Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/pete911/eks-cluster

AWS EKS cluster
https://github.com/pete911/eks-cluster

eks eks-cluster hashicorp-terraform k8s-cluster kubernetes-cluster terraform

Last synced: 18 days ago
JSON representation

AWS EKS cluster

Host: GitHub
URL: https://github.com/pete911/eks-cluster
Owner: pete911
Created: 2020-09-26T18:01:21.000Z (about 4 years ago)
Default Branch: main
Last Pushed: 2024-01-09T15:40:16.000Z (11 months ago)
Last Synced: 2024-10-11T06:43:24.011Z (about 1 month ago)
Topics: eks, eks-cluster, hashicorp-terraform, k8s-cluster, kubernetes-cluster, terraform
Language: HCL
Homepage:
Size: 111 KB
Stars: 1
Watchers: 2
Forks: 2
Open Issues: 0
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

README

        # Terraform for EKS cluster

Terraform is in [tf](tf) directory (`cd tf`):

 - initialize and validate

   - `terraform init`

   - `terraform validate`

   - `terraform plan`

 - apply (replace ``) `terraform apply -var='public_access_cidrs=["/32"]'`

 - destroy `tf destroy`

## AWS VPC

VPC name is `eks-` (`` defaults to `main` and can be changed with `cluster_name` variable). Default

VPC address is `10.0.0.0` (can be changed with `vpc_address` variable) and VPC netmask is `/24`.

### subnets

We create 3 public and 3 private subnets in different availability zones. Each public subnet has

[NAT Gateway](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html) with elastic IP to be used by

private subnets for internet traffic.

| Name                      | Type    | AZ | CIDR          | Hosts | Address    | Broadcast     | Host Min      | Host Max      |

| ------------------------- | ------- | -- | ------------- | ----- | ---------- | ------------- | ------------- | ------------- |

| eks-\-private-a  | private | a  | 10.0.0.0/26   | 62    | 10.0.0.0   | 10.0.0.63     | 10.0.0.1      | 10.0.0.62     |

| eks-\-private-b  | private | b  | 10.0.0.64/26  | 62    | 10.0.0.64  | 10.0.0.127    | 10.0.0.65     | 10.0.0.126    |

| eks-\-private-c  | private | c  | 10.0.0.128/26 | 62    | 10.0.0.128 | 10.0.0.191    | 10.0.0.129    | 10.0.0.190    |

| eks-\-public-a   | public  | a  | 10.0.0.192/28 | 14    | 10.0.0.192 | 10.0.0.207    | 10.0.0.193    | 10.0.0.206    |

| eks-\-public-b   | public  | b  | 10.0.0.208/28 | 14    | 10.0.0.208 | 10.0.0.223    | 10.0.0.209    | 10.0.0.222    |

| eks-\-public-c   | public  | c  | 10.0.0.224/28 | 14    | 10.0.0.224 | 10.0.0.239    | 10.0.0.225    | 10.0.0.238    |



  



## AWS EKS cluster

Cluster name defaults to `main` (can be changed with `cluster_name` variable). Cluster has a public endpoint open to all 

traffic (`0.0.0.0/0`) by default, it is strongly encouraged to change this to list of allowed CIDRs using

`public_access_cidrs` variable: `terraform apply -var='public_access_cidrs=["/32"]'`

We prefix AWS IAM role for a cluster with region (so it doesn't clash if you have a cluster with the same name in

multiple regions). IAM role name is in `-eks-` format.

### Node groups

By default, we create one `default` node group with `t3.medium` instances. Update [tf/variables.tf](tf/variables.tf) file

to change defaults. Node groups use launch template, so we have managed EKS nodes, but with custom images. To update

image, but let AWS roll the nodes, update launch template (e.g. change instance type) and then set node groups launch

template version to the one you want to use.

## ECR

By default, project creates ECR repositories (/debug) and private link to ECR and S3 (docker images content is

stored in S3).