Merge remote-tracking branch 'origin/main' into operator

wandb · Dec 13, 2023 · 601088f · 601088f
2 parents 1636f8a + 9bbabcd
commit 601088f
Show file tree

Hide file tree

Showing 6 changed files with 55 additions and 23 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -2,6 +2,20 @@
 
 All notable changes to this project will be documented in this file.
 
+### [3.4.2](https://github.com/wandb/terraform-aws-wandb/compare/v3.4.1...v3.4.2) (2023-12-07)
+
+
+### Bug Fixes
+
+* Switch to gp3 volumes on EKS nodes ([#146](https://github.com/wandb/terraform-aws-wandb/issues/146)) ([86dbc7d](https://github.com/wandb/terraform-aws-wandb/commit/86dbc7df0de1aa6d2bc69862770ea67010354c20))
+
+### [3.4.1](https://github.com/wandb/terraform-aws-wandb/compare/v3.4.0...v3.4.1) (2023-12-07)
+
+
+### Bug Fixes
+
+* Fix private access example ([#155](https://github.com/wandb/terraform-aws-wandb/issues/155)) ([f0745ea](https://github.com/wandb/terraform-aws-wandb/commit/f0745eaf3e2d7111b6becfccac3134b18961e862))
+
 ## [3.4.0](https://github.com/wandb/terraform-aws-wandb/compare/v3.3.0...v3.4.0) (2023-11-13)
 
 

diff --git a/examples/private-access-only/main.tf b/examples/private-access-only/main.tf
@@ -61,18 +61,19 @@ module "standard" {
   namespace     = var.namespace
   public_access = false
 
-  wandb_license = var.wandb_license
-
   domain_name = aws_route53_zone.private.name
   zone_id     = aws_route53_zone.private.zone_id
 
   # Creating a custom VPC so that we can initalize a route53 zone first and configure a vpn
-  create_vpc              = false
-  network_id              = module.networking.vpc_id
-  network_private_subnets = module.networking.private_subnets
-  network_public_subnets  = module.networking.public_subnets
+  create_vpc                = false
+  network_id                = module.networking.vpc_id
+  network_private_subnets   = module.networking.private_subnets
+  network_public_subnets    = module.networking.public_subnets
+  allowed_inbound_cidr      = var.allowed_inbound_cidr
+  allowed_inbound_ipv6_cidr = var.allowed_inbound_ipv6_cidr
+  eks_cluster_version       = var.eks_cluster_version
 }
 
 output "url" {
   value = module.standard.url
-}
+}
diff --git a/examples/private-access-only/variables.tf b/examples/private-access-only/variables.tf
@@ -3,7 +3,22 @@ variable "namespace" {
   description = "Name prefix used for resources"
 }
 
-variable "wandb_license" {
-  type = string
+variable "allowed_inbound_cidr" {
+  default  = ["0.0.0.0/0"]
+  nullable = false
+  type     = list(string)
 }
 
+
+variable "allowed_inbound_ipv6_cidr" {
+  default  = ["::/0"]
+  nullable = false
+  type     = list(string)
+}
+
+variable "eks_cluster_version" {
+  description = "EKS cluster kubernetes version"
+  default     = "1.26"
+  nullable    = false
+  type        = string
+}
diff --git a/examples/private-access-only/versions.tf b/examples/private-access-only/versions.tf
@@ -2,7 +2,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = "~> 3.60"
+      version = "~> 4.0"
     }
   }
-}
+}
diff --git a/modules/app_eks/main.tf b/modules/app_eks/main.tf
@@ -64,19 +64,21 @@ module "eks" {
 
   node_groups = {
     primary = {
-      version                = var.cluster_version,
-      desired_capacity       = 2,
-      max_capacity           = 5,
-      min_capacity           = 2,
-      instance_types         = var.instance_types,
-      iam_role_arn           = aws_iam_role.node.arn,
-      create_launch_template = local.encrypt_ebs_volume,
-      disk_encrypted         = local.encrypt_ebs_volume,
-      disk_kms_key_id        = var.kms_key_arn,
-      force_update_version   = local.encrypt_ebs_volume,
       # IMDsv2
-      metadata_http_tokens                 = "required",
+      create_launch_template               = local.encrypt_ebs_volume,
+      desired_capacity                     = 2,
+      disk_encrypted                       = local.encrypt_ebs_volume,
+      disk_kms_key_id                      = var.kms_key_arn,
+      disk_type                            = "gp3"
+      enable_monitoring                    = true
+      force_update_version                 = local.encrypt_ebs_volume,
+      iam_role_arn                         = aws_iam_role.node.arn,
+      instance_types                       = var.instance_types,
+      max_capacity                         = 5,
       metadata_http_put_response_hop_limit = 2
+      metadata_http_tokens                 = "required",
+      min_capacity                         = 2,
+      version                              = var.cluster_version,
     }
   }
 

diff --git a/modules/app_eks/variables.tf b/modules/app_eks/variables.tf
@@ -62,8 +62,8 @@ variable "kms_key_arn" {
 
 variable "instance_types" {
   description = "EC2 Instance type for primary node group."
+  nullable    = false
   type        = list(string)
-  default     = ["m4.large"]
 }
 
 variable "lb_security_group_inbound_id" {