Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Terraform-AWS] Replace CLB with NLB for kube-apiserver domain #8578

Merged
merged 1 commit into from
Feb 25, 2022
Merged

[Terraform-AWS] Replace CLB with NLB for kube-apiserver domain #8578

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
16 changes: 8 additions & 8 deletions contrib/terraform/aws/create-infrastructure.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,14 +26,14 @@ module "aws-vpc" {
default_tags = var.default_tags
}

module "aws-elb" {
source = "./modules/elb"
module "aws-nlb" {
source = "./modules/nlb"

aws_cluster_name = var.aws_cluster_name
aws_vpc_id = module.aws-vpc.aws_vpc_id
aws_avail_zones = data.aws_availability_zones.available.names
aws_subnet_ids_public = module.aws-vpc.aws_subnet_ids_public
aws_elb_api_port = var.aws_elb_api_port
aws_nlb_api_port = var.aws_nlb_api_port
k8s_secure_api_port = var.k8s_secure_api_port
default_tags = var.default_tags
}
Expand Down Expand Up @@ -96,10 +96,10 @@ resource "aws_instance" "k8s-master" {
}))
}

resource "aws_elb_attachment" "attach_master_nodes" {
count = var.aws_kube_master_num
elb = module.aws-elb.aws_elb_api_id
instance = element(aws_instance.k8s-master.*.id, count.index)
resource "aws_lb_target_group_attachment" "tg-attach_master_nodes" {
count = var.aws_kube_master_num
target_group_arn = module.aws-nlb.aws_nlb_api_tg_arn
target_id = element(aws_instance.k8s-master.*.private_ip, count.index)
}

resource "aws_instance" "k8s-etcd" {
Expand Down Expand Up @@ -164,7 +164,7 @@ data "template_file" "inventory" {
list_node = join("\n", aws_instance.k8s-worker.*.private_dns)
connection_strings_etcd = join("\n", formatlist("%s ansible_host=%s", aws_instance.k8s-etcd.*.private_dns, aws_instance.k8s-etcd.*.private_ip))
list_etcd = join("\n", ((var.aws_etcd_num > 0) ? (aws_instance.k8s-etcd.*.private_dns) : (aws_instance.k8s-master.*.private_dns)))
elb_api_fqdn = "apiserver_loadbalancer_domain_name=\"${module.aws-elb.aws_elb_api_fqdn}\""
nlb_api_fqdn = "apiserver_loadbalancer_domain_name=\"${module.aws-nlb.aws_nlb_api_fqdn}\""
}
}

Expand Down
57 changes: 0 additions & 57 deletions contrib/terraform/aws/modules/elb/main.tf
View file
Open in desktop

This file was deleted.

7 changes: 0 additions & 7 deletions contrib/terraform/aws/modules/elb/outputs.tf
View file
Open in desktop

This file was deleted.

41 changes: 41 additions & 0 deletions contrib/terraform/aws/modules/nlb/main.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,41 @@
# Create a new AWS NLB for K8S API
resource "aws_lb" "aws-nlb-api" {
name = "kubernetes-nlb-${var.aws_cluster_name}"
load_balancer_type = "network"
subnets = length(var.aws_subnet_ids_public) <= length(var.aws_avail_zones) ? var.aws_subnet_ids_public : slice(var.aws_subnet_ids_public, 0, length(var.aws_avail_zones))
idle_timeout = 400
enable_cross_zone_load_balancing = true

tags = merge(var.default_tags, tomap({
Name = "kubernetes-${var.aws_cluster_name}-nlb-api"
}))
}

# Create a new AWS NLB Instance Target Group
resource "aws_lb_target_group" "aws-nlb-api-tg" {
name = "kubernetes-nlb-tg-${var.aws_cluster_name}"
port = var.k8s_secure_api_port
protocol = "TCP"
target_type = "ip"
vpc_id = var.aws_vpc_id

health_check {
healthy_threshold = 2
unhealthy_threshold = 2
interval = 30
protocol = "HTTPS"
path = "/healthz"
}
}

# Create a new AWS NLB Listener listen to target group
resource "aws_lb_listener" "aws-nlb-api-listener" {
load_balancer_arn = aws_lb.aws-nlb-api.arn
port = var.aws_nlb_api_port
protocol = "TCP"

default_action {
type = "forward"
target_group_arn = aws_lb_target_group.aws-nlb-api-tg.arn
}
}
11 changes: 11 additions & 0 deletions contrib/terraform/aws/modules/nlb/outputs.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
output "aws_nlb_api_id" {
value = aws_lb.aws-nlb-api.id
}

output "aws_nlb_api_fqdn" {
value = aws_lb.aws-nlb-api.dns_name
}

output "aws_nlb_api_tg_arn" {
value = aws_lb_target_group.aws-nlb-api-tg.arn
}
4 changes: 2 additions & 2 deletions ...ib/terraform/aws/modules/elb/variables.tf → ...ib/terraform/aws/modules/nlb/variables.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,8 +6,8 @@ variable "aws_vpc_id" {
description = "AWS VPC ID"
}

variable "aws_elb_api_port" {
description = "Port for AWS ELB"
variable "aws_nlb_api_port" {
description = "Port for AWS NLB"
}

variable "k8s_secure_api_port" {
Expand Down
4 changes: 2 additions & 2 deletions contrib/terraform/aws/output.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,8 +14,8 @@ output "etcd" {
value = join("\n", ((var.aws_etcd_num > 0) ? (aws_instance.k8s-etcd.*.private_ip) : (aws_instance.k8s-master.*.private_ip)))
}

output "aws_elb_api_fqdn" {
value = "${module.aws-elb.aws_elb_api_fqdn}:${var.aws_elb_api_port}"
output "aws_nlb_api_fqdn" {
value = "${module.aws-nlb.aws_nlb_api_fqdn}:${var.aws_nlb_api_port}"
}

output "inventory" {
Expand Down
4 changes: 2 additions & 2 deletions contrib/terraform/aws/sample-inventory/cluster.tfvars
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,9 +33,9 @@ aws_kube_worker_size = "t2.medium"

aws_kube_worker_disk_size = 50

#Settings AWS ELB
#Settings AWS NLB

aws_elb_api_port = 6443
aws_nlb_api_port = 6443

k8s_secure_api_port = 6443

Expand Down
2 changes: 1 addition & 1 deletion contrib/terraform/aws/templates/inventory.tpl
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,4 +24,4 @@ kube_control_plane
calico_rr

[k8s_cluster:vars]
${elb_api_fqdn}
${nlb_api_fqdn}
2 changes: 1 addition & 1 deletion contrib/terraform/aws/terraform.tfvars
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ aws_kube_worker_size = "t3.medium"
aws_kube_worker_disk_size = 50

#Settings AWS ELB
aws_elb_api_port = 6443
aws_nlb_api_port = 6443
k8s_secure_api_port = 6443

default_tags = {
Expand Down
2 changes: 1 addition & 1 deletion contrib/terraform/aws/terraform.tfvars.example
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ aws_kube_worker_size = "t3.medium"
aws_kube_worker_disk_size = 50

#Settings AWS ELB
aws_elb_api_port = 6443
aws_nlb_api_port = 6443
k8s_secure_api_port = 6443

default_tags = { }
Expand Down
6 changes: 3 additions & 3 deletions contrib/terraform/aws/variables.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -104,11 +104,11 @@ variable "aws_kube_worker_size" {
}

/*
* AWS ELB Settings
* AWS NLB Settings
*
*/
variable "aws_elb_api_port" {
description = "Port for AWS ELB"
variable "aws_nlb_api_port" {
description = "Port for AWS NLB"
}

variable "k8s_secure_api_port" {
Expand Down