diff --git a/README.md b/README.md index 78d35f3..59842fb 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,7 @@ # terraform-aws-eks [![CircleCI](https://circleci.com/gh/WesleyCharlesBlake/terraform-aws-eks.svg?style=svg)](https://circleci.com/gh/WesleyCharlesBlake/terraform-aws-eks) -[![TerraformRefigistry](https://img.shields.io/badge/Terraform%20Registry-v2.0.2-blue.svg)](https://registry.terraform.io/modules/WesleyCharlesBlake/eks/aws/) +[![TerraformRefigistry](https://img.shields.io/badge/Terraform%20Registry-version_2-blue.svg)](https://registry.terraform.io/modules/WesleyCharlesBlake/eks/aws/) Deploy a full AWS EKS cluster with Terraform @@ -24,26 +24,26 @@ Deploy a full AWS EKS cluster with Terraform You can configure you config with the following input variables: -| Name | Description | Default | -| ------------------------- | ---------------------------------- | --------------------------------------------------------------------- | -| `cluster-name` | The name of your EKS Cluster | `eks-cluster` | -| `aws-region` | The AWS Region to deploy EKS | `us-east-1` | -| `availability-zones` | AWS Availability Zones | `["us-east-1a", "us-east-1b", "us-east-1c"]` | -| `k8s-version` | The desired K8s version to launch | `1.13` | -| `node-instance-type` | Worker Node EC2 instance type | `m4.large` | -| `root-block-size` | Size of the root EBS block device | `20` | -| `desired-capacity` | Autoscaling Desired node capacity | `2` | -| `max-size` | Autoscaling Maximum node capacity | `5` | -| `min-size` | Autoscaling Minimum node capacity | `1` | -| `public-min-size` | Public Node groups ASG capacity | `1` | -| `public-max-size` | Public Node groups ASG capacity | `1` | -| `public-desired-capacity` | Public Node groups ASG capacity | `1` | -| `vpc-subnet-cidr` | Subnet CIDR | `10.0.0.0/16` | -| `private-subnet-cidr` | Private Subnet CIDR | `["10.0.0.0/19", "10.0.32.0/19", "10.0.64.0/19"]` | -| `public-subnet-cidr` | Public Subnet CIDR | `["10.0.128.0/20", "10.0.144.0/20", "10.0.160.0/20"]` | -| `db-subnet-cidr` | DB/Spare Subnet CIDR | `["10.0.192.0/21", "10.0.200.0/21", "10.0.208.0/21"]` | -| `eks-cw-logging` | EKS Logging Components | `["api", "audit", "authenticator", "controllerManager", "scheduler"]` | -| `ec2-key` | EC2 Key Pair for bastion and nodes | `my-key` | +| Name | Description | Default | +| ------------------------- | ---------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `cluster-name` | The name of your EKS Cluster | `eks-cluster` | +| `aws-region` | The AWS Region to deploy EKS | `us-east-1` | +| `availability-zones` | AWS Availability Zones | `["us-east-1a", "us-east-1b", "us-east-1c"]` | +| `k8s-version` | The desired K8s version to launch | `1.13` | +| `node-instance-type` | Worker Node EC2 instance type | `m4.large` | +| `root-block-size` | Size of the root EBS block device | `20` | +| `desired-capacity` | Autoscaling Desired node capacity | `2` | +| `max-size` | Autoscaling Maximum node capacity | `5` | +| `min-size` | Autoscaling Minimum node capacity | `1` | +| `public-min-size` | Public Node groups ASG capacity | `1` | +| `public-max-size` | Public Node groups ASG capacity | `1` | +| `public-desired-capacity` | Public Node groups ASG capacity | `1` | +| `vpc-subnet-cidr` | Subnet CIDR | `10.0.0.0/16` | +| `private-subnet-cidr` | Private Subnet CIDR | `["10.0.0.0/19", "10.0.32.0/19", "10.0.64.0/19"]` | +| `public-subnet-cidr` | Public Subnet CIDR | `["10.0.128.0/20", "10.0.144.0/20", "10.0.160.0/20"]` | +| `db-subnet-cidr` | DB/Spare Subnet CIDR | `["10.0.192.0/21", "10.0.200.0/21", "10.0.208.0/21"]` | +| `eks-cw-logging` | EKS Logging Components | `["api", "audit", "authenticator", "controllerManager", "scheduler"]` | +| `ec2-key-public-key` | EC2 Key Pair for bastion and nodes | `ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD3F6tyPEFEzV0LX3X8BsXdMsQz1x2cEikKDEY0aIj41qgxMCP/iteneqXSIFZBp5vizPvaoIR3Um9xK7PGoW8giupGn+EPuxIA4cDM4vzOqOkiMPhz5XK0whEjkVzTo4+S0puvDZuwIsdiW9mxhJc7tgBNL0cYlWSYVkz4G/fslNfRPW5mYAM49f4fhtxPb5ok4Q2Lg9dPKVHO/Bgeu5woMc7RY0p1ej6D4CKFE6lymSDJpW0YHX/wqE9+cfEauh7xZcG0q9t2ta6F6fmX0agvpFyZo8aFbXeUBr7osSCJNgvavWbM/06niWrOvYX2xwWdhXmXSrbX8ZbabVohBK41 email@example.com` | > You can create a file called terraform.tfvars or copy [variables.tf](https://github.com/WesleyCharlesBlake/terraform-aws-eks/blob/master/variables.tf) into the project root, if you would like to over-ride the defaults. @@ -82,7 +82,7 @@ module "eks" { public-subnet-cidr = ["10.0.128.0/20", "10.0.144.0/20", "10.0.160.0/20"] db-subnet-cidr = ["10.0.192.0/21", "10.0.200.0/21", "10.0.208.0/21"] eks-cw-logging = ["api", "audit", "authenticator", "controllerManager", "scheduler"] - ec2-key = "my-key" + ec2-key-public-key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD3F6tyPEFEzV0LX3X8BsXdMsQz1x2cEikKDEY0aIj41qgxMCP/iteneqXSIFZBp5vizPvaoIR3Um9xK7PGoW8giupGn+EPuxIA4cDM4vzOqOkiMPhz5XK0whEjkVzTo4+S0puvDZuwIsdiW9mxhJc7tgBNL0cYlWSYVkz4G/fslNfRPW5mYAM49f4fhtxPb5ok4Q2Lg9dPKVHO/Bgeu5woMc7RY0p1ej6D4CKFE6lymSDJpW0YHX/wqE9+cfEauh7xZcG0q9t2ta6F6fmX0agvpFyZo8aFbXeUBr7osSCJNgvavWbM/06niWrOvYX2xwWdhXmXSrbX8ZbabVohBK41 email@example.com" } output "kubeconfig" { @@ -118,7 +118,7 @@ module "eks" { public-subnet-cidr = var.public-subnet-cidr db-subnet-cidr = var.db-subnet-cidr eks-cw-logging = var.eks-cw-logging - ec2-key = var.ec2-key + ec2-key-public-key = var.ec2-key } ``` diff --git a/examples/complete-cluster.tf b/examples/complete-cluster.tf index 5cef187..fd138d3 100644 --- a/examples/complete-cluster.tf +++ b/examples/complete-cluster.tf @@ -1,6 +1,6 @@ ### VPC -# use terraform cloud remote backend +# use terraform cloud remote backend OR you can use your prefered remote backend terraform { backend "remote" { @@ -13,22 +13,25 @@ terraform { module "eks" { - source = "../modules/eks" + source = "../modules/eks" - aws-region = "us-east-1" - availability-zones = ["us-east-1a", "us-east-1b", "us-east-1c"] - cluster-name = "my-cluster" - k8s-version = "1.13" - node-instance-type = "t3.medium" - desired-capacity = "3" - max-size = "5" - min-size = "1" - vpc-subnet-cidr = "10.0.0.0/16" - private-subnet-cidr = ["10.0.0.0/19", "10.0.32.0/19", "10.0.64.0/19"] - public-subnet-cidr = ["10.0.128.0/20", "10.0.144.0/20", "10.0.160.0/20"] - db-subnet-cidr = ["10.0.192.0/21", "10.0.200.0/21", "10.0.208.0/21"] - eks-cw-logging = ["api", "audit", "authenticator", "controllerManager", "scheduler"] - ec2-key = "my-key" + aws-region = "us-east-1" + availability-zones = ["us-east-1a", "us-east-1b", "us-east-1c"] + cluster-name = "my-cluster" + k8s-version = "1.13" + node-instance-type = "t3.medium" + desired-capacity = 3 + max-size = 5 + min-size = 1 + public-min-size = 1 + public-max-size = 5 + public-desired-capacity = 3 + vpc-subnet-cidr = "10.0.0.0/16" + private-subnet-cidr = ["10.0.0.0/19", "10.0.32.0/19", "10.0.64.0/19"] + public-subnet-cidr = ["10.0.128.0/20", "10.0.144.0/20", "10.0.160.0/20"] + db-subnet-cidr = ["10.0.192.0/21", "10.0.200.0/21", "10.0.208.0/21"] + eks-cw-logging = ["api", "audit", "authenticator", "controllerManager", "scheduler"] + ec2-key-public-key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD3F6tyPEFEzV0LX3X8BsXdMsQz1x2cEikKDEY0aIj41qgxMCP/iteneqXSIFZBp5vizPvaoIR3Um9xK7PGoW8giupGn+EPuxIA4cDM4vzOqOkiMPhz5XK0whEjkVzTo4+S0puvDZuwIsdiW9mxhJc7tgBNL0cYlWSYVkz4G/fslNfRPW5mYAM49f4fhtxPb5ok4Q2Lg9dPKVHO/Bgeu5woMc7RY0p1ej6D4CKFE6lymSDJpW0YHX/wqE9+cfEauh7xZcG0q9t2ta6F6fmX0agvpFyZo8aFbXeUBr7osSCJNgvavWbM/06niWrOvYX2xwWdhXmXSrbX8ZbabVohBK41 email@example.com" } output "kubeconfig" { diff --git a/main.tf b/main.tf index 5d8ba91..54ad33c 100644 --- a/main.tf +++ b/main.tf @@ -21,6 +21,7 @@ module "eks" { public-subnet-cidr = var.public-subnet-cidr db-subnet-cidr = var.db-subnet-cidr eks-cw-logging = var.eks-cw-logging - ec2-key = var.ec2-key + ec2-key-public-key = var.ec2-key-public-key + } diff --git a/modules/eks/bastion.tf b/modules/eks/bastion.tf index 343ff6d..501d46d 100644 --- a/modules/eks/bastion.tf +++ b/modules/eks/bastion.tf @@ -1,7 +1,5 @@ ### bastion -variable "ec2-key" {} - ### bastion hosts module "bastion-asg" { source = "terraform-aws-modules/autoscaling/aws" @@ -32,7 +30,7 @@ module "bastion-asg" { max_size = 1 desired_capacity = 1 wait_for_capacity_timeout = 0 - key_name = var.ec2-key + key_name = aws_key_pair.deployer.key_name tags = [ { diff --git a/modules/eks/ec2-key.tf b/modules/eks/ec2-key.tf new file mode 100644 index 0000000..28cb5e5 --- /dev/null +++ b/modules/eks/ec2-key.tf @@ -0,0 +1,6 @@ +variable "ec2-key-public-key" {} + +resource "aws_key_pair" "deployer" { + key_name = var.cluster-name + public_key = var.ec2-key-public-key +} \ No newline at end of file diff --git a/modules/eks/eks-worker-nodes-public.tf b/modules/eks/eks-worker-nodes-public.tf index 3d6a073..5ff98d9 100644 --- a/modules/eks/eks-worker-nodes-public.tf +++ b/modules/eks/eks-worker-nodes-public.tf @@ -46,7 +46,7 @@ module "public-eks-nodes-asg" { desired_capacity = var.public-desired-capacity wait_for_capacity_timeout = 0 - key_name = var.ec2-key + key_name = aws_key_pair.deployer.key_name iam_instance_profile = "${aws_iam_instance_profile.node.name}" user_data = local.eks-public-node-userdata diff --git a/modules/eks/eks-worker-nodes.tf b/modules/eks/eks-worker-nodes.tf index fd4a48b..104d70e 100755 --- a/modules/eks/eks-worker-nodes.tf +++ b/modules/eks/eks-worker-nodes.tf @@ -54,7 +54,7 @@ module "eks-nodes-asg" { desired_capacity = var.desired-capacity wait_for_capacity_timeout = 0 - key_name = var.ec2-key + key_name = aws_key_pair.deployer.key_name iam_instance_profile = "${aws_iam_instance_profile.node.name}" user_data = local.eks-node-userdata diff --git a/modules/locals.tf b/modules/locals.tf deleted file mode 100644 index 55c592c..0000000 --- a/modules/locals.tf +++ /dev/null @@ -1,7 +0,0 @@ - -locals { - standard_tags = { - Component = "user-service" - Environment = "production" - } -} \ No newline at end of file diff --git a/terraform b/terraform deleted file mode 100755 index a521d79..0000000 Binary files a/terraform and /dev/null differ diff --git a/variables.tf b/variables.tf index 3fe7e2e..a4df0fa 100644 --- a/variables.tf +++ b/variables.tf @@ -101,23 +101,23 @@ variable "min-size" { variable "public-min-size" { default = 1 type = string - description = "Public Node groups ASG capacity" + description = "Public Node groups min ASG capacity" } variable "public-max-size" { default = 1 type = string - description = "Public Node groups ASG capacity" + description = "Public Node groups max ASG capacity" } variable "public-desired-capacity" { default = 1 type = string - description = "Public Node groups ASG capacity" + description = "Public Node groups desired ASG capacity" } -variable "ec2-key" { - default = "my-key" +variable "ec2-key-public-key" { + default = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD3F6tyPEFEzV0LX3X8BsXdMsQz1x2cEikKDEY0aIj41qgxMCP/iteneqXSIFZBp5vizPvaoIR3Um9xK7PGoW8giupGn+EPuxIA4cDM4vzOqOkiMPhz5XK0whEjkVzTo4+S0puvDZuwIsdiW9mxhJc7tgBNL0cYlWSYVkz4G/fslNfRPW5mYAM49f4fhtxPb5ok4Q2Lg9dPKVHO/Bgeu5woMc7RY0p1ej6D4CKFE6lymSDJpW0YHX/wqE9+cfEauh7xZcG0q9t2ta6F6fmX0agvpFyZo8aFbXeUBr7osSCJNgvavWbM/06niWrOvYX2xwWdhXmXSrbX8ZbabVohBK41 email@example.com" type = string - description = "Autoscaling Minimum node capacity" + description = "AWS EC2 public key data" }