Skip to content

Commit

Permalink
[examples] add eks add-on to all aws examples
Browse files Browse the repository at this point in the history
  • Loading branch information
Z4ck404 committed Nov 30, 2023
1 parent 23388df commit 5778491
Show file tree
Hide file tree
Showing 3 changed files with 185 additions and 0 deletions.
62 changes: 62 additions & 0 deletions examples/from-private-vpc/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -55,6 +55,68 @@ module "eks" {

}


################################################################################
# Install EKS ADD-ONs with necessary IAM resources
# (ebs-csi, vpc-cni, core-dns, proxy)
################################################################################

module "vpc_cni_ipv4_irsa_role" {
source = "terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks"
version = "5.17.0"

role_name = "${var.cluster_name}-vpc-cni"
attach_vpc_cni_policy = true
vpc_cni_enable_ipv4 = true
vpc_cni_enable_ipv6 = true

oidc_providers = {
ex = {
provider_arn = module.eks.oidc_provider_arn
namespace_service_accounts = ["kube-system:aws-node"]
}
}

}

data "aws_eks_addon_version" "vpc-cni" {
addon_name = "vpc-cni"
kubernetes_version = var.cluster_version
}

data "aws_eks_addon_version" "kube-proxy" {
addon_name = "kube-proxy"
kubernetes_version = var.cluster_version
}

data "aws_eks_addon_version" "core-dns" {
addon_name = "coredns"
kubernetes_version = var.cluster_version
}

resource "aws_eks_addon" "vpc-cni" {
cluster_name = data.aws_eks_cluster.this.id
addon_name = "vpc-cni"
addon_version = data.aws_eks_addon_version.vpc-cni.version
resolve_conflicts = "OVERWRITE"

service_account_role_arn = module.vpc_cni_ipv4_irsa_role.iam_role_arn
}

resource "aws_eks_addon" "core-dns" {
cluster_name = module.eks.cluster_id
addon_name = "coredns"
addon_version = data.aws_eks_addon_version.core-dns.version
resolve_conflicts = "OVERWRITE"
}

resource "aws_eks_addon" "kube-proxy" {
cluster_name = module.eks.cluster_id
addon_name = "kube-proxy"
addon_version = data.aws_eks_addon_version.kube-proxy.version
resolve_conflicts = "OVERWRITE"
}

################################################################################
# Create aws-auth configmap
# (the eks module recently removed their support for aws-auth management (>=18))
Expand Down
62 changes: 62 additions & 0 deletions examples/from-scratch-with-private-link/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -180,6 +180,68 @@ module "eks" {

}


################################################################################
# Install EKS ADD-ONs with necessary IAM resources
# (ebs-csi, vpc-cni, core-dns, proxy)
################################################################################

module "vpc_cni_ipv4_irsa_role" {
source = "terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks"
version = "5.17.0"

role_name = "${var.cluster_name}-vpc-cni"
attach_vpc_cni_policy = true
vpc_cni_enable_ipv4 = true
vpc_cni_enable_ipv6 = true

oidc_providers = {
ex = {
provider_arn = module.eks.oidc_provider_arn
namespace_service_accounts = ["kube-system:aws-node"]
}
}

}

data "aws_eks_addon_version" "vpc-cni" {
addon_name = "vpc-cni"
kubernetes_version = var.cluster_version
}

data "aws_eks_addon_version" "kube-proxy" {
addon_name = "kube-proxy"
kubernetes_version = var.cluster_version
}

data "aws_eks_addon_version" "core-dns" {
addon_name = "coredns"
kubernetes_version = var.cluster_version
}

resource "aws_eks_addon" "vpc-cni" {
cluster_name = data.aws_eks_cluster.this.id
addon_name = "vpc-cni"
addon_version = data.aws_eks_addon_version.vpc-cni.version
resolve_conflicts = "OVERWRITE"

service_account_role_arn = module.vpc_cni_ipv4_irsa_role.iam_role_arn
}

resource "aws_eks_addon" "core-dns" {
cluster_name = module.eks.cluster_id
addon_name = "coredns"
addon_version = data.aws_eks_addon_version.core-dns.version
resolve_conflicts = "OVERWRITE"
}

resource "aws_eks_addon" "kube-proxy" {
cluster_name = module.eks.cluster_id
addon_name = "kube-proxy"
addon_version = data.aws_eks_addon_version.kube-proxy.version
resolve_conflicts = "OVERWRITE"
}

################################################################################
# Create aws-auth configmap
# (the eks module recently removed their support for aws-auth management (>=18))
Expand Down
61 changes: 61 additions & 0 deletions examples/from-scratch/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -194,6 +194,67 @@ module "ocean-controller" {
cluster_identifier = module.eks.cluster_id
}

################################################################################
# Install EKS ADD-ONs with necessary IAM resources
# (ebs-csi, vpc-cni, core-dns, proxy)
################################################################################

module "vpc_cni_ipv4_irsa_role" {
source = "terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks"
version = "5.17.0"

role_name = "${var.cluster_name}-vpc-cni"
attach_vpc_cni_policy = true
vpc_cni_enable_ipv4 = true
vpc_cni_enable_ipv6 = true

oidc_providers = {
ex = {
provider_arn = module.eks.oidc_provider_arn
namespace_service_accounts = ["kube-system:aws-node"]
}
}

}

data "aws_eks_addon_version" "vpc-cni" {
addon_name = "vpc-cni"
kubernetes_version = var.cluster_version
}

data "aws_eks_addon_version" "kube-proxy" {
addon_name = "kube-proxy"
kubernetes_version = var.cluster_version
}

data "aws_eks_addon_version" "core-dns" {
addon_name = "coredns"
kubernetes_version = var.cluster_version
}

resource "aws_eks_addon" "vpc-cni" {
cluster_name = data.aws_eks_cluster.this.id
addon_name = "vpc-cni"
addon_version = data.aws_eks_addon_version.vpc-cni.version
resolve_conflicts = "OVERWRITE"

service_account_role_arn = module.vpc_cni_ipv4_irsa_role.iam_role_arn
}

resource "aws_eks_addon" "core-dns" {
cluster_name = module.eks.cluster_id
addon_name = "coredns"
addon_version = data.aws_eks_addon_version.core-dns.version
resolve_conflicts = "OVERWRITE"
}

resource "aws_eks_addon" "kube-proxy" {
cluster_name = module.eks.cluster_id
addon_name = "kube-proxy"
addon_version = data.aws_eks_addon_version.kube-proxy.version
resolve_conflicts = "OVERWRITE"
}

################################################################################
# Import Ocean cluster into Ocean Spark
################################################################################
Expand Down

0 comments on commit 5778491

Please sign in to comment.