diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md index 5a32376..2d8f78b 100644 --- a/.github/PULL_REQUEST_TEMPLATE.md +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -6,8 +6,7 @@ Please explain the changes you made here and link to any relevant issues. ### Checklist -- [ ] `terraform fmt` and `terraform validate` both work from the root and `examples/eks_test_fixture` directories (look in CI for an example) -- [ ] Tests for the changes have been added and passing (for bug fixes/features) -- [ ] Test results are pasted in this PR (in lieu of CI) -- [ ] I've added my change to CHANGELOG.md -- [ ] Any breaking changes are highlighted above +- [ ] `terraform fmt` and `terraform validate` both work from the root and `examples/*` directories +- [ ] CI tests are passing +- [ ] I've added my change to CHANGELOG.md and highlighted any breaking changes +- [ ] README.md has been updated after any changes to variables and outputs. See https://github.com/terraform-aws-modules/terraform-aws-eks/#doc-generation diff --git a/.kitchen.yml b/.kitchen.yml index 9f73ea3..b185344 100644 --- a/.kitchen.yml +++ b/.kitchen.yml @@ -1,7 +1,7 @@ --- driver: name: "terraform" - root_module_directory: "examples/eks_test_fixture" + root_module_directory: "examples/basic" provisioner: name: "terraform" diff --git a/.travis.yml b/.travis.yml index cdcc24b..7954f76 100644 --- a/.travis.yml +++ b/.travis.yml @@ -34,19 +34,15 @@ script: - terraform init - terraform fmt -check=true - terraform validate -var "region=${AWS_REGION}" -var "vpc_id=vpc-123456" -var "subnets=[\"subnet-12345a\"]" -var "workers_ami_id=ami-123456" -var "cluster_ingress_cidrs=[]" -var "cluster_name=test_cluster" -# - docker run --rm -v $(pwd):/app/ --workdir=/app/ -t wata727/tflint --error-with-issues -- cd examples/eks_test_fixture -- terraform init -- terraform fmt -check=true -- terraform validate -- cd - +- | + for example in $(find examples -maxdepth 1 -mindepth 1 -type d); do + cd $example + terraform init + terraform fmt -check=true + terraform validate + cd - + done - terraform -v -# - bundle exec kitchen test --destroy always -# deploy: -# provider: script -# script: ci/deploy.sh -# on: -# branch: master notifications: email: diff --git a/CHANGELOG.md b/CHANGELOG.md index 6fdb17b..96ce829 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -19,6 +19,15 @@ project adheres to [Semantic Versioning](http://semver.org/). # History +## [[v4.0.2](https://github.com/terraform-aws-modules/terraform-aws-eks/compare/v4.0.0...v4.0.1)] - 2019-05-07] + +### Changed + +- Added 2 new examples, also tidy up basic example (by @max-rocket-internet) +- Updates to travis, PR template (by @max-rocket-internet) +- Fix typo in data.tf (by @max-rocket-internet) +- Add missing launch template items in `aws_auth.tf` (by @max-rocket-internet) + ## [[v4.0.1](https://github.com/terraform-aws-modules/terraform-aws-eks/compare/v4.0.0...v4.0.1)] - 2019-05-07] ### Changed diff --git a/README.md b/README.md index 33cc7e7..7628014 100644 --- a/README.md +++ b/README.md @@ -19,7 +19,7 @@ Read the [AWS docs on EKS to get connected to the k8s dashboard](https://docs.aw ## Usage example -A full example leveraging other community modules is contained in the [examples/eks_test_fixture directory](https://github.com/terraform-aws-modules/terraform-aws-eks/tree/master/examples/eks_test_fixture). Here's the gist of using it via the Terraform registry: +A full example leveraging other community modules is contained in the [examples/basic directory](https://github.com/terraform-aws-modules/terraform-aws-eks/tree/master/examples/basic). Here's the gist of using it via the Terraform registry: ```hcl module "my-cluster" { @@ -89,11 +89,6 @@ Report issues/questions/feature requests on in the [issues](https://github.com/t Full contributing [guidelines are covered here](https://github.com/terraform-aws-modules/terraform-aws-eks/blob/master/CONTRIBUTING.md). -## IAM Permissions - -Testing and using this repo requires a minimum set of IAM permissions. Test permissions -are listed in the [eks_test_fixture README](https://github.com/terraform-aws-modules/terraform-aws-eks/tree/master/examples/eks_test_fixture/README.md). - ## Change log The [changelog](https://github.com/terraform-aws-modules/terraform-aws-eks/tree/master/CHANGELOG.md) captures all important release notes. @@ -133,11 +128,11 @@ MIT Licensed. See [LICENSE](https://github.com/terraform-aws-modules/terraform-a | manage\_aws\_auth | Whether to apply the aws-auth configmap file. | string | `"true"` | no | | manage\_cluster\_iam\_resources | Whether to let the module manage cluster IAM resources. If set to false, cluster_iam_role_name must be specified. | string | `"true"` | no | | manage\_worker\_iam\_resources | Whether to let the module manage worker IAM resources. If set to false, iam_instance_profile_name must be specified for workers. | string | `"true"` | no | -| map\_accounts | Additional AWS account numbers to add to the aws-auth configmap. See examples/eks_test_fixture/variables.tf for example format. | list | `[]` | no | +| map\_accounts | Additional AWS account numbers to add to the aws-auth configmap. See examples/basic/variables.tf for example format. | list | `[]` | no | | map\_accounts\_count | The count of accounts in the map_accounts list. | string | `"0"` | no | -| map\_roles | Additional IAM roles to add to the aws-auth configmap. See examples/eks_test_fixture/variables.tf for example format. | list | `[]` | no | +| map\_roles | Additional IAM roles to add to the aws-auth configmap. See examples/basic/variables.tf for example format. | list | `[]` | no | | map\_roles\_count | The count of roles in the map_roles list. | string | `"0"` | no | -| map\_users | Additional IAM users to add to the aws-auth configmap. See examples/eks_test_fixture/variables.tf for example format. | list | `[]` | no | +| map\_users | Additional IAM users to add to the aws-auth configmap. See examples/basic/variables.tf for example format. | list | `[]` | no | | map\_users\_count | The count of roles in the map_users list. | string | `"0"` | no | | permissions\_boundary | If provided, all IAM roles will be created with this permissions boundary attached. | string | `""` | no | | subnets | A list of subnets to place the EKS cluster and workers within. | list | n/a | yes | diff --git a/aws_auth.tf b/aws_auth.tf index a9fc899..abb6e02 100644 --- a/aws_auth.tf +++ b/aws_auth.tf @@ -33,6 +33,15 @@ EOS data "aws_caller_identity" "current" {} +data "template_file" "launch_template_mixed_worker_role_arns" { + count = "${var.worker_group_launch_template_mixed_count}" + template = "${file("${path.module}/templates/worker-role.tpl")}" + + vars { + worker_role_arn = "arn:aws:iam::${data.aws_caller_identity.current.account_id}:role/${element(coalescelist(aws_iam_instance_profile.workers_launch_template_mixed.*.role, data.aws_iam_instance_profile.custom_worker_group_launch_template_mixed_iam_instance_profile.*.role_name), count.index)}" + } +} + data "template_file" "launch_template_worker_role_arns" { count = "${var.worker_group_launch_template_count}" template = "${file("${path.module}/templates/worker-role.tpl")}" @@ -55,7 +64,7 @@ data "template_file" "config_map_aws_auth" { template = "${file("${path.module}/templates/config-map-aws-auth.yaml.tpl")}" vars { - worker_role_arn = "${join("", distinct(concat(data.template_file.launch_template_worker_role_arns.*.rendered, data.template_file.worker_role_arns.*.rendered)))}" + worker_role_arn = "${join("", distinct(concat(data.template_file.launch_template_worker_role_arns.*.rendered, data.template_file.worker_role_arns.*.rendered, data.template_file.launch_template_mixed_worker_role_arns.*.rendered)))}" map_users = "${join("", data.template_file.map_users.*.rendered)}" map_roles = "${join("", data.template_file.map_roles.*.rendered)}" map_accounts = "${join("", data.template_file.map_accounts.*.rendered)}" diff --git a/data.tf b/data.tf index e1ec701..a103b8c 100644 --- a/data.tf +++ b/data.tf @@ -109,10 +109,10 @@ data "template_file" "workers_launch_template_mixed" { cluster_name = "${aws_eks_cluster.this.name}" endpoint = "${aws_eks_cluster.this.endpoint}" cluster_auth_base64 = "${aws_eks_cluster.this.certificate_authority.0.data}" - pre_userdata = "${lookup(var.worker_groups_launch_template[count.index], "pre_userdata", local.workers_group_defaults["pre_userdata"])}" - additional_userdata = "${lookup(var.worker_groups_launch_template[count.index], "additional_userdata", local.workers_group_defaults["additional_userdata"])}" - bootstrap_extra_args = "${lookup(var.worker_groups_launch_template[count.index], "bootstrap_extra_args", local.workers_group_defaults["bootstrap_extra_args"])}" - kubelet_extra_args = "${lookup(var.worker_groups_launch_template[count.index], "kubelet_extra_args", local.workers_group_defaults["kubelet_extra_args"])}" + pre_userdata = "${lookup(var.worker_groups_launch_template_mixed[count.index], "pre_userdata", local.workers_group_defaults["pre_userdata"])}" + additional_userdata = "${lookup(var.worker_groups_launch_template_mixed[count.index], "additional_userdata", local.workers_group_defaults["additional_userdata"])}" + bootstrap_extra_args = "${lookup(var.worker_groups_launch_template_mixed[count.index], "bootstrap_extra_args", local.workers_group_defaults["bootstrap_extra_args"])}" + kubelet_extra_args = "${lookup(var.worker_groups_launch_template_mixed[count.index], "kubelet_extra_args", local.workers_group_defaults["kubelet_extra_args"])}" } } diff --git a/examples/README.md b/examples/README.md new file mode 100644 index 0000000..d1da18a --- /dev/null +++ b/examples/README.md @@ -0,0 +1,7 @@ +# Examples + +These serve a few purposes: + +1. Shows developers how to use the module in a straightforward way as integrated with other terraform community supported modules. +2. Serves as the test infrastructure for CI on the project. +3. Provides a simple way to play with the Kubernetes cluster you create. diff --git a/examples/eks_test_fixture/main.tf b/examples/basic/main.tf similarity index 50% rename from examples/eks_test_fixture/main.tf rename to examples/basic/main.tf index 058c1e3..6c2fd6a 100644 --- a/examples/eks_test_fixture/main.tf +++ b/examples/basic/main.tf @@ -15,71 +15,6 @@ data "aws_availability_zones" "available" {} locals { cluster_name = "test-eks-${random_string.suffix.result}" - - # the commented out worker group list below shows an example of how to define - # multiple worker groups of differing configurations - # worker_groups = [ - # { - # asg_desired_capacity = 2 - # asg_max_size = 10 - # asg_min_size = 2 - # instance_type = "m4.xlarge" - # name = "worker_group_a" - # additional_userdata = "echo foo bar" - # subnets = "${join(",", module.vpc.private_subnets)}" - # }, - # { - # asg_desired_capacity = 1 - # asg_max_size = 5 - # asg_min_size = 1 - # instance_type = "m4.2xlarge" - # name = "worker_group_b" - # additional_userdata = "echo foo bar" - # subnets = "${join(",", module.vpc.private_subnets)}" - # }, - # ] - - - # the commented out worker group tags below shows an example of how to define - # custom tags for the worker groups ASG - # worker_group_tags = { - # worker_group_a = [ - # { - # key = "k8s.io/cluster-autoscaler/node-template/taint/nvidia.com/gpu" - # value = "gpu:NoSchedule" - # propagate_at_launch = true - # }, - # ], - # worker_group_b = [ - # { - # key = "k8s.io/cluster-autoscaler/node-template/taint/nvidia.com/gpu" - # value = "gpu:NoSchedule" - # propagate_at_launch = true - # }, - # ], - # } - - worker_groups = [ - { - instance_type = "t2.small" - additional_userdata = "echo foo bar" - asg_desired_capacity = 2 - }, - ] - worker_groups_launch_template = [ - { - instance_type = "t2.small" - additional_userdata = "echo foo bar" - additional_security_group_ids = "${aws_security_group.worker_group_mgmt_one.id},${aws_security_group.worker_group_mgmt_two.id}" - asg_desired_capacity = 2 - }, - ] - tags = { - Environment = "test" - GithubRepo = "terraform-aws-eks" - GithubOrg = "terraform-aws-modules" - Workspace = "${terraform.workspace}" - } } resource "random_string" "suffix" { @@ -89,7 +24,6 @@ resource "random_string" "suffix" { resource "aws_security_group" "worker_group_mgmt_one" { name_prefix = "worker_group_mgmt_one" - description = "SG to be applied to all *nix machines" vpc_id = "${module.vpc.vpc_id}" ingress { @@ -140,24 +74,57 @@ module "vpc" { version = "1.60.0" name = "test-vpc" cidr = "10.0.0.0/16" - azs = ["${data.aws_availability_zones.available.names[0]}", "${data.aws_availability_zones.available.names[1]}", "${data.aws_availability_zones.available.names[2]}"] + azs = ["${data.aws_availability_zones.available.names}"] private_subnets = ["10.0.1.0/24", "10.0.2.0/24", "10.0.3.0/24"] public_subnets = ["10.0.4.0/24", "10.0.5.0/24", "10.0.6.0/24"] enable_nat_gateway = true single_nat_gateway = true - tags = "${merge(local.tags, map("kubernetes.io/cluster/${local.cluster_name}", "shared"))}" + + tags = { + "kubernetes.io/cluster/${local.cluster_name}" = "shared" + } + + public_subnet_tags = { + "kubernetes.io/cluster/${local.cluster_name}" = "shared" + } + + private_subnet_tags = { + "kubernetes.io/cluster/${local.cluster_name}" = "shared" + "kubernetes.io/role/internal-elb" = "true" + } } module "eks" { - source = "../.." - cluster_name = "${local.cluster_name}" - subnets = ["${module.vpc.private_subnets}"] - tags = "${local.tags}" - vpc_id = "${module.vpc.vpc_id}" - worker_groups = "${local.worker_groups}" - worker_groups_launch_template = "${local.worker_groups_launch_template}" - worker_group_count = 1 - worker_group_launch_template_count = 1 + source = "../.." + cluster_name = "${local.cluster_name}" + subnets = ["${module.vpc.private_subnets}"] + + tags = { + Environment = "test" + GithubRepo = "terraform-aws-eks" + GithubOrg = "terraform-aws-modules" + } + + vpc_id = "${module.vpc.vpc_id}" + worker_group_count = 2 + + worker_groups = [ + { + name = "worker-group-1" + instance_type = "t2.small" + additional_userdata = "echo foo bar" + asg_desired_capacity = 2 + additional_security_group_ids = "${aws_security_group.worker_group_mgmt_one.id}" + }, + { + name = "worker-group-2" + instance_type = "t2.medium" + additional_userdata = "echo foo bar" + additional_security_group_ids = "${aws_security_group.worker_group_mgmt_two.id}" + asg_desired_capacity = 1 + }, + ] + worker_additional_security_group_ids = ["${aws_security_group.all_worker_mgmt.id}"] map_roles = "${var.map_roles}" map_roles_count = "${var.map_roles_count}" diff --git a/examples/eks_test_fixture/outputs.tf b/examples/basic/outputs.tf similarity index 88% rename from examples/eks_test_fixture/outputs.tf rename to examples/basic/outputs.tf index 0422d74..20ccf29 100644 --- a/examples/eks_test_fixture/outputs.tf +++ b/examples/basic/outputs.tf @@ -14,7 +14,7 @@ output "kubectl_config" { } output "config_map_aws_auth" { - description = "" + description = "A kubernetes configuration to authenticate to this EKS cluster." value = "${module.eks.config_map_aws_auth}" } diff --git a/examples/eks_test_fixture/variables.tf b/examples/basic/variables.tf similarity index 100% rename from examples/eks_test_fixture/variables.tf rename to examples/basic/variables.tf diff --git a/examples/eks_test_fixture/README.md b/examples/eks_test_fixture/README.md deleted file mode 100644 index a29ccef..0000000 --- a/examples/eks_test_fixture/README.md +++ /dev/null @@ -1,117 +0,0 @@ -# eks_test_fixture example - -This set of templates serves a few purposes. It: - -1. shows developers how to use the module in a straightforward way as integrated with other terraform community supported modules. -2. serves as the test infrastructure for CI on the project. -3. provides a simple way to play with the Kubernetes cluster you create. - -## IAM Permissions - -The following IAM policy is the minimum needed to execute the module from the test suite. - -```json -{ - "Version": "2012-10-17", - "Statement": [ - { - "Sid": "VisualEditor0", - "Effect": "Allow", - "Action": [ - "autoscaling:AttachInstances", - "autoscaling:CreateAutoScalingGroup", - "autoscaling:CreateLaunchConfiguration", - "autoscaling:CreateOrUpdateTags", - "autoscaling:DeleteAutoScalingGroup", - "autoscaling:DeleteLaunchConfiguration", - "autoscaling:DeleteTags", - "autoscaling:Describe*", - "autoscaling:DetachInstances", - "autoscaling:SetDesiredCapacity", - "autoscaling:UpdateAutoScalingGroup", - "ec2:AllocateAddress", - "ec2:AssignPrivateIpAddresses", - "ec2:Associate*", - "ec2:AttachInternetGateway", - "ec2:AttachNetworkInterface", - "ec2:AuthorizeSecurityGroupEgress", - "ec2:AuthorizeSecurityGroupIngress", - "ec2:CreateDefaultSubnet", - "ec2:CreateDhcpOptions", - "ec2:CreateEgressOnlyInternetGateway", - "ec2:CreateInternetGateway", - "ec2:CreateNatGateway", - "ec2:CreateNetworkInterface", - "ec2:CreateRoute", - "ec2:CreateRouteTable", - "ec2:CreateSecurityGroup", - "ec2:CreateSubnet", - "ec2:CreateTags", - "ec2:CreateVolume", - "ec2:CreateVpc", - "ec2:DeleteDhcpOptions", - "ec2:DeleteEgressOnlyInternetGateway", - "ec2:DeleteInternetGateway", - "ec2:DeleteNatGateway", - "ec2:DeleteNetworkInterface", - "ec2:DeleteRoute", - "ec2:DeleteRouteTable", - "ec2:DeleteSecurityGroup", - "ec2:DeleteSubnet", - "ec2:DeleteTags", - "ec2:DeleteVolume", - "ec2:DeleteVpc", - "ec2:DeleteVpnGateway", - "ec2:Describe*", - "ec2:DetachInternetGateway", - "ec2:DetachNetworkInterface", - "ec2:DetachVolume", - "ec2:Disassociate*", - "ec2:ModifySubnetAttribute", - "ec2:ModifyVpcAttribute", - "ec2:ModifyVpcEndpoint", - "ec2:ReleaseAddress", - "ec2:RevokeSecurityGroupEgress", - "ec2:RevokeSecurityGroupIngress", - "ec2:UpdateSecurityGroupRuleDescriptionsEgress", - "ec2:UpdateSecurityGroupRuleDescriptionsIngress", - "ec2:CreateLaunchTemplate", - "ec2:CreateLaunchTemplateVersion", - "ec2:DeleteLaunchTemplate", - "ec2:DeleteLaunchTemplateVersions", - "ec2:DescribeLaunchTemplates", - "ec2:DescribeLaunchTemplateVersions", - "ec2:GetLaunchTemplateData", - "ec2:ModifyLaunchTemplate", - "eks:CreateCluster", - "eks:DeleteCluster", - "eks:DescribeCluster", - "eks:ListClusters", - "iam:AddRoleToInstanceProfile", - "iam:AttachRolePolicy", - "iam:CreateInstanceProfile", - "iam:CreatePolicy", - "iam:CreatePolicyVersion", - "iam:CreateRole", - "iam:DeleteInstanceProfile", - "iam:DeletePolicy", - "iam:DeleteRole", - "iam:DeleteRolePolicy", - "iam:DeleteServiceLinkedRole", - "iam:DetachRolePolicy", - "iam:GetInstanceProfile", - "iam:GetPolicy", - "iam:GetPolicyVersion", - "iam:GetRole", - "iam:GetRolePolicy", - "iam:List*", - "iam:PassRole", - "iam:PutRolePolicy", - "iam:RemoveRoleFromInstanceProfile", - "iam:UpdateAssumeRolePolicy" - ], - "Resource": "*" - } - ] -} -``` diff --git a/examples/launch_templates/main.tf b/examples/launch_templates/main.tf new file mode 100644 index 0000000..079ab23 --- /dev/null +++ b/examples/launch_templates/main.tf @@ -0,0 +1,60 @@ +terraform { + required_version = ">= 0.11.8" +} + +provider "aws" { + version = ">= 2.6.0" + region = "${var.region}" +} + +provider "random" { + version = "= 1.3.1" +} + +data "aws_availability_zones" "available" {} + +locals { + cluster_name = "test-eks-lt-${random_string.suffix.result}" +} + +resource "random_string" "suffix" { + length = 8 + special = false +} + +module "vpc" { + source = "terraform-aws-modules/vpc/aws" + version = "1.60.0" + name = "test-vpc-lt" + cidr = "10.0.0.0/16" + azs = ["${data.aws_availability_zones.available.names}"] + public_subnets = ["10.0.4.0/24", "10.0.5.0/24", "10.0.6.0/24"] + + tags = { + "kubernetes.io/cluster/${local.cluster_name}" = "shared" + } +} + +module "eks" { + source = "../.." + cluster_name = "${local.cluster_name}" + subnets = ["${module.vpc.public_subnets}"] + vpc_id = "${module.vpc.vpc_id}" + worker_group_count = 0 + worker_group_launch_template_count = 2 + + worker_groups_launch_template = [ + { + name = "worker-group-1" + instance_type = "t2.small" + asg_desired_capacity = 2 + public_ip = true + }, + { + name = "worker-group-2" + instance_type = "t2.medium" + asg_desired_capacity = 1 + public_ip = true + }, + ] +} diff --git a/examples/launch_templates/outputs.tf b/examples/launch_templates/outputs.tf new file mode 100644 index 0000000..20ccf29 --- /dev/null +++ b/examples/launch_templates/outputs.tf @@ -0,0 +1,24 @@ +output "cluster_endpoint" { + description = "Endpoint for EKS control plane." + value = "${module.eks.cluster_endpoint}" +} + +output "cluster_security_group_id" { + description = "Security group ids attached to the cluster control plane." + value = "${module.eks.cluster_security_group_id}" +} + +output "kubectl_config" { + description = "kubectl config as generated by the module." + value = "${module.eks.kubeconfig}" +} + +output "config_map_aws_auth" { + description = "A kubernetes configuration to authenticate to this EKS cluster." + value = "${module.eks.config_map_aws_auth}" +} + +output "region" { + description = "AWS region." + value = "${var.region}" +} diff --git a/examples/launch_templates/variables.tf b/examples/launch_templates/variables.tf new file mode 100644 index 0000000..81b8dbe --- /dev/null +++ b/examples/launch_templates/variables.tf @@ -0,0 +1,3 @@ +variable "region" { + default = "us-west-2" +} diff --git a/examples/spot_instances/main.tf b/examples/spot_instances/main.tf new file mode 100644 index 0000000..00ea633 --- /dev/null +++ b/examples/spot_instances/main.tf @@ -0,0 +1,60 @@ +terraform { + required_version = ">= 0.11.8" +} + +provider "aws" { + version = ">= 2.6.0" + region = "${var.region}" +} + +provider "random" { + version = "= 1.3.1" +} + +data "aws_availability_zones" "available" {} + +locals { + cluster_name = "test-eks-spot-${random_string.suffix.result}" +} + +resource "random_string" "suffix" { + length = 8 + special = false +} + +module "vpc" { + source = "terraform-aws-modules/vpc/aws" + version = "1.60.0" + name = "test-vpc-spot" + cidr = "10.0.0.0/16" + azs = ["${data.aws_availability_zones.available.names}"] + public_subnets = ["10.0.4.0/24", "10.0.5.0/24", "10.0.6.0/24"] + + tags = { + "kubernetes.io/cluster/${local.cluster_name}" = "shared" + } +} + +module "eks" { + source = "../.." + cluster_name = "${local.cluster_name}" + subnets = ["${module.vpc.public_subnets}"] + vpc_id = "${module.vpc.vpc_id}" + worker_group_count = 0 + worker_group_launch_template_mixed_count = 1 + + worker_groups_launch_template_mixed = [ + { + name = "spot-1" + override_instance_type_1 = "m5.large" + override_instance_type_2 = "c5.large" + override_instance_type_3 = "t3.large" + override_instance_type_4 = "r5.large" + spot_instance_pools = 4 + asg_max_size = 5 + asg_desired_capacity = 5 + kubelet_extra_args = "--node-labels=kubernetes.io/lifecycle=spot" + public_ip = true + }, + ] +} diff --git a/examples/spot_instances/outputs.tf b/examples/spot_instances/outputs.tf new file mode 100644 index 0000000..20ccf29 --- /dev/null +++ b/examples/spot_instances/outputs.tf @@ -0,0 +1,24 @@ +output "cluster_endpoint" { + description = "Endpoint for EKS control plane." + value = "${module.eks.cluster_endpoint}" +} + +output "cluster_security_group_id" { + description = "Security group ids attached to the cluster control plane." + value = "${module.eks.cluster_security_group_id}" +} + +output "kubectl_config" { + description = "kubectl config as generated by the module." + value = "${module.eks.kubeconfig}" +} + +output "config_map_aws_auth" { + description = "A kubernetes configuration to authenticate to this EKS cluster." + value = "${module.eks.config_map_aws_auth}" +} + +output "region" { + description = "AWS region." + value = "${var.region}" +} diff --git a/examples/spot_instances/variables.tf b/examples/spot_instances/variables.tf new file mode 100644 index 0000000..81b8dbe --- /dev/null +++ b/examples/spot_instances/variables.tf @@ -0,0 +1,3 @@ +variable "region" { + default = "us-west-2" +} diff --git a/variables.tf b/variables.tf index fb769c4..e432723 100644 --- a/variables.tf +++ b/variables.tf @@ -39,7 +39,7 @@ variable "write_aws_auth_config" { } variable "map_accounts" { - description = "Additional AWS account numbers to add to the aws-auth configmap. See examples/eks_test_fixture/variables.tf for example format." + description = "Additional AWS account numbers to add to the aws-auth configmap. See examples/basic/variables.tf for example format." type = "list" default = [] } @@ -51,7 +51,7 @@ variable "map_accounts_count" { } variable "map_roles" { - description = "Additional IAM roles to add to the aws-auth configmap. See examples/eks_test_fixture/variables.tf for example format." + description = "Additional IAM roles to add to the aws-auth configmap. See examples/basic/variables.tf for example format." type = "list" default = [] } @@ -63,7 +63,7 @@ variable "map_roles_count" { } variable "map_users" { - description = "Additional IAM users to add to the aws-auth configmap. See examples/eks_test_fixture/variables.tf for example format." + description = "Additional IAM users to add to the aws-auth configmap. See examples/basic/variables.tf for example format." type = "list" default = [] } diff --git a/version b/version index 82f24fd..bda368d 100644 --- a/version +++ b/version @@ -1 +1 @@ -v4.0.1 +v4.0.2