Skip to content

Latest commit

 

History

History
135 lines (117 loc) · 14 KB

README.md

File metadata and controls

135 lines (117 loc) · 14 KB

AWS EKS Deployment

This module contains everything necessary for a pushbutton deployment of AWS EKS. This includes a dashboard, autoscaler, and three preconfigured compute classes. "service", "compute", and "big-compute" are available to schedule pods by specifying them via node_selector = { WorkClass = "service" } in the pod specification. service is composed of t3.xlarge nodes and scales to a minimum of 1. compute and big-compute is composed of the cheapest available spot instance nodes and scales to 0 when idle. big-compute has a minimum of 8 cpus.

Use

Install the AWS CLI tool, kubectl, and aws-iam-authenticator. Ensure you are authenticating with the correct IAM user by running aws sts get-caller-identity. Run aws configure to specify the credentials to use for deployment. The user deploying the cluster will automatically be granted admin privileges for the cluster.

Run aws-iam-authenticator token -i <cluster name> --token-only to get the required token for the dashboard.

Configure kubectl by running aws eks --region us-east-1 update-kubeconfig --name <cluster name>.

Services accessible via kubectl proxy can be listed by running kubectl cluster-info. Run kubectl proxy and visit here to access the dashboard.

Updating the Kubernetes version does not update the managed add-ons deployed with it. See coredns, kube-proxy, and aws-node daemonset upgrade information.

Refer to the Kubernetes section for the remaining information. See the provided example for a demonstration of this modules use.

Providers

Name Version
aws n/a
kubernetes n/a

Modules

Name Source Version
eks terraform-aws-modules/eks/aws 17.24.0
vpc terraform-aws-modules/vpc/aws n/a

Inputs

Name Description Type Default Required
autoscaler_version n/a string "1.21.1" no
cluster_name n/a string n/a yes
cluster_version Kubernetes cluster version string "1.21" no
dashboard_version n/a string "2.4.0" no
debug n/a bool false no
docker_registry_proxies Docker registries to proxy 
map(object({
    hostname = string
    url      = string
    username = string
    password = string
  }))
 {} no
docker_registry_version Image tag of docker registry string "0.9.1" no
instance n/a string "" no
kubelet_verbosity --v option for kublet number 2 no
map_accounts Additional AWS account numbers to add to the aws-auth configmap. ex: "777777777777" list(string) [] no
map_roles Additional IAM roles to add to the aws-auth configmap. ex:
{
rolearn = "arn:aws:iam::66666666666:role/role1"
username = "role1"
groups = ["system:masters"]
}		 
list(object({
    rolearn  = string
    username = string
    groups   = list(string)
  }))
 [] no
map_users Additional IAM users to add to the aws-auth configmap. ex:
{
userarn = "arn:aws:iam::66666666666:user/user1"
username = "user1"
groups = ["system:masters"]
}		 
list(object({
    userarn  = string
    username = string
    groups   = list(string)
  }))
 [] no
max_worker_lifetime Maximum lifetime (in seconds) of compute nodes (minimum 86400) number 259200 no
metrics_scraper_version n/a string "1.0.7" no
metrics_server_version n/a string "0.3.6" no
service_worker_max Maximum number of service workers number 10 no

Outputs

Name Description
eks EKS submodule output
local_zone '*.local' DNS zone
vpc VPC submodule output

Resources

Name Type
aws_iam_policy.autoscaler resource
aws_iam_policy.docker_cache resource
aws_iam_role.autoscaler resource
aws_iam_role.docker_cache resource
aws_iam_role_policy_attachment.autoscaler resource
aws_iam_role_policy_attachment.docker_cache resource
aws_iam_role_policy_attachment.node_s3 resource
aws_route53_record.docker_cache resource
aws_route53_zone.docker_cache resource
aws_route53_zone.local resource
aws_s3_bucket.docker_cache resource
kubernetes_api_service.metrics resource
kubernetes_cluster_role.aggregated_metrics_reader resource
kubernetes_cluster_role.autoscaler resource
kubernetes_cluster_role.kube_dashboard resource
kubernetes_cluster_role.metrics resource
kubernetes_cluster_role_binding.auth_delegator resource
kubernetes_cluster_role_binding.autoscaler resource
kubernetes_cluster_role_binding.kube_dashboard resource
kubernetes_cluster_role_binding.metrics resource
kubernetes_config_map.kube_dashboard_settings resource
kubernetes_deployment.autoscaler resource
kubernetes_deployment.docker_cache resource
kubernetes_deployment.kube_dashboard resource
kubernetes_deployment.kube_dashboard_scraper resource
kubernetes_deployment.metrics resource
kubernetes_horizontal_pod_autoscaler.docker_cache resource
kubernetes_namespace.kube_dashboard resource
kubernetes_role.autoscaler resource
kubernetes_role.kube_dashboard resource
kubernetes_role_binding.auth_reader resource
kubernetes_role_binding.autoscaler resource
kubernetes_role_binding.kube_dashboard resource
kubernetes_secret.docker_cache resource
kubernetes_secret.kube_dashboard_certs resource
kubernetes_secret.kube_dashboard_csrf resource
kubernetes_secret.kube_dashboard_key_holder resource
kubernetes_secret.registry_passwords resource
kubernetes_service.docker_cache resource
kubernetes_service.kube_dashboard resource
kubernetes_service.kube_dashboard_scraper resource
kubernetes_service.metrics resource
kubernetes_service_account.autoscaler resource
kubernetes_service_account.docker_cache resource
kubernetes_service_account.kube_dashboard resource
kubernetes_service_account.metrics resource
aws_availability_zones.available data source
aws_caller_identity.current data source
aws_eks_cluster.cluster data source
aws_eks_cluster_auth.cluster data source
aws_iam_policy_document.autoscaler data source
aws_iam_policy_document.autoscaler_assume_role_with_oidc data source
aws_iam_policy_document.docker_cache data source
aws_iam_policy_document.docker_cache_assume_role_with_oidc data source
aws_lb.docker_cache data source
aws_region.current data source