Created
April 21, 2023 16:47
-
-
Save Pelirrojo/aeea824a61f861ef5ea8e008b0edc8a0 to your computer and use it in GitHub Desktop.
EKS Blueprints Example 1
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Complete file at: https://github.com/Cloud-DevOps-Labs/kubernetes-in-aws-the-easy-way/blob/workshop/IaC/main.tf | |
| ################################################################################ | |
| # EKS Blueprints Setup | |
| ################################################################################ | |
| module "eks_blueprints" { | |
| source = "github.com/aws-ia/terraform-aws-eks-blueprints?ref=v4.28.0" | |
| # EKS Cluster VPC and Subnet mandatory config | |
| cluster_name = local.name | |
| vpc_id = module.vpc.vpc_id | |
| private_subnet_ids = module.vpc.private_subnets | |
| # EKS CONTROL PLANE VARIABLES | |
| cluster_version = local.cluster_version | |
| # List of Additional roles admin in the cluster | |
| # Comment this section if you ARE NOT at an AWS Event, as the TeamRole won't exist on your site, or replace with any valid role you want | |
| #map_roles = [ | |
| # { | |
| # rolearn = "arn:aws:iam::${data.aws_caller_identity.current.account_id}:role/TeamRole" | |
| # username = "ops-role" # The user name within Kubernetes to map to the IAM role | |
| # groups = ["system:masters"] # A list of groups within Kubernetes to which the role is mapped; Checkout K8s Role and Rolebindings | |
| # } | |
| #] | |
| # EKS MANAGED NODE GROUPS | |
| managed_node_groups = { | |
| mg_5 = { | |
| node_group_name = local.node_group_name | |
| instance_types = ["m5.xlarge"] | |
| subnet_ids = module.vpc.private_subnets | |
| } | |
| } | |
| # EKS TEAMS | |
| platform_teams = { | |
| admin = { | |
| users = [ | |
| data.aws_caller_identity.current.arn | |
| ] | |
| } | |
| } | |
| application_teams = { | |
| team-data = { | |
| "labels" = { | |
| "appName" = "kubeflow", | |
| "projectName" = "data-platform", | |
| "environment" = "dev", | |
| "domain" = "company", | |
| "uuid" = "data", | |
| "billingCode" = "platform", | |
| "branch" = "main" | |
| } | |
| "quota" = { | |
| "requests.cpu" = "10", | |
| "requests.memory" = "20Gi", | |
| "limits.cpu" = "30", | |
| "limits.memory" = "50Gi", | |
| "pods" = "15", | |
| "secrets" = "10", | |
| "services" = "10" | |
| } | |
| ## Manifests Example: we can specify a directory with kubernetes manifests | |
| # that can be automatically applied in the team-riker namespace. | |
| manifests_dir = "../manifests/team-data" | |
| users = [data.aws_caller_identity.current.arn] | |
| } | |
| } | |
| tags = local.tags | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment