forked from dspace-group/simphera-reference-architecture-aws
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathk8s.tf
126 lines (104 loc) · 4.77 KB
/
k8s.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
module "eks" {
source = "git::https://github.com/aws-ia/terraform-aws-eks-blueprints.git?ref=v4.32.1"
cluster_version = var.kubernetesVersion
cluster_name = var.infrastructurename
vpc_id = module.vpc.vpc_id
private_subnet_ids = module.vpc.private_subnets
create_eks = true
map_accounts = var.map_accounts
map_users = var.map_users
map_roles = var.map_roles
tags = var.tags
cloudwatch_log_group_kms_key_id = aws_kms_key.kms_key_cloudwatch_log_group.arn
cloudwatch_log_group_retention_in_days = var.cloudwatch_retention
managed_node_groups = merge(local.default_managed_node_pools, var.gpuNodePool ? local.gpu_node_pool : {})
}
module "eks-addons" {
source = "git::https://github.com/aws-ia/terraform-aws-eks-blueprints.git//modules/kubernetes-addons?ref=v4.32.1"
eks_cluster_id = module.eks.eks_cluster_id
enable_amazon_eks_vpc_cni = true
enable_amazon_eks_coredns = true
enable_amazon_eks_kube_proxy = true
enable_aws_efs_csi_driver = true
enable_amazon_eks_aws_ebs_csi_driver = true
enable_aws_load_balancer_controller = false
enable_cluster_autoscaler = true
enable_aws_for_fluentbit = var.enable_aws_for_fluentbit
enable_ingress_nginx = var.enable_ingress_nginx
tags = var.tags
aws_for_fluentbit_helm_config = {
values = [templatefile("${path.module}/templates/fluentbit_values.yaml", {
aws_region = data.aws_region.current.name,
log_group_name = local.log_group_name,
service_account_name = "aws-for-fluent-bit-sa"
})]
dependency_update = true
}
ingress_nginx_helm_config = {
values = [templatefile("${path.module}/templates/nginx_values.yaml", {
internal = "false",
scheme = "internet-facing",
})]
namespace = "nginx",
create_namespace = true
dependency_update = true
}
cluster_autoscaler_helm_config = var.cluster_autoscaler_helm_config
depends_on = [module.eks.managed_node_groups]
}
data "aws_eks_node_group" "execnodes" {
cluster_name = local.infrastructurename
node_group_name = replace(module.eks.managed_node_groups[0]["execnodes"]["managed_nodegroup_id"][0], "${local.infrastructurename}:", "")
}
data "aws_eks_node_group" "gpuexecnodes" {
count = var.gpuNodePool ? 1 : 0
cluster_name = local.infrastructurename
node_group_name = replace(module.eks.managed_node_groups[0]["gpuexecnodes"]["managed_nodegroup_id"][0], "${local.infrastructurename}:", "")
}
resource "aws_autoscaling_group_tag" "execnodes" {
autoscaling_group_name = data.aws_eks_node_group.execnodes.resources[0].autoscaling_groups[0].name
tag {
key = "k8s.io/cluster-autoscaler/node-template/label/purpose"
value = "execution"
propagate_at_launch = true
}
}
resource "aws_autoscaling_group_tag" "gpuexecnodes" {
count = var.gpuNodePool ? 1 : 0
autoscaling_group_name = data.aws_eks_node_group.gpuexecnodes[0].resources[0].autoscaling_groups[0].name
tag {
key = "k8s.io/cluster-autoscaler/node-template/label/purpose"
value = "gpu"
propagate_at_launch = true
}
}
# resource "aws_security_group_rule" "securitygroups_rules" {
# for_each = local.security_groups
# description = "Access between node groups."
# type = "ingress"
# from_port = 0
# to_port = 65535
# protocol = "all"
# source_security_group_id = split(",", each.key)[0]
# security_group_id = split(",", each.key)[1]
# }
# resource "aws_ebs_volume" "aurelion_image_volume" {
# availability_zone = "${var.region}a"
# size = 77
# tags = var.tags
# }
# resource "aws_ebs_snapshot" "aurelion_image_volume_snapshot" {
# volume_id = aws_ebs_volume.aurelion_image_volume.id
# description = "Snapshot of the volume containing an AURELION container image."
# tags = var.tags
# }
# resource "aws_efs_file_system" "aurelion_image" {
# creation_token = "EFS-AurelionImage-123456"
# tags = {
# Name = "EFS-AurelionImage-123456"
# }
# }
# resource "aws_efs_mount_target" "aurelion_image_mnt_target" {
# file_system_id = aws_efs_file_system.aurelion_image.id
# subnet_id = module.vpc.private_subnets[0]
# }