Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: Bottlerocket Update Operator Addon #349

Merged
merged 17 commits into from
Feb 8, 2024
Merged

feat: Bottlerocket Update Operator Addon #349

merged 17 commits into from
Feb 8, 2024

Conversation

rodrigobersa
Copy link
Contributor

What does this PR do?

Adding Bottlerocket Update Operator addons for automated CVE patching on Bottlerocket OS based nodes.

Motivation

Requested by the Bottlerocket Pattern PR here

More

  • Yes, I have tested the PR using my local account setup (Provide any test evidence report under Additional Notes)
  • Yes, I ran pre-commit run -a with this PR

For Moderators

  • E2E Test successfully complete before merge?

Additional Notes

@rodrigobersa rodrigobersa changed the title new: Bottlerocket Update Operator Addon feat: Bottlerocket Update Operator Addon Feb 1, 2024
@rodrigobersa rodrigobersa marked this pull request as ready for review February 1, 2024 23:42
@rodrigobersa rodrigobersa requested a review from a team as a code owner February 1, 2024 23:42
askulkarni2
askulkarni2 reviewed Feb 2, 2024
View reviewed changes
main.tf Outdated Show resolved Hide resolved
main.tf Outdated Show resolved Hide resolved
askulkarni2
askulkarni2 approved these changes Feb 8, 2024
View reviewed changes
Copy link
Contributor

@askulkarni2 askulkarni2 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@askulkarni2 askulkarni2 merged commit b338f77 into main Feb 8, 2024
6 checks passed
@askulkarni2 askulkarni2 deleted the addon/bropup branch February 8, 2024 23:28
@brenwhyte
Copy link

brenwhyte commented Feb 9, 2024
edited
Loading

Edit:
Apologies, I see an issue is in place already
#354

===

Getting an error after bumping to 1.15.0

│ Error: Unsupported attribute
│ 
│   on .terraform/modules/eks_cluster.karpenter/main.tf line 3688, in locals:
│ 3688:   wait_for_cert_manager = var.cert_manager.wait ? [module.cert_manager] : []
│     ├────────────────
│     │ var.cert_manager is object with no attributes
│ 
│ This object does not have an attribute named "wait".

If I add

  enable_cert_manager = false
  cert_manager = {
    wait = true
  }

it goes away:

eg

module "karpenter" {
  source  = "aws-ia/eks-blueprints-addons/aws"
  version = "~> 1.15.0"

  cluster_name      = module.eks.cluster_name
  cluster_endpoint  = module.eks.cluster_endpoint
  cluster_version   = module.eks.cluster_version
  oidc_provider_arn = module.eks.oidc_provider_arn

  # We want to wait for the Fargate profiles to be deployed first
  create_delay_dependencies = [for prof in module.eks.fargate_profiles : prof.fargate_profile_arn]

  enable_cert_manager = false     <~~~~ This block is added
  cert_manager = {
    wait = true
  }

  enable_karpenter = true
  karpenter = {
    chart_version  = local.karpenter_version
    atomic              = true
    recreate_pods = true
    wait                   = true
    reuse_values   = true

  set = [
    {
      name  = "dnsPolicy"
      value = "Default"
    },
    {
      name  = "replicas"
      value = "2"
    }
  ]
  }
  karpenter_node = {
    iam_role_use_name_prefix = false
  }

  tags = local.tags

}

I have not done a ton of troubleshooting here so excuse me if that's a red herring on my part.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@askulkarni2 askulkarni2 askulkarni2 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@rodrigobersa @brenwhyte @askulkarni2