From 7cd6237a7cbdee727f19c4c816b63cbf85bbd6b0 Mon Sep 17 00:00:00 2001 From: Solomon Negusse Date: Thu, 1 Feb 2024 10:53:27 +0300 Subject: [PATCH 1/6] eks upgrades --- .../modules/k8s_infrastructure/alb_ingress/variable.tf | 4 ++-- terraform-k8s-infrastructure/vars/terraform-dev.tfvars | 2 +- terraform/vars/terraform-dev.tfvars | 6 +++--- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/terraform-k8s-infrastructure/modules/k8s_infrastructure/alb_ingress/variable.tf b/terraform-k8s-infrastructure/modules/k8s_infrastructure/alb_ingress/variable.tf index fb91ed2..82f79f1 100644 --- a/terraform-k8s-infrastructure/modules/k8s_infrastructure/alb_ingress/variable.tf +++ b/terraform-k8s-infrastructure/modules/k8s_infrastructure/alb_ingress/variable.tf @@ -11,13 +11,13 @@ variable "aws_region" { variable "aws_load_balancer_controller_version" { description = "The AWS Load Balancer Controller version to use. See https://github.com/kubernetes-sigs/aws-load-balancer-controller/releases for available versions" type = string - default = "v2.4.5" + default = "v2.6.2" } variable "aws_load_balancer_controller_chart_version" { description = "The AWS Load Balancer Controller chart version to use. See https://artifacthub.io/packages/helm/aws/aws-load-balancer-controller for available versions" type = string - default = "1.4.6" + default = "1.6.2" } variable "k8s_namespace" { diff --git a/terraform-k8s-infrastructure/vars/terraform-dev.tfvars b/terraform-k8s-infrastructure/vars/terraform-dev.tfvars index 1f616b9..3953fa5 100644 --- a/terraform-k8s-infrastructure/vars/terraform-dev.tfvars +++ b/terraform-k8s-infrastructure/vars/terraform-dev.tfvars @@ -10,4 +10,4 @@ elasticsearch_data_nodes_type = "m5.large.elasticsearch" x_rw_domain = "dev-api.resourcewatch.org" namespaces = ["core", "aqueduct", "rw", "gfw", "prep", "climate-watch"] fw_backend_url = "https://dev-fw-api.globalforestwatch.org" -require_api_key = true +require_api_key = false diff --git a/terraform/vars/terraform-dev.tfvars b/terraform/vars/terraform-dev.tfvars index 4798717..b5cbb76 100644 --- a/terraform/vars/terraform-dev.tfvars +++ b/terraform/vars/terraform-dev.tfvars @@ -10,9 +10,9 @@ rds_instance_count = 1 db_instance_class = "db.t3.medium" db_instance_count = 1 db_logs_exports = ["audit", "profiler"] -eks_version = "1.24" -eks_node_release_version = "1.24.7-20230105" -ebs_csi_addon_version = "v1.15.0-eksbuild.1" +eks_version = "1.25" +eks_node_release_version = "1.25.16-20240117" +ebs_csi_addon_version = "v1.27.0-eksbuild.1" # apps_node_group_min_size = 1 # apps_node_group_max_size = 16 # apps_node_group_desired_size = 3 From 70ae1c44456c296de83e4fb629eedc8e612f47cd Mon Sep 17 00:00:00 2001 From: Solomon Negusse Date: Tue, 20 Feb 2024 18:57:23 +0300 Subject: [PATCH 2/6] upgrade staging eks --- .../mongodb_apps/mongodb-apps-values.yaml | 10 ++-- .../k8s_data_layer/postgresql/postgresql.yaml | 52 ++++++++-------- .../k8s_data_layer/rabbitmq/rabbitmq.yaml | 28 ++++----- .../modules/k8s_data_layer/redis/redis.yaml | 60 +++++++++---------- .../alb_ingress/variable.tf | 4 +- terraform/vars/terraform-staging.tfvars | 6 +- 6 files changed, 80 insertions(+), 80 deletions(-) diff --git a/terraform-k8s-infrastructure/modules/k8s_data_layer/mongodb_apps/mongodb-apps-values.yaml b/terraform-k8s-infrastructure/modules/k8s_data_layer/mongodb_apps/mongodb-apps-values.yaml index 2ddfd7e..5bd73f8 100644 --- a/terraform-k8s-infrastructure/modules/k8s_data_layer/mongodb_apps/mongodb-apps-values.yaml +++ b/terraform-k8s-infrastructure/modules/k8s_data_layer/mongodb_apps/mongodb-apps-values.yaml @@ -3,7 +3,7 @@ port: 27017 replicaSetName: mongodb-apps -podDisruptionBudget: { } +podDisruptionBudget: {} # maxUnavailable: 1 # minAvailable: 2 @@ -21,7 +21,7 @@ image: pullPolicy: IfNotPresent # Annotations to be added to MongoDB pods -podAnnotations: { } +podAnnotations: {} resources: requests: @@ -33,7 +33,7 @@ resources: ## Node selector ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector -nodeSelector: { } +nodeSelector: {} affinity: nodeAffinity: @@ -67,10 +67,10 @@ persistentVolume: accessModes: - ReadWriteOnce size: 50Gi - annotations: { } + annotations: {} # Annotations to be added to the service -serviceAnnotations: { } +serviceAnnotations: {} tls: # Enable or disable MongoDB TLS support diff --git a/terraform-k8s-infrastructure/modules/k8s_data_layer/postgresql/postgresql.yaml b/terraform-k8s-infrastructure/modules/k8s_data_layer/postgresql/postgresql.yaml index 32a2cd1..a83ec7a 100644 --- a/terraform-k8s-infrastructure/modules/k8s_data_layer/postgresql/postgresql.yaml +++ b/terraform-k8s-infrastructure/modules/k8s_data_layer/postgresql/postgresql.yaml @@ -3,7 +3,7 @@ ## Current available global Docker image parameters: imageRegistry and imagePullSecrets ## global: - postgresql: { } + postgresql: {} # imageRegistry: myRegistryName # imagePullSecrets: # - myRegistryKeySecretName @@ -118,7 +118,7 @@ postgresqlDataDir: /bitnami/postgresql/data ## value: "bar" ## # extraEnv: -extraEnv: [ ] +extraEnv: [] ## Name of a ConfigMap containing extra env vars ## @@ -222,7 +222,7 @@ service: ## Provide any additional annotations which may be required. ## The value is evaluated as a template, so, for example, the value can depend on .Release or .Chart - annotations: { } + annotations: {} ## Set the LoadBalancer service type to internal only. ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer ## @@ -277,7 +277,7 @@ persistence: accessModes: - ReadWriteOnce size: 75Gi - annotations: { } + annotations: {} ## updateStrategy for PostgreSQL StatefulSet and its slaves StatefulSets ## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies @@ -293,7 +293,7 @@ master: ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#taints-and-tolerations-beta-feature ## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption - nodeSelector: { } + nodeSelector: {} affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: @@ -303,18 +303,18 @@ master: operator: In values: - core - tolerations: [ ] - labels: { } - annotations: { } - podLabels: { } - podAnnotations: { } + tolerations: [] + labels: {} + annotations: {} + podLabels: {} + podAnnotations: {} priorityClassName: "" ## Additional PostgreSQL Master Volume mounts ## - extraVolumeMounts: [ ] + extraVolumeMounts: [] ## Additional PostgreSQL Master Volumes ## - extraVolumes: [ ] + extraVolumes: [] ## ## PostgreSQL Slave parameters @@ -325,20 +325,20 @@ slave: ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#taints-and-tolerations-beta-feature ## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption - nodeSelector: { } - affinity: { } - tolerations: [ ] - labels: { } - annotations: { } - podLabels: { } - podAnnotations: { } + nodeSelector: {} + affinity: {} + tolerations: [] + labels: {} + annotations: {} + podLabels: {} + podAnnotations: {} priorityClassName: "" ## Additional PostgreSQL Slave Volume mounts ## - extraVolumeMounts: [ ] + extraVolumeMounts: [] ## Additional PostgreSQL Slave Volumes ## - extraVolumes: [ ] + extraVolumes: [] ## Configure resource requests and limits ## ref: http://kubernetes.io/docs/user-guide/compute-resources/ @@ -370,7 +370,7 @@ networkPolicy: ## # explicitNamespacesSelector: # matchLabels: - # role: frontend + # role: frontend # matchExpressions: # - {key: role, operator: In, values: [frontend]} @@ -405,7 +405,7 @@ metrics: loadBalancerIP: serviceMonitor: enabled: false - additionalLabels: { } + additionalLabels: {} # namespace: monitoring # interval: 30s # scrapeTimeout: 10s @@ -414,9 +414,9 @@ metrics: ## ref: https://github.com/coreos/prometheus-operator#customresourcedefinitions prometheusRule: enabled: false - additionalLabels: { } + additionalLabels: {} namespace: "" - rules: [ ] + rules: [] ## These are just examples rules, please adapt them to your needs. ## Make sure to constraint the rules to the current postgresql service. # - alert: HugeReplicationLag @@ -424,7 +424,7 @@ metrics: # for: 1m # labels: # severity: critical - # annotations: + # annotations: # description: replication for {{ template "postgresql.fullname" . }} PostgreSQL is lagging by {{ "{{ $value }}" }} hour(s). # summary: PostgreSQL replication is lagging by {{ "{{ $value }}" }} hour(s). image: diff --git a/terraform-k8s-infrastructure/modules/k8s_data_layer/rabbitmq/rabbitmq.yaml b/terraform-k8s-infrastructure/modules/k8s_data_layer/rabbitmq/rabbitmq.yaml index a71ee72..d5b6b77 100644 --- a/terraform-k8s-infrastructure/modules/k8s_data_layer/rabbitmq/rabbitmq.yaml +++ b/terraform-k8s-infrastructure/modules/k8s_data_layer/rabbitmq/rabbitmq.yaml @@ -3,9 +3,9 @@ ## Current available global Docker image parameters: imageRegistry and imagePullSecrets ## global: - # imageRegistry: dockerhub - imagePullSecrets: - - regcred +# imageRegistry: dockerhub + imagePullSecrets: + - regcred # storageClass: myStorageClass ## Bitnami RabbitMQ image version @@ -124,7 +124,7 @@ rabbitmq: ## environment variables to configure rabbitmq ## ref: https://www.rabbitmq.com/configure.html#customise-environment - env: { } + env: {} ## Configuration file content: required cluster configuration ## Do not override unless you know what you are doing. To add more configuration, use `extraConfiguration` of `advancedConfiguration` instead @@ -214,7 +214,7 @@ service: managerPort: 15672 ## Service annotations - annotations: { } + annotations: {} # service.beta.kubernetes.io/aws-load-balancer-internal: 0.0.0.0/0 ## Load Balancer sources @@ -230,7 +230,7 @@ service: # extraContainerPorts: # Additional pod labels to apply -podLabels: { } +podLabels: {} ## Pod Security Context ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ @@ -239,7 +239,7 @@ securityContext: enabled: true fsGroup: 1001 runAsUser: 1001 - extra: { } + extra: {} persistence: ## this enables PVC templates that will create one per pod @@ -316,9 +316,9 @@ updateStrategy: ## Node labels and tolerations for pod assignment ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#taints-and-tolerations-beta-feature -nodeSelector: { } +nodeSelector: {} -tolerations: [ ] +tolerations: [] affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: @@ -347,10 +347,10 @@ affinity: ## topologyKey: failure-domain.beta.kubernetes.io/zone ## annotations for rabbitmq pods -podAnnotations: { } +podAnnotations: {} ## Configure the podDisruptionBudget -podDisruptionBudget: { } +podDisruptionBudget: {} # maxUnavailable: 1 # minAvailable: 1 @@ -382,7 +382,7 @@ ingress: ## ref: https://github.com/kubernetes/ingress-nginx/blob/master/docs/user-guide/nginx-configuration/annotations.md ## ## If tls is set to true, annotation ingress.kubernetes.io/secure-backends: "true" will automatically be set - annotations: { } + annotations: {} # kubernetes.io/ingress.class: nginx # kubernetes.io/tls-acme: true @@ -423,9 +423,9 @@ forceBoot: ## Optionally specify extra secrets to be created by the chart. ## This can be useful when combined with load_definitions to automatically create the secret containing the definitions to be loaded. ## -extraSecrets: { } +extraSecrets: {} # load-definition: # load_definition.json: | -# { + # { # ... # } diff --git a/terraform-k8s-infrastructure/modules/k8s_data_layer/redis/redis.yaml b/terraform-k8s-infrastructure/modules/k8s_data_layer/redis/redis.yaml index 2c2cd2f..f19f460 100644 --- a/terraform-k8s-infrastructure/modules/k8s_data_layer/redis/redis.yaml +++ b/terraform-k8s-infrastructure/modules/k8s_data_layer/redis/redis.yaml @@ -6,8 +6,8 @@ global: # imageRegistry: dockerhub imagePullSecrets: - regcred - # storageClass: myStorageClass - redis: { } +# storageClass: myStorageClass + redis: {} ## Bitnami Redis image version ## ref: https://hub.docker.com/r/bitnami/redis/tags/ @@ -127,8 +127,8 @@ sentinel: ## set the LoadBalancer service type to internal only. ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer ## - annotations: { } - labels: { } + annotations: {} + labels: {} loadBalancerIP: ## Specifies the Kubernetes Cluster's Domain Name. @@ -149,8 +149,8 @@ networkPolicy: ## Allow connections from other namespacess. Just set label for namespace and set label for pods (optional). ## - ingressNSMatchLabels: { } - ingressNSPodMatchLabels: { } + ingressNSMatchLabels: {} + ingressNSPodMatchLabels: {} serviceAccount: ## Specifies whether a ServiceAccount should be created @@ -176,7 +176,7 @@ rbac: # - use # resourceNames: # - gce.unprivileged - rules: [ ] + rules: [] ## Redis pod Security Context securityContext: @@ -208,10 +208,10 @@ usePassword: false usePasswordFile: false ## Persist data to a persistent volume (Redis Master) -persistence: { } +persistence: {} ## A manually managed Persistent Volume and Claim ## Requires persistence.enabled: true -## If defined, PVC must be created manually before volume will be bound + ## If defined, PVC must be created manually before volume will be bound # existingClaim: # Redis port @@ -237,7 +237,7 @@ master: ## extraFlags: ## - "--maxmemory-policy volatile-ttl" ## - "--repl-backlog-size 1024mb" - extraFlags: [ ] + extraFlags: [] ## Comma-separated list of Redis commands to disable ## ## Can be used to disable Redis commands for security reasons. @@ -250,8 +250,8 @@ master: ## Redis Master additional pod labels and annotations ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ - podLabels: { } - podAnnotations: { } + podLabels: {} + podAnnotations: {} ## Redis Master resource requests and limits ## ref: http://kubernetes.io/docs/user-guide/compute-resources/ @@ -318,8 +318,8 @@ master: ## set the LoadBalancer service type to internal only. ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer ## - annotations: { } - labels: { } + annotations: {} + labels: {} loadBalancerIP: # loadBalancerSourceRanges: ["10.0.0.0/8"] @@ -347,8 +347,8 @@ master: size: 20Gi ## Persistent Volume selectors ## https://kubernetes.io/docs/concepts/storage/persistent-volumes/#selector - matchLabels: { } - matchExpressions: { } + matchLabels: {} + matchExpressions: {} ## Update strategy, can be set to RollingUpdate or onDelete by default. ## https://kubernetes.io/docs/tutorials/stateful-application/basic-stateful-set/#updating-statefulsets @@ -382,8 +382,8 @@ slave: ## set the LoadBalancer service type to internal only. ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer ## - annotations: { } - labels: { } + annotations: {} + labels: {} loadBalancerIP: # loadBalancerSourceRanges: ["10.0.0.0/8"] @@ -397,7 +397,7 @@ slave: ## configmap: ## Redis extra flags - extraFlags: [ ] + extraFlags: [] ## List of Redis commands to disable disableCommands: - FLUSHDB @@ -449,8 +449,8 @@ slave: # schedulerName: ## Redis slave pod Annotation and Labels - podLabels: { } - podAnnotations: { } + podLabels: {} + podAnnotations: {} ## Redis slave pod priorityClassName # priorityClassName: {} @@ -479,8 +479,8 @@ slave: size: 8Gi ## Persistent Volume selectors ## https://kubernetes.io/docs/concepts/storage/persistent-volumes/#selector - matchLabels: { } - matchExpressions: { } + matchLabels: {} + matchExpressions: {} ## Update strategy, can be set to RollingUpdate or onDelete by default. ## https://kubernetes.io/docs/tutorials/stateful-application/basic-stateful-set/#updating-statefulsets @@ -543,17 +543,17 @@ metrics: ## Use serviceLoadBalancerIP to request a specific static IP, ## otherwise leave blank # loadBalancerIP: - annotations: { } - labels: { } + annotations: {} + labels: {} ## Custom PrometheusRule to be defined ## The value is evaluated as a template, so, for example, the value can depend on .Release or .Chart ## ref: https://github.com/coreos/prometheus-operator#customresourcedefinitions prometheusRule: enabled: false - additionalLabels: { } + additionalLabels: {} namespace: "" - rules: [ ] + rules: [] ## These are just examples rules, please adapt them to your needs. ## Make sure to constraint the rules to the current postgresql service. # - alert: RedisDown @@ -582,7 +582,7 @@ metrics: # labels: # severity: error # annotations: - # summary: Redis instance {{ "{{ $instance }}" }} has evicted keys + # summary: Redis instance {{ "{{ $instance }}" }} has evicted keys # description: Redis instance {{ "{{ $instance }}" }} has evicted {{ "{{ $value }}" }} keys in the last 5 minutes. ## @@ -602,7 +602,7 @@ volumePermissions: ## # pullSecrets: # - myRegistryKeySecretName - resources: { } + resources: {} # resources: # requests: # memory: 128Mi @@ -621,7 +621,7 @@ configmap: |- ## used to perform sysctl operation to modify Kernel settings (needed sometimes to avoid warnings) sysctlImage: enabled: false - command: [ ] + command: [] registry: docker.io repository: bitnami/minideb tag: buster diff --git a/terraform-k8s-infrastructure/modules/k8s_infrastructure/alb_ingress/variable.tf b/terraform-k8s-infrastructure/modules/k8s_infrastructure/alb_ingress/variable.tf index fb91ed2..82f79f1 100644 --- a/terraform-k8s-infrastructure/modules/k8s_infrastructure/alb_ingress/variable.tf +++ b/terraform-k8s-infrastructure/modules/k8s_infrastructure/alb_ingress/variable.tf @@ -11,13 +11,13 @@ variable "aws_region" { variable "aws_load_balancer_controller_version" { description = "The AWS Load Balancer Controller version to use. See https://github.com/kubernetes-sigs/aws-load-balancer-controller/releases for available versions" type = string - default = "v2.4.5" + default = "v2.6.2" } variable "aws_load_balancer_controller_chart_version" { description = "The AWS Load Balancer Controller chart version to use. See https://artifacthub.io/packages/helm/aws/aws-load-balancer-controller for available versions" type = string - default = "1.4.6" + default = "1.6.2" } variable "k8s_namespace" { diff --git a/terraform/vars/terraform-staging.tfvars b/terraform/vars/terraform-staging.tfvars index 3667ca1..08cdf60 100644 --- a/terraform/vars/terraform-staging.tfvars +++ b/terraform/vars/terraform-staging.tfvars @@ -10,9 +10,9 @@ rds_instance_count = 1 db_instance_class = "db.r5.large" db_instance_count = 2 db_logs_exports = ["audit", "profiler"] -eks_version = "1.24" -eks_node_release_version = "1.24.7-20230105" -ebs_csi_addon_version = "v1.15.0-eksbuild.1" +eks_version = "1.29" +eks_node_release_version = "1.29.0-20240202" +ebs_csi_addon_version = "v1.27.0-eksbuild.1" gateway_node_group_desired_size = 0 hibernate = false From dbd58cd09129ec32bb4eed5d0aeb8a5348b7727a Mon Sep 17 00:00:00 2001 From: Solomon Negusse Date: Tue, 20 Feb 2024 19:38:44 +0300 Subject: [PATCH 3/6] revert linting changes --- .../mongodb_apps/mongodb-apps-values.yaml | 10 ++-- .../k8s_data_layer/postgresql/postgresql.yaml | 52 ++++++++-------- .../k8s_data_layer/rabbitmq/rabbitmq.yaml | 28 ++++----- .../modules/k8s_data_layer/redis/redis.yaml | 60 +++++++++---------- 4 files changed, 75 insertions(+), 75 deletions(-) diff --git a/terraform-k8s-infrastructure/modules/k8s_data_layer/mongodb_apps/mongodb-apps-values.yaml b/terraform-k8s-infrastructure/modules/k8s_data_layer/mongodb_apps/mongodb-apps-values.yaml index 5bd73f8..2ddfd7e 100644 --- a/terraform-k8s-infrastructure/modules/k8s_data_layer/mongodb_apps/mongodb-apps-values.yaml +++ b/terraform-k8s-infrastructure/modules/k8s_data_layer/mongodb_apps/mongodb-apps-values.yaml @@ -3,7 +3,7 @@ port: 27017 replicaSetName: mongodb-apps -podDisruptionBudget: {} +podDisruptionBudget: { } # maxUnavailable: 1 # minAvailable: 2 @@ -21,7 +21,7 @@ image: pullPolicy: IfNotPresent # Annotations to be added to MongoDB pods -podAnnotations: {} +podAnnotations: { } resources: requests: @@ -33,7 +33,7 @@ resources: ## Node selector ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector -nodeSelector: {} +nodeSelector: { } affinity: nodeAffinity: @@ -67,10 +67,10 @@ persistentVolume: accessModes: - ReadWriteOnce size: 50Gi - annotations: {} + annotations: { } # Annotations to be added to the service -serviceAnnotations: {} +serviceAnnotations: { } tls: # Enable or disable MongoDB TLS support diff --git a/terraform-k8s-infrastructure/modules/k8s_data_layer/postgresql/postgresql.yaml b/terraform-k8s-infrastructure/modules/k8s_data_layer/postgresql/postgresql.yaml index a83ec7a..32a2cd1 100644 --- a/terraform-k8s-infrastructure/modules/k8s_data_layer/postgresql/postgresql.yaml +++ b/terraform-k8s-infrastructure/modules/k8s_data_layer/postgresql/postgresql.yaml @@ -3,7 +3,7 @@ ## Current available global Docker image parameters: imageRegistry and imagePullSecrets ## global: - postgresql: {} + postgresql: { } # imageRegistry: myRegistryName # imagePullSecrets: # - myRegistryKeySecretName @@ -118,7 +118,7 @@ postgresqlDataDir: /bitnami/postgresql/data ## value: "bar" ## # extraEnv: -extraEnv: [] +extraEnv: [ ] ## Name of a ConfigMap containing extra env vars ## @@ -222,7 +222,7 @@ service: ## Provide any additional annotations which may be required. ## The value is evaluated as a template, so, for example, the value can depend on .Release or .Chart - annotations: {} + annotations: { } ## Set the LoadBalancer service type to internal only. ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer ## @@ -277,7 +277,7 @@ persistence: accessModes: - ReadWriteOnce size: 75Gi - annotations: {} + annotations: { } ## updateStrategy for PostgreSQL StatefulSet and its slaves StatefulSets ## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies @@ -293,7 +293,7 @@ master: ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#taints-and-tolerations-beta-feature ## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption - nodeSelector: {} + nodeSelector: { } affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: @@ -303,18 +303,18 @@ master: operator: In values: - core - tolerations: [] - labels: {} - annotations: {} - podLabels: {} - podAnnotations: {} + tolerations: [ ] + labels: { } + annotations: { } + podLabels: { } + podAnnotations: { } priorityClassName: "" ## Additional PostgreSQL Master Volume mounts ## - extraVolumeMounts: [] + extraVolumeMounts: [ ] ## Additional PostgreSQL Master Volumes ## - extraVolumes: [] + extraVolumes: [ ] ## ## PostgreSQL Slave parameters @@ -325,20 +325,20 @@ slave: ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#taints-and-tolerations-beta-feature ## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption - nodeSelector: {} - affinity: {} - tolerations: [] - labels: {} - annotations: {} - podLabels: {} - podAnnotations: {} + nodeSelector: { } + affinity: { } + tolerations: [ ] + labels: { } + annotations: { } + podLabels: { } + podAnnotations: { } priorityClassName: "" ## Additional PostgreSQL Slave Volume mounts ## - extraVolumeMounts: [] + extraVolumeMounts: [ ] ## Additional PostgreSQL Slave Volumes ## - extraVolumes: [] + extraVolumes: [ ] ## Configure resource requests and limits ## ref: http://kubernetes.io/docs/user-guide/compute-resources/ @@ -370,7 +370,7 @@ networkPolicy: ## # explicitNamespacesSelector: # matchLabels: - # role: frontend + # role: frontend # matchExpressions: # - {key: role, operator: In, values: [frontend]} @@ -405,7 +405,7 @@ metrics: loadBalancerIP: serviceMonitor: enabled: false - additionalLabels: {} + additionalLabels: { } # namespace: monitoring # interval: 30s # scrapeTimeout: 10s @@ -414,9 +414,9 @@ metrics: ## ref: https://github.com/coreos/prometheus-operator#customresourcedefinitions prometheusRule: enabled: false - additionalLabels: {} + additionalLabels: { } namespace: "" - rules: [] + rules: [ ] ## These are just examples rules, please adapt them to your needs. ## Make sure to constraint the rules to the current postgresql service. # - alert: HugeReplicationLag @@ -424,7 +424,7 @@ metrics: # for: 1m # labels: # severity: critical - # annotations: + # annotations: # description: replication for {{ template "postgresql.fullname" . }} PostgreSQL is lagging by {{ "{{ $value }}" }} hour(s). # summary: PostgreSQL replication is lagging by {{ "{{ $value }}" }} hour(s). image: diff --git a/terraform-k8s-infrastructure/modules/k8s_data_layer/rabbitmq/rabbitmq.yaml b/terraform-k8s-infrastructure/modules/k8s_data_layer/rabbitmq/rabbitmq.yaml index d5b6b77..a71ee72 100644 --- a/terraform-k8s-infrastructure/modules/k8s_data_layer/rabbitmq/rabbitmq.yaml +++ b/terraform-k8s-infrastructure/modules/k8s_data_layer/rabbitmq/rabbitmq.yaml @@ -3,9 +3,9 @@ ## Current available global Docker image parameters: imageRegistry and imagePullSecrets ## global: -# imageRegistry: dockerhub - imagePullSecrets: - - regcred + # imageRegistry: dockerhub + imagePullSecrets: + - regcred # storageClass: myStorageClass ## Bitnami RabbitMQ image version @@ -124,7 +124,7 @@ rabbitmq: ## environment variables to configure rabbitmq ## ref: https://www.rabbitmq.com/configure.html#customise-environment - env: {} + env: { } ## Configuration file content: required cluster configuration ## Do not override unless you know what you are doing. To add more configuration, use `extraConfiguration` of `advancedConfiguration` instead @@ -214,7 +214,7 @@ service: managerPort: 15672 ## Service annotations - annotations: {} + annotations: { } # service.beta.kubernetes.io/aws-load-balancer-internal: 0.0.0.0/0 ## Load Balancer sources @@ -230,7 +230,7 @@ service: # extraContainerPorts: # Additional pod labels to apply -podLabels: {} +podLabels: { } ## Pod Security Context ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ @@ -239,7 +239,7 @@ securityContext: enabled: true fsGroup: 1001 runAsUser: 1001 - extra: {} + extra: { } persistence: ## this enables PVC templates that will create one per pod @@ -316,9 +316,9 @@ updateStrategy: ## Node labels and tolerations for pod assignment ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#taints-and-tolerations-beta-feature -nodeSelector: {} +nodeSelector: { } -tolerations: [] +tolerations: [ ] affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: @@ -347,10 +347,10 @@ affinity: ## topologyKey: failure-domain.beta.kubernetes.io/zone ## annotations for rabbitmq pods -podAnnotations: {} +podAnnotations: { } ## Configure the podDisruptionBudget -podDisruptionBudget: {} +podDisruptionBudget: { } # maxUnavailable: 1 # minAvailable: 1 @@ -382,7 +382,7 @@ ingress: ## ref: https://github.com/kubernetes/ingress-nginx/blob/master/docs/user-guide/nginx-configuration/annotations.md ## ## If tls is set to true, annotation ingress.kubernetes.io/secure-backends: "true" will automatically be set - annotations: {} + annotations: { } # kubernetes.io/ingress.class: nginx # kubernetes.io/tls-acme: true @@ -423,9 +423,9 @@ forceBoot: ## Optionally specify extra secrets to be created by the chart. ## This can be useful when combined with load_definitions to automatically create the secret containing the definitions to be loaded. ## -extraSecrets: {} +extraSecrets: { } # load-definition: # load_definition.json: | - # { +# { # ... # } diff --git a/terraform-k8s-infrastructure/modules/k8s_data_layer/redis/redis.yaml b/terraform-k8s-infrastructure/modules/k8s_data_layer/redis/redis.yaml index f19f460..2c2cd2f 100644 --- a/terraform-k8s-infrastructure/modules/k8s_data_layer/redis/redis.yaml +++ b/terraform-k8s-infrastructure/modules/k8s_data_layer/redis/redis.yaml @@ -6,8 +6,8 @@ global: # imageRegistry: dockerhub imagePullSecrets: - regcred -# storageClass: myStorageClass - redis: {} + # storageClass: myStorageClass + redis: { } ## Bitnami Redis image version ## ref: https://hub.docker.com/r/bitnami/redis/tags/ @@ -127,8 +127,8 @@ sentinel: ## set the LoadBalancer service type to internal only. ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer ## - annotations: {} - labels: {} + annotations: { } + labels: { } loadBalancerIP: ## Specifies the Kubernetes Cluster's Domain Name. @@ -149,8 +149,8 @@ networkPolicy: ## Allow connections from other namespacess. Just set label for namespace and set label for pods (optional). ## - ingressNSMatchLabels: {} - ingressNSPodMatchLabels: {} + ingressNSMatchLabels: { } + ingressNSPodMatchLabels: { } serviceAccount: ## Specifies whether a ServiceAccount should be created @@ -176,7 +176,7 @@ rbac: # - use # resourceNames: # - gce.unprivileged - rules: [] + rules: [ ] ## Redis pod Security Context securityContext: @@ -208,10 +208,10 @@ usePassword: false usePasswordFile: false ## Persist data to a persistent volume (Redis Master) -persistence: {} +persistence: { } ## A manually managed Persistent Volume and Claim ## Requires persistence.enabled: true - ## If defined, PVC must be created manually before volume will be bound +## If defined, PVC must be created manually before volume will be bound # existingClaim: # Redis port @@ -237,7 +237,7 @@ master: ## extraFlags: ## - "--maxmemory-policy volatile-ttl" ## - "--repl-backlog-size 1024mb" - extraFlags: [] + extraFlags: [ ] ## Comma-separated list of Redis commands to disable ## ## Can be used to disable Redis commands for security reasons. @@ -250,8 +250,8 @@ master: ## Redis Master additional pod labels and annotations ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ - podLabels: {} - podAnnotations: {} + podLabels: { } + podAnnotations: { } ## Redis Master resource requests and limits ## ref: http://kubernetes.io/docs/user-guide/compute-resources/ @@ -318,8 +318,8 @@ master: ## set the LoadBalancer service type to internal only. ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer ## - annotations: {} - labels: {} + annotations: { } + labels: { } loadBalancerIP: # loadBalancerSourceRanges: ["10.0.0.0/8"] @@ -347,8 +347,8 @@ master: size: 20Gi ## Persistent Volume selectors ## https://kubernetes.io/docs/concepts/storage/persistent-volumes/#selector - matchLabels: {} - matchExpressions: {} + matchLabels: { } + matchExpressions: { } ## Update strategy, can be set to RollingUpdate or onDelete by default. ## https://kubernetes.io/docs/tutorials/stateful-application/basic-stateful-set/#updating-statefulsets @@ -382,8 +382,8 @@ slave: ## set the LoadBalancer service type to internal only. ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer ## - annotations: {} - labels: {} + annotations: { } + labels: { } loadBalancerIP: # loadBalancerSourceRanges: ["10.0.0.0/8"] @@ -397,7 +397,7 @@ slave: ## configmap: ## Redis extra flags - extraFlags: [] + extraFlags: [ ] ## List of Redis commands to disable disableCommands: - FLUSHDB @@ -449,8 +449,8 @@ slave: # schedulerName: ## Redis slave pod Annotation and Labels - podLabels: {} - podAnnotations: {} + podLabels: { } + podAnnotations: { } ## Redis slave pod priorityClassName # priorityClassName: {} @@ -479,8 +479,8 @@ slave: size: 8Gi ## Persistent Volume selectors ## https://kubernetes.io/docs/concepts/storage/persistent-volumes/#selector - matchLabels: {} - matchExpressions: {} + matchLabels: { } + matchExpressions: { } ## Update strategy, can be set to RollingUpdate or onDelete by default. ## https://kubernetes.io/docs/tutorials/stateful-application/basic-stateful-set/#updating-statefulsets @@ -543,17 +543,17 @@ metrics: ## Use serviceLoadBalancerIP to request a specific static IP, ## otherwise leave blank # loadBalancerIP: - annotations: {} - labels: {} + annotations: { } + labels: { } ## Custom PrometheusRule to be defined ## The value is evaluated as a template, so, for example, the value can depend on .Release or .Chart ## ref: https://github.com/coreos/prometheus-operator#customresourcedefinitions prometheusRule: enabled: false - additionalLabels: {} + additionalLabels: { } namespace: "" - rules: [] + rules: [ ] ## These are just examples rules, please adapt them to your needs. ## Make sure to constraint the rules to the current postgresql service. # - alert: RedisDown @@ -582,7 +582,7 @@ metrics: # labels: # severity: error # annotations: - # summary: Redis instance {{ "{{ $instance }}" }} has evicted keys + # summary: Redis instance {{ "{{ $instance }}" }} has evicted keys # description: Redis instance {{ "{{ $instance }}" }} has evicted {{ "{{ $value }}" }} keys in the last 5 minutes. ## @@ -602,7 +602,7 @@ volumePermissions: ## # pullSecrets: # - myRegistryKeySecretName - resources: {} + resources: { } # resources: # requests: # memory: 128Mi @@ -621,7 +621,7 @@ configmap: |- ## used to perform sysctl operation to modify Kernel settings (needed sometimes to avoid warnings) sysctlImage: enabled: false - command: [] + command: [ ] registry: docker.io repository: bitnami/minideb tag: buster From 259931237e28f80a3a7abdaf772b69c3ae960db6 Mon Sep 17 00:00:00 2001 From: Solomon Negusse Date: Tue, 20 Feb 2024 19:51:00 +0300 Subject: [PATCH 4/6] update dev cluster eks version --- terraform/vars/terraform-dev.tfvars | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/terraform/vars/terraform-dev.tfvars b/terraform/vars/terraform-dev.tfvars index b5cbb76..1176538 100644 --- a/terraform/vars/terraform-dev.tfvars +++ b/terraform/vars/terraform-dev.tfvars @@ -10,8 +10,8 @@ rds_instance_count = 1 db_instance_class = "db.t3.medium" db_instance_count = 1 db_logs_exports = ["audit", "profiler"] -eks_version = "1.25" -eks_node_release_version = "1.25.16-20240117" +eks_version = "1.29" +eks_node_release_version = "1.29.0-20240202" ebs_csi_addon_version = "v1.27.0-eksbuild.1" # apps_node_group_min_size = 1 # apps_node_group_max_size = 16 @@ -22,6 +22,6 @@ ebs_csi_addon_version = "v1.27.0-eksbuild.1" # gfw_node_group_desired_size = 4 # gfw_node_group_min_size_upscaled = 2 gateway_node_group_desired_size = 0 -hibernate = false +hibernate = true aq_bucket_cors_allowed_origin = "*" deploy_sparkpost_templates = false From 6f834ac17643d7f870aa8d0bf692204265626cdd Mon Sep 17 00:00:00 2001 From: Solomon Negusse Date: Thu, 29 Feb 2024 13:43:22 +0300 Subject: [PATCH 5/6] update to a working domain --- terraform/vars/terraform-production.tfvars | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/terraform/vars/terraform-production.tfvars b/terraform/vars/terraform-production.tfvars index d648c6b..184183f 100644 --- a/terraform/vars/terraform-production.tfvars +++ b/terraform/vars/terraform-production.tfvars @@ -16,5 +16,5 @@ ebs_csi_addon_version = "v1.27.0-eksbuild.1" deploy_canaries = true gateway_node_group_desired_size = 2 hibernate = false -aq_bucket_cors_allowed_origin = "https://wri.org/" +aq_bucket_cors_allowed_origin = "https://www.wri.org" deploy_sparkpost_templates = true From b1db580958f3af1506899ea035a4e60e7413f061 Mon Sep 17 00:00:00 2001 From: Solomon Negusse Date: Mon, 18 Mar 2024 15:28:26 -0500 Subject: [PATCH 6/6] remove gfw-pro branch of ogr to geojson converter --- .../modules/k8s_microservice_routing/main.tf | 18 ---- .../microservices/gfw-ogr-gfw-pro/main.tf | 93 ------------------- .../microservices/gfw-ogr-gfw-pro/outputs.tf | 5 - .../gfw-ogr-gfw-pro/variables.tf | 76 --------------- terraform-localstack/main.tf | 10 -- 5 files changed, 202 deletions(-) delete mode 100644 terraform-k8s-infrastructure/modules/k8s_microservice_routing/microservices/gfw-ogr-gfw-pro/main.tf delete mode 100644 terraform-k8s-infrastructure/modules/k8s_microservice_routing/microservices/gfw-ogr-gfw-pro/outputs.tf delete mode 100644 terraform-k8s-infrastructure/modules/k8s_microservice_routing/microservices/gfw-ogr-gfw-pro/variables.tf diff --git a/terraform-k8s-infrastructure/modules/k8s_microservice_routing/main.tf b/terraform-k8s-infrastructure/modules/k8s_microservice_routing/main.tf index c018d1b..e06c951 100644 --- a/terraform-k8s-infrastructure/modules/k8s_microservice_routing/main.tf +++ b/terraform-k8s-infrastructure/modules/k8s_microservice_routing/main.tf @@ -263,7 +263,6 @@ resource "aws_api_gateway_deployment" "prod" { jsonencode(module.gfw-guira.endpoints), jsonencode(module.gfw-forma.endpoints), jsonencode(module.gfw-ogr.endpoints), - jsonencode(module.gfw-ogr-gfw-pro.endpoints), jsonencode(module.gfw-prodes.endpoints), jsonencode(module.gfw-umd.endpoints), jsonencode(module.gfw-user.endpoints), @@ -971,23 +970,6 @@ module "gfw-ogr" { ] } -module "gfw-ogr-gfw-pro" { - source = "./microservices/gfw-ogr-gfw-pro" - api_gateway = aws_api_gateway_rest_api.rw_api_gateway - cluster_ca = var.cluster_ca - cluster_endpoint = var.cluster_endpoint - cluster_name = var.cluster_name - x_rw_domain = var.x_rw_domain - vpc = var.vpc - vpc_link = aws_api_gateway_vpc_link.rw_api_apps_lb_vpc_link - v1_resource = module.v1_resource.aws_api_gateway_resource - connection_type = "VPC_LINK" - require_api_key = var.require_api_key - - eks_asg_names = [ - data.aws_autoscaling_groups.gfw_autoscaling_group.names.0 - ] -} module "gfw-prodes" { source = "./microservices/gfw-prodes" diff --git a/terraform-k8s-infrastructure/modules/k8s_microservice_routing/microservices/gfw-ogr-gfw-pro/main.tf b/terraform-k8s-infrastructure/modules/k8s_microservice_routing/microservices/gfw-ogr-gfw-pro/main.tf deleted file mode 100644 index c36b843..0000000 --- a/terraform-k8s-infrastructure/modules/k8s_microservice_routing/microservices/gfw-ogr-gfw-pro/main.tf +++ /dev/null @@ -1,93 +0,0 @@ -resource "kubernetes_service" "gfw_ogr_gfw_pro_service" { - count = var.connection_type == "VPC_LINK" ? 1 : 0 - - metadata { - name = "gfw-ogr-gfw-pro" - namespace = "default" - } - spec { - selector = { - name = "gfw-ogr-gfw-pro" - } - port { - port = 30568 - node_port = 30568 - target_port = 3200 - } - - type = "NodePort" - } -} - -locals { - api_gateway_target_url = var.connection_type == "VPC_LINK" ? data.aws_lb.load_balancer[0].dns_name : var.target_url -} - -data "aws_lb" "load_balancer" { - count = var.connection_type == "VPC_LINK" ? 1 : 0 - - arn = var.vpc_link.target_arns[0] -} - -resource "aws_lb_listener" "gfw_ogr_gfw_pro_nlb_listener" { - count = var.connection_type == "VPC_LINK" ? 1 : 0 - - load_balancer_arn = data.aws_lb.load_balancer[0].arn - port = 30568 - protocol = "TCP" - - default_action { - type = "forward" - target_group_arn = aws_lb_target_group.gfw_ogr_gfw_pro_lb_target_group[0].arn - } -} - -resource "aws_lb_target_group" "gfw_ogr_gfw_pro_lb_target_group" { - count = var.connection_type == "VPC_LINK" ? 1 : 0 - - name = "gfw-ogr-gfw-pro-lb-tg" - port = 30568 - protocol = "TCP" - target_type = "instance" - vpc_id = var.vpc.id - - health_check { - enabled = true - protocol = "TCP" - } -} - -resource "aws_autoscaling_attachment" "asg_attachment_gfw_ogr_gfw_pro" { - count = var.connection_type == "VPC_LINK" ? length(var.eks_asg_names) : 0 - - autoscaling_group_name = var.eks_asg_names[count.index] - lb_target_group_arn = aws_lb_target_group.gfw_ogr_gfw_pro_lb_target_group[0].arn -} - -// /v1/gfw-pro -module "v1_gfw_pro_resource" { - source = "../resource" - rest_api_id = var.api_gateway.id - parent_id = var.v1_resource.id - path_part = "gfw-pro" -} - -// /v1/gfw-pro/{proxy+} -module "v1_gfw_pro_proxy_resource" { - source = "../resource" - rest_api_id = var.api_gateway.id - parent_id = module.v1_gfw_pro_resource.aws_api_gateway_resource.id - path_part = "{proxy+}" -} - -module "gfw_ogr_any_v1_gfw_pro_proxy" { - source = "../../endpoint" - x_rw_domain = var.x_rw_domain - api_gateway = var.api_gateway - api_resource = module.v1_gfw_pro_proxy_resource.aws_api_gateway_resource - method = "ANY" - uri = "http://${local.api_gateway_target_url}:30568/api/v1/{proxy}" - vpc_link = var.vpc_link - connection_type = var.connection_type - require_api_key = var.require_api_key -} diff --git a/terraform-k8s-infrastructure/modules/k8s_microservice_routing/microservices/gfw-ogr-gfw-pro/outputs.tf b/terraform-k8s-infrastructure/modules/k8s_microservice_routing/microservices/gfw-ogr-gfw-pro/outputs.tf deleted file mode 100644 index 5efad9e..0000000 --- a/terraform-k8s-infrastructure/modules/k8s_microservice_routing/microservices/gfw-ogr-gfw-pro/outputs.tf +++ /dev/null @@ -1,5 +0,0 @@ -output "endpoints" { - value = [ - module.gfw_ogr_any_v1_gfw_pro_proxy.endpoint_gateway_integration - ] -} \ No newline at end of file diff --git a/terraform-k8s-infrastructure/modules/k8s_microservice_routing/microservices/gfw-ogr-gfw-pro/variables.tf b/terraform-k8s-infrastructure/modules/k8s_microservice_routing/microservices/gfw-ogr-gfw-pro/variables.tf deleted file mode 100644 index 418be44..0000000 --- a/terraform-k8s-infrastructure/modules/k8s_microservice_routing/microservices/gfw-ogr-gfw-pro/variables.tf +++ /dev/null @@ -1,76 +0,0 @@ -variable "cluster_endpoint" { - type = string - description = "The k8s cluster endpoint. Must be accessible from localhost" - default = null -} - -variable "cluster_ca" { - type = string - description = "The k8s CA string" - default = null -} - -variable "cluster_name" { - type = string - description = "The k8s cluster name" - default = null -} - -variable "x_rw_domain" { - type = string - description = "Value to be passed as the x-rw-domain header" -} - -variable "api_gateway" { - type = object({ - id = string - root_resource_id = string - }) - description = "Instance of aws_api_gateway_rest_api" -} - -variable "vpc" { - type = object({ - id = string - cidr_block = string - }) - description = "The id of the VPC" - default = null -} - -variable "vpc_link" { - type = object({ - id = string - target_arns = list(string) - }) - description = "VPC Link to the LB" - default = { id : null, target_arns : [] } -} - -variable "require_api_key" { - type = bool - default = false -} - -variable "connection_type" { - type = string - description = "API Gateway integration type" -} - -variable "eks_asg_names" { - type = list(any) - description = "List of the EKS ASG names" - default = [] -} - -variable "target_url" { - type = string - description = "Target URL" - default = null -} - -variable "v1_resource" { - type = object({ - id = string - }) -} diff --git a/terraform-localstack/main.tf b/terraform-localstack/main.tf index 15a52db..c70a797 100644 --- a/terraform-localstack/main.tf +++ b/terraform-localstack/main.tf @@ -80,7 +80,6 @@ resource "aws_api_gateway_deployment" "prod" { jsonencode(module.gfw-guira.endpoints), jsonencode(module.gfw-forma.endpoints), jsonencode(module.gfw-ogr.endpoints), - jsonencode(module.gfw-ogr-gfw-pro.endpoints), jsonencode(module.gfw-prodes.endpoints), jsonencode(module.gfw-umd.endpoints), jsonencode(module.gfw-user.endpoints), @@ -465,15 +464,6 @@ module "gfw-ogr" { v2_resource = module.v2_resource.aws_api_gateway_resource } -module "gfw-ogr-gfw-pro" { - source = "../terraform-k8s-infrastructure/modules/k8s_microservice_routing/microservices/gfw-ogr-gfw-pro" - api_gateway = aws_api_gateway_rest_api.rw_api_gateway - x_rw_domain = var.x_rw_domain - v1_resource = module.v1_resource.aws_api_gateway_resource - connection_type = "INTERNET" - target_url = var.microservice_host -} - module "gfw-prodes" { source = "../terraform-k8s-infrastructure/modules/k8s_microservice_routing/microservices/gfw-prodes" api_gateway = aws_api_gateway_rest_api.rw_api_gateway