Skip to content

Latest commit

 

History

History
69 lines (55 loc) · 6.98 KB

README.md

File metadata and controls

69 lines (55 loc) · 6.98 KB

pre-commit

Foundation - Pelotech's GitOps K8s Cluster

This is the terraform module that helps bootstrap foundation in AWS

Requirements

Name Version
terraform >= 1.5.7
aws >= 5.45.0

Providers

Name Version
aws >= 5.45.0

Modules

Name Source Version
cert_manager_irsa_role terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks 5.51.0
ebs_csi_driver_irsa_role terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks 5.51.0
eks terraform-aws-modules/eks/aws 20.31.6
external_dns_irsa_role terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks 5.51.0
karpenter terraform-aws-modules/eks/aws//modules/karpenter 20.31.6
load_balancer_controller_irsa_role terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks 5.51.0
s3_csi terraform-aws-modules/s3-bucket/aws 4.3.0
s3_driver_irsa_role terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks 5.51.0
vpc terraform-aws-modules/vpc/aws 5.17.0

Resources

Name Type
aws_vpc_endpoint.eks_vpc_endpoints resource
aws_partition.current data source
aws_region.current data source

Inputs

Name Description Type Default Required
extra_access_entries EKS access entries needed by IAM roles interacting with this cluster 
list(object({
    principal_arn           = string
    kubernetes_groups       = optional(list(string))
    policy_arn              = string
    access_scope_type       = string
    access_scope_namespaces = optional(list(string))
  }))
 [] no
initial_instance_types instance types of the initial managed node group list(string) n/a yes
initial_node_desired_size desired size of the initial managed node group number 3 no
initial_node_labels labels for the initial managed node group map(string) 
{
  "kube-ovn/role": "master"
}
 no
initial_node_max_size max size of the initial managed node group number 6 no
initial_node_min_size minimum size of the initial managed node group number 2 no
initial_node_taints taints for the initial managed node group list(object({ key = string, value = string, effect = string })) 
[
  {
    "effect": "NO_SCHEDULE",
    "key": "CriticalAddonsOnly",
    "value": "true"
  },
  {
    "effect": "NO_SCHEDULE",
    "key": "nidhogg.uswitch.com/kube-system.kube-multus-ds",
    "value": "true"
  }
]
 no
s3_csi_driver_bucket_arns existing buckets the s3 CSI driver should have access to list(string) [] no
s3_csi_driver_create_bucket create a new bucket for use with the s3 CSI driver bool true no
stack_admin_arns arn to the roles for the cluster admins role list(string) [] no
stack_ci_admin_arn arn to the ci role string n/a yes
stack_ci_ro_arn arn to the ci role for planning on PRs string n/a yes
stack_create should resources be created bool true no
stack_name Name of the stack string "foundation-stack" no
stack_ro_arns arn to the roles for the cluster read only role list(string) [] no
stack_tags tags to be added to the stack, should at least have Owner and Environment map(any) 
{
  "Environment": "prod",
  "Owner": "pelotech"
}
 no
stack_vpc_block Variables for defining the vpc for the stack 
object({
    cidr             = string
    azs              = list(string)
    private_subnets  = list(string)
    public_subnets   = list(string)
    database_subnets = list(string)
  })
 
{
  "azs": [
    "us-west-2a",
    "us-west-2b",
    "us-west-2c"
  ],
  "cidr": "172.16.0.0/16",
  "database_subnets": [
    "172.16.200.0/24",
    "172.16.201.0/24",
    "172.16.202.0/24"
  ],
  "private_subnets": [
    "172.16.0.0/24",
    "172.16.1.0/24",
    "172.16.2.0/24"
  ],
  "public_subnets": [
    "172.16.100.0/24",
    "172.16.101.0/24",
    "172.16.102.0/24"
  ]
}
 no
vpc_endpoints vpc endpoints within the cluster vpc network list(string) [] no

Outputs

No outputs.