agent: |
Add credentials for various integrations
Managing workspaces and access control
DagKnows Architecture Overview
Setting up SSO via Azure AD for Dagknows
Enable "Auto Exec" and "Send Execution Result to LLM" in "Adjust Settings" if desired
(Optionally) Add ubuntu user to docker group and refresh group membership
Deployment of an EKS Cluster with Worker Nodes in AWS
Adding, Deleting, Listing DagKnows Proxy credentials or key-value pairs
Comprehensive AWS Security and Compliance Evaluation Workflow (SOC2 Super Runbook)
AWS EKS Version Update 1.29 to 1.30 via terraform
Instruction to allow WinRM connection
MSP Usecase: User Onboarding Azure + M365
Post a message to a Slack channel
How to debug a kafka cluster and kafka topics?
Open VPN Troubleshooting (Powershell)
Execute a simple task on the proxy
Assign the proxy role to a user
Create roles to access credentials in proxy
Install OpenVPN client on Windows laptop
Setup Kubernetes kubectl and Minikube on Ubuntu 22.04 LTS
Install Prometheus and Grafana on the minikube cluster on EC2 instance in the monitoring namespace
update the EKS versions in different clusters
AI agent session 2024-09-12T09:36:14-07:00 by Sarang Dharmapurikar
Parse EDN content and give a JSON out
Check whether a user is there on Azure AD and if the user account status is enabled
Get the input parameters of a Jenkins pipeline
Get the console output of last Jenkins job build
Get last build status for a Jenkins job
Trigger a Jenkins job with param values
List all the resource ARNs in a given region
Give me steps to do health checks on a Linux Server
Process Zendesk Ticket for updating comments (auto reply)
Add a public comment to a Zendesk Ticket
Identify list out IAM users list in AWS using dagknows
Restoring an AWS Redshift Cluster from a Snapshot
AWS EKS Version Update 1.29 to 1.30 via terraform
- 1GMP66K7bp0uWvB0UhO84Make changes for AWS EKS version 1.30
1
Make changes for AWS EKS version 1.30
There was a problem that the LLM was not able to address. Please rephrase your prompt and try again.Check Terraform configuration for the below changes
- All managed Node groups will default to using Amzon Linux 2023 (as default node OS).
- Default EBS class changed to gp3, so use that by default to avoid issues
- Minimum required IAM policy for the Amazon EKS cluster IAM role also requires: "ec2:DescribeAvailabilityZones"
- Check for deprecated api versions for kubernetes and replace them if used anywhere.
- Check the versions of Terraform aws eks module and other modules if they are compatible with the new EKS version
- Check version and upgrade managed Add-ons for EKS cluster(not applicable in our case, we use a helm chart based deployment)
Kubernetes Deprecation API guide: https://kubernetes.io/docs/reference/using-api/deprecation-guide/
inputsoutputs1 - 2VsDWYxmyGHUd3VSDmzysMinimum required IAM policy for the Amazon EKS cluster IAM role also requires: "ec2:DescribeAvailabilityZones"
2
There was a problem that the LLM was not able to address. Please rephrase your prompt and try again.Edit aws_iam_policy_eks in eks/user.tf to include "ec2:DescribeAvailabilityZones" as well.
Basic requirement of policy was increased to include this policy.
inputsoutputs2 - 3YlzpyozVrnbmIhN55e9zEdit eks/provider.tf to replace a deprecated api
3
Edit eks/provider.tf to replace a deprecated api
There was a problem that the LLM was not able to address. Please rephrase your prompt and try again.Change from v1beta1 to v1 for the api_version
inputsoutputs3 - 4wmjuGD3Ix60s49xInw9cBackup Statefiles before upgrade for the EKS cluster
4
Backup Statefiles before upgrade for the EKS cluster
There was a problem that the LLM was not able to address. Please rephrase your prompt and try again.inputsoutputs4 - 5DIQZV5Ab94XqDTR5qTz6Ensure OIDC provider URL and Service Account issuer URL are different before upgrading to EKS v1.30
5
Ensure OIDC provider URL and Service Account issuer URL are different before upgrading to EKS v1.30
There was a problem that the LLM was not able to address. Please rephrase your prompt and try again.Before upgrading an EKS cluster to v1.30, verify that the OIDC provider URL used for IAM authentication is different from the Service Account issuer URL. If they are the same, disassociate the identity provider to avoid API server startup failures due to new validation in Kubernetes v1.30.
By default both have the same value: A AWS managed OIDC Provider [which leads to version update issues >>> Kube API server failing]
inputsoutputs5- 5.1ZTh6LRfwsf2Mwat1VF5NGet current Service Account Issuer URL to EKS Cluster
5.1
Get current Service Account Issuer URL to EKS Cluster
There was a problem that the LLM was not able to address. Please rephrase your prompt and try again.This is generated by default when the EKS cluster is created
inputsoutputs5.1 - 5.2XuMIseLyOnFDa6TCD5gyList IAM OIDC Provider ARN for the custer
5.2
List IAM OIDC Provider ARN for the custer
There was a problem that the LLM was not able to address. Please rephrase your prompt and try again.inputsoutputs5.2 - 5.3JVWT7GEOPopNUunA1wp5Backup IAM OIDC Provider ARN(optional)
5.3
Backup IAM OIDC Provider ARN(optional)
There was a problem that the LLM was not able to address. Please rephrase your prompt and try again.inputsoutputs5.3 - 5.4Of8i1gChMMHwch3UwGC2List IAM roles using OIDC provider
5.4
List IAM roles using OIDC provider
There was a problem that the LLM was not able to address. Please rephrase your prompt and try again.For Prod Cluster: (Roles with OIDC usage)
eks-prod-341-alb-ingress
eks-prod-341-efs-csi-driver
inputsoutputs5.4 - 5.5iVvVctF17bqcgqbYK7cpList Identity Provider Config
5.5
There was a problem that the LLM was not able to address. Please rephrase your prompt and try again.This should come up as empty for now.
inputsoutputs5.5 - 5.6KiKJqn03DxUj3b5aYqvNDelete old IAM oidc identity provider
5.6
Delete old IAM oidc identity provider
There was a problem that the LLM was not able to address. Please rephrase your prompt and try again.inputsoutputs5.6 - 5.7iH9hbZwRF7Uzn9JLaSW4Creating a new OIDC provider using AWS Cognito
5.7
Creating a new OIDC provider using AWS Cognito
There was a problem that the LLM was not able to address. Please rephrase your prompt and try again.inputsoutputs5.7- 5.7.1EoGH95W3qlKJ9Z4IiD8vCreate user pool in AWS Cognito
5.7.1
Create user pool in AWS Cognito
There was a problem that the LLM was not able to address. Please rephrase your prompt and try again.inputsoutputs5.7.1 - 5.7.2sBbotjBnwXGXK3acgUYRCreate an app client for AWS cognito using the user_id from previously created user-pool
5.7.2
Create an app client for AWS cognito using the user_id from previously created user-pool
There was a problem that the LLM was not able to address. Please rephrase your prompt and try again.inputsoutputs5.7.2 - 5.7.3AACX9hFj716kx0WgqdKxCreate an IAM OIDC Provider Using AWS Cognito
5.7.3
Create an IAM OIDC Provider Using AWS Cognito
There was a problem that the LLM was not able to address. Please rephrase your prompt and try again.inputsoutputs5.7.3 - 5.7.4D6IlchmFl5jllsLMDFYlAssociating Cognito OIDC provider with EKS Cluster
5.7.4
Associating Cognito OIDC provider with EKS Cluster
There was a problem that the LLM was not able to address. Please rephrase your prompt and try again.inputsoutputs5.7.4
- 5.8lDxj18hY83RZjvulPwWNRemove old oidc from required eks statefile
5.8
Remove old oidc from required eks statefile
There was a problem that the LLM was not able to address. Please rephrase your prompt and try again.Use terraform state list | grep "oidc_provider" to find the required state file items.
inputsoutputs5.8 - 5.9bR5cfr1W3PmLYX8bkx29Run Terraform Import to sync the manually created Cognito User Pool into Terraform state
5.9
Run Terraform Import to sync the manually created Cognito User Pool into Terraform state
There was a problem that the LLM was not able to address. Please rephrase your prompt and try again.Use arn to import if facing issues, correlate name from main.tf file
inputsoutputs5.9 - 5.10OwuIjonHGLWj8QRhU3JbAdd the following code blocks in eks/main.tf outside the eks module
5.10
Add the following code blocks in eks/main.tf outside the eks module
There was a problem that the LLM was not able to address. Please rephrase your prompt and try again.inputsoutputs5.10 - 5.11k8R7gKIFXWVf4om1eGAGImport the existing Cognito-EKS association into Terraform
5.11
Import the existing Cognito-EKS association into Terraform
There was a problem that the LLM was not able to address. Please rephrase your prompt and try again.inputsoutputs5.11 - 5.12G51Ig0kePTPi3ZHUazKCAdd below lines in eks/main.tf in the eks module to not let terraform create irsa roles and provider by default
5.12
There was a problem that the LLM was not able to address. Please rephrase your prompt and try again.inputsoutputs5.12 - 5.13r9tfWHcxALcMVL6viKrLDo a terraform init, plan and apply cycle for eks module so new outputs of eks module are propogated
5.13
Do a terraform init, plan and apply cycle for eks module so new outputs of eks module are propogated
There was a problem that the LLM was not able to address. Please rephrase your prompt and try again.cluster_oidc_issuer_url: aws based oidc
oidc_provider_arn: cognito based
Should be different now.
inputsoutputs5.13 - 5.14YR9KWOxtO0wFHPQdreyUDo a terraform init, plan and apply cycle for eks-services module so new outputs of eks module are used for IAM Role creation
5.14
There was a problem that the LLM was not able to address. Please rephrase your prompt and try again.inputsoutputs5.14
- 6TZIebc2o9VaYZRPMse4VEdit the eks/variable.tf to edit the cluster_version for eks update 1.29 to 1.30
6
Edit the eks/variable.tf to edit the cluster_version for eks update 1.29 to 1.30
There was a problem that the LLM was not able to address. Please rephrase your prompt and try again.Ensure the version is in double quotes.
inputsoutputs6 - 7ZGlDgqzAgwBD4qsW4opNUpgrade AWS EKS Cluster to 1.30
7
Upgrade AWS EKS Cluster to 1.30
There was a problem that the LLM was not able to address. Please rephrase your prompt and try again.Control Plane upgrade requires ~8mins to update.
Another 10-20 mins for worker node update to eks 1.30
inputsoutputs7- 7.1EUdq4eKmDKgp5Pazrh3wCan manually drain nodes to achieve instant version update effect
7.1
Can manually drain nodes to achieve instant version update effect
There was a problem that the LLM was not able to address. Please rephrase your prompt and try again.Easy Way: Double the desired count of nodes in node group and then bring it back to original
inputsoutputs7.1 - 7.2oueUifc3nFXHr5HIOnYKTo check current updates to AWS EKS
7.2
To check current updates to AWS EKS
There was a problem that the LLM was not able to address. Please rephrase your prompt and try again.inputsoutputs7.2 - 7.3e3xw2aZE5Xy3cUW3bS5XCheck cluster update status for each update id
7.3
Check cluster update status for each update id
There was a problem that the LLM was not able to address. Please rephrase your prompt and try again.inputsoutputs7.3
- 8d1FTeqsvFiqlEWM5cxm8Remove the OIDC cognito changes made to the eks/main.tf file and re-run terraform init, plan and apply to recreate the old OIDC managed by AWS in eks module and then run the same for eks-services module so new eks module outputs are propagated.
8
There was a problem that the LLM was not able to address. Please rephrase your prompt and try again.This is basically reverting back to old AWS managed OIDC provider otherwise we face authentication issues for OIDC related roles like, efs-csi, alb-ingress, cluster-autoscaler etc.
inputsoutputs8 - 9u8LgjrloQ7sgGOn5SPvyAfter the above changes verify whether the old AWS managed OIDC has been added as a open id connect provider
9
There was a problem that the LLM was not able to address. Please rephrase your prompt and try again.Old AWS managed OIDC should show up here now for the relevant cluster.
inputsoutputs9