENTS.md | 2 +- examples/bare-metal/sample-ansible-vars.yaml | 2 +- examples/vsphere/sample-terraform-dhcp.tfvars | 2 +- .../vsphere/sample-terraform-minimal.tfvars | 2 +- .../sample-terraform-static-ips.tfvars | 2 +- ...sample-terraform-static-singlestore.tfvars | 2 +- examples/vsphere/sample-terraform-vi.tfvars | 2 +- tests/variable_defaults.tftest.hcl | 257 ++++++++++++++++++ variables.tf | 4 +- 11 files changed, 274 insertions(+), 11 deletions(-) create mode 100644 tests/variable_defaults.tftest.hcl diff --git a/.github/workflows/linter-analysis.yaml b/.github/workflows/linter-analysis.yaml index f1d3214..8457607 100644 --- a/.github/workflows/linter-analysis.yaml +++ b/.github/workflows/linter-analysis.yaml @@ -50,6 +50,12 @@ jobs: path: ~/.tflint.d/plugins key: ubuntu-latest-tflint-${{ hashFiles('.tflint.hcl') }} + - name: Setup Terraform + uses: hashicorp/setup-terraform@v3 + with: + terraform_version: "^1.9.8" + terraform_wrapper: false + - name: Setup TFLint uses: terraform-linters/setup-tflint@v3.0.0 with: diff --git a/docs/CONFIG-VARS.md b/docs/CONFIG-VARS.md index ed3e37c..dbdb1c8 100644 --- a/docs/CONFIG-VARS.md +++ b/docs/CONFIG-VARS.md @@ -71,7 +71,7 @@ Terraform input variables can be set in the following ways: | :--- | :--- | :--- | :--- | :--- | | cluster_version | Kubernetes version | string | "1.29.7" | Valid values are listed here: [SAS Viya platform Supported Kubernetes Versions](https://documentation.sas.com/?cdcId=itopscdc&cdcVersion=default&docsetId=itopssr&docsetTarget=n1ika6zxghgsoqn1mq4bck9dx695.htm#p03v0o4maa8oidn1awe0w4xlxcf6). | | cluster_cni | Kubernetes container network interface (CNI) | string | "calico" | | -| cluster_cni_version | Kubernetes Container Network Interface (CNI) Version | string | "3.28.0" | | +| cluster_cni_version | Kubernetes Container Network Interface (CNI) Version | string | "3.29.0" | | | cluster_cri | Kubernetes container runtime interface (CRI) | string | "containerd" | | | cluster_cri_version | Version of the CRI specifed by `cluster_cri` to be installed | string | "1.6.28" | Set as an empty string to use the latest upstream version from the Docker APT repository. Currently only containerd is supported, see the [releases page](https://github.com/containerd/containerd/releases) for available versions | | cluster_service_subnet | Kubernetes service subnet | string | "10.43.0.0/16" | | @@ -357,7 +357,7 @@ The following variables are used to describe the machine targets for the SAS Viy | kubernetes_upgrade_allowed | | bool | true | **NOTE:** Not currently used. | | kubernetes_arch | | string | "{{ vm_arch }}" | This item is auto-filled. **ONLY** change the `vm_arch` value described previously. | | kubernetes_cni | Kubernetes Container Network Interface (CNI) | string | "calico" | | -| kubernetes_cni_version | Kubernetes Container Network Interface (CNI) Version | string | "3.28.0" | | +| kubernetes_cni_version | Kubernetes Container Network Interface (CNI) Version | string | "3.29.0" | | | kubernetes_cri | Kubernetes Container Runtime Interface (CRI) | string | "containerd" | | | kubernetes_cri_version | Version of the CRI specifed by `kubernetes_cri` to be installed | string | "1.6.28" | Set as an empty string to use the latest upstream version from the Docker APT repository. Currently only containerd is supported, see the [releases page](https://github.com/containerd/containerd/releases) for available versions | | | kubernetes_service_subnet | Kubernetes service subnet | string | "10.43.0.0/16" | | diff --git a/docs/REQUIREMENTS.md b/docs/REQUIREMENTS.md index 59908b5..c147459 100644 --- a/docs/REQUIREMENTS.md +++ b/docs/REQUIREMENTS.md @@ -217,7 +217,7 @@ system_ssh_keys_dir = "~/.ssh" # Directory holding public keys to be used on eac # Kubernetes - Cluster cluster_version = "1.29.7" # Kubernetes version cluster_cni = "calico" # Kubernetes Container Network Interface (CNI) -cluster_cni_version = "3.28.0" # Kubernetes Container Network Interface (CNI) Version +cluster_cni_version = "3.29.0" # Kubernetes Container Network Interface (CNI) Version cluster_cri = "containerd" # Kubernetes Container Runtime Interface (CRI) cluster_cri_version = "1.6.28" # Kubernetes Container Runtime Interface (CRI) Version cluster_service_subnet = "10.35.0.0/16" # Kubernetes service subnet diff --git a/examples/bare-metal/sample-ansible-vars.yaml b/examples/bare-metal/sample-ansible-vars.yaml index acffce3..53440c9 100644 --- a/examples/bare-metal/sample-ansible-vars.yaml +++ b/examples/bare-metal/sample-ansible-vars.yaml @@ -24,7 +24,7 @@ kubernetes_version : "" kubernetes_upgrade_allowed : true kubernetes_arch : "{{ vm_arch }}" kubernetes_cni : "calico" # Choices : [calico] -kubernetes_cni_version : "3.28.0" # Choices : [3.28.0] +kubernetes_cni_version : "3.29.0" # Choices : [3.29.0] kubernetes_cri : "containerd" # Choices : [containerd] kubernetes_cri_version : "1.6.28" # Choices : [1.6.28] kubernetes_service_subnet : "" diff --git a/examples/vsphere/sample-terraform-dhcp.tfvars b/examples/vsphere/sample-terraform-dhcp.tfvars index 176b202..bb1cbf5 100644 --- a/examples/vsphere/sample-terraform-dhcp.tfvars +++ b/examples/vsphere/sample-terraform-dhcp.tfvars @@ -20,7 +20,7 @@ system_ssh_keys_dir = "~/.ssh/oss" # Directory holding public keys to be used on # Kubernetes - Cluster cluster_version = "1.29.7" # Kubernetes Version cluster_cni = "calico" # Kubernetes Container Network Interface (CNI) -cluster_cni_version = "3.28.0" # Kubernetes Container Network Interface (CNI) Version +cluster_cni_version = "3.29.0" # Kubernetes Container Network Interface (CNI) Version cluster_cri = "containerd" # Kubernetes Container Runtime Interface (CRI) cluster_cri_version = "1.6.28" # Kubernetes Container Runtime Interface (CRI) Version cluster_service_subnet = "10.43.0.0/16" # Kubernetes Service Subnet diff --git a/examples/vsphere/sample-terraform-minimal.tfvars b/examples/vsphere/sample-terraform-minimal.tfvars index 2e87c3c..ee25c31 100644 --- a/examples/vsphere/sample-terraform-minimal.tfvars +++ b/examples/vsphere/sample-terraform-minimal.tfvars @@ -20,7 +20,7 @@ system_ssh_keys_dir = "~/.ssh/oss" # Directory holding public keys to be used on # Kubernetes - Cluster cluster_version = "1.29.7" # Kubernetes Version cluster_cni = "calico" # Kubernetes Container Network Interface (CNI) -cluster_cni_version = "3.28.0" # Kubernetes Container Network Interface (CNI) Version +cluster_cni_version = "3.29.0" # Kubernetes Container Network Interface (CNI) Version cluster_cri = "containerd" # Kubernetes Container Runtime Interface (CRI) cluster_cri_version = "1.6.28" # Kubernetes Container Runtime Interface (CRI) Version cluster_service_subnet = "10.43.0.0/16" # Kubernetes Service Subnet diff --git a/examples/vsphere/sample-terraform-static-ips.tfvars b/examples/vsphere/sample-terraform-static-ips.tfvars index 57ed206..f7d7515 100644 --- a/examples/vsphere/sample-terraform-static-ips.tfvars +++ b/examples/vsphere/sample-terraform-static-ips.tfvars @@ -20,7 +20,7 @@ system_ssh_keys_dir = "~/.ssh/oss" # Directory holding public keys to be used on # Kubernetes - Cluster cluster_version = "1.29.7" # Kubernetes Version cluster_cni = "calico" # Kubernetes Container Network Interface (CNI) -cluster_cni_version = "3.28.0" # Kubernetes Container Network Interface (CNI) Version +cluster_cni_version = "3.29.0" # Kubernetes Container Network Interface (CNI) Version cluster_cri = "containerd" # Kubernetes Container Runtime Interface (CRI) cluster_cri_version = "1.6.28" # Kubernetes Container Runtime Interface (CRI) Version cluster_service_subnet = "10.43.0.0/16" # Kubernetes Service Subnet diff --git a/examples/vsphere/sample-terraform-static-singlestore.tfvars b/examples/vsphere/sample-terraform-static-singlestore.tfvars index d782bbd..9307f5e 100644 --- a/examples/vsphere/sample-terraform-static-singlestore.tfvars +++ b/examples/vsphere/sample-terraform-static-singlestore.tfvars @@ -20,7 +20,7 @@ system_ssh_keys_dir = "~/.ssh/oss" # Directory holding public keys to be used on # Kubernetes - Cluster cluster_version = "1.29.7" # Kubernetes Version cluster_cni = "calico" # Kubernetes Container Network Interface (CNI) -cluster_cni_version = "3.28.0" # Kubernetes Container Network Interface (CNI) Version +cluster_cni_version = "3.29.0" # Kubernetes Container Network Interface (CNI) Version cluster_cri = "containerd" # Kubernetes Container Runtime Interface (CRI) cluster_cri_version = "1.6.28" # Kubernetes Container Runtime Interface (CRI) Version cluster_service_subnet = "10.43.0.0/16" # Kubernetes Service Subnet diff --git a/examples/vsphere/sample-terraform-vi.tfvars b/examples/vsphere/sample-terraform-vi.tfvars index ab1bb76..0b4e0a6 100644 --- a/examples/vsphere/sample-terraform-vi.tfvars +++ b/examples/vsphere/sample-terraform-vi.tfvars @@ -20,7 +20,7 @@ system_ssh_keys_dir = "~/.ssh/oss" # Directory holding public keys to be used on # Kubernetes - Cluster cluster_version = "1.29.7" # Kubernetes Version cluster_cni = "calico" # Kubernetes Container Network Interface (CNI) -cluster_cni_version = "3.28.0" # Kubernetes Container Network Interface (CNI) Version +cluster_cni_version = "3.29.0" # Kubernetes Container Network Interface (CNI) Version cluster_cri = "containerd" # Kubernetes Container Runtime Interface (CRI) cluster_cri_version = "1.6.28" # Kubernetes Container Runtime Interface (CRI) Version cluster_service_subnet = "10.43.0.0/16" # Kubernetes Service Subnet diff --git a/tests/variable_defaults.tftest.hcl b/tests/variable_defaults.tftest.hcl new file mode 100644 index 0000000..3ce95c9 --- /dev/null +++ b/tests/variable_defaults.tftest.hcl @@ -0,0 +1,257 @@ +# Description: This terraform test file checks the default values for variables in the variables.tf file. +# The variables are used to define the configuration of the virtual machines that will be created in the vSphere environment. +# +# The tests check the default values for the following variables: +# +# - cluster_cni +# - cluster_cni_version +# +# The test checks that the default values for the variables match the expected values. +# +# The expected values are: +# - cluster_cni: "calico" +# - cluster_cni_version: "3.29.0" +# +# In order to run this test, the following environment variables must be exported to the shell where the test is run: +# - vsphere_server +# - vsphere_username +# - vsphere_password +# +# The following statements are an example of how to export the environment variables prior to running the test: +# +# export TF_VAR_vsphere_user=**** +# export TF_VAR_vsphere_password=**** +# export TF_VAR_vsphere_server=vcenter*.*.*.* +# +# Be sure to fill in the configured VSphere values for the _REPLACE_ME_ placeholders in the vSphere variables section below. +# +# The test can be executed by running the following command in the root directory of the repository: +# terraform test --verbose --filter=tests/variable_defaults.tftest.hcl + + +variables { + +deployment_type = "vsphere" + +# General items +ansible_user = "ubuntu" +ansible_password = "ubuntu" +prefix = "prefix14" # Infra prefix TODO REPLACE ME +gateway = "10.124.93.1" # Gateway for servers +netmask = "24" # Network interface netmask + +# vSphere +# TODO: Replace the first three values below with the correct values for your configured VSphere environment +vsphere_server = "_REPLACE_ME_" # Name of the vSphere server +vsphere_datacenter = "_REPLACE_ME_" # Name of the vSphere data center +vsphere_datastore = "_REPLACE_ME_" # Name of the vSphere data store to use for the VMs +vsphere_resource_pool = "viya4-iac-k8s-testing-resource-pool" # Name of the vSphere resource pool to use for the VMs +vsphere_folder = "Infrastructure as Code/Users/nobody" # Name of the vSphere folder to store the vms TODO REPLACE ME, use your own folder +vsphere_template = "ubuntu_22.04_LTS" # Name of the VM template to clone to create VMs for the cluster TODO REPLACE ME, optional ubuntu_20.04_LTS is also available +vsphere_network = "IACdhcp" # Name of the network to to use for the VMs + +# Systems +system_ssh_keys_dir = "/workspace/.ssh" # Directory holding public keys to be used on each system, TODO REPLACE ME your path may differ + +# Kubernetes - Cluster +cluster_version = "1.30.4" # Kubernetes Version +# The next two lines are intentionally commented out to test the assigned default values +#cluster_cni = "calico" # Kubernetes Container Network Interface (CNI) +#cluster_cni_version = "3.29.0" # Kubernetes Container Network Interface (CNI) Version +cluster_cri = "containerd" # Kubernetes Container Runtime Interface (CRI) +cluster_cri_version = "1.6.28" # Kubernetes Container Runtime Interface (CRI) Version +cluster_service_subnet = "10.43.0.0/16" # Kubernetes Service Subnet +cluster_pod_subnet = "10.42.0.0/16" # Kubernetes Pod Subnet +cluster_domain = "sas.com" # Cluster domain suffix for DNS + +# Kubernetes - Cluster VIP +cluster_vip_version = "0.7.1" +cluster_vip_ip = "10.124.93.221" # TODO REPLACE ME, put the first IP of the contiguous block your reserved earlier +cluster_vip_fqdn = "host.sas.com" # TODO REPLACE ME, put the fqdn of the first IP of the contiguous block your reserved earlier + +# Kubernetes - Load Balancer + +# Load Balancer Type +cluster_lb_type = "kube_vip" # Load Balancer accepted values [kube_vip,metallb] + +# Load Balancer Addresses +# +# Examples for each load balancer type can be found here: +# +# kube-vip address format : https://kube-vip.io/docs/usage/cloud-provider/#the-kube-vip-cloud-provider-configmap +# MetalLB address format : https://metallb.universe.tf/configuration/#layer-2-configuration +# +# kube-vip sample: +# +# cluster_lb_addresses = [ +# "cidr-default: 192.168.0.200/29", # CIDR-based IP range for use in the default Namespace +# "range-development: 192.168.0.210-192.168.0.219", # Range-based IP range for use in the development Namespace +# "cidr-finance: 192.168.0.220/29,192.168.0.230/29", # Multiple CIDR-based ranges for use in the finance Namespace +# "cidr-global: 192.168.0.240/29" # CIDR-based range which can be used in any Namespace +# ] +# +# MetalLB sample: +# +# cluster_lb_addresses = [ +# "192.168.10.0/24", +# "192.168.9.1-192.168.9.5" +# ] +# +# NOTE: If you are assigning a static IP using the loadBalancerIP value for your +# load balancer controller service when using `metallb` that IP must fall +# within the address range you provide below. If you are using `kube_vip` +# you do not have this limitation. +# +#cluster_lb_addresses = [] +#kube-vip +cluster_lb_addresses = [ + "range-global: 10.124.93.222-10.124.93.223", # Range-based IP range for use in the development Namespace # TODO REPLACE ME, range of the second and third IP of the contiguous block you reserved earlier. +] + +# Control plane node shared ssh key name +control_plane_ssh_key_name = "cp_ssh" + +# Cluster Node Pools config +# +# Your node pools must contain at least 3 or more nodes. +# The required node types are: +# +# * control_plane - Having an odd number 3/5/7... ensures +# HA while using kube-vip +# * system - System node pool to run misc pods, etc +# * cas - CAS Nodes +# * - Any number of node types with unique names. +# These are typically: compute, stateful, and +# stateless. +# +node_pools = { + # REQUIRED NODE TYPE - DO NOT REMOVE and DO NOT CHANGE THE NAME + # Other variables may be altered + control_plane = { + count = 3 + cpus = 2 + memory = 4096 + os_disk = 100 + node_taints = [] + node_labels = {} + }, + # REQUIRED NODE TYPE - DO NOT REMOVE and DO NOT CHANGE THE NAME + # Other variables may be altered + system = { + count = 1 + cpus = 8 + memory = 65536 + os_disk = 100 + node_taints = [] + node_labels = { + "kubernetes.azure.com/mode" = "system" # REQUIRED LABEL - DO NOT REMOVE + } + }, + cas = { + count = 3 + cpus = 16 + memory = 131072 + os_disk = 350 + misc_disks = [ + 150, + 150, + ] + node_taints = ["workload.sas.com/class=cas:NoSchedule"] + node_labels = { + "workload.sas.com/class" = "cas" + } + }, + compute = { + count = 1 + cpus = 16 + memory = 131072 + os_disk = 100 + node_taints = ["workload.sas.com/class=compute:NoSchedule"] + node_labels = { + "workload.sas.com/class" = "compute" + "launcher.sas.com/prepullImage" = "sas-programming-environment" + } + }, + stateful = { + count = 1 + cpus = 8 + memory = 32768 + os_disk = 100 + misc_disks = [ + 150, + ] + node_taints = ["workload.sas.com/class=stateful:NoSchedule"] + node_labels = { + "workload.sas.com/class" = "stateful" + } + }, + stateless = { + count = 2 + cpus = 8 + memory = 32768 + os_disk = 100 + misc_disks = [ + 150, + ] + node_taints = ["workload.sas.com/class=stateless:NoSchedule"] + node_labels = { + "workload.sas.com/class" = "stateless" + } + } +} + +# Jump server +create_jump = true # Creation flag +jump_num_cpu = 4 # 4 CPUs +jump_memory = 8092 # 8 GB +jump_disk_size = 100 # 100 GB +jump_ip = "10.124.93.143" # Assigned values for static IPs # TODO REPLACE ME, use reserved jump IP + +# NFS server +create_nfs = true # Creation flag +nfs_num_cpu = 4 # 4 CPUs +nfs_memory = 16384 # 16 GB +nfs_disk_size = 400 # 400 GB +nfs_ip = "10.124.93.67" # Assigned values for static IPs # TODO REPLACE ME, use reserved nfs IP + +# Postgres Servers +postgres_servers = { + default = { + server_num_cpu = 4 # 4 CPUs + server_memory = 16384 # 16 GB + server_disk_size = 128 # 128 GB + server_ip = "10.124.93.126" # Assigned values for static IPs # TODO REPLACE ME, use reserved nfs IP + server_version = 15 # PostgreSQL version + server_ssl = "off" # SSL flag + administrator_login = "postgres" # PostgreSQL admin user - CANNOT BE CHANGED + administrator_password = "S3cretPassw0rd" # PostgreSQL admin user password + } +} + +} + +run "cluster_cni_should_default_to_calico" { + + command = plan + + variables { + } + + assert { + condition = var.cluster_cni == "calico" + error_message = "A default value of \"${var.cluster_cni}\" for cluster_cni was not expected." + } +} + +run "cluster_cni_version_should_default_to_3_29_0" { + + command = plan + + variables { + } + + assert { + condition = var.cluster_cni_version == "3.29.0" + error_message = "A default value of \"${var.cluster_cni_version}\" for cluster_cni_version was not expected." + } +} diff --git a/variables.tf b/variables.tf index 7c8ca40..c7666f2 100644 --- a/variables.tf +++ b/variables.tf @@ -306,8 +306,8 @@ variable "cluster_cni" { } variable "cluster_cni_version" { - type = string - default = "3.28.0" + type = string + default = "3.29.0" } variable "cluster_cri" { From cb51f6d82986676a4b48e045788c08997f3fd822 Mon Sep 17 00:00:00 2001 From: Chris Miller <53184971+saschjmil@users.noreply.github.com> Date: Thu, 9 Jan 2025 16:56:26 -0500 Subject: [PATCH 4/4] feat: (PSKD-817) Support K8s 1.31 and update containerd verison (#138) * feat: (PSKD-817) Support K8s 1.31 * feat: (PSKD-817) update containerd to 1.7.24 Signed-off-by: chjmil --------- Signed-off-by: chjmil --- Dockerfile | 6 +++--- docs/CONFIG-VARS.md | 8 ++++---- docs/REQUIREMENTS.md | 8 ++++---- docs/user/Dependencies.md | 2 +- examples/bare-metal/sample-ansible-vars.yaml | 2 +- examples/vsphere/sample-terraform-dhcp.tfvars | 4 ++-- examples/vsphere/sample-terraform-minimal.tfvars | 4 ++-- examples/vsphere/sample-terraform-static-ips.tfvars | 4 ++-- .../vsphere/sample-terraform-static-singlestore.tfvars | 4 ++-- examples/vsphere/sample-terraform-vi.tfvars | 4 ++-- roles/kubernetes/cri/containerd/defaults/main.yaml | 2 +- tests/variable_defaults.tftest.hcl | 2 +- variables.tf | 8 ++++---- 13 files changed, 29 insertions(+), 29 deletions(-) diff --git a/Dockerfile b/Dockerfile index 1c0f956..5ff5b48 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,5 +1,5 @@ # Base layer -FROM ubuntu:22.04 as baseline +FROM ubuntu:22.04 AS baseline RUN apt-get update && apt-get upgrade -y --no-install-recommends \ && apt-get install -y python3 python3-dev python3-pip curl unzip gnupg --no-install-recommends \ && update-alternatives --install /usr/bin/python python /usr/bin/python3 1 \ @@ -7,9 +7,9 @@ RUN apt-get update && apt-get upgrade -y --no-install-recommends \ && apt-get clean && rm -rf /var/lib/apt/lists/* # Layers used for building/downloading/installing tools -FROM baseline as tool_builder +FROM baseline AS tool_builder ARG HELM_VERSION=3.16.2 -ARG KUBECTL_VERSION=1.29.10 +ARG KUBECTL_VERSION=1.30.8 ARG TERRAFORM_VERSION=1.9.8-* WORKDIR /build diff --git a/docs/CONFIG-VARS.md b/docs/CONFIG-VARS.md index dbdb1c8..1bc48b7 100644 --- a/docs/CONFIG-VARS.md +++ b/docs/CONFIG-VARS.md @@ -69,11 +69,11 @@ Terraform input variables can be set in the following ways: | Name | Description | Type | Default | Notes | | :--- | :--- | :--- | :--- | :--- | -| cluster_version | Kubernetes version | string | "1.29.7" | Valid values are listed here: [SAS Viya platform Supported Kubernetes Versions](https://documentation.sas.com/?cdcId=itopscdc&cdcVersion=default&docsetId=itopssr&docsetTarget=n1ika6zxghgsoqn1mq4bck9dx695.htm#p03v0o4maa8oidn1awe0w4xlxcf6). | +| cluster_version | Kubernetes version | string | "1.30.8" | Valid values are listed here: [SAS Viya platform Supported Kubernetes Versions](https://documentation.sas.com/?cdcId=itopscdc&cdcVersion=default&docsetId=itopssr&docsetTarget=n1ika6zxghgsoqn1mq4bck9dx695.htm#p03v0o4maa8oidn1awe0w4xlxcf6). | | cluster_cni | Kubernetes container network interface (CNI) | string | "calico" | | | cluster_cni_version | Kubernetes Container Network Interface (CNI) Version | string | "3.29.0" | | | cluster_cri | Kubernetes container runtime interface (CRI) | string | "containerd" | | -| cluster_cri_version | Version of the CRI specifed by `cluster_cri` to be installed | string | "1.6.28" | Set as an empty string to use the latest upstream version from the Docker APT repository. Currently only containerd is supported, see the [releases page](https://github.com/containerd/containerd/releases) for available versions | +| cluster_cri_version | Version of the CRI specifed by `cluster_cri` to be installed | string | "1.7.24" | Set as an empty string to use the latest upstream version from the Docker APT repository. Currently only containerd is supported, see the [releases page](https://github.com/containerd/containerd/releases) for available versions | | cluster_service_subnet | Kubernetes service subnet | string | "10.43.0.0/16" | | | cluster_pod_subnet | Kubernetes pod subnet | string | "10.42.0.0/16" | | | cluster_domain | Cluster domain suffix for DNS | string | | | @@ -353,13 +353,13 @@ The following variables are used to describe the machine targets for the SAS Viy | prefix | A prefix used in the names of all the resources created by this script | string | | | | deployment_type | Type of deployment to be performed | string | "bare_metal" | Specify `bare_metal` or `vsphere`. | | kubernetes_cluster_name | Cluster name | string | "{{ prefix }}-oss" | This item is auto-filled. **ONLY** change the `prefix` value described previously. | -| kubernetes_version | Kubernetes version | string | "1.29.7" | Valid values are listed here: [Kubernetes Releases](https://kubernetes.io/releases/). | +| kubernetes_version | Kubernetes version | string | "1.30.8" | Valid values are listed here: [Kubernetes Releases](https://kubernetes.io/releases/). | | kubernetes_upgrade_allowed | | bool | true | **NOTE:** Not currently used. | | kubernetes_arch | | string | "{{ vm_arch }}" | This item is auto-filled. **ONLY** change the `vm_arch` value described previously. | | kubernetes_cni | Kubernetes Container Network Interface (CNI) | string | "calico" | | | kubernetes_cni_version | Kubernetes Container Network Interface (CNI) Version | string | "3.29.0" | | | kubernetes_cri | Kubernetes Container Runtime Interface (CRI) | string | "containerd" | | -| kubernetes_cri_version | Version of the CRI specifed by `kubernetes_cri` to be installed | string | "1.6.28" | Set as an empty string to use the latest upstream version from the Docker APT repository. Currently only containerd is supported, see the [releases page](https://github.com/containerd/containerd/releases) for available versions | | +| kubernetes_cri_version | Version of the CRI specifed by `kubernetes_cri` to be installed | string | "1.7.24" | Set as an empty string to use the latest upstream version from the Docker APT repository. Currently only containerd is supported, see the [releases page](https://github.com/containerd/containerd/releases) for available versions | | | kubernetes_service_subnet | Kubernetes service subnet | string | "10.43.0.0/16" | | | kubernetes_pod_subnet | Kubernetes pod subnet | string | "10.42.0.0/16" | | | kubernetes_vip_version | kube-vip version | string | "0.7.1" | | diff --git a/docs/REQUIREMENTS.md b/docs/REQUIREMENTS.md index c147459..3dce3c1 100644 --- a/docs/REQUIREMENTS.md +++ b/docs/REQUIREMENTS.md @@ -215,11 +215,11 @@ vsphere_network = "" # Name of the network to to use for the VMs system_ssh_keys_dir = "~/.ssh" # Directory holding public keys to be used on each machine # Kubernetes - Cluster -cluster_version = "1.29.7" # Kubernetes version +cluster_version = "1.30.8" # Kubernetes version cluster_cni = "calico" # Kubernetes Container Network Interface (CNI) cluster_cni_version = "3.29.0" # Kubernetes Container Network Interface (CNI) Version cluster_cri = "containerd" # Kubernetes Container Runtime Interface (CRI) -cluster_cri_version = "1.6.28" # Kubernetes Container Runtime Interface (CRI) Version +cluster_cri_version = "1.7.24" # Kubernetes Container Runtime Interface (CRI) Version cluster_service_subnet = "10.35.0.0/16" # Kubernetes service subnet cluster_pod_subnet = "10.36.0.0/16" # Kubernetes Pod subnet cluster_domain = "sample.domain.foo.com" # Cluster domain suffix for DNS @@ -522,9 +522,9 @@ kubernetes_version : "" kubernetes_upgrade_allowed : true kubernetes_arch : "{{ vm_arch }}" kubernetes_cni : "calico" # Choices : [calico] -kubernetes_cni_version : "3.28.0" # Choices : [3.28.0] +kubernetes_cni_version : "3.29.0" # Choices : [3.29.0] kubernetes_cri : "containerd" # Choices : [containerd] -kubernetes_cri_version : "1.6.28" # Choices : [1.6.28] +kubernetes_cri_version : "1.7.24" # Choices : [1.7.24] kubernetes_service_subnet : "" kubernetes_pod_subnet : "" diff --git a/docs/user/Dependencies.md b/docs/user/Dependencies.md index 0d3b9b5..a77d40c 100644 --- a/docs/user/Dependencies.md +++ b/docs/user/Dependencies.md @@ -53,7 +53,7 @@ Example of using build arguments to control specific versions of dependencies in ```bash # Override kubectl version docker build \ - --build-arg KUBECTL_VERSION=1.29.7 \ + --build-arg KUBECTL_VERSION=1.30.8 \ -t viya4-iac-k8s . ``` diff --git a/examples/bare-metal/sample-ansible-vars.yaml b/examples/bare-metal/sample-ansible-vars.yaml index 53440c9..dd544b1 100644 --- a/examples/bare-metal/sample-ansible-vars.yaml +++ b/examples/bare-metal/sample-ansible-vars.yaml @@ -26,7 +26,7 @@ kubernetes_arch : "{{ vm_arch }}" kubernetes_cni : "calico" # Choices : [calico] kubernetes_cni_version : "3.29.0" # Choices : [3.29.0] kubernetes_cri : "containerd" # Choices : [containerd] -kubernetes_cri_version : "1.6.28" # Choices : [1.6.28] +kubernetes_cri_version : "1.7.24" # Choices : [1.7.24] kubernetes_service_subnet : "" kubernetes_pod_subnet : "" diff --git a/examples/vsphere/sample-terraform-dhcp.tfvars b/examples/vsphere/sample-terraform-dhcp.tfvars index bb1cbf5..202d5db 100644 --- a/examples/vsphere/sample-terraform-dhcp.tfvars +++ b/examples/vsphere/sample-terraform-dhcp.tfvars @@ -18,11 +18,11 @@ vsphere_network = "" # Name of the network to to use for the VMs system_ssh_keys_dir = "~/.ssh/oss" # Directory holding public keys to be used on each system # Kubernetes - Cluster -cluster_version = "1.29.7" # Kubernetes Version +cluster_version = "1.30.8" # Kubernetes Version cluster_cni = "calico" # Kubernetes Container Network Interface (CNI) cluster_cni_version = "3.29.0" # Kubernetes Container Network Interface (CNI) Version cluster_cri = "containerd" # Kubernetes Container Runtime Interface (CRI) -cluster_cri_version = "1.6.28" # Kubernetes Container Runtime Interface (CRI) Version +cluster_cri_version = "1.7.24" # Kubernetes Container Runtime Interface (CRI) Version cluster_service_subnet = "10.43.0.0/16" # Kubernetes Service Subnet cluster_pod_subnet = "10.42.0.0/16" # Kubernetes Pod Subnet cluster_domain = "" # Cluster domain suffix for DNS diff --git a/examples/vsphere/sample-terraform-minimal.tfvars b/examples/vsphere/sample-terraform-minimal.tfvars index ee25c31..57521e5 100644 --- a/examples/vsphere/sample-terraform-minimal.tfvars +++ b/examples/vsphere/sample-terraform-minimal.tfvars @@ -18,11 +18,11 @@ vsphere_network = "" # Name of the network to to use for the VMs system_ssh_keys_dir = "~/.ssh/oss" # Directory holding public keys to be used on each system # Kubernetes - Cluster -cluster_version = "1.29.7" # Kubernetes Version +cluster_version = "1.30.8" # Kubernetes Version cluster_cni = "calico" # Kubernetes Container Network Interface (CNI) cluster_cni_version = "3.29.0" # Kubernetes Container Network Interface (CNI) Version cluster_cri = "containerd" # Kubernetes Container Runtime Interface (CRI) -cluster_cri_version = "1.6.28" # Kubernetes Container Runtime Interface (CRI) Version +cluster_cri_version = "1.7.24" # Kubernetes Container Runtime Interface (CRI) Version cluster_service_subnet = "10.43.0.0/16" # Kubernetes Service Subnet cluster_pod_subnet = "10.42.0.0/16" # Kubernetes Pod Subnet cluster_domain = "" # Cluster domain suffix for DNS diff --git a/examples/vsphere/sample-terraform-static-ips.tfvars b/examples/vsphere/sample-terraform-static-ips.tfvars index f7d7515..8b3162a 100644 --- a/examples/vsphere/sample-terraform-static-ips.tfvars +++ b/examples/vsphere/sample-terraform-static-ips.tfvars @@ -18,11 +18,11 @@ vsphere_network = "" # Name of the network to to use for the VMs system_ssh_keys_dir = "~/.ssh/oss" # Directory holding public keys to be used on each system # Kubernetes - Cluster -cluster_version = "1.29.7" # Kubernetes Version +cluster_version = "1.30.8" # Kubernetes Version cluster_cni = "calico" # Kubernetes Container Network Interface (CNI) cluster_cni_version = "3.29.0" # Kubernetes Container Network Interface (CNI) Version cluster_cri = "containerd" # Kubernetes Container Runtime Interface (CRI) -cluster_cri_version = "1.6.28" # Kubernetes Container Runtime Interface (CRI) Version +cluster_cri_version = "1.7.24" # Kubernetes Container Runtime Interface (CRI) Version cluster_service_subnet = "10.43.0.0/16" # Kubernetes Service Subnet cluster_pod_subnet = "10.42.0.0/16" # Kubernetes Pod Subnet cluster_domain = "" # Cluster domain suffix for DNS diff --git a/examples/vsphere/sample-terraform-static-singlestore.tfvars b/examples/vsphere/sample-terraform-static-singlestore.tfvars index 9307f5e..b996769 100644 --- a/examples/vsphere/sample-terraform-static-singlestore.tfvars +++ b/examples/vsphere/sample-terraform-static-singlestore.tfvars @@ -18,11 +18,11 @@ vsphere_network = "" # Name of the network to to use for the VMs system_ssh_keys_dir = "~/.ssh/oss" # Directory holding public keys to be used on each system # Kubernetes - Cluster -cluster_version = "1.29.7" # Kubernetes Version +cluster_version = "1.30.8" # Kubernetes Version cluster_cni = "calico" # Kubernetes Container Network Interface (CNI) cluster_cni_version = "3.29.0" # Kubernetes Container Network Interface (CNI) Version cluster_cri = "containerd" # Kubernetes Container Runtime Interface (CRI) -cluster_cri_version = "1.6.28" # Kubernetes Container Runtime Interface (CRI) Version +cluster_cri_version = "1.7.24" # Kubernetes Container Runtime Interface (CRI) Version cluster_service_subnet = "10.43.0.0/16" # Kubernetes Service Subnet cluster_pod_subnet = "10.42.0.0/16" # Kubernetes Pod Subnet cluster_domain = "" # Cluster domain suffix for DNS diff --git a/examples/vsphere/sample-terraform-vi.tfvars b/examples/vsphere/sample-terraform-vi.tfvars index 0b4e0a6..45a2d15 100644 --- a/examples/vsphere/sample-terraform-vi.tfvars +++ b/examples/vsphere/sample-terraform-vi.tfvars @@ -18,11 +18,11 @@ vsphere_network = "" # Name of the network to to use for the VMs system_ssh_keys_dir = "~/.ssh/oss" # Directory holding public keys to be used on each system # Kubernetes - Cluster -cluster_version = "1.29.7" # Kubernetes Version +cluster_version = "1.30.8" # Kubernetes Version cluster_cni = "calico" # Kubernetes Container Network Interface (CNI) cluster_cni_version = "3.29.0" # Kubernetes Container Network Interface (CNI) Version cluster_cri = "containerd" # Kubernetes Container Runtime Interface (CRI) -cluster_cri_version = "1.6.28" # Kubernetes Container Runtime Interface (CRI) Version +cluster_cri_version = "1.7.24" # Kubernetes Container Runtime Interface (CRI) Version cluster_service_subnet = "10.43.0.0/16" # Kubernetes Service Subnet cluster_pod_subnet = "10.42.0.0/16" # Kubernetes Pod Subnet cluster_domain = "" # Cluster domain suffix for DNS diff --git a/roles/kubernetes/cri/containerd/defaults/main.yaml b/roles/kubernetes/cri/containerd/defaults/main.yaml index 72a80b6..83af9c8 100644 --- a/roles/kubernetes/cri/containerd/defaults/main.yaml +++ b/roles/kubernetes/cri/containerd/defaults/main.yaml @@ -11,5 +11,5 @@ # Focal 20 https://download.docker.com/linux/ubuntu/dists/focal/stable/binary-amd64/ # On that page select "Packages" and the text file that is downloaded will contain all the versions of # containerd available in the repository. -kubernetes_cri_version: "1.6.28" +kubernetes_cri_version: "1.7.24" kubernetes_cri_deb_rev: "" diff --git a/tests/variable_defaults.tftest.hcl b/tests/variable_defaults.tftest.hcl index 3ce95c9..eedd56f 100644 --- a/tests/variable_defaults.tftest.hcl +++ b/tests/variable_defaults.tftest.hcl @@ -59,7 +59,7 @@ cluster_version = "1.30.4" # Kubernetes Version #cluster_cni = "calico" # Kubernetes Container Network Interface (CNI) #cluster_cni_version = "3.29.0" # Kubernetes Container Network Interface (CNI) Version cluster_cri = "containerd" # Kubernetes Container Runtime Interface (CRI) -cluster_cri_version = "1.6.28" # Kubernetes Container Runtime Interface (CRI) Version +cluster_cri_version = "1.7.24" # Kubernetes Container Runtime Interface (CRI) Version cluster_service_subnet = "10.43.0.0/16" # Kubernetes Service Subnet cluster_pod_subnet = "10.42.0.0/16" # Kubernetes Pod Subnet cluster_domain = "sas.com" # Cluster domain suffix for DNS diff --git a/variables.tf b/variables.tf index c7666f2..6acec57 100644 --- a/variables.tf +++ b/variables.tf @@ -297,7 +297,7 @@ variable "cluster_domain" { variable "cluster_version" { type = string - default = "1.29.7" + default = "1.30.8" } variable "cluster_cni" { @@ -306,8 +306,8 @@ variable "cluster_cni" { } variable "cluster_cni_version" { - type = string - default = "3.29.0" + type = string + default = "3.29.0" } variable "cluster_cri" { @@ -317,7 +317,7 @@ variable "cluster_cri" { variable "cluster_cri_version" { type = string - default = "1.6.28" + default = "1.7.24" } variable "cluster_service_subnet" {