Skip to content

Latest commit

 

History

History

cluster

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
examples
examples
 
 
text
text
 
 
README.md
README.md
 
 
main.tf
main.tf
 
 
outputs.tf
outputs.tf
 
 
variables.tf
variables.tf
 
 

README.md

aws-terraform-eks/modules/cluster

This module creates an EKS cluster, associated cluster IAM role, and applies EKS worker policies to the worker node IAM roles.

In order to get a working cluster: manual steps must be performed after the cluster is built. The module will output the required configuration files to enable client and worker node setup and configuration.

Basic Usage

module "eks_cluster" {
  source = "git@github.com:rackspace-infrastructure-automation/aws-terraform-eks//modules/cluster/?ref=v0.12.5"

  name               = local.eks_cluster_name
  subnets            = concat(module.vpc.private_subnets, module.vpc.public_subnets) #  Required
  tags               = "${local.tags}"
  worker_roles       = [module.eks_workers.iam_role]
  worker_roles_count = 1
}

Full working references are available at examples

Terraform 0.12 upgrade

There should be no changes required to move from previous versions of this module to version 0.12.0 or higher.

Requirements

Name Version
terraform >= 0.12
aws >= 2.7.0

Providers

Name Version
aws >= 2.7.0
null n/a
template n/a

Modules

No Modules.

Resources

Name
aws_cloudwatch_log_group
aws_eks_cluster
aws_iam_policy
aws_iam_policy_document
aws_iam_role
aws_iam_role
aws_iam_role_policy_attachment
null_resource
template_file

Inputs

Name Description Type Default Required
alb_ingress_controller_enable A boolean value that determines if IAM policies related to ALB ingress controller should be created. bool true no
bootstrap_arguments Any optional parameters for the EKS Bootstrapping script. This is ignored for all os's except Amazon EKS string "" no
bootstrap_arguments_windows Any optional parameters for the EKS Bootstrapping script. This is ignored for all os's except Windows EKS string "" no
cluster_autoscaler_enable A boolean value that determines if IAM policies related to cluster autoscaler should be created. bool true no
enabled_cluster_log_types A list of the desired control plane logging to enable. All logs are enabled by default. list(string) 
[
  "api",
  "audit",
  "authenticator",
  "controllerManager",
  "scheduler"
]
 no
environment Application environment for which this network is being created. Preferred value are Development, Integration, PreProduction, Production, QA, Staging, or Test string "Development" no
kubernetes_version The desired Kubernetes version for your cluster. If you do not specify a value here, the latest version available in Amazon EKS is used. string "" no
log_group_retention Specifies the number of days you want to retain log events in the specified log group. Possible values are: 0 (Never Expire), 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1827, and 3653. number 0 no
manage_log_group Optionally manage the cluster log group via Terraform. Couple with log_group_retention to use a retention other than 'Never Expire'. bool false no
name The desired name for the EKS cluster. string n/a yes
security_groups Optional list of additional security groups to apply to the EKS Control Plane. These groups should enable access to the EKS Worker nodes. list(string) [] no
subnets List of public and private subnets used for the EKS control plane. list(string) n/a yes
tags Optional tags to be applied on top of the base tags on all resources map(string) {} no
wait_for_cluster A variable to control whether we pause deployment after creating the EKS cluster to allow time to fully launch. bool true no
worker_roles List of IAM roles assigned to worker nodes. list(string) [] no
worker_roles_count The number of worker IAM roles provided. number 0 no

Outputs

Name Description
aws_auth_cm Contents of the aws-auth-cm.yaml used for cluster configuration. Value should be retrieved with CLI or SDK to ensure proper formatting
certificate_authority_data Assigned CA data for the EKS Cluster
cluster_security_group_id The cluster security group that was created by Amazon EKS for the cluster
endpoint Management endpoint of the EKS Cluster
iam_alb_ingress ARN of the EKS Cluster Node ALB Ingress Controller IAM policy
iam_all_node_policies ARN of all EKS Cluster Node IAM polices
iam_autoscaler ARN of the EKS Cluster Node Cluster Autoscaler IAM policy
iam_cw_logs ARN of the EKS Cluster Node Cloudwatch Logs IAM policy
identity Nested attribute containing identity provider information for your cluster. Only available on Kubernetes version 1.13 and 1.14 clusters created or upgraded on or after September 3, 2019. https://www.terraform.io/docs/providers/aws/r/eks_cluster.html#identity
kube_map_roles The string value used to configure the cluster with the kubernetes_config_map resource
kubeconfig Contents of the kubeconfig file used to connect to the cluster for management. Value should be retrieved with CLI or SDK to ensure proper formatting
name Assigned name of the EKS Cluster
setup Default EKS bootstrapping script for Linux EC2 instances
setup_windows Default EKS bootstrapping script for Windows EC2 instances