-
Notifications
You must be signed in to change notification settings - Fork 1
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Initial EKS Support for Anyscale on Kubernetes #52
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Adding the IAM Role and Policy requirements for the EKS Cluster and Node Group. This includes the following: - IAM Role for the EKS Cluster - IAM Role for the EKS Node Group - IAM Policies for the EKS Cluster and Node Group - IAM Policies for the EKS Cluster and Node Group Data Also updated pre-commit-config to latest versions. On branch brent/eks Changes to be committed: modified: ../../.pre-commit-config.yaml modified: README.md new file: eks-cluster_assumerole.tmpl new file: eks-cluster_autoscaler.tmpl new file: eks-iam-main.tf new file: eks-iam-policies-data.tf new file: eks-node_assumerole.tmpl modified: iam-policies-data.tf modified: main.tf modified: outputs.tf modified: test/anyscale-test/main.tf modified: test/anyscale-test/outputs.tf modified: test/anyscale-test/variables.tf modified: variables.tf
Additional updates to pre-commit-config.yaml and .tflint.hcl Added module and test for eks-cluster. This module will only create an EKS cluster. It will not create any nodegroups. The nodegroups will be created in a separate module. Changes to be committed: modified: ../../.pre-commit-config.yaml modified: ../../.tflint.hcl new file: README.md new file: main.tf new file: outputs.tf new file: test/README.md new file: test/anyscale-test/main.tf new file: test/anyscale-test/outputs.tf new file: test/anyscale-test/variables.tf new file: test/anyscale-test/versions.tf new file: variables.tf new file: versions.tf
Changes to be committed: modified: README.md modified: outputs.tf
Add initial work for EKS Nodegroups to support Anyscale on EKS. Additional updates to the EKS cluster module to support addons and the management nodegroup. General cleanup of the securitygroups variables Changes to be committed: modified: aws-anyscale-eks-cluster/README.md modified: aws-anyscale-eks-cluster/main.tf modified: aws-anyscale-eks-cluster/outputs.tf modified: aws-anyscale-eks-cluster/test/anyscale-test/main.tf modified: aws-anyscale-eks-cluster/variables.tf new file: aws-anyscale-eks-nodegroups/README.md new file: aws-anyscale-eks-nodegroups/main.tf new file: aws-anyscale-eks-nodegroups/outputs.tf new file: aws-anyscale-eks-nodegroups/test/README.md new file: aws-anyscale-eks-nodegroups/test/anyscale-test/main.tf new file: aws-anyscale-eks-nodegroups/test/anyscale-test/outputs.tf new file: aws-anyscale-eks-nodegroups/test/anyscale-test/variables.tf new file: aws-anyscale-eks-nodegroups/test/anyscale-test/versions.tf new file: aws-anyscale-eks-nodegroups/variables.tf new file: aws-anyscale-eks-nodegroups/versions.tf modified: aws-anyscale-securitygroups/README.md modified: aws-anyscale-securitygroups/main.tf modified: aws-anyscale-securitygroups/variables.tf
Allow passing in a list of nodegroups to create for an EKS Cluster. Changes to be committed: modified: README.md modified: main.tf modified: variables.tf
Simplifying the underlying number of variables required, and consolidating them into a single map variable. Added kitchen-sink test to validate the new variable structure. Changes to be committed: modified: modules/aws-anyscale-eks-nodegroups/README.md modified: modules/aws-anyscale-eks-nodegroups/main.tf modified: modules/aws-anyscale-eks-nodegroups/test/anyscale-test/main.tf modified: modules/aws-anyscale-eks-nodegroups/variables.tf
Changes to be committed: modified: modules/aws-anyscale-eks-cluster/README.md modified: modules/aws-anyscale-eks-cluster/main.tf modified: modules/aws-anyscale-eks-cluster/variables.tf
To deal with deletion of node groups taking an extended period of time. Changes to be committed: modified: modules/aws-anyscale-eks-nodegroups/README.md modified: modules/aws-anyscale-eks-nodegroups/variables.tf
Changes to be committed: modified: modules/aws-anyscale-eks-cluster/README.md modified: modules/aws-anyscale-eks-cluster/main.tf modified: modules/aws-anyscale-eks-cluster/outputs.tf modified: modules/aws-anyscale-eks-cluster/test/anyscale-test/main.tf modified: modules/aws-anyscale-eks-cluster/test/anyscale-test/outputs.tf modified: modules/aws-anyscale-eks-cluster/variables.tf modified: modules/aws-anyscale-eks-cluster/versions.tf modified: modules/aws-anyscale-eks-nodegroups/README.md modified: modules/aws-anyscale-eks-nodegroups/variables.tf modified: modules/aws-anyscale-iam/README.md new file: modules/aws-anyscale-iam/eks-ebs-csi-assumerole.tmpl modified: modules/aws-anyscale-iam/eks-iam-main.tf modified: modules/aws-anyscale-iam/eks-iam-policies-data.tf modified: modules/aws-anyscale-iam/outputs.tf modified: modules/aws-anyscale-iam/test/anyscale-test/main.tf modified: modules/aws-anyscale-iam/test/anyscale-test/outputs.tf modified: modules/aws-anyscale-iam/variables.tf
Changes to be committed: modified: main.tf
Now with the EBS CSI driver! Changes to be committed: modified: modules/aws-anyscale-eks-cluster/test/anyscale-test/main.tf modified: modules/aws-anyscale-eks-cluster/test/anyscale-test/outputs.tf
IAM: - Update IAM EKS Autoscaler policy for least priveledge access. - Update IAM EKS Node Role to use Autoscaler policy - it was incorrectly assigned to the EKS Cluster Role. NodeGroups: - Update NodeGroups to include additional parameters including updates to AMI, instance type, and disk size. - Include two default node groups for Anyscale for 2x and 4x large instances. S3: - Update CORS rules to use standard Terraform syntax. Changes to be committed: modified: modules/aws-anyscale-eks-nodegroups/README.md modified: modules/aws-anyscale-eks-nodegroups/main.tf modified: modules/aws-anyscale-eks-nodegroups/variables.tf modified: modules/aws-anyscale-iam/README.md modified: modules/aws-anyscale-iam/eks-iam-main.tf modified: modules/aws-anyscale-iam/eks-iam-policies-data.tf renamed: modules/aws-anyscale-iam/eks-cluster_autoscaler.tmpl -> modules/aws-anyscale-iam/eks-node_autoscaler.tmpl modified: modules/aws-anyscale-iam/variables.tf modified: modules/aws-anyscale-s3/main.tf
Changes to be committed: modified: modules/aws-anyscale-iam/README.md modified: modules/aws-anyscale-iam/eks-iam-main.tf modified: modules/aws-anyscale-iam/iam-policies-data.tf modified: modules/aws-anyscale-iam/main.tf new file: modules/aws-anyscale-iam/s3-bucket-access.tmpl
Changes to be committed: modified: CHANGELOG.md
sudhirn-anyscale
approved these changes
Aug 27, 2024
Ping on the PR review @csivanich and @ftimyo |
Update default values for Anyscale NodeGroup - set default values. Changes to be committed: modified: modules/aws-anyscale-eks-nodegroups/README.md modified: modules/aws-anyscale-eks-nodegroups/variables.tf
ftimyo
reviewed
Aug 29, 2024
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Overall LGTM
Changes to be committed: modified: modules/aws-anyscale-eks-cluster/test/anyscale-test/main.tf modified: modules/aws-anyscale-iam/README.md new file: modules/aws-anyscale-iam/eks-efs-csi-assumerole.tmpl modified: modules/aws-anyscale-iam/eks-iam-main.tf modified: modules/aws-anyscale-iam/eks-iam-policies-data.tf modified: modules/aws-anyscale-iam/outputs.tf modified: modules/aws-anyscale-iam/test/anyscale-test/main.tf modified: modules/aws-anyscale-iam/test/anyscale-test/outputs.tf modified: modules/aws-anyscale-iam/variables.tf
Changes to be committed: modified: modules/aws-anyscale-iam/README.md renamed: modules/aws-anyscale-iam/eks-cluster_assumerole.tmpl -> modules/aws-anyscale-iam/eks-cluster_assumerole.tfpl renamed: modules/aws-anyscale-iam/eks-ebs-csi-assumerole.tmpl -> modules/aws-anyscale-iam/eks-ebs-csi-assumerole.tfpl renamed: modules/aws-anyscale-iam/eks-efs-csi-assumerole.tmpl -> modules/aws-anyscale-iam/eks-efs-csi-assumerole.tfpl modified: modules/aws-anyscale-iam/eks-iam-main.tf modified: modules/aws-anyscale-iam/eks-iam-policies-data.tf renamed: modules/aws-anyscale-iam/eks-node_assumerole.tmpl -> modules/aws-anyscale-iam/eks-node_assumerole.tfpl renamed: modules/aws-anyscale-iam/eks-node_autoscaler.tmpl -> modules/aws-anyscale-iam/eks-node_no_efs.tfpl new file: modules/aws-anyscale-iam/eks-node_with_efs.tfpl modified: modules/aws-anyscale-iam/test/anyscale-test/main.tf modified: modules/aws-anyscale-iam/variables.tf
- Renamed eks-node_no_efs.tfpl to eks-node.tfpl - Updated eks-node.tfpl to include EFS permissions when an EFS ARN is provided - Updated policies-data.tf to include the new eks-node.tfpl and remove eks-node_no_efs.tfpl Changes to be committed: modified: modules/aws-anyscale-iam/eks-iam-policies-data.tf renamed: modules/aws-anyscale-iam/eks-node_with_efs.tfpl -> modules/aws-anyscale-iam/eks-node.tfpl deleted: modules/aws-anyscale-iam/eks-node_no_efs.tfpl
Changes to be committed: modified: modules/aws-anyscale-iam/eks-iam-main.tf
Changes to be committed: modified: modules/aws-anyscale-eks-nodegroups/README.md modified: modules/aws-anyscale-eks-nodegroups/variables.tf
Added a Launc Template to the EKS Nodegroups module to allow for more granular control over the instance configuration including: - Security Groups - GP3 Volumes - Hop limit Changes to be committed: modified: modules/aws-anyscale-eks-cluster/README.md modified: modules/aws-anyscale-eks-cluster/outputs.tf modified: modules/aws-anyscale-eks-nodegroups/README.md modified: modules/aws-anyscale-eks-nodegroups/main.tf modified: modules/aws-anyscale-eks-nodegroups/test/anyscale-test/main.tf modified: modules/aws-anyscale-eks-nodegroups/variables.tf
The EKS Cluster does not need the Anyscale Security Group so that was removed. The EKS Node Groups do require the Anyscale Security Group, but made those default to `null` in the variables so the nodegroups can be created without the Anyscale Security Group (if desired). Changes to be committed: modified: modules/aws-anyscale-eks-cluster/README.md modified: modules/aws-anyscale-eks-cluster/variables.tf modified: modules/aws-anyscale-eks-nodegroups/README.md modified: modules/aws-anyscale-eks-nodegroups/main.tf modified: modules/aws-anyscale-eks-nodegroups/test/anyscale-test/main.tf modified: modules/aws-anyscale-eks-nodegroups/variables.tf
Changes to be committed: modified: modules/aws-anyscale-eks-nodegroups/README.md modified: modules/aws-anyscale-eks-nodegroups/main.tf modified: modules/aws-anyscale-eks-nodegroups/variables.tf
Changes to be committed: modified: modules/aws-anyscale-iam/README.md modified: modules/aws-anyscale-iam/eks-iam-main.tf modified: modules/aws-anyscale-iam/eks-node.tfpl
Changes to be committed: modified: CHANGELOG.md
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR includes the required changes to support the initial release of Anyscale running on EKS. This should be considered a beta release and additional updates will be coming.
NOT YET DONE:
Pull request checklist
Please check if your PR fulfills the following requirements:
Pull Request Type
Does this introduce a breaking change?