DATAGO-137816: Test ske terratests in ci#135
Closed
seankoneill wants to merge 26 commits into
Closed
Conversation
…e-commit, and dependabot
DATAGO-135982: Add SKE reference architecture
* change cluster_name to name for network module and improve validations * fix owner email * remove routing tables since the feature flag in stackit docs doesn't work * tf fmt * update tfdocs * remove project since it is already added to root module * email is not needed * add labelling to network module * add resource labels
- Translate Kubernetes API access to a bool toggle (kubernetes_api_public_access) and configure SKE network.control_plane.access_scope from it. - Restrict the API via the acl extension using kubernetes_api_authorized_networks; bastion public IP is auto-appended when create_bastion = true. - Add opt-in dns (externalDNS) and observability extensions, configured via dns_enabled / dns_zones / observability_enabled / observability_instance_id. - Expose cluster_id, kubernetes_version_used, pod_address_ranges, and egress_address_ranges as module + template outputs. - Propagate common_labels to bastion resources; rename network module's resource_labels to common_labels for consistency. - README updates: document the API access modes, optional extensions, and add the missing kubernetes_version to the example tfvars.
Per PR #3 review (danny-wall-sol): STACKIT WIF is built around service accounts, not OIDC token exchange, so the cluster module does not need to surface these values for the WIF work in DATAGO-135999.
…ster-module DATAGO-137471: finalize SKE cluster module
…loud brokers SKE ships a complete set of premium-perfN-stackit StorageClasses pre-installed and Gardener-managed (shoot.gardener.cloud/no-cleanup: "true"), so no manifests need to be shipped from this repo. Replace the placeholder "Deploying Storage Classes" section with reference docs identifying perf6 for the broker spool volume and perf2 for the broker data volume, and link to STACKIT's service-plan docs for the full per-region IOPS matrix. Also bump the example tfvars kubernetes_version from 1.32 (no longer supported) to 1.35, with a note to check current supported versions via stackit ske options describe.
…okers SKE's Gardener-managed premium-perfN-stackit classes default to ext4, but Solace Cloud brokers require XFS (per the StackIT KA and matching the AKS/EKS/GKE reference architectures). Add solace-broker-spool (wraps storage_premium_perf6) and solace-default (wraps storage_premium_perf2), both with csi.storage.k8s.io/fstype: xfs. Update the README to point at the new manifests. Validated on hassim-test: both classes provisioned and mounted as XFS (confirmed via mount and df -T on test pods).
…-class DATAGO-135984: add XFS-backed SKE StorageClasses for Solace Cloud brokers
DATAGO-135982: SKE architecture diagram + bastion image auto-detect
* add service creation terratests for ske * remove incorrect comment and depends_on lifecycle * remove t.parallel * remove no bastion test * add a stored var file to copy dir * fix var file format * set test images to latest since we don't care about these * revert k8s version lookup since just major.minor works fine
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What type of PR is this?
What this PR does / why we need it:
Which issue(s) this PR fixes:
Fixes #
Special notes for your reviewer: