Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/terraform-yacloud-modules/terraform-yandex-kubernetes

Terraform module to manage Kubernetes (K8S) resources within the Yandex.Cloud.
https://github.com/terraform-yacloud-modules/terraform-yandex-kubernetes

hacktoberfest iac k8s kubernetes terraform terraform-modules yandex yandex-cloud

Last synced: 2 days ago
JSON representation

Terraform module to manage Kubernetes (K8S) resources within the Yandex.Cloud.

Host: GitHub
URL: https://github.com/terraform-yacloud-modules/terraform-yandex-kubernetes
Owner: terraform-yacloud-modules
License: apache-2.0
Created: 2023-02-16T12:58:30.000Z (over 1 year ago)
Default Branch: main
Last Pushed: 2024-10-29T03:49:40.000Z (16 days ago)
Last Synced: 2024-10-29T04:31:06.532Z (16 days ago)
Topics: hacktoberfest, iac, k8s, kubernetes, terraform, terraform-modules, yandex, yandex-cloud
Language: HCL
Homepage:
Size: 137 KB
Stars: 13
Watchers: 1
Forks: 1
Open Issues: 1
Metadata Files:
- Readme: README.md
- License: LICENSE
- Code of conduct: .github/CODE_OF_CONDUCT.md

Awesome Lists containing this project

README

        # Yandex Cloud Kubernetes Terraform module

Terraform module which creates Yandex Cloud Kubernetes resources.

## Examples

Examples codified under

the [`examples`](https://github.com/terraform-yacloud-modules/terraform-yandex-kubernetes/tree/main/examples) are intended

to give users references for how to use the module(s) as well as testing/validating changes to the source code of the

module. If contributing to the project, please be sure to make any appropriate updates to the relevant examples to allow

maintainers to test your changes and to keep the examples up to date for users. Thank you!

## Requirements

| Name | Version |

|------|---------|

|  [terraform](#requirement\_terraform) | >= 1.3 |

|  [tls](#requirement\_tls) | >= 3.1.0 |

|  [yandex](#requirement\_yandex) | >= 0.72.0 |

## Providers

| Name | Version |

|------|---------|

|  [tls](#provider\_tls) | >= 3.1.0 |

|  [yandex](#provider\_yandex) | >= 0.72.0 |

## Modules

No modules.

## Resources

| Name | Type |

|------|------|

| [tls_private_key.default_ssh_key](https://registry.terraform.io/providers/hashicorp/tls/latest/docs/resources/private_key) | resource |

| [yandex_kubernetes_cluster.main](https://registry.terraform.io/providers/yandex-cloud/yandex/latest/docs/resources/kubernetes_cluster) | resource |

| [yandex_kubernetes_node_group.node_groups](https://registry.terraform.io/providers/yandex-cloud/yandex/latest/docs/resources/kubernetes_node_group) | resource |

| [yandex_logging_group.main](https://registry.terraform.io/providers/yandex-cloud/yandex/latest/docs/resources/logging_group) | resource |

| [yandex_client_config.client](https://registry.terraform.io/providers/yandex-cloud/yandex/latest/docs/data-sources/client_config) | data source |

## Inputs

| Name | Description | Type | Default | Required |

|------|-------------|------|---------|:--------:|

|  [cluster\_ipv4\_range](#input\_cluster\_ipv4\_range) | CIDR block. IP range for allocating pod addresses. It should not overlap with
any subnet in the network the K8S cluster located in. Static routes will
be set up for this CIDR blocks in node subnets | `string` | `null` | no |

|  [cluster\_ipv6\_range](#input\_cluster\_ipv6\_range) | Identical to cluster\_ipv4\_range but for IPv6 protocol | `string` | `null` | no |

|  [cni\_type](#input\_cni\_type) | Type of K8S CNI which will be used for the cluster | `string` | `"calico"` | no |

|  [description](#input\_description) | K8S cluster description | `string` | `""` | no |

|  [enable\_oslogin](#input\_enable\_oslogin) | Enable OS Login for node groups | `bool` | `false` | no |

|  [generate\_default\_ssh\_key](#input\_generate\_default\_ssh\_key) | If true, SSH key for node groups will be generated | `bool` | `true` | no |

|  [kms\_provider\_key\_id](#input\_kms\_provider\_key\_id) | K8S cluster KMS key ID | `string` | `null` | no |

|  [labels](#input\_labels) | A set of labels to assign to the K8S cluster | `map(string)` | `{}` | no |

|  [master\_auto\_upgrade](#input\_master\_auto\_upgrade) | Boolean flag that specifies if master can be upgraded automatically | `bool` | `false` | no |

|  [master\_locations](#input\_master\_locations) | List of locations where cluster will be created. If list contains only one
location, will be created zonal cluster, if more than one -- regional | 
list(object({
    subnet_id = string
    zone      = string
  })) | n/a | yes |

|  [master\_logging](#input\_master\_logging) | Master logging | object({
    enabled                    = bool
    create_log_group           = optional(bool, true)
    log_group_retention_period = optional(string, "168h")
    log_group_id               = optional(string, "")
    audit_enabled              = optional(bool, true)
    kube_apiserver_enabled     = optional(bool, true)
    cluster_autoscaler_enabled = optional(bool, true)
    events_enabled             = optional(bool, true)
  })
 | {
  "enabled": false
} | no |

|  [master\_maintenance\_windows](#input\_master\_maintenance\_windows) | List of structures that specifies maintenance windows,
  when auto update for master is allowed

  E.g:master_maintenance_windows = [
    {
      start_time = "10:00"
      duration   = "5h"
    }
  ]
 | `list(map(string))` | [
  {
    "duration": "3h",
    "start_time": "23:00"
  }
] | no |

|  [master\_public\_ip](#input\_master\_public\_ip) | Boolean flag. When true, K8S master will have visible ipv4 address | `bool` | `true` | no |

|  [master\_region](#input\_master\_region) | Name of region where cluster will be created. Required for regional cluster,
not used for zonal cluster | `string` | `null` | no |

|  [master\_security\_group\_ids](#input\_master\_security\_group\_ids) | List of security group IDs to which the K8S cluster belongs | `set(string)` | `null` | no |

|  [master\_version](#input\_master\_version) | Version of K8S that will be used for master | `string` | `"1.27"` | no |

|  [name](#input\_name) | K8S cluster name | `string` | n/a | yes |

|  [network\_id](#input\_network\_id) | The ID of the cluster network | `string` | `null` | no |

|  [node\_groups](#input\_node\_groups) | K8S node groups | map(object({
    description               = optional(string, null)
    labels                    = optional(map(string), null)
    version                   = optional(string, null)
    metadata                  = optional(map(string), {})
    platform_id               = optional(string, null)
    memory                    = optional(string, 2)
    cores                     = optional(string, 2)
    core_fraction             = optional(string, 100)
    gpus                      = optional(string, null)
    boot_disk_type            = optional(string, "network-hdd")
    boot_disk_size            = optional(string, 100)
    preemptible               = optional(bool, false)
    placement_group_id        = optional(string, null)
    nat                       = optional(bool, false)
    security_group_ids        = optional(list(string))
    network_acceleration_type = optional(string, null)
    container_runtime_type    = optional(string, "containerd")
    fixed_scale               = optional(map(string), null)
    auto_scale                = optional(map(string), null)
    auto_repair               = optional(bool, true)
    auto_upgrade              = optional(bool, true)
    maintenance_windows       = optional(list(any))
    node_labels               = optional(map(string), null)
    node_taints               = optional(list(string), null)
    allowed_unsafe_sysctls    = optional(list(string), [])
    max_expansion             = optional(string, null)
    max_unavailable           = optional(string, null)
    zones                     = optional(list(string), null)
    subnet_ids                = optional(list(string), null)
  })) | `{}` | no |

|  [node\_groups\_default\_security\_groups\_ids](#input\_node\_groups\_default\_security\_groups\_ids) | A list of default IDs for node groups. Will be used if node\_groups[].security\_group\_ids is empty | `list(string)` | `[]` | no |

|  [node\_groups\_locations](#input\_node\_groups\_locations) | Locations of K8S node groups. If omitted, master\_locations will be used | list(object({
    subnet_id = string
    zone      = string
  })) | `null` | no |

|  [node\_groups\_ssh\_keys](#input\_node\_groups\_ssh\_keys) | Map containing SSH keys to install on all K8S node servers by default | `map(list(string))` | `{}` | no |

|  [node\_ipv4\_cidr\_mask\_size](#input\_node\_ipv4\_cidr\_mask\_size) | Size of the masks that are assigned to each node in the cluster. Effectively
limits maximum number of pods for each node | `number` | `null` | no |

|  [node\_name\_prefix](#input\_node\_name\_prefix) | The prefix for node group name | `string` | `""` | no |

|  [node\_service\_account\_id](#input\_node\_service\_account\_id) | ID of service account to be used by the worker nodes of the K8S
cluster to access Container Registry or to push node logs and metrics.

If omitted or equal to `service_account_id`, service account will be used
as node service account. | `string` | `null` | no |

|  [nodes\_default\_ssh\_user](#input\_nodes\_default\_ssh\_user) | Default SSH user for node groups. Used only if generate\_default\_ssh\_key == true | `string` | `"ubuntu"` | no |

|  [release\_channel](#input\_release\_channel) | K8S cluster release channel | `string` | `"STABLE"` | no |

|  [service\_account\_id](#input\_service\_account\_id) | ID of existing service account to be used for provisioning Compute Cloud
and VPC resources for K8S cluster. Selected service account should have
edit role on the folder where the K8S cluster will be located and on the
folder where selected network resides | `string` | `null` | no |

|  [service\_ipv4\_range](#input\_service\_ipv4\_range) | CIDR block. IP range K8S service K8S cluster IP addresses
will be allocated from. It should not overlap with any subnet in the network
the K8S cluster located in | `string` | `null` | no |

|  [service\_ipv6\_range](#input\_service\_ipv6\_range) | Identical to service\_ipv4\_range but for IPv6 protocol | `string` | `null` | no |

## Outputs

| Name | Description |

|------|-------------|

|  [cluster\_ca\_certificate](#output\_cluster\_ca\_certificate) | PEM-encoded public certificate that is the root of trust for the K8S cluster |

|  [cluster\_id](#output\_cluster\_id) | ID of a new K8S cluster |

|  [default\_ssh\_key\_prv](#output\_default\_ssh\_key\_prv) | Default node groups that is attached to all node groups |

|  [default\_ssh\_key\_pub](#output\_default\_ssh\_key\_pub) | Default node groups that is attached to all node groups |

|  [external\_v4\_endpoint](#output\_external\_v4\_endpoint) | An IPv4 external network address that is assigned to the master |

|  [internal\_v4\_endpoint](#output\_internal\_v4\_endpoint) | An IPv4 internal network address that is assigned to the master |

|  [node\_groups](#output\_node\_groups) | Attributes of yandex\_node\_group resources created in cluster |

## License

Apache-2.0 Licensed.

See [LICENSE](https://github.com/terraform-yacloud-modules/terraform-yandex-kubernetes/blob/main/LICENSE).