Skip to content

Commit

Permalink
Merge aed4706 into e3e0b6f
Browse files Browse the repository at this point in the history
  • Loading branch information
@stevenplatt
stevenplatt authored Sep 30, 2024
2 parents e3e0b6f + aed4706 commit 3f419e0
Show file tree
Hide file tree
Showing 4 changed files with 143 additions and 125 deletions.
114 changes: 114 additions & 0 deletions spartan/terraform/eks-cluster/main.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,114 @@
terraform {
backend "s3" {
bucket = "aztec-terraform"
key = "spartan/terraform.tfstate"
region = "eu-west-2"
}

required_providers {
aws = {
source = "hashicorp/aws"
version = "5.47.0"
}
}
}

provider "aws" {
region = var.region
}

# Filter out local zones, which are not currently supported
# with managed node groups
data "aws_availability_zones" "available" {
filter {
name = "opt-in-status"
values = ["opt-in-not-required"]
}
}

module "vpc" {
source = "terraform-aws-modules/vpc/aws"
version = "5.8.1"

name = var.cluster_name
cidr = "10.1.0.0/16"

azs = slice(data.aws_availability_zones.available.names, 0, 3)
private_subnets = ["10.1.1.0/24", "10.1.2.0/24"]
public_subnets = ["10.1.3.0/24", "10.1.4.0/24"]

enable_nat_gateway = true
single_nat_gateway = true
enable_dns_hostnames = true
enable_vpn_gateway = true

public_subnet_tags = {
"kubernetes.io/role/elb" = 1
}

private_subnet_tags = {
"kubernetes.io/role/internal-elb" = 1
}

tags = {
Project = var.cluster_name
}
}

# EKS Module
module "eks" {
source = "terraform-aws-modules/eks/aws"
version = "20.8.5"

cluster_name = var.cluster_name
cluster_version = "1.31"

cluster_endpoint_public_access = true
enable_cluster_creator_admin_permissions = true

cluster_addons = {
aws-ebs-csi-driver = {
service_account_role_arn = module.irsa-ebs-csi.iam_role_arn
}
}

# VPC and Subnets
vpc_id = module.vpc.vpc_id
subnet_ids = module.vpc.private_subnets

# EKS Managed Node Group(s)
eks_managed_node_group_defaults = {
ami_type = "AL2_x86_64"
}

eks_managed_node_groups = {
default = {
name = "node-group-1"
instance_types = ["m6a.2xlarge"]

min_size = 1
max_size = 2
desired_size = 1
}
}

tags = {
Project = var.cluster_name
}
}

# https://aws.amazon.com/blogs/containers/amazon-ebs-csi-driver-is-now-generally-available-in-amazon-eks-add-ons/
data "aws_iam_policy" "ebs_csi_policy" {
arn = "arn:aws:iam::aws:policy/service-role/AmazonEBSCSIDriverPolicy"
}

module "irsa-ebs-csi" {
source = "terraform-aws-modules/iam/aws//modules/iam-assumable-role-with-oidc"
version = "5.39.0"

create_role = true
role_name = "AmazonEKSTFEBSCSIRole-${module.eks.cluster_name}"
provider_url = module.eks.oidc_provider
role_policy_arns = [data.aws_iam_policy.ebs_csi_policy.arn]
oidc_fully_qualified_subjects = ["system:serviceaccount:kube-system:ebs-csi-controller-sa"]
}
19 changes: 19 additions & 0 deletions spartan/terraform/eks-cluster/outputs.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
output "cluster_endpoint" {
description = "Endpoint for EKS control plane"
value = module.eks.cluster_endpoint
}

output "cluster_security_group_id" {
description = "Security group ids attached to the cluster control plane"
value = module.eks.cluster_security_group_id
}

output "region" {
description = "AWS region"
value = var.region
}

output "cluster_name" {
description = "Kubernetes Cluster Name"
value = module.eks.cluster_name
}
10 changes: 10 additions & 0 deletions spartan/terraform/eks-cluster/variables.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
variable "region" {
description = "AWS region"
type = string
default = "us-east-1"
}

variable "cluster_name" {
type = string
default = "spartan"
}
125 changes: 0 additions & 125 deletions spartan/terraform/main.tf
View file

This file was deleted.

0 comments on commit 3f419e0

Please sign in to comment.