How to create EKS Cluster using Terraform MODULES (antonputra#95)

Author: antonputra

docs/contents.md

@@ -56,3 +56,4 @@
 - [122 - How to send AWS CloudWatch Alarms to Slack?](../lessons/122)
 - [123 - Creating a Linux service with systemd](../lessons/123)
 - [124 - AWS Lambda Go vs. Node.js performance benchmark](../lessons/124)
+- [125 - How to create EKS Cluster using Terraform MODULES?](../lessons/125)

lessons/124/terraform/4-nodejs-lambda.tf

@@ -18,7 +18,7 @@ POLICY
 }
 
 resource "aws_iam_policy" "nodejs_s3_bucket_access" {
-  name        = "NodejsS3BucketAccess"
+  name = "NodejsS3BucketAccess"
 
   policy = jsonencode({
     Version = "2012-10-17"
@@ -35,23 +35,23 @@ resource "aws_iam_policy" "nodejs_s3_bucket_access" {
 }
 
 resource "aws_iam_policy" "nodejs_dynamodb_access" {
-  name        = "NodejsDynamoDBAccess"
+  name = "NodejsDynamoDBAccess"
 
   policy = jsonencode({
     Version = "2012-10-17"
     Statement = [
       {
         Action = [
-                "dynamodb:GetItem",
-                "dynamodb:DeleteItem",
-                "dynamodb:PutItem",
-                "dynamodb:Scan",
-                "dynamodb:Query",
-                "dynamodb:UpdateItem",
-                "dynamodb:BatchWriteItem",
-                "dynamodb:BatchGetItem",
-                "dynamodb:DescribeTable",
-                "dynamodb:ConditionCheckItem"
+          "dynamodb:GetItem",
+          "dynamodb:DeleteItem",
+          "dynamodb:PutItem",
+          "dynamodb:Scan",
+          "dynamodb:Query",
+          "dynamodb:UpdateItem",
+          "dynamodb:BatchWriteItem",
+          "dynamodb:BatchGetItem",
+          "dynamodb:DescribeTable",
+          "dynamodb:ConditionCheckItem"
         ]
         Effect   = "Allow"
         Resource = "arn:aws:dynamodb:*:*:table/Meta"
@@ -83,7 +83,7 @@ resource "aws_lambda_function" "nodejs" {
 
   environment {
     variables = {
-        BUCKET_NAME = aws_s3_bucket.images_bucket.id
+      BUCKET_NAME = aws_s3_bucket.images_bucket.id
     }
   }
 

lessons/124/terraform/5-go-lambda.tf

@@ -18,7 +18,7 @@ POLICY
 }
 
 resource "aws_iam_policy" "go_s3_bucket_access" {
-  name        = "goS3BucketAccess"
+  name = "goS3BucketAccess"
 
   policy = jsonencode({
     Version = "2012-10-17"
@@ -35,23 +35,23 @@ resource "aws_iam_policy" "go_s3_bucket_access" {
 }
 
 resource "aws_iam_policy" "go_dynamodb_access" {
-  name        = "goDynamoDBAccess"
+  name = "goDynamoDBAccess"
 
   policy = jsonencode({
     Version = "2012-10-17"
     Statement = [
       {
         Action = [
-                "dynamodb:GetItem",
-                "dynamodb:DeleteItem",
-                "dynamodb:PutItem",
-                "dynamodb:Scan",
-                "dynamodb:Query",
-                "dynamodb:UpdateItem",
-                "dynamodb:BatchWriteItem",
-                "dynamodb:BatchGetItem",
-                "dynamodb:DescribeTable",
-                "dynamodb:ConditionCheckItem"
+          "dynamodb:GetItem",
+          "dynamodb:DeleteItem",
+          "dynamodb:PutItem",
+          "dynamodb:Scan",
+          "dynamodb:Query",
+          "dynamodb:UpdateItem",
+          "dynamodb:BatchWriteItem",
+          "dynamodb:BatchGetItem",
+          "dynamodb:DescribeTable",
+          "dynamodb:ConditionCheckItem"
         ]
         Effect   = "Allow"
         Resource = "arn:aws:dynamodb:*:*:table/Meta"
@@ -83,7 +83,7 @@ resource "aws_lambda_function" "go" {
 
   environment {
     variables = {
-        BUCKET_NAME = aws_s3_bucket.images_bucket.id
+      BUCKET_NAME = aws_s3_bucket.images_bucket.id
     }
   }
 

lessons/125/README.md

@@ -0,0 +1,3 @@
+# How to create EKS Cluster using Terraform MODULES (AWS Load Balancer Controller + Autoscaler + IRSA)
+
+You can find tutorial [here](https://antonputra.com/amazon/create-eks-cluster-using-terraform-modules/).

lessons/125/k8s/echoserver.yaml

@@ -0,0 +1,56 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: echoserver
+  namespace: default
+spec:
+  selector:
+    matchLabels:
+      app: echoserver
+  replicas: 1
+  template:
+    metadata:
+      labels:
+        app: echoserver
+    spec:
+      containers:
+      - image: k8s.gcr.io/e2e-test-images/echoserver:2.5
+        name: echoserver
+        ports:
+        - containerPort: 8080
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: echoserver
+  namespace: default
+spec:
+  ports:
+  - port: 8080
+    protocol: TCP
+  type: ClusterIP
+  selector:
+    app: echoserver
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: echoserver
+  namespace: default
+  annotations:
+    alb.ingress.kubernetes.io/scheme: internet-facing
+    alb.ingress.kubernetes.io/target-type: ip
+spec:
+  ingressClassName: alb
+  rules:
+    - host: echo.devopsbyexample.io
+      http:
+        paths:
+          - path: /
+            pathType: Exact
+            backend:
+              service:
+                name: echoserver
+                port:
+                  number: 8080

lessons/125/k8s/nginx.yaml

@@ -0,0 +1,21 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: nginx-deployment
+spec:
+  replicas: 4
+  selector:
+    matchLabels:
+      app: nginx
+  template:
+    metadata:
+      labels:
+        app: nginx
+    spec:
+      containers:
+      - name: nginx
+        image: nginx:1.14.2
+        resources:
+          requests:
+            cpu: "1"

lessons/125/terraform/.terraform.lock.hcl

@@ -0,0 +1,18 @@
+provider "aws" {
+  region = "us-east-1"
+}
+
+terraform {
+  required_providers {
+    kubectl = {
+      source  = "gavinbunney/kubectl"
+      version = ">= 1.14.0"
+    }
+    helm = {
+      source  = "hashicorp/helm"
+      version = ">= 2.6.0"
+    }
+  }
+
+  required_version = "~> 1.0"
+}

lessons/125/terraform/0-aws-provider.tf

@@ -0,0 +1,29 @@
+module "vpc" {
+  source  = "terraform-aws-modules/vpc/aws"
+  version = "3.14.3"
+
+  name = "main"
+  cidr = "10.0.0.0/16"
+
+  azs             = ["us-east-1a", "us-east-1b"]
+  private_subnets = ["10.0.0.0/19", "10.0.32.0/19"]
+  public_subnets  = ["10.0.64.0/19", "10.0.96.0/19"]
+
+  public_subnet_tags = {
+    "kubernetes.io/role/elb" = "1"
+  }
+  private_subnet_tags = {
+    "kubernetes.io/role/internal-elb" = "1"
+  }
+
+  enable_nat_gateway     = true
+  single_nat_gateway     = true
+  one_nat_gateway_per_az = false
+
+  enable_dns_hostnames = true
+  enable_dns_support   = true
+
+  tags = {
+    Environment = "staging"
+  }
+}