[TEAM] - Allow Fargate Profiles for teams
askulkarni2 opened this issue · 1 comments
askulkarni2 commented
Today, when we create fargate profiles, customers have to use the top level fargate_profiles prarameter
module "eks_blueprints" {
source = ...
...
fargate_profile = {
# Providing compute for default namespace
default = {
fargate_profile_name = "default"
fargate_profile_namespaces = [
{
namespace = "default"
}]
subnet_ids = module.vpc.private_subnets
}
# Providing compute for kube-system namespace where core addons reside
kube_system = {
fargate_profile_name = "kube-system"
fargate_profile_namespaces = [
{
namespace = "kube-system"
}]
subnet_ids = module.vpc.private_subnets
}
}
}It would be nice if fargate_profiles can be created for Teams. This fits nicely into the "namespace as a service" model where multiple teams live on the same cluster but use their own Fargate profiles. This will also enable customers who only want to use the Teams functionality to be able to create Fargate profiles without using the core module. I believe, the interface would look something like this then...
application_teams = {
team-blue = {
"labels" = {
"appName" = "example",
"projectName" = "example",
"environment" = "example",
"domain" = "example",
"uuid" = "example",
}
"quota" = {
"requests.cpu" = "1000m",
"requests.memory" = "4Gi",
"limits.cpu" = "2000m",
"limits.memory" = "8Gi",
"pods" = "10",
"secrets" = "10",
"services" = "10"
}
manifests_dir = "./manifests"
# Belows are examples of IAM users and roles
users = [
"arn:aws:iam::123456789012:user/blue-team-user",
"arn:aws:iam::123456789012:role/blue-team-sso-iam-role"
]
fargate_profile = {
fargate_profile_name = "team-blue"
fargate_profile_namespaces = [
{
namespace = "team-blue"
}]
subnet_ids = var.subnets
}
}
}askulkarni2 commented
Closing this as Fargate Profiles now supports wildcards that can be leveraged to implement such a pattern.