Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/sparkfabrik/terraform-aws-load-balancer-controller
This module installs AWS Load Balancer Controller on Amazon EKS and create the necessary resources to work with AWS services.
https://github.com/sparkfabrik/terraform-aws-load-balancer-controller
aws aws-eks eks helm helm-chart infrastructure-as-code kubernetes load-balancer terraform-module
Last synced: 1 day ago
JSON representation
This module installs AWS Load Balancer Controller on Amazon EKS and create the necessary resources to work with AWS services.
- Host: GitHub
- URL: https://github.com/sparkfabrik/terraform-aws-load-balancer-controller
- Owner: sparkfabrik
- License: gpl-3.0
- Created: 2024-06-04T16:14:58.000Z (4 months ago)
- Default Branch: main
- Last Pushed: 2024-06-11T07:48:30.000Z (4 months ago)
- Last Synced: 2024-09-23T04:03:01.079Z (5 days ago)
- Topics: aws, aws-eks, eks, helm, helm-chart, infrastructure-as-code, kubernetes, load-balancer, terraform-module
- Language: HCL
- Homepage:
- Size: 26.4 KB
- Stars: 1
- Watchers: 4
- Forks: 0
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
- License: LICENSE
Awesome Lists containing this project
README
# Terraform AWS Load Balancer Controller
This module installs the AWS Load Balancer Controller into an EKS cluster using Helm.
This module follows the [AWS Load Balancer Controller installation guide using Helm](https://docs.aws.amazon.com/eks/latest/userguide/lbc-helm.html). The required resources are created using terraform. We use the same naming conventions as the guide and the same default values.
## How to migrate from installation made using the plain manifest files to this module
As described [here](https://docs.aws.amazon.com/eks/latest/userguide/lbc-remove.html), you can delete the resources for the AWS Load Balancer Controller and the applications that use the Application Load Balancers Ingresses should continue to work. **Remember to keep in place the following resources to avoid disruption:**
- `IngressClassParams` CRD
- `TargetGroupBindings` CRD
- `alb` IngreesClassParams
- `alb` IngressClass
The two CRDs (`IngressClassParams` and `TargetGroupBindings`) will be updated by the two `kubernetes_manifest` of this module. The `alb` IngressClass and `IngressClassParams` will be created by `helm_release` of this module.
The two CRDs should be updated without any issue. **The alb `IngressClass` and `IngressClassParams` must be _adopted_ before applying the `helm_release` of this module**. You can execute the following code snippet to update your resources and inform the Helm release about them:
```bash
# IngressClassParams
kubectl annotate IngressClassParams alb meta.helm.sh/release-name=aws-load-balancer-controller
kubectl annotate IngressClassParams alb meta.helm.sh/release-namespace=kube-system
kubectl label IngressClassParams alb app.kubernetes.io/managed-by=Helm
# IngressClass
kubectl annotate IngressClass alb meta.helm.sh/release-name=aws-load-balancer-controller
kubectl annotate IngressClass alb meta.helm.sh/release-namespace=kube-system
kubectl label IngressClass alb app.kubernetes.io/managed-by=Helm
```
In the snippet above, **if you have changed the `helm_release_name` or `namespace` of this module, you should update the values of the annotations accordingly.**
## Providers
| Name | Version |
| --------------------------------------------------------------------- | ------- |
| [aws](#provider_aws) | >= 5.0 |
| [helm](#provider_helm) | >= 2.0 |
| [kubernetes](#provider_kubernetes) | >= 2.23 |
## Requirements
| Name | Version |
| --------------------------------------------------------------------------- | ------- |
| [terraform](#requirement_terraform) | >= 1.5 |
| [aws](#requirement_aws) | >= 5.0 |
| [helm](#requirement_helm) | >= 2.0 |
| [kubernetes](#requirement_kubernetes) | >= 2.23 |
## Inputs
| Name | Description | Type | Default | Required |
| --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------- | -------------------------------------------------------------------------------------------- | :------: |
| [aws_lbc_iam_policy_description](#input_aws_lbc_iam_policy_description) | The description of the IAM policy for the AWS Load Balancer Controller. | `string` | `"IAM policy for AWS Load Balancer Controller."` | no |
| [aws_lbc_iam_policy_name](#input_aws_lbc_iam_policy_name) | The name of the IAM policy for the AWS Load Balancer Controller. | `string` | `"AWSLoadBalancerControllerIAMPolicy"` | no |
| [aws_lbc_role_name](#input_aws_lbc_role_name) | The name of the IAM role that the AWS Load Balancer Controller will assume. | `string` | `"aws-load-balancer-controller"` | no |
| [aws_region](#input_aws_region) | The AWS region where the cluster is deployed. | `string` | n/a | yes |
| [aws_vpc_id](#input_aws_vpc_id) | The ID of the VPC where the AWS Load Balancer Controller will be deployed. | `string` | n/a | yes |
| [cluster_name](#input_cluster_name) | The name of the EKS cluster. | `string` | n/a | yes |
| [cluster_oidc_issuer_host](#input_cluster_oidc_issuer_host) | The OIDC issuer host for the EKS cluster. | `string` | n/a | yes |
| [create_namespace](#input_create_namespace) | Whether to create the namespace or not. If set to false, it is expected that the namespace already exists. | `bool` | `false` | no |
| [enable_cert_manager](#input_enable_cert_manager) | Enable cert-manager for the AWS Load Balancer Controller. | `bool` | `false` | no |
| [helm_additional_values](#input_helm_additional_values) | Additional values to be passed to the Helm chart. | `list(string)` | `[]` | no |
| [helm_chart_version](#input_helm_chart_version) | The version of the aws-load-balancer-controller Helm chart. Consider the default value the reference version of the module and the base of the values.yaml.tftpl file. | `string` | `"1.8.1"` | no |
| [helm_release_name](#input_helm_release_name) | The name of the Helm release. | `string` | `"aws-load-balancer-controller"` | no |
| [install_crds](#input_install_crds) | Install the CRDs for the AWS Load Balancer Controller. | `bool` | `true` | no |
| [k8s_additional_labels](#input_k8s_additional_labels) | Additional labels to apply to the Kubernetes resources. | `map(string)` | `{}` | no |
| [k8s_default_labels](#input_k8s_default_labels) | Labels to apply to the Kubernetes resources. These are opinionated labels, you can add more labels using the variable `additional_k8s_labels`. If you want to remove a label, you can override it with an empty map(string). | `map(string)` |
{
"managed-by": "terraform",
"scope": "aws-load-balancer-controller"
} | no |
| [k8s_lbc_service_account_name](#input_k8s_lbc_service_account_name) | The name of the Kubernetes service account for AWS Load Balancer Controller. | `string` | `"aws-load-balancer-controller"` | no |
| [namespace](#input_namespace) | The namespace in which the AWS Load Balancer Controller resources will be created. | `string` | `"kube-system"` | no |
| [replica_count](#input_replica_count) | The number of replicas for the AWS Load Balancer Controller. | `number` | `2` | no |
| [set_topology_spread_constraints](#input_set_topology_spread_constraints) | Set the topologySpreadConstraints for the AWS Load Balancer Controller. | `bool` | `true` | no |
| [set_topology_spread_constraints_max_skew](#input_set_topology_spread_constraints_max_skew) | Set the topologyKey in the topologySpreadConstraints for the AWS Load Balancer Controller. | `number` | `1` | no |
| [set_topology_spread_constraints_topology_key](#input_set_topology_spread_constraints_topology_key) | Set the topologyKey in the topologySpreadConstraints for the AWS Load Balancer Controller. | `string` | `"kubernetes.io/hostname"` | no |
| [set_topology_spread_constraints_when_unsatisfiable](#input_set_topology_spread_constraints_when_unsatisfiable) | Set the whenUnsatisfiable policy in the topologySpreadConstraints for the AWS Load Balancer Controller. | `string` | `"ScheduleAnyway"` | no |
## Outputs
| Name | Description |
| -------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------- |
| [aws_lbc_iam_policy_arn](#output_aws_lbc_iam_policy_arn) | The ARN of the IAM policy created for the AWS Load Balancer Controller. |
| [final_k8s_common_labels](#output_final_k8s_common_labels) | The final list of common labels to apply to the Kubernetes resources. |
## Resources
| Name | Type |
| ------------------------------------------------------------------------------------------------------------------------------------------- | ----------- |
| [aws_iam_policy.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
| [helm_release.this](https://registry.terraform.io/providers/hashicorp/helm/latest/docs/resources/release) | resource |
| [kubernetes_manifest.this](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/manifest) | resource |
| [kubernetes_namespace_v1.this](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/namespace_v1) | resource |
| [kubernetes_secret_v1.this](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/secret_v1) | resource |
| [kubernetes_service_account_v1.this](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/service_account_v1) | resource |
| [kubernetes_namespace_v1.this](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/data-sources/namespace_v1) | data source |
## Modules
| Name | Source | Version |
| ----------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------- | ------- |
| [iam_assumable_role_with_oidc_for_lbc](#module_iam_assumable_role_with_oidc_for_lbc) | terraform-aws-modules/iam/aws//modules/iam-assumable-role-with-oidc | ~> 5.0 |