provider "aws" {
region = local.region
}
locals {
name = "dev-cluster"
region = "us-east-1"
vpc_cidr = "10.123.0.0/16"
azs = ["us-east-1a", "us-east-1b"]
public_subnets = ["10.123.1.0/24", "10.123.2.0/24"]
private_subnets = ["10.123.3.0/24", "10.123.4.0/24"]
intra_subnets = ["10.123.5.0/24", "10.123.6.0/24"]
tags = {
Example = local.name
}
}
module "vpc" {
source = "terraform-aws-modules/vpc/aws"
version = "~> 4.0"
name = local.name
cidr = local.vpc_cidr
azs = local.azs
private_subnets = local.private_subnets
public_subnets = local.public_subnets
intra_subnets = local.intra_subnets
enable_nat_gateway = true
map_public_ip_on_launch = true
public_subnet_tags = {
"kubernetes.io/cluster/dev-cluster" = "shared"
"kubernetes.io/role/elb" = 1
}
private_subnet_tags = {
"kubernetes.io/cluster/dev-cluster" = "shared"
"kubernetes.io/role/internal-elb" = 1
}
}
module "eks" {
source = "terraform-aws-modules/eks/aws"
version = "19.15.1"
cluster_name = local.name
cluster_endpoint_public_access = true
cluster_addons = {
coredns = {
most_recent = true
}
kube-proxy = {
most_recent = true
}
vpc-cni = {
most_recent = true
}
}
vpc_id = module.vpc.vpc_id
subnet_ids = module.vpc.public_subnets
control_plane_subnet_ids = module.vpc.intra_subnets
# EKS Managed Node Group(s)
eks_managed_node_group_defaults = {
ami_type = "AL2_x86_64"
instance_types = ["m5.large"]
attach_cluster_primary_security_group = true
cluster_security_group_tags = {}
}
node_security_group_tags = {
"kubernetes.io/cluster/dev-cluster" = null
}
create_node_security_group = true
node_security_group_additional_rules = {
allow_http_from_elb = {
type = "ingress"
from_port = 4321
to_port = 4321
protocol = "tcp"
description = "Allow app traffic from ELB"
source_security_group_id = module.vpc.default_security_group_id
}
}
eks_managed_node_groups = {
ascode-cluster-wg = {
min_size = 1
max_size = 2
desired_size = 1
instance_types = ["t3.large"]
capacity_type = "SPOT"
tags = {
ExtraTag = "helloworld"
}
}
}
tags = local.tags
}