This code uses Terraform AWS provider and a single module modules/eks
to reuse the code in multiple enviroments, in this case I created 2 directories for environment "dev-us-east-1" and "prod-us-east".
I have only instiated the code on the "dev-us-east-1" environments for the purpose of the demo.
- Terraform 1.5.5
- Terraform AWS Provider ~> 5.65.0
The code has already defined a default attributes to instantiate the code you can change the values as required, for example: tags, cluster name, subnet count, CIDR block, capacity type, instance type, node pool size, labels and taints.
The module modules/eks
does the following work:
- Create VPC
- Create Internet Gateway
- Create a Subnet
- Decided to make subnets private to reduce costs
- Create one Elastic IP per Subnet
- Create one NAT Gateway per Subnet
- This is required to allocate the EIPs and hence the rest of the resources need to be created one per subnet
- Create Route Tables
- Create Routes and Associations
- Create Security Group
- Allow all outbound IPv4 traffic
- Allow all outbound IPv6 traffic
- Allow all inboud traffic from the Worker Nodes
- Create SSH key pair
- Create IAM Role for EKS Cluster
- Attach the policy
- Create EKS Cluster
- Create IAM Role for EKS Nodes Pools
- Attach the policy
- Create EKS Nodes Pools
- Set node configurations
- Outputs
- name
- endpoint
- certificate_authority
- vpc_id
To trigger a plan
- Go to the repo Actions
- Run a Manual Workflow Dispatch "Plan dev-us-east-1"
- The Pipeline will run and show all the resources to be created on AWS with Terraform
Notes:
- The pipeline doesnt a have backend on purpose to avoid costs, altought its connected to my personal account so the plan can succesfully run.
- For this reason any apply wont work.
- Clone the repository into your local machine
- Move to the directory you want to work on
- For example
environments/dev-us-east-1
- For example
- Export the following environment variables:
AWS_ACCESS_KEY_ID
AWS_SECRET_ACCESS_KEY
AWS_REGION
- The code has already defined a default attributes to instantiate the code you can change the values as required, for example: tags, cluster name, subnet count, CIDR block, capacity type, instance type, node pool size, labels and taints.
- Run
terraform init
- Run
terraform plan
orterraform apply
- Run
terraform destroy
to remove the resources