From 40b6b852baff343a4ce221d1e193823792aa53ed Mon Sep 17 00:00:00 2001 From: kamal-devtron <128121299+kamal-devtron@users.noreply.github.com> Date: Thu, 27 Mar 2025 15:54:09 +0530 Subject: [PATCH 1/7] Create eksctl-devtron-karpenter-mng.yaml --- .../eksctl-devtron-karpenter-mng.yaml | 36 +++++++++++++++++++ 1 file changed, 36 insertions(+) create mode 100644 eksctl-configs/eksctl-devtron-karpenter-mng.yaml diff --git a/eksctl-configs/eksctl-devtron-karpenter-mng.yaml b/eksctl-configs/eksctl-devtron-karpenter-mng.yaml new file mode 100644 index 00000000..d35f9821 --- /dev/null +++ b/eksctl-configs/eksctl-devtron-karpenter-mng.yaml @@ -0,0 +1,36 @@ +apiVersion: eksctl.io/v1alpha5 +kind: ClusterConfig + +metadata: + name: devtron-cluster + region: ap-south-1 + version: "1.32" +managedNodeGroups: + - name: devtron-managed-ng + privateNetworking: true + desiredCapacity: 1 + minSize: 1 + maxSize: 2 + instanceTypes: ["c6g.large"] + labels: {} + iam: + withAddonPolicies: + autoScaler: true + attachPolicyARNs: + - arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy + - arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy + - arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryFullAccess + - arn:aws:iam::aws:policy/AmazonEKSClusterPolicy + - arn:aws:iam::aws:policy/AmazonEKSServicePolicy + - arn:aws:iam::XXXXXXXXX:policy/devtron-cluster-IAM-policy + - arn:aws:iam::aws:policy/AmazonSSMManagedEC2InstanceDefaultPolicy + ssh: + allow: true + publicKeyName: "infra" + enableSsm: true + volumeSize: 50 + volumeType: gp3 + volumeEncrypted: true + asgSuspendProcesses: ["AZRebalance"] + tags: + Component : devtron From 6f62f228896108cc360f4a6a47c3659f5e0de95c Mon Sep 17 00:00:00 2001 From: kamal-devtron <128121299+kamal-devtron@users.noreply.github.com> Date: Thu, 27 Mar 2025 16:00:52 +0530 Subject: [PATCH 2/7] Update eksctl-devtron-karpenter-mng.yaml --- eksctl-configs/eksctl-devtron-karpenter-mng.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/eksctl-configs/eksctl-devtron-karpenter-mng.yaml b/eksctl-configs/eksctl-devtron-karpenter-mng.yaml index d35f9821..8921acbe 100644 --- a/eksctl-configs/eksctl-devtron-karpenter-mng.yaml +++ b/eksctl-configs/eksctl-devtron-karpenter-mng.yaml @@ -5,6 +5,8 @@ metadata: name: devtron-cluster region: ap-south-1 version: "1.32" +accessConfig: + authenticationMode: API_AND_CONFIG_MAP managedNodeGroups: - name: devtron-managed-ng privateNetworking: true From 447e9834a4426eef938cfe2b03c6cc0a1df13b68 Mon Sep 17 00:00:00 2001 From: kamal-devtron <128121299+kamal-devtron@users.noreply.github.com> Date: Thu, 27 Mar 2025 18:21:48 +0530 Subject: [PATCH 3/7] Update eksctl-devtron-arm-confis.yaml --- eksctl-configs/eksctl-devtron-arm-confis.yaml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/eksctl-configs/eksctl-devtron-arm-confis.yaml b/eksctl-configs/eksctl-devtron-arm-confis.yaml index 1f3c581d..8edff7cd 100644 --- a/eksctl-configs/eksctl-devtron-arm-confis.yaml +++ b/eksctl-configs/eksctl-devtron-arm-confis.yaml @@ -6,7 +6,9 @@ kind: ClusterConfig metadata: name: devtron-cluster region: ap-south-1 - version: "1.30" + version: "1.31" +accessConfig: + authenticationMode: CONFIG_MAP vpc: ## Make sure that this CIDR doesn't overlaps with any other exisiting VPC with which a peering needs to be done. @@ -37,6 +39,7 @@ nodeGroups: - arn:aws:iam::aws:policy/AmazonEKSClusterPolicy - arn:aws:iam::aws:policy/AmazonEKSServicePolicy - arn:aws:iam::xxxxxxxxxxxxx:policy/devtron-cluster-IAM-policy + - arn:aws:iam::aws:policy/AmazonSSMManagedEC2InstanceDefaultPolicy ssh: allow: true publicKeyName: "infra" @@ -82,6 +85,7 @@ nodeGroups: - arn:aws:iam::aws:policy/AmazonEKSClusterPolicy - arn:aws:iam::aws:policy/AmazonEKSServicePolicy - arn:aws:iam::xxxxxxxxxxxxx:policy/devtron-cluster-IAM-policy + - arn:aws:iam::aws:policy/AmazonSSMManagedEC2InstanceDefaultPolicy ssh: allow: true publicKeyName: "infra" From ae07a34e5be92d317cacb9a1c2d117557159d1e9 Mon Sep 17 00:00:00 2001 From: kamal-devtron <128121299+kamal-devtron@users.noreply.github.com> Date: Thu, 27 Mar 2025 18:23:49 +0530 Subject: [PATCH 4/7] Update eksctl-devtron-prod-configs.yaml --- eksctl-configs/eksctl-devtron-prod-configs.yaml | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/eksctl-configs/eksctl-devtron-prod-configs.yaml b/eksctl-configs/eksctl-devtron-prod-configs.yaml index f319034a..702cc75b 100644 --- a/eksctl-configs/eksctl-devtron-prod-configs.yaml +++ b/eksctl-configs/eksctl-devtron-prod-configs.yaml @@ -4,7 +4,10 @@ kind: ClusterConfig metadata: name: devtron-cluster region: ap-south-1 - version: "1.30" + version: "1.31" + +accessConfig: + authenticationMode: CONFIG_MAP vpc: id: "vpc-xxxxxxx" @@ -45,10 +48,13 @@ nodeGroups: - arn:aws:iam::aws:policy/AmazonEKSClusterPolicy - arn:aws:iam::aws:policy/AmazonEKSServicePolicy - arn:aws:iam::xxxxxxxxxxxxx:policy/devtron-cluster-IAM-policy + - arn:aws:iam::aws:policy/AmazonSSMManagedEC2InstanceDefaultPolicy ssh: allow: true publicKeyName: "infra" volumeSize: 50 + volumeType: gp3 + volumeEncrypted: true tags: Component : cicd kubeletExtraConfig: @@ -89,10 +95,13 @@ nodeGroups: - arn:aws:iam::aws:policy/AmazonEKSClusterPolicy - arn:aws:iam::aws:policy/AmazonEKSServicePolicy - arn:aws:iam::xxxxxxxxxxxxx:policy/devtron-cluster-IAM-policy + - arn:aws:iam::aws:policy/AmazonSSMManagedEC2InstanceDefaultPolicy ssh: allow: true publicKeyName: "infra" volumeSize: 100 + volumeType: gp3 + volumeEncrypted: true tags: Component : cicd labels: {purpose: ci} From fd3df53bfb08142a77c11cb49cbe460e302917b1 Mon Sep 17 00:00:00 2001 From: kamal-devtron <128121299+kamal-devtron@users.noreply.github.com> Date: Thu, 27 Mar 2025 18:25:53 +0530 Subject: [PATCH 5/7] Update eksctl-prod-multi-az-cluster.yaml --- eksctl-configs/eksctl-prod-multi-az-cluster.yaml | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/eksctl-configs/eksctl-prod-multi-az-cluster.yaml b/eksctl-configs/eksctl-prod-multi-az-cluster.yaml index 0d60f24c..0bf810bc 100644 --- a/eksctl-configs/eksctl-prod-multi-az-cluster.yaml +++ b/eksctl-configs/eksctl-prod-multi-az-cluster.yaml @@ -4,7 +4,7 @@ kind: ClusterConfig metadata: name: prod-1 region: us-west-2 - version: "1.30" + version: "1.31" vpc: cidr: 172.31.0.0/16 @@ -36,10 +36,13 @@ nodeGroups: - arn:aws:iam::aws:policy/AmazonEKSClusterPolicy - arn:aws:iam::aws:policy/AmazonEKSServicePolicy - arn:aws:iam::XXXXXXXX:policy/devtron-cluster-IAM-policy + - arn:aws:iam::aws:policy/AmazonSSMManagedEC2InstanceDefaultPolicy ssh: allow: true publicKeyName: "devops" volumeSize: 50 + volumeType: gp3 + volumeEncrypted: true tags: Component : prod kubeletExtraConfig: @@ -85,10 +88,13 @@ nodeGroups: - arn:aws:iam::aws:policy/AmazonEKSClusterPolicy - arn:aws:iam::aws:policy/AmazonEKSServicePolicy - arn:aws:iam::XXXXXXXX:policy/devtron-cluster-IAM-policy + - arn:aws:iam::aws:policy/AmazonSSMManagedEC2InstanceDefaultPolicy ssh: allow: true publicKeyName: "devops" volumeSize: 50 + volumeType: gp3 + volumeEncrypted: true tags: Component : prod kubeletExtraConfig: @@ -134,10 +140,13 @@ nodeGroups: - arn:aws:iam::aws:policy/AmazonEKSClusterPolicy - arn:aws:iam::aws:policy/AmazonEKSServicePolicy - arn:aws:iam::XXXXXXXX:policy/devtron-cluster-IAM-policy + - arn:aws:iam::aws:policy/AmazonSSMManagedEC2InstanceDefaultPolicy ssh: allow: true publicKeyName: "devops" volumeSize: 50 + volumeType: gp3 + volumeEncrypted: true tags: Component : prod kubeletExtraConfig: From f71b913345f0ee9a941b7b9a25df80a734ffc192 Mon Sep 17 00:00:00 2001 From: kamal-devtron <128121299+kamal-devtron@users.noreply.github.com> Date: Thu, 27 Mar 2025 18:27:20 +0530 Subject: [PATCH 6/7] Update ekstl-devtron-configs-create-new-vpc.yaml --- eksctl-configs/ekstl-devtron-configs-create-new-vpc.yaml | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/eksctl-configs/ekstl-devtron-configs-create-new-vpc.yaml b/eksctl-configs/ekstl-devtron-configs-create-new-vpc.yaml index aa31cd99..e3a43eeb 100644 --- a/eksctl-configs/ekstl-devtron-configs-create-new-vpc.yaml +++ b/eksctl-configs/ekstl-devtron-configs-create-new-vpc.yaml @@ -4,7 +4,7 @@ kind: ClusterConfig metadata: name: devtron-cluster region: ap-south-1 - version: "1.30" + version: "1.31" vpc: ## Make sure that this CIDR doesn't overlaps with any other exisiting VPC with which a peering needs to be done. @@ -34,10 +34,13 @@ nodeGroups: - arn:aws:iam::aws:policy/AmazonEKSClusterPolicy - arn:aws:iam::aws:policy/AmazonEKSServicePolicy - arn:aws:iam::xxxxxxxxxxxxx:policy/devtron-cluster-IAM-policy + - arn:aws:iam::aws:policy/AmazonSSMManagedEC2InstanceDefaultPolicy ssh: allow: true publicKeyName: "infra" volumeSize: 50 + volumeType: gp3 + volumeEncrypted: true asgSuspendProcesses: ["AZRebalance"] tags: Component : cicd @@ -79,10 +82,13 @@ nodeGroups: - arn:aws:iam::aws:policy/AmazonEKSClusterPolicy - arn:aws:iam::aws:policy/AmazonEKSServicePolicy - arn:aws:iam::xxxxxxxxxxxxx:policy/devtron-cluster-IAM-policy + - arn:aws:iam::aws:policy/AmazonSSMManagedEC2InstanceDefaultPolicy ssh: allow: true publicKeyName: "infra" volumeSize: 100 + volumeType: gp3 + volumeEncrypted: true asgSuspendProcesses: ["AZRebalance"] tags: Component : cicd From e441a4fe495f314b8349d4c45565601b947060b3 Mon Sep 17 00:00:00 2001 From: kamal-devtron <128121299+kamal-devtron@users.noreply.github.com> Date: Fri, 28 Mar 2025 12:08:07 +0530 Subject: [PATCH 7/7] Update eksctl-devtron-karpenter-mng.yaml --- eksctl-configs/eksctl-devtron-karpenter-mng.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/eksctl-configs/eksctl-devtron-karpenter-mng.yaml b/eksctl-configs/eksctl-devtron-karpenter-mng.yaml index 8921acbe..728ab7f2 100644 --- a/eksctl-configs/eksctl-devtron-karpenter-mng.yaml +++ b/eksctl-configs/eksctl-devtron-karpenter-mng.yaml @@ -4,9 +4,9 @@ kind: ClusterConfig metadata: name: devtron-cluster region: ap-south-1 - version: "1.32" + version: "1.31" accessConfig: - authenticationMode: API_AND_CONFIG_MAP + authenticationMode: CONFIG_MAP managedNodeGroups: - name: devtron-managed-ng privateNetworking: true