Install FluentBit in KIT Infrastructure (#285)

* add fluent-bit for logging

* update region

* fix helm params

* move to cdk install

* add fluent-bit

* add fluent-bit logging to cloudwatch and upgrade karpenter

Author: bwagner5

infrastructure/lib/addons/fluent-bit-for-aws.ts

@@ -0,0 +1,76 @@
+import { Construct } from 'constructs';
+import { aws_iam as iam, Stack, StackProps } from 'aws-cdk-lib';
+import { aws_eks as eks } from 'aws-cdk-lib';
+
+export interface AWSFluentBitProps extends StackProps {
+    cluster: eks.Cluster
+    namespace: string
+}
+
+export class AWSFluentBit extends Construct {
+    constructor(scope: Construct, id: string, props: AWSFluentBitProps) {
+        super(scope, id)
+        const ns = props.cluster.addManifest('aws-fluent-bit-namespace', {
+            apiVersion: 'v1',
+            kind: 'Namespace',
+            metadata: {
+                name: props.namespace
+            }
+        })
+
+        // Controller Role
+        const sa = props.cluster.addServiceAccount('aws-fluent-bit-sa', {
+            name: "fluent-bit",
+            namespace: props.namespace
+        })
+        sa.node.addDependency(ns)
+        sa.role.addManagedPolicy(iam.ManagedPolicy.fromAwsManagedPolicyName('CloudWatchAgentServerPolicy'))
+        sa.role.attachInlinePolicy(new iam.Policy(this, 'aws-fluent-bit-inline-policy', {
+            statements: [
+                new iam.PolicyStatement({
+                    resources: ['*'],
+                    actions: [
+                      "logs:PutRetentionPolicy",
+                    ],
+                }),
+            ],
+        }));
+      
+
+        const chart = props.cluster.addHelmChart('aws-fluent-bit-chart', {
+            chart: 'aws-for-fluent-bit',
+            release: 'aws-fluent-bit',
+            repository: 'https://aws.github.io/eks-charts',
+            namespace: props.namespace,
+            createNamespace: false,
+            values: {
+                serviceAccount: {
+                    create: false,
+                    name: 'fluent-bit',
+                },
+                cloudWatch: {
+                  region: Stack.of(this).region,
+                  logRetentionDays: "90",
+                  logKey: "log",
+                  logGroupName: Stack.of(this).stackName,
+                },
+                firehose: {
+                  enabled: false,
+                },
+                kinesis: {
+                  enabled: false,
+                },
+                elasticsearch: {
+                  enabled: false,
+                },
+                tolerations: [
+                    {
+                        key: 'CriticalAddonsOnly',
+                        operator: 'Exists',
+                    },
+                ],
+            }
+        })
+        chart.node.addDependency(ns)
+    }
+}

infrastructure/lib/addons/karpenter.ts

@@ -64,7 +64,7 @@ export class Karpenter extends Construct {
         const chart = props.cluster.addHelmChart('karpenter-chart', {
             chart: 'karpenter',
             release: 'karpenter',
-            version: 'v0.13.2',
+            version: 'v0.16.1',
             repository: 'https://charts.karpenter.sh',
             namespace: props.namespace,
             createNamespace: false,

infrastructure/lib/kit-infrastructure.ts

@@ -3,6 +3,7 @@ import { SecurityGroup } from 'aws-cdk-lib/aws-ec2'
 import { Construct } from 'constructs'
 import { AWSEBSCSIDriver } from './addons/aws-ebs-csi-driver'
 import { AWSLoadBalancerController } from './addons/aws-lbc'
+import { AWSFluentBit } from './addons/fluent-bit-for-aws'
 import { FluxV2 } from './addons/fluxv2'
 import { Karpenter } from './addons/karpenter'
 import { KIT } from './addons/kit'
@@ -158,6 +159,11 @@ export class KITInfrastructure extends Stack {
       }).node.addDependency(cluster);
     }
 
+    new AWSFluentBit(this, 'AWSFluentBit', {
+      cluster: cluster,
+      namespace: 'aws-fluent-bit',
+    }).node.addDependency(cluster);
+
     new FluxV2(this, 'Flux', {
       cluster: cluster,
       namespace: 'flux-system',