From b0099b9e5754ff496e48eb5b85cb4d3f75314eff Mon Sep 17 00:00:00 2001 From: Alexei Ledenev Date: Mon, 1 Apr 2024 13:55:19 +0300 Subject: [PATCH] Updated AWS and GCP configurations for kubeip deployment with new tolerations and rolling update strategy. --- examples/aws/eks.tf | 16 +++++++++++++++- examples/gcp/gke.tf | 24 +++++++++++++++++++++++- 2 files changed, 38 insertions(+), 2 deletions(-) diff --git a/examples/aws/eks.tf b/examples/aws/eks.tf index c4f3ff3..f3aa18a 100644 --- a/examples/aws/eks.tf +++ b/examples/aws/eks.tf @@ -170,7 +170,7 @@ resource "kubernetes_cluster_role" "kubeip_cluster_role" { rule { api_groups = ["coordination.k8s.io"] resources = ["leases"] - verbs = ["create", "delete", "get", "list", "update"] + verbs = ["create", "delete", "get"] } depends_on = [ kubernetes_service_account.kubeip_service_account, @@ -215,6 +215,12 @@ resource "kubernetes_daemonset" "kubeip_daemonset" { app = "kubeip" } } + strategy { + type = "RollingUpdate" + rolling_update { + max_unavailable = 1 + } + } template { metadata { labels = { @@ -225,6 +231,14 @@ resource "kubernetes_daemonset" "kubeip_daemonset" { service_account_name = "kubeip-service-account" termination_grace_period_seconds = 30 priority_class_name = "system-node-critical" + toleration { + effect = "NoSchedule" + operator = "Exists" + } + toleration { + effect = "NoExecute" + operator = "Exists" + } container { name = "kubeip-agent" image = "doitintl/kubeip-agent:${var.kubeip_version}" diff --git a/examples/gcp/gke.tf b/examples/gcp/gke.tf index faab4ee..a6a12b0 100644 --- a/examples/gcp/gke.tf +++ b/examples/gcp/gke.tf @@ -230,7 +230,7 @@ resource "kubernetes_cluster_role" "kubeip_cluster_role" { rule { api_groups = ["coordination.k8s.io"] resources = ["leases"] - verbs = ["create", "delete", "get", "list", "update"] + verbs = ["create", "delete", "get"] } depends_on = [ kubernetes_service_account.kubeip_service_account, @@ -274,6 +274,12 @@ resource "kubernetes_daemonset" "kubeip_daemonset" { app = "kubeip" } } + strategy { + type = "RollingUpdate" + rolling_update { + max_unavailable = 1 + } + } template { metadata { labels = { @@ -284,6 +290,14 @@ resource "kubernetes_daemonset" "kubeip_daemonset" { service_account_name = "kubeip-service-account" termination_grace_period_seconds = 30 priority_class_name = "system-node-critical" + toleration { + effect = "NoSchedule" + operator = "Exists" + } + toleration { + effect = "NoExecute" + operator = "Exists" + } container { name = "kubeip-agent" image = "doitintl/kubeip-agent:${var.kubeip_version}" @@ -312,6 +326,14 @@ resource "kubernetes_daemonset" "kubeip_daemonset" { name = "LEASE_DURATION" value = "20" } + env { + name = "LEASE_NAMESPACE" + value_from { + field_ref { + field_path = "metadata.namespace" + } + } + } resources { requests = { cpu = "100m"