refacto(cilium): deploy everything, gw api crd as well using tf

Smana · Aug 10, 2023 · 840930c · 840930c
1 parent 58c34b9
commit 840930c
Show file tree

Hide file tree

Showing 10 changed files with 36 additions and 77 deletions.
diff --git a/infrastructure/base/cilium/kustomization.yaml b/infrastructure/base/cilium/kustomization.yaml
diff --git a/infrastructure/base/cilium/release.yaml b/infrastructure/base/cilium/release.yaml
diff --git a/infrastructure/base/cilium/source.yaml b/infrastructure/base/cilium/source.yaml
diff --git a/infrastructure/mycluster-0/kustomization.yaml b/infrastructure/mycluster-0/kustomization.yaml
@@ -3,6 +3,5 @@ kind: Kustomization
 
 resources:
   - ../base/aws-load-balancer-controller
-  - ../base/cilium
   - ../base/external-dns
   - ../base/gateway-api
diff --git a/terraform/eks/data.tf b/terraform/eks/data.tf
@@ -10,3 +10,8 @@ data "aws_ecrpublic_authorization_token" "token" {
 data "aws_eks_cluster_auth" "cluster_auth" {
   name = module.eks.cluster_name
 }
+
+data "http" "gateway_api_crds" {
+  count = length(local.gateway_api_crds_urls)
+  url   = local.gateway_api_crds_urls[count.index]
+}
diff --git a/terraform/eks/helm.tf b/terraform/eks/helm.tf
@@ -19,5 +19,8 @@ resource "helm_release" "cilium" {
     file("${path.module}/helm_values/cilium.yaml")
   ]
 
-  depends_on = [kubernetes_job.delete_aws_cni_ds]
+  depends_on = [
+    kubectl_manifest.gateway_api_crds,
+    kubernetes_job.delete_aws_cni_ds
+  ]
 }
diff --git a/terraform/eks/helm_values/cilium.yaml b/terraform/eks/helm_values/cilium.yaml
@@ -34,6 +34,5 @@ envoy:
     requests:
       cpu: 200m
       memory:
-# Deployed using Flux as we need to deploy the Gateway API CRDs first
-# gatewayAPI:
-#   enabled: true
+gatewayAPI:
+  enabled: true
diff --git a/terraform/eks/kubernetes.tf b/terraform/eks/kubernetes.tf
@@ -1,3 +1,10 @@
+# Install Gateway API CRD's. Requirement to be installed before Cilium is running
+resource "kubectl_manifest" "gateway_api_crds" {
+  count      = length(local.gateway_api_crds_urls)
+  yaml_body  = data.http.gateway_api_crds[count.index].body
+  depends_on = [module.eks]
+}
+
 # EKS post install kubernetes job with these changes
 resource "kubernetes_service_account" "eks_init" {
   metadata {
@@ -81,3 +88,5 @@ resource "kubernetes_job" "delete_aws_cni_ds" {
     module.eks
   ]
 }
+
+
diff --git a/terraform/eks/locals.tf b/terraform/eks/locals.tf
@@ -1,3 +1,13 @@
 locals {
   azs = slice(data.aws_availability_zones.available.names, 0, 3)
+
+  gateway_api_crds_urls = [
+    "https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/${var.gateway_api_version}/config/crd/experimental/gateway.networking.k8s.io_gatewayclasses.yaml",
+    "https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/${var.gateway_api_version}/config/crd/experimental/gateway.networking.k8s.io_gateways.yaml",
+    "https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/${var.gateway_api_version}/config/crd/experimental/gateway.networking.k8s.io_httproutes.yaml",
+    "https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/${var.gateway_api_version}/config/crd/experimental/gateway.networking.k8s.io_referencegrants.yaml",
+    "https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/${var.gateway_api_version}/config/crd/experimental/gateway.networking.k8s.io_tcproutes.yaml",
+    "https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/${var.gateway_api_version}/config/crd/experimental/gateway.networking.k8s.io_tlsroutes.yaml",
+    "https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/${var.gateway_api_version}/config/crd/experimental/gateway.networking.k8s.io_udproutes.yaml"
+  ]
 }
diff --git a/terraform/eks/variables.tf b/terraform/eks/variables.tf
@@ -34,6 +34,12 @@ variable "cilium_version" {
   type        = string
 }
 
+variable "gateway_api_version" {
+  description = "Gateway API CRDs version"
+  default     = "v0.7.1"
+  type        = string
+}
+
 # Flux
 variable "github_owner" {
   type        = string