EKS Managed Node Group

eks-managed-ng.tf

module "eks" {
  source = "terraform-aws-modules/eks/aws"

  cluster_name                    = var.cluster_name
  cluster_version                 = "1.21"
  cluster_endpoint_private_access = true
  cluster_endpoint_public_access  = true

  cluster_addons = {
    coredns = {
      resolve_conflicts = "OVERWRITE"
    }
    kube-proxy = {}
    vpc-cni = {
      resolve_conflicts = "OVERWRITE"
    }
  }
  
  vpc_id     = module.vpc.vpc_id
  subnet_ids = module.vpc.private_subnets

  # EKS Managed Node Group(s)
  #eks_managed_node_group_defaults = {
  #  ami_type               = "AL2_x86_64"
  #  disk_size              = 50
  #  instance_types         = ["m6i.large", "m5.large", "m5n.large", "m5zn.large"]
  #  vpc_security_group_ids = [aws_security_group.additional.id]
  #}

  eks_managed_node_groups = {
    prod = {
      min_size     = 1
      max_size     = 5
      desired_size = 1

      instance_types = ["t3.medium"]
      capacity_type  = "SPOT"
      labels = {
        appenv = "prod"
      }
      taints = {
        dedicated = {
          key    = "grouptype"
          value  = "prodGroup"
          effect = "NO_SCHEDULE"
        }
      }
      tags = {
        appenv = "prod"
        services = "indicinaapps"
        karpenter.sh/discovery = var.cluster_name
      }
    }
    staging = {
      min_size     = 1
      max_size     = 5
      desired_size = 1

      instance_types = ["t3.medium"]
      capacity_type  = "SPOT"
      labels = {
        appenv = "staging"
      }
      taints = {
        dedicated = {
          key    = "grouptype"
          value  = "stagingGroup"
          effect = "NO_SCHEDULE"
        }
      }
      tags = {
        appenv = "staging"
        services = "indicinaapps"
        karpenter.sh/discovery = var.cluster_name
      }
    }
  }

  tags = {
    Environment = "all"
    Terraform   = "true"
    "karpenter.sh/discovery" = var.cluster_name
  }
}

nginx-prod.yaml

apiVersion: apps/v1
kind: Deployment
metadata:
  name: nginx-deployment
  labels:
    app: nginx
spec:
  replicas: 3
  selector:
    matchLabels:
      app: nginx
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
      - name: nginx
        image: nginx:1.14.2
        ports:
        - containerPort: 80
      nodeSelector:
        appenv: prod
      tolerations:
      - key: "grouptype"
        operator: "Equal"
        value: "prodGroup"
        effect: "NoSchedule"

nginx-staging.yml

apiVersion: apps/v1
kind: Deployment
metadata:
  name: nginx-deployment
  labels:
    app: nginx
spec:
  replicas: 3
  selector:
    matchLabels:
      app: nginx
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
      - name: nginx
        image: nginx:1.14.2
        ports:
        - containerPort: 80
      nodeSelector:
        appenv: staging
      tolerations:
      - key: "grouptype"
        operator: "Equal"
        value: "stagingGroup"
        effect: "NoSchedule"

vpc.tf

module "vpc" {
  source = "terraform-aws-modules/vpc/aws"

  name = var.cluster_name
  cidr = "10.0.0.0/16"

  azs             = ["eu-west-1a", "eu-west-1b", "eu-west-1c"]
  private_subnets = ["10.0.1.0/24", "10.0.2.0/24", "10.0.3.0/24"]
  public_subnets  = ["10.0.101.0/24", "10.0.102.0/24", "10.0.103.0/24"]

  enable_nat_gateway     = true
  single_nat_gateway     = true
  one_nat_gateway_per_az = false

  private_subnet_tags = {
    "kubernetes.io/cluster/${var.cluster_name}" = "owned"
    "karpenter.sh/discovery" = var.cluster_name
  }
}