edge.24-07-08

Simplifies AWS EKS configuration with bootstrap mode, adds Fledged for node image caching, introduces PVC annotator for StatefulSet PVC management, and fixes various credential handling and utility command issues.

Redeploy StatefulSets for PVC Annotator Integration

Incorporating kube_pvc_annotator into Panfactum modules requires redeploying StatefulSets. Follow these steps carefully to avoid downtime or data loss.

Create a Velero backup of the cluster by running velero create backup -w <backup_name> to recover in case of mistakes.
The following StatefulSets need to be deleted in this order, with kubectl delete --cascade=orphan, and immediately restored with a subsequent terragrunt apply to their defining module:
- The Vault StatefulSet created by kube_vault
- The Redis cluster StatefulSet for Authentik created by kube_authentik
- The BuildKit StatefulSets created by kube_buildkit
- Any StatefulSets you have provisioned with kube_stateful_set
- Any Redis cluster StatefulSets you have provisioned with kube_redis_sentinel
As long as you use --cascade=orphan and minimize the time between kubectl delete and terragrunt apply, there will not be any downtime during this operation.
After completing step 2, delete the backing PVCs from each module one at a time by deleting the PVC and then deleting its bound pod. The controller will automatically provision a new PVC with the correct labels and annotations.
After deleting each pod, ensure a new pod is provisioned and becomes healthy before proceeding to the next. Proceeding one at a time will not cause downtime or data loss.
Delete the Velero backup created in step 1 by running velero delete backup <backup_name>.