Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/ventx/terraform-stackit-k8s

Terraform module to deploy STACKIT Kubernetes (SKE) Cluster with optional Argus monitoring
https://github.com/ventx/terraform-stackit-k8s

Last synced: 5 months ago
JSON representation

Terraform module to deploy STACKIT Kubernetes (SKE) Cluster with optional Argus monitoring

Awesome Lists containing this project

README 

          
# Terraform STACKIT Kubernetes



Terraform module to create a K8s (SKE) Cluster with monitoring (Argus) for STACKIT cloud platform.



## Consulting



You need support with STACKIT infrastructure? We are an [official professional service partner of STACKIT](https://www.stackit.de/de/partner/partnersteckbrief-ventx/) !



Please don't hesitate to contact us at: [stackit@ventx.de](mailto:stackit@ventx.de)



---



Sie benötigen Unterstützung bei Ihrer STACKIT Infrastruktur? Wir sind [offizieller Professional Service Partner von STACKIT](https://www.stackit.de/de/partner/partnersteckbrief-ventx/) !



Kontaktieren Sie uns via: [stackit@ventx.de](mailto:stackit@ventx.de)



## Overview

This Terraform project provisions a Kubernetes cluster on STACKIT, including optional Argus monitoring and ACL controls.



## Prerequisites



* [Terraform v1.x.x](https://www.terraform.io)

* [STACKIT Account](https://www.stackit.de)



## Getting Started



Clone the repository:

`git clone https://github.com/ventx/terraform-stackit-k8s`



Navigate into the directory:

`cd terraform-stackit-k8s`



Set your Stackit Service Account Token as EnvVars:



```bash

 export STACKIT_SERVICE_ACCOUNT_EMAIL=xxx

 export STACKIT_SERVICE_ACCOUNT_TOKEN=xxx

```



Create `terraform.tfvars` to configure Node Pools (required) and other configs (optional):



```hcl

# REQUIRED: ID of your STACKIT project

project_id = "12345678-1234-1234-1234-1234567890ab"



# REQUIRED: Configure Node Pool(s)

node_pools = [

  {

    name         = "np-example"

    machine_type = "c1.2"

    minimum = "2"

    maximum = "3"

    zones   = ["eu01-1", "eu01-2", "eu01-3"]

  }

]



# Enables cluster monitoring with STACKIT Argus and configure ACL to whitelist CIDRs for cluster access

extensions = {

  acl = {

    enabled       = false

    allowed_cidrs = []

  },

  argus = {

    enabled = true

  }

}



# Automatically shutdown cluster at 18:00 and start at 08:00 to save on costs

hibernations = [{

  start    = "0 8 * * *"

  end      = "0 18 * * *"

  timezone = "Europe/Berlin"

}]

```



Initialize Terraform:

`terraform init`



Create Terraform plan and verify the configuration:

`terraform plan`



Apply the Terraform configuration:

`terraform apply`



## Maintenance & Monitoring

Scheduled maintenance (auto-update of K8s and/or machine images) is controlled by the `var.maintenance` variable block.



Optionally enable Argus monitoring via `var.monitoring` variable block.



## Hibernation

Auto start/stop timings for the cluster can be set through the `var.hibernations` variable to save on costs.



## Important Notes



### Terraform Providers

There are two STACKIT Terraform providers:



* Community: [SchwarzIT/stackit](https://registry.terraform.io/providers/SchwarzIT/stackit/latest)

* Official: [stackitcloud/stackit](https://registry.terraform.io/providers/stackitcloud/stackit/latest)



The official provider is still buggy, so we are using the **Community** provider for now.



## Contributing



Pull requests are very welcome. If you encounter any problems, please open an issue ❤️.



## License



MIT



## terraform-docs



## Requirements



| Name | Version |

|------|---------|

|  [stackit](#requirement\_stackit) | ~> 1.27 |



## Providers



| Name | Version |

|------|---------|

|  [local](#provider\_local) | n/a |

|  [stackit](#provider\_stackit) | ~> 1.27 |



## Modules



No modules.



## Resources



| Name | Type |

|------|------|

| [local_sensitive_file.kubeconfig](https://registry.terraform.io/providers/hashicorp/local/latest/docs/resources/sensitive_file) | resource |

| [stackit_argus_instance.default](https://registry.terraform.io/providers/SchwarzIT/stackit/latest/docs/resources/argus_instance) | resource |

| [stackit_kubernetes_cluster.default](https://registry.terraform.io/providers/SchwarzIT/stackit/latest/docs/resources/kubernetes_cluster) | resource |



## Inputs



| Name | Description | Type | Default | Required |

|------|-------------|------|---------|:--------:|

|  [acl\_allowed\_cidrs](#input\_acl\_allowed\_cidrs) | List of CIDRs to allow access to the cluster | `list(string)` | `[]` | no |

|  [acl\_enabled](#input\_acl\_enabled) | Enable / Disable ACL | `bool` | `false` | no |

|  [argus\_instance](#input\_argus\_instance) | Argus instance configuration | 
object({
    parameters = optional(map(string))
  })
 | 
{
  "parameters": {}
}
 | no |

|  [argus\_instance\_id](#input\_argus\_instance\_id) | Argus Instance ID for Monitoring of K8s Cluster | `string` | `""` | no |

|  [argus\_plan](#input\_argus\_plan) | Name of the Argus plan to use | `string` | `"Monitoring-Starter-EU01"` | no |

|  [cluster\_name](#input\_cluster\_name) | Specifies the cluster name (lower case, alphanumeric, hyphens allowed, up to 11 chars) | `string` | `"k8s"` | no |

|  [cluster\_timeouts](#input\_cluster\_timeouts) | Timeouts for cluster operations | 
object({
    create = optional(string)
    update = optional(string)
    delete = optional(string)
  })
 | 
{
  "create": "60m",
  "delete": "60m",
  "update": "60m"
}
 | no |

|  [create\_local\_kubeconfig](#input\_create\_local\_kubeconfig) | Create local kubeconfig file | `bool` | `true` | no |

|  [enable\_kubernetes\_version\_updates](#input\_enable\_kubernetes\_version\_updates) | Enable automatic Kubernetes version updates | `bool` | `true` | no |

|  [enable\_machine\_image\_version\_updates](#input\_enable\_machine\_image\_version\_updates) | Enable automatic OS image version updates | `bool` | `true` | no |

|  [extensions](#input\_extensions) | Extensions configuration | 
object({
    acl = object({
      allowed_cidrs = list(string)
      enabled       = bool
    })
    argus = object({
      enabled           = bool
      argus_instance_id = optional(string)
    })
  })
 | 
{
  "acl": {
    "allowed_cidrs": [],
    "enabled": false
  },
  "argus": {
    "enabled": false
  }
}
 | no |

|  [grafana](#input\_grafana) | Argus grafana configuration | 
object({
    enable_public_access = bool
  })
 | 
{
  "enable_public_access": false
}
 | no |

|  [hibernations](#input\_hibernations) | Hibernation configuration | 
list(object({
    start    = string
    end      = string
    timezone = string
  }))
 | 
[
  {
    "end": "",
    "start": "",
    "timezone": "Europe/Berlin"
  }
]
 | no |

|  [k8s\_version](#input\_k8s\_version) | K8s Version | `string` | `"1.26"` | no |

|  [maintenance](#input\_maintenance) | Maintenance window configuration | 
object({
    enable_kubernetes_version_updates    = bool
    enable_machine_image_version_updates = bool
    start                                = string
    end                                  = string
  })
 | 
{
  "enable_kubernetes_version_updates": true,
  "enable_machine_image_version_updates": true,
  "end": "0000-01-01T05:00:00Z",
  "start": "0000-01-01T03:00:00Z"
}
 | no |

|  [maintenance\_start](#input\_maintenance\_start) | Start of the maintenance window | `string` | `"02:00:00+02:00"` | no |

|  [maintenance\_stop](#input\_maintenance\_stop) | End of the maintenance window | `string` | `"05:00:00+02:00"` | no |

|  [metrics](#input\_metrics) | Argus metric configuration | 
object({
    retention_days                 = number
    retention_days_1h_downsampling = number
    retention_days_5m_downsampling = number
  })
 | 
{
  "retention_days": 30,
  "retention_days_1h_downsampling": 3,
  "retention_days_5m_downsampling": 10
}
 | no |

|  [node\_pools](#input\_node\_pools) | Configuration for node\_pools | 
list(object({
    machine_type      = string
    name              = string
    container_runtime = optional(string)
    labels            = optional(map(string))
    max_surge         = optional(number)
    max_unavailable   = optional(number)
    maximum           = optional(number)
    minimum           = optional(number)
    os_name           = optional(string)
    os_version        = optional(string)
    taints = optional(list(object({
      key    = string
      value  = string
      effect = string
    })))
    volume_size_gb = optional(number)
    volume_type    = optional(string)
    zones          = optional(list(string))
  }))
 | n/a | yes |

|  [project\_id](#input\_project\_id) | stackit Project ID | `any` | n/a | yes |



## Outputs



| Name | Description |

|------|-------------|

|  [argus\_alerting\_url](#output\_argus\_alerting\_url) | n/a |

|  [argus\_dashboard\_url](#output\_argus\_dashboard\_url) | n/a |

|  [argus\_grafana\_initial\_admin\_password](#output\_argus\_grafana\_initial\_admin\_password) | n/a |

|  [argus\_grafana\_initial\_admin\_user](#output\_argus\_grafana\_initial\_admin\_user) | n/a |

|  [argus\_grafana\_url](#output\_argus\_grafana\_url) | n/a |

|  [argus\_instance\_id](#output\_argus\_instance\_id) | n/a |

|  [argus\_jaeger\_traces\_url](#output\_argus\_jaeger\_traces\_url) | n/a |

|  [argus\_jaeger\_ui\_url](#output\_argus\_jaeger\_ui\_url) | n/a |

|  [argus\_logs\_push\_url](#output\_argus\_logs\_push\_url) | n/a |

|  [argus\_logs\_url](#output\_argus\_logs\_url) | n/a |

|  [argus\_metrics\_push\_url](#output\_argus\_metrics\_push\_url) | n/a |

|  [argus\_metrics\_url](#output\_argus\_metrics\_url) | n/a |

|  [argus\_otlp\_traces\_url](#output\_argus\_otlp\_traces\_url) | n/a |

|  [argus\_targets\_url](#output\_argus\_targets\_url) | n/a |

|  [argus\_zipkin\_spans\_url](#output\_argus\_zipkin\_spans\_url) | n/a |

|  [cluster\_id](#output\_cluster\_id) | n/a |

|  [cluster\_version](#output\_cluster\_version) | n/a |

|  [kube\_config](#output\_kube\_config) | n/a |