feat: added llm helm (#18)

* feat: added llm helm * chore: tf fmt * chore: tf validate
csye7125-su24-team05 · Aug 17, 2024 · ed325c9 · ed325c9
1 parent 7ebb091
commit ed325c9
Show file tree

Hide file tree

Showing 11 changed files with 386 additions and 24 deletions.
diff --git a/dns.tf b/dns.tf
@@ -1,4 +1,9 @@
-data "aws_route53_zone" "hosted_zone" {
+data "aws_route53_zone" "grafana" {
   provider = aws.profile
   name     = "grafana.nexflare.me"
+}
+
+data "aws_route53_zone" "cve" {
+  provider = aws.profile
+  name     = "cve.nexflare.me"
 }
diff --git a/eks.tf b/eks.tf
@@ -54,6 +54,9 @@ module "eks" {
       vpc_id          = aws_vpc.cluster_vpc.id
       subnet_ids      = values(aws_subnet.subnets)[*].id
       iam_role_arn    = aws_iam_role.eks_node_role.arn
+      ami_type        = try(value.ami_type, null)
+      label           = try(value.label, null)
+      taints          = try(value.taints, {})
     }
   }
 

diff --git a/helm-llm.tf b/helm-llm.tf
@@ -0,0 +1,10 @@
+resource "helm_release" "llm" {
+  provider   = helm.eks-helm
+  name       = "ollama"
+  repository = "https://otwld.github.io/ollama-helm/"
+  chart      = "ollama"
+  values     = ["${file("values/llm.yaml")}"]
+  namespace  = var.namespaces["llm"].name
+
+  depends_on = [kubernetes_namespace.namespace, helm_release.istiod]
+}
diff --git a/helm.tf b/helm.tf
@@ -75,10 +75,11 @@ resource "helm_release" "prometheus" {
 }
 
 resource "helm_release" "certificate" {
-  provider = helm.eks-helm
-  name     = "cve-certificate"
-  chart    = "./${var.certificate.chart}"
-  values   = ["${file("values/certificate.yaml")}"]
+  provider  = helm.eks-helm
+  name      = "cve-certificate"
+  chart     = "./${var.certificate.chart}"
+  values    = ["${file("values/certificate.yaml")}"]
+  namespace = var.namespaces["cert-manager"].name
 
   depends_on = [null_resource.cert_manager_download_chart, helm_release.istiod]
 }
@@ -94,15 +95,6 @@ resource "helm_release" "istio-base" {
   depends_on = [kubernetes_namespace.namespace["istio-system"]]
 }
 
-# resource "helm_release" "istio-cni" {
-#   provider   = helm.eks-helm
-#   repository = "https://istio-release.storage.googleapis.com/charts"
-#   chart      = "cni"
-#   name       = "istio-cni"
-#   namespace  = var.namespaces["istio-system"].name
-#   depends_on = [kubernetes_namespace.namespace["istio-system"], helm_release.istio-base]
-# }
-
 resource "helm_release" "istiod" {
   provider   = helm.eks-helm
   repository = "https://istio-release.storage.googleapis.com/charts"
@@ -165,8 +157,8 @@ module "eks_blueprints_addons" {
   enable_external_dns                   = true
   enable_cert_manager                   = true
   enable_metrics_server                 = true
-  cert_manager_route53_hosted_zone_arns = [data.aws_route53_zone.hosted_zone.arn]
-  external_dns_route53_zone_arns        = [data.aws_route53_zone.hosted_zone.arn]
+  cert_manager_route53_hosted_zone_arns = [data.aws_route53_zone.cve.arn, data.aws_route53_zone.grafana.arn]
+  external_dns_route53_zone_arns        = [data.aws_route53_zone.cve.arn, data.aws_route53_zone.grafana.arn]
   external_dns = {
     values = ["${file("values/external-dns.yaml")}"]
   }
@@ -177,5 +169,5 @@ module "eks_blueprints_addons" {
 
   tags = local.tags
 
-  depends_on = [module.eks, data.aws_route53_zone.hosted_zone]
+  depends_on = [module.eks, data.aws_route53_zone.cve, data.aws_route53_zone.grafana]
 }
diff --git a/k8s.tf b/k8s.tf
@@ -109,6 +109,14 @@ resource "kubernetes_network_policy" "network_policy" {
         protocol = "TCP"
         port     = "8080"
       }
+      ports {
+        protocol = "TCP"
+        port     = "8501"
+      }
+      ports {
+        protocol = "TCP"
+        port     = "11434"
+      }
     }
 
     egress {}

diff --git a/values/certificate.yaml b/values/certificate.yaml
@@ -1,21 +1,21 @@
 #config for cert manager subchart
-production: false
+production: true
 
-host: ""
+host: grafana.nexflare.me
 
 prefix : /
 
 # destination for the virtual service
 destination:
-  host: ""
+  host: prometheus-grafana.prometheus.svc.cluster.local
   port: 80
 
 # email address for letsencrypt
 email: 
 
 dns:
   region: us-east-1
-  hostedZoneID: ""
+  hostedZoneID: Z0476827N51ME825SEX8
 
 gateways:
   - istio-ingress/grafana-gateway

diff --git a/values/external-dns.yaml b/values/external-dns.yaml
@@ -222,6 +222,7 @@ txtSuffix:
 ## - Limit possible target zones by domain suffixes.
 domainFilters: 
   - grafana.nexflare.me
+  - cve.nexflare.me
 
 ## -- Intentionally exclude domains from being managed.
 excludeDomains: []

diff --git a/values/istio-ingress.yaml b/values/istio-ingress.yaml
@@ -58,7 +58,7 @@ defaults:
     annotations:
       service.beta.kubernetes.io/aws-load-balancer-type: "nlb"
       service.beta.kubernetes.io/aws-load-balancer-scheme: "internet-facing"
-      external-dns.alpha.kubernetes.io/hostname: "grafana.nexflare.me"
+      external-dns.alpha.kubernetes.io/hostname: "grafana.nexflare.me,cve.nexflare.me"
     loadBalancerIP: ""
     loadBalancerSourceRanges: []
     externalTrafficPolicy: ""

diff --git a/values/kafka.yaml b/values/kafka.yaml
@@ -42,7 +42,7 @@ provisioning:
     sidecar.istio.io/inject: "false"
   topics:
     - name: cve-data-push
-      partitions: 3
+      partitions: 10
       replicationFactor: 3
   # postScript: |-
   #   #!/bin/bash
@@ -52,7 +52,7 @@ provisioning:
 
 persistence:
   enabled: true
-  size: 5Gi
+  size: 2Gi
 
 metrics:
   # jmx: