cherry-pick aws#2251, aws#2226, aws#2187, aws#2201, aws#1794

jdn5126 · Feb 3, 2023 · 0fec104 · 0fec104
1 parent 0e60316
commit 0fec104
Show file tree

Hide file tree

Showing 11 changed files with 129 additions and 39 deletions.
diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
@@ -1,6 +1,8 @@
 name: VPC CNI Release
 
-on: [push, workflow_dispatch]
+on:
+  release:
+    types: [published]
 
 permissions:
   contents: read
@@ -11,11 +13,12 @@ env:
 
 jobs:
   release:
-    if: github.event_name == 'push' && contains(github.ref, 'refs/tags/')
     runs-on: ubuntu-latest
     steps:
       - name: Checkout latest commit in the PR
         uses: actions/checkout@v3
+        with:
+          ref: "refs/tags/{{ github.event.release.tag_name }}"
       - name: Set up Go
         uses: actions/setup-go@v3
         with:

diff --git a/Makefile b/Makefile
@@ -39,7 +39,7 @@ METRICS_IMAGE = amazon/cni-metrics-helper
 METRICS_IMAGE_NAME = $(METRICS_IMAGE)$(IMAGE_ARCH_SUFFIX):$(VERSION)
 METRICS_IMAGE_DIST = $(DESTDIR)/$(subst /,_,$(METRICS_IMAGE_NAME)).tar.gz
 REPO_FULL_NAME=aws/amazon-vpc-cni-k8s
-HELM_CHART_NAME ?= "aws-vpc-cni"
+HELM_CHART_NAMES ?= "aws-vpc-cni" "cni-metrics-helper"
 # TEST_IMAGE is the testing environment container image.
 TEST_IMAGE = amazon-k8s-cni-test
 TEST_IMAGE_NAME = $(TEST_IMAGE)$(IMAGE_ARCH_SUFFIX):$(VERSION)
@@ -341,10 +341,14 @@ generate-limits:    ## Generate limit file go code
 	go run $(VENDOR_OVERRIDE_FLAG) scripts/gen_vpc_ip_limits.go
 
 ekscharts-sync:
-	${MAKEFILE_PATH}/scripts/sync-to-eks-charts.sh -b ${HELM_CHART_NAME} -r ${REPO_FULL_NAME}
+	for HELM_CHART_NAME in $(HELM_CHART_NAMES) ; do \
+		${MAKEFILE_PATH}/scripts/sync-to-eks-charts.sh -b $$HELM_CHART_NAME -r ${REPO_FULL_NAME} ; \
+	done
 
 ekscharts-sync-release:
-	${MAKEFILE_PATH}/scripts/sync-to-eks-charts.sh -b ${HELM_CHART_NAME} -r ${REPO_FULL_NAME} -n -y
+	for HELM_CHART_NAME in $(HELM_CHART_NAMES) ; do \
+		${MAKEFILE_PATH}/scripts/sync-to-eks-charts.sh -b $$HELM_CHART_NAME -r ${REPO_FULL_NAME} -n -y ; \
+	done
 
 upload-resources-to-github:
 	${MAKEFILE_PATH}/scripts/upload-resources-to-github.sh

diff --git a/charts/aws-vpc-cni/README.md b/charts/aws-vpc-cni/README.md
@@ -91,7 +91,6 @@ WARNING: Substitute YOUR_HELM_RELEASE_NAME_HERE with the name of your helm relea
 
 set -euo pipefail
 
-# don't import the crd. Helm cant manage the lifecycle of it anyway.
 for kind in daemonSet clusterRole clusterRoleBinding serviceAccount; do
   echo "setting annotations and labels on $kind/aws-node"
   kubectl -n kube-system annotate --overwrite $kind aws-node meta.helm.sh/release-name=YOUR_HELM_RELEASE_NAME_HERE

diff --git a/charts/aws-vpc-cni/templates/daemonset.yaml b/charts/aws-vpc-cni/templates/daemonset.yaml
@@ -91,8 +91,8 @@ spec:
           - mountPath: /host/etc/cni/net.d
             name: cni-net-dir
 {{- if .Values.cniConfig.enabled }}
-            # the dockerfile copies the baked in config to this location, lets overwrite it with ours
-            # the entrypoint.sh script will then copy our config to /host/etc/cni/net.d on boot
+            # The dockerfile copies the baked in config to this location, so overwrite it with ours.
+            # The entrypoint process will then copy our config to /host/etc/cni/net.d on boot.
           - name: cni-config
             mountPath: /app/10-aws.conflist
             subPath: 10-aws.conflist

diff --git a/charts/cni-metrics-helper/Chart.yaml b/charts/cni-metrics-helper/Chart.yaml
@@ -1,23 +1,19 @@
 apiVersion: v2
 name: cni-metrics-helper
-description: A Helm chart for Kubernetes
-
-# A chart can be either an 'application' or a 'library' chart.
-#
-# Application charts are a collection of templates that can be packaged into versioned archives
-# to be deployed.
-#
-# Library charts provide useful utilities or functions for the chart developer. They're included as
-# a dependency of application charts to inject those utilities and functions into the rendering
-# pipeline. Library charts do not define any templates and therefore cannot be deployed.
-type: application
-
-# This is the chart version. This version number should be incremented each time you make changes
-# to the chart and its templates, including the app version.
-# Versions are expected to follow Semantic Versioning (https://semver.org/)
 version: 0.1.16
-
-# This is the version number of the application being deployed. This version number should be
-# incremented each time you make changes to the application. Versions are not expected to
-# follow Semantic Versioning. They should reflect the version the application is using.
 appVersion: v1.12.2
+description: A Helm chart for the AWS VPC CNI Metrics Helper
+icon: https://raw.githubusercontent.com/aws/eks-charts/master/docs/logo/aws.png
+home: https://github.com/aws/amazon-vpc-cni-k8s
+sources:
+  - https://github.com/aws/amazon-vpc-cni-k8s
+keywords:
+  - eks
+  - cni
+  - networking
+  - vpc
+maintainers:
+  - name: Jayanth Varavani
+    url: https://github.com/jayanthvn
+    email: [email protected]
+engine: gotpl
diff --git a/charts/cni-metrics-helper/README.md b/charts/cni-metrics-helper/README.md
@@ -0,0 +1,81 @@
+# CNI METRICS HELPER
+
+This chart provides a Kubernetes deployment for the Amazon VPC CNI Metrics Helper, which is used to collect metrics for the Amazon VPC CNI plugin for Kubernetes.
+
+## Prerequisites
+
+- Kubernetes 1.11+ running on AWS
+- Helm 3.0+
+
+## Installing the Chart
+
+First add the EKS repository to Helm:
+
+```shell
+helm repo add eks https://aws.github.io/eks-charts
+```
+
+To install the chart with the release name `cni-metrics-helper` and default configuration:
+
+```shell
+$ helm install cni-metrics-helper --namespace kube-system eks/cni-metrics-helper
+```
+
+To install manually, clone the Amazon VPC CNI for Kubernetes repository to your local machine:
+
+```shell
+$ git clone https://github.com/aws/amazon-vpc-cni-k8s.git
+```
+
+Use the helm install command to install the chart into your Kubernetes cluster:
+
+```shell
+$ helm install cni-metrics-helper --namespace kube-system ./charts/cni-metrics-helper
+```
+
+To uninstall:
+
+```shell
+$ helm uninstall cni-metrics-helper --namespace kube-system
+```
+
+## Configuration
+
+The following table lists the configurable parameters for this chart and their default values.
+
+| Parameter                    | Description                                                   | Default            |
+|------------------------------|---------------------------------------------------------------|--------------------|
+| fullnameOverride             | Override the fullname of the chart                            | cni-metrics-helper |
+| image.region                 | ECR repository region to use. Should match your cluster       | us-west-2          |
+| image.tag                    | Image tag                                                     | v1.12.2            |
+| image.account                | ECR repository account number                                 | 602401143452       |
+| image.domain                 | ECR repository domain                                         | amazonaws.com      |
+| env.USE_CLOUDWATCH           | Whether to export CNI metrics to CloudWatch                   | true               |
+| env.AWS_CLUSTER_ID           | ID of the cluster to use when exporting metrics to CloudWatch | default            |
+| env.AWS_VPC_K8S_CNI_LOGLEVEL | Log verbosity level (ie. FATAL, ERROR, WARN, INFO, DEBUG)     | INFO               |
+| serviceAccount.name          | The name of the ServiceAccount to use                         | nil                |
+| serviceAccount.create        | Specifies whether a ServiceAccount should be created          | true               |
+| serviceAccount.annotations   | Specifies the annotations for ServiceAccount                  | {}                 |
+
+Specify each parameter using the `--set key=value[,key=value]` argument to `helm install` or provide a YAML file containing the values for the above parameters:
+
+```shell
+$ helm install cni-metrics-handler --namespace kube-system eks/cni-metrics-handler --values values.yaml
+```
+
+Manual install:
+```shell
+$ helm install cni-metrics-helper --namespace kube-system ./charts/cni-metrics-helper --values values.yaml
+```
+
+## Resources
+
+| Parameter                 | Description                                    | Default |
+|---------------------------|------------------------------------------------|---------|
+|    resources              | Resources for the pods.                        |   `{}`  |
+
+For example, to set a CPU limit of 200m and a memory limit of 256Mi for the cni-metrics-helper pods, you can use the following command:
+
+```shell
+$ helm install cni-metrics-helper ./charts/cni-metrics-helper --namespace kube-system --set resources.limits.cpu=200m,resources.limits.memory=256Mi
+```
diff --git a/charts/cni-metrics-helper/values.yaml b/charts/cni-metrics-helper/values.yaml
@@ -13,6 +13,7 @@ image:
 env:
   USE_CLOUDWATCH: "true"
   AWS_CLUSTER_ID: ""
+  AWS_VPC_K8S_CNI_LOGLEVEL: "INFO"
 
 fullnameOverride: "cni-metrics-helper"
 
@@ -24,3 +25,5 @@ serviceAccount:
   name:
   annotations: {}
     # eks.amazonaws.com/role-arn: arn:aws:iam::AWS_ACCOUNT_ID:role/IAM_ROLE_NAME  
+
+resources: {}
diff --git a/scripts/generate-cni-yaml.sh b/scripts/generate-cni-yaml.sh
@@ -4,7 +4,7 @@ set -euo pipefail
 SCRIPTPATH="$( cd "$(dirname "$0")" ; pwd -P )"
 
 PLATFORM=$(uname | tr '[:upper:]' '[:lower:]')
-HELM_VERSION="3.6.3"
+HELM_VERSION="3.11.0"
 NAMESPACE="kube-system"
 
 MAKEFILEPATH=$SCRIPTPATH/../Makefile
@@ -94,7 +94,7 @@ jq -c '.[]' $REGIONS_FILE | while read i; do
     mv $BUILD_DIR/helm_annotations_removed.yaml $NEW_METRICS_RESOURCES_YAML
 done    
 
-$BUILD_DIR/helm template --include-crds \
+$BUILD_DIR/helm template aws-vpc-cni --include-crds \
     --namespace $NAMESPACE \
     --output-dir $INDV_RESOURCES_DIR/ \
     $SCRIPTPATH/../charts/aws-vpc-cni/
@@ -104,7 +104,7 @@ for i in $INDV_RESOURCES_DIR/aws-vpc-cni/templates/*; do
   mv $BUILD_DIR/helm_annotations_removed.yaml $i
 done
 
-$BUILD_DIR/helm template \
+$BUILD_DIR/helm template cni-metrics-helper \
     --namespace $NAMESPACE \
     --output-dir $INDV_RESOURCES_DIR/ \
     $SCRIPTPATH/../charts/cni-metrics-helper/

diff --git a/scripts/sync-to-config-folder.sh b/scripts/sync-to-config-folder.sh
@@ -2,7 +2,6 @@
 set -euo pipefail
 set +x
 
-
 SCRIPTPATH="$( cd "$(dirname "$0")" ; pwd -P )"
 BUILD_DIR="${SCRIPTPATH}/../build"
 
@@ -17,7 +16,7 @@ BINARY_BASE=""
 INCLUDE_NOTES=0
 MANUAL_VERIFY=1
 
-GH_CLI_VERSION="0.10.1"
+GH_CLI_VERSION="2.22.1"
 GH_CLI_CONFIG_PATH="${HOME}/.config/gh/config.yml"
 KERNEL=$(uname -s | tr '[:upper:]' '[:lower:]')
 OS="${KERNEL}"
@@ -180,4 +179,4 @@ git push -u origin "${FORK_RELEASE_BRANCH}":$RELEASE_BRANCH
 gh pr create --title "🥳 ${BINARY_BASE} ${VERSION} Automated manifest sync! 🥑" \
     --body "${PR_BODY}" --repo ${REPO} --base ${RELEASE_BRANCH}
 
-echo "✅ Manifest folder PR created for $RELEASE_BRANCH"
+echo "Manifest folder PR created for ${RELEASE_BRANCH}"
diff --git a/scripts/sync-to-eks-charts.sh b/scripts/sync-to-eks-charts.sh
@@ -6,13 +6,12 @@ SCRIPTPATH="$( cd "$(dirname "$0")" ; pwd -P )"
 BUILD_DIR="${SCRIPTPATH}/../build"
 
 REPO="aws/amazon-vpc-cni-k8s"
-HELM_CHART_NAME="aws-vpc-cni"
+HELM_CHART_NAME=${HELM_CHART_NAME:-'aws-vpc-cni'}
 HELM_CHART_BASE_BIR="${SCRIPTPATH}/../charts"
 
 CHARTS_REPO="aws/eks-charts"
 CHARTS_REPO_NAME=$(echo ${CHARTS_REPO} | cut -d'/' -f2)
 
-HELM_CHART_DIR="${HELM_CHART_BASE_BIR}/${HELM_CHART_NAME}"
 PR_ID=$(uuidgen | cut -d '-' -f1)
 
 SYNC_DIR="${BUILD_DIR}/eks-charts-sync"
@@ -22,15 +21,15 @@ BINARY_BASE=""
 INCLUDE_NOTES=0
 MANUAL_VERIFY=1
 
-GH_CLI_VERSION="0.10.1"
+GH_CLI_VERSION="2.22.1"
 GH_CLI_CONFIG_PATH="${HOME}/.config/gh/config.yml"
 KERNEL=$(uname -s | tr '[:upper:]' '[:lower:]')
 OS="${KERNEL}"
 if [[ "${KERNEL}" == "darwin" ]]; then 
   OS="macOS"
 fi
 
-VERSION=$(make -s -f "${SCRIPTPATH}/../Makefile" version)
+VERSION=$(echo $(make -s -f "${SCRIPTPATH}/../Makefile" version) | cut -d'-' -f1)
 
 USAGE=$(cat << EOM
   Usage: sync-to-eks-charts  -r <repo>
@@ -54,6 +53,7 @@ while getopts b:r:ny opt; do
         REPO="$OPTARG"
       ;;
     b ) # binary basename
+        HELM_CHART_NAME="$OPTARG"
         BINARY_BASE="$OPTARG"
       ;;
     n ) # Include release notes
@@ -74,6 +74,13 @@ if [[ -n "${BINARY_BASE}" ]]; then
   HELM_CHART_NAME=${BINARY_BASE}
 fi
 
+if [[ "$HELM_CHART_NAME" =~ ^(aws-vpc-cni|cni-metrics-helper)$ ]]; then
+  echo "starting to sync chart $HELM_CHART_NAME"
+else
+  echo "invalid chart name, quit the script"
+  exit 0
+fi
+
 if [[ -z "${REPO}" ]]; then 
   echo "Repo (-r) must be specified if no \"make repo-full-name\" target exists"
 fi
@@ -123,7 +130,6 @@ cd "${FORK_DIR}"
 git remote set-url origin https://"${GITHUB_USERNAME}":"${GITHUB_TOKEN}"@github.com/"${GITHUB_USERNAME}"/"${CHARTS_REPO_NAME}".git
 DEFAULT_BRANCH=$(git rev-parse --abbrev-ref HEAD | tr -d '\n')
 
-
 if diff -x ".*" -r "$HELM_CHART_DIR/" "${FORK_DIR}/stable/${HELM_CHART_NAME}/" &> /dev/null ; then
   echo " ✅  Charts already in sync; no updates needed"
   exit

diff --git a/scripts/upload-resources-to-github.sh b/scripts/upload-resources-to-github.sh
@@ -6,7 +6,6 @@ set -euo pipefail
 SCRIPTPATH="$( cd "$(dirname "$0")" ; pwd -P )"
 VERSION=$(make -s -f $SCRIPTPATH/../Makefile version)
 BUILD_DIR=$SCRIPTPATH/../build/cni-rel-yamls/$VERSION
-BINARY_DIR=$SCRIPTPATH/../build/bin
 
 CNI_TAR_RESOURCES_FILE=$BUILD_DIR/cni_individual-resources.tar
 METRICS_TAR_RESOURCES_FILE=$BUILD_DIR/cni_metrics_individual-resources.tar