LIVE-478: feat: update the live eks example (#555)

Author: kr3v

examples/eks/eks_cluster_live_migration/README.MD

@@ -9,7 +9,15 @@ CAST AI modules are places in one umbrella module that can be reused for differe
 Example configuration should be analysed in the following order:
 1. Create VPC - `vpc.tf`
 2. Create EKS cluster - `eks.tf`
-3. Create IAM and other CAST AI related resources to connect EKS cluster to CAST AI, configure Autoscaler and Node Configurations  - `castai.tf`
+3. Create IAM and other CAST AI related resources to connect EKS cluster to CAST AI, configure Autoscaler and Node Configurations  - `castai.tf` and `modules/castai`.
+
+CLM is enabled by having:
+1. `clm_enabled = true` in `modules/castai/main.tf` in the CAST AI node template.
+2. `container_runtime = "containerd"` and `eks_image_family  = "al2023"` in the CAST AI node configuration.
+3. `install_live = true` (`install_live = var.install_helm_live`, default value is `true`) in the CAST AI module configuration (`module "castai-eks-cluster"`).
+All are in the `modules/castai/main.tf` file.
+
+All other EKS/CAST AI resources mostly manage the EKS cluster and its connection to CAST AI, not specifically the CLM feature.
 
 # Usage
 1. Rename `tf.vars.example` to `tf.vars`

examples/eks/eks_cluster_live_migration/castai.tf

@@ -1,3 +1,33 @@
+# Configure Data sources and providers required for CAST AI connection.
+data "aws_caller_identity" "current" {}
+
+# Configure EKS cluster connection using CAST AI eks-cluster module.
+resource "castai_eks_clusterid" "cluster_id" {
+  account_id   = data.aws_caller_identity.current.account_id
+  region       = var.cluster_region
+  cluster_name = var.cluster_name
+}
+
+resource "castai_eks_user_arn" "castai_user_arn" {
+  cluster_id = castai_eks_clusterid.cluster_id.id
+}
+
+# Create AWS IAM policies and a user to connect to CAST AI.
+module "castai-eks-role-iam" {
+  source  = "castai/eks-role-iam/castai"
+  version = "~> 1.0"
+  count   = var.enable_castai ? 1 : 0
+
+  aws_account_id     = data.aws_caller_identity.current.account_id
+  aws_cluster_region = var.cluster_region
+  aws_cluster_name   = var.cluster_name
+  aws_cluster_vpc_id = module.vpc.vpc_id
+
+  castai_user_arn = castai_eks_user_arn.castai_user_arn.arn
+
+  create_iam_resources_per_cluster = true
+}
+
 module "cluster" {
   source = "./module/castai"
   count  = var.enable_castai ? 1 : 0
@@ -8,17 +38,20 @@ module "cluster" {
   castai_api_url   = var.castai_api_url
   castai_grpc_url  = var.castai_grpc_url
 
-  vpc_id = module.vpc.vpc_id
+  castai-eks-role-iam_instance_profile_arn = module.castai-eks-role-iam[0].instance_profile_role_arn
+  castai-eks-role-iam_role_arn             = module.castai-eks-role-iam[0].role_arn
+
   security_groups = [
     module.eks.cluster_security_group_id,
     module.eks.node_security_group_id,
     aws_security_group.additional.id,
   ]
-  subnets            = module.vpc.private_subnets
-  live_proxy_version = var.live_proxy_version
-  live_helm_version  = var.live_helm_version
+  subnets           = module.vpc.private_subnets
+  live_helm_version = var.live_helm_version
 
   install_helm_live = var.install_helm_live
 
   delete_nodes_on_disconnect = var.delete_nodes_on_disconnect
+
+  depends_on = [module.eks, module.castai-eks-role-iam]
 }

examples/eks/eks_cluster_live_migration/eks.tf

@@ -30,7 +30,7 @@ module "eks" {
   aws_auth_roles = [
     # Add the CAST AI IAM role which required for CAST AI nodes to join the cluster.
     {
-      rolearn  = module.cluster[0].instance_profile_role_arn
+      rolearn  = module.castai-eks-role-iam[0].instance_profile_role_arn
       username = "system:node:{{EC2PrivateDNSName}}"
       groups = [
         "system:bootstrappers",

examples/eks/eks_cluster_live_migration/module/castai/castai.tf

@@ -1,12 +1,10 @@
 locals {
-  role_name = "castai-eks-role"
-
   default_node_cfg = {
     default = {
       subnets              = var.subnets
       tags                 = var.tags
       security_groups      = var.security_groups
-      instance_profile_arn = module.castai-eks-role-iam.instance_profile_arn
+      instance_profile_arn = var.castai-eks-role-iam_instance_profile_arn
     }
   }
 
@@ -37,11 +35,9 @@ locals {
   node_configuration = merge(local.default_node_cfg, {
     live = {
       subnets              = var.subnets,
-      instance_profile_arn = module.castai-eks-role-iam.instance_profile_arn
+      instance_profile_arn = var.castai-eks-role-iam_instance_profile_arn
       security_groups      = var.security_groups
-      init_script = base64encode(templatefile("${path.module}/eks-init-script.sh", {
-        live_proxy_version = trimspace(var.live_proxy_version)
-      }))
+
       container_runtime = "containerd"
       eks_image_family  = "al2023"
     }
@@ -52,42 +48,17 @@ locals {
       configuration_id = module.castai-eks-cluster.castai_node_configurations["live"]
       is_enabled       = true
       should_taint     = true
+      clm_enabled      = true
     }
   })
 }
 
 # Configure Data sources and providers required for CAST AI connection.
 data "aws_caller_identity" "current" {}
 
-resource "castai_eks_user_arn" "castai_user_arn" {
-  cluster_id = castai_eks_clusterid.cluster_id.id
-}
-
-# Create AWS IAM policies and a user to connect to CAST AI.
-module "castai-eks-role-iam" {
-  source  = "castai/eks-role-iam/castai"
-  version = "~> 1.0"
-
-  aws_account_id     = data.aws_caller_identity.current.account_id
-  aws_cluster_region = var.cluster_region
-  aws_cluster_name   = var.cluster_name
-  aws_cluster_vpc_id = var.vpc_id
-
-  castai_user_arn = castai_eks_user_arn.castai_user_arn.arn
-
-  create_iam_resources_per_cluster = true
-}
-
-# Configure EKS cluster connection using CAST AI eks-cluster module.
-resource "castai_eks_clusterid" "cluster_id" {
-  account_id   = data.aws_caller_identity.current.account_id
-  region       = var.cluster_region
-  cluster_name = var.cluster_name
-}
-
 module "castai-eks-cluster" {
   source  = "castai/eks-cluster/castai"
-  version = "~> 13.0"
+  version = "~> 13.1"
 
   api_url                = var.castai_api_url
   castai_api_token       = var.castai_api_token
@@ -98,7 +69,7 @@ module "castai-eks-cluster" {
   aws_cluster_region = var.cluster_region
   aws_cluster_name   = var.cluster_name
 
-  aws_assume_role_arn        = module.castai-eks-role-iam.role_arn
+  aws_assume_role_arn        = var.castai-eks-role-iam_role_arn
   delete_nodes_on_disconnect = var.delete_nodes_on_disconnect
 
   default_node_configuration = module.castai-eks-cluster.castai_node_configurations["default"]
@@ -143,43 +114,6 @@ module "castai-eks-cluster" {
     }
   }
 
-  # depends_on helps Terraform with creating proper dependencies graph in case of resource creation and in this case destroy.
-  # module "castai-eks-cluster" has to be destroyed before module "castai-eks-role-iam".
-  depends_on = [module.castai-eks-role-iam]
-}
-
-resource "helm_release" "live-helm" {
-  name  = "castai-live"
-  count = var.install_helm_live ? 1 : 0
-
-  repository = "https://castai.github.io/helm-charts"
-  chart      = "castai-live"
-  version    = var.live_helm_version
-
-  namespace         = "castai-live"
-  create_namespace  = true
-  dependency_update = true
-
-  set = [
-    {
-      name  = "castai-aws-vpc-cni.enabled"
-      value = "true"
-    },
-    {
-      name  = "castai.clusterID"
-      value = castai_eks_clusterid.cluster_id.id
-    },
-    {
-      name  = "castai.apiKey"
-      value = var.castai_api_token
-    },
-    {
-      name  = "castai.apiURL"
-      value = var.castai_api_url
-    },
-  ]
-
-  wait = false
-
-  depends_on = [module.castai-eks-cluster]
+  install_live = var.install_helm_live
+  live_version = var.install_helm_live ? var.live_helm_version : null
 }

examples/eks/eks_cluster_live_migration/module/castai/eks-init-script.sh

@@ -1,3 +0,0 @@
-output "instance_profile_role_arn" {
-  value = module.castai-eks-role-iam.instance_profile_role_arn
-}

examples/eks/eks_cluster_live_migration/module/castai/output.tf

@@ -7,14 +7,8 @@ variable "cluster_region" {
   type = string
 }
 
-variable "live_proxy_version" {
-  type    = string
-  default = "0.36.0"
-}
-
 variable "live_helm_version" {
-  type    = string
-  default = "0.36.0"
+  type = string
 }
 
 variable "tags" {
@@ -27,8 +21,6 @@ variable "subnets" {}
 
 variable "security_groups" {}
 
-variable "vpc_id" {}
-
 variable "castai_api_url" {
   type        = string
   description = "URL of alternative CAST AI API to be used during development or testing"
@@ -57,3 +49,11 @@ variable "install_helm_live" {
   description = "Optional parameter, if set to true - the 'castai-live' Helm chart will be installed on the cluster. This is required for live migration feature."
   default     = true
 }
+
+variable "castai-eks-role-iam_role_arn" {
+  type = string
+}
+
+variable "castai-eks-role-iam_instance_profile_arn" {
+  type = string
+}

examples/eks/eks_cluster_live_migration/module/castai/variables.tf

@@ -6,10 +6,6 @@ terraform {
       source  = "castai/castai"
       version = ">= 6.0.0"
     }
-    helm = {
-      source  = "hashicorp/helm"
-      version = "~> 3.0"
-    }
     aws = {
       source  = "hashicorp/aws"
       version = "~> 5.0"

examples/eks/eks_cluster_live_migration/module/castai/versions.tf

@@ -2,5 +2,4 @@ cluster_name     = "<place-holder>"
 cluster_region   = "<place-holder>"
 castai_api_token = "<place-holder>"
 
-live_proxy_version = "0.36.0"
-live_helm_version = "0.36.0"
+live_helm_version = "0.39.0"

examples/eks/eks_cluster_live_migration/tf.vars.example

@@ -51,16 +51,11 @@ variable "enable_castai" {
 
 variable "install_helm_live" {
   type        = bool
-  description = "Optional parameter, if set to true - the 'castai-live' Helm chart will be installed on the cluster. This is required for live migration feature."
+  description = "Optional parameter, if set to true - the 'castai-live' Helm chart will be installed on the cluster. Helm chart must be installed to enable live migration functionality, the option exists only for developers."
   default     = true
 }
 
-variable "live_proxy_version" {
-  type    = string
-  default = "0.36.0"
-}
-
 variable "live_helm_version" {
   type    = string
-  default = "0.36.0"
+  default = "0.39.0"
 }