github-mirrors/terraform-aws-eks
1
0
Fork 0
mirror of https://github.com/ysoftdevs/terraform-aws-eks.git synced 2026-03-24 02:11:04 +01:00
Code Issues Packages Projects Releases Wiki Activity

feat: Add support for specifying conrol plane subnets separate from those used by node groups (data plane) (#2113)

Browse Source
This commit is contained in:
Bryant Biggs
2022-06-18 17:52:30 -04:00
committed by GitHub
parent d10b173a2d
commit ebc91bcd37
12 changed files with 30 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
examples/complete/main.tf
View File

@@ -13,7 +13,7 @@ provider "kubernetes" {
cluster_ca_certificate = base64decode(module.eks.cluster_certificate_authority_data)
exec {
api_version = "client.authentication.k8s.io/v1alpha1"
api_version = "client.authentication.k8s.io/v1beta1"
command = "aws"
# This requires the awscli to be installed locally where Terraform is executed
args = ["eks", "get-token", "--cluster-name", module.eks.cluster_id]
@@ -57,8 +57,9 @@ module "eks" {
resources = ["secrets"]
}]
vpc_id = module.vpc.vpc_id
subnet_ids = module.vpc.private_subnets
vpc_id = module.vpc.vpc_id
subnet_ids = module.vpc.private_subnets
control_plane_subnet_ids = module.vpc.intra_subnets
# Extend cluster security group rules
cluster_security_group_additional_rules = {
@@ -331,6 +332,7 @@ module "vpc" {
azs = ["${local.region}a", "${local.region}b", "${local.region}c"]
private_subnets = ["10.0.1.0/24", "10.0.2.0/24", "10.0.3.0/24"]
public_subnets = ["10.0.4.0/24", "10.0.5.0/24", "10.0.6.0/24"]
intra_subnets = ["10.0.7.0/28", "10.0.7.16/28", "10.0.7.32/28"]
enable_nat_gateway = true
single_nat_gateway = true

2
examples/eks_managed_node_group/main.tf
View File

@@ -7,7 +7,7 @@ provider "kubernetes" {
cluster_ca_certificate = base64decode(module.eks.cluster_certificate_authority_data)
exec {
api_version = "client.authentication.k8s.io/v1alpha1"
api_version = "client.authentication.k8s.io/v1beta1"
command = "aws"
# This requires the awscli to be installed locally where Terraform is executed
args = ["eks", "get-token", "--cluster-name", module.eks.cluster_id]

4
examples/karpenter/main.tf
View File

@@ -77,7 +77,7 @@ provider "helm" {
cluster_ca_certificate = base64decode(module.eks.cluster_certificate_authority_data)
exec {
api_version = "client.authentication.k8s.io/v1alpha1"
api_version = "client.authentication.k8s.io/v1beta1"
command = "aws"
# This requires the awscli to be installed locally where Terraform is executed
args = ["eks", "get-token", "--cluster-name", module.eks.cluster_id]
@@ -92,7 +92,7 @@ provider "kubectl" {
load_config_file = false
exec {
api_version = "client.authentication.k8s.io/v1alpha1"
api_version = "client.authentication.k8s.io/v1beta1"
command = "aws"
# This requires the awscli to be installed locally where Terraform is executed
args = ["eks", "get-token", "--cluster-name", module.eks.cluster_id]

2
examples/self_managed_node_group/main.tf
View File

@@ -7,7 +7,7 @@ provider "kubernetes" {
cluster_ca_certificate = base64decode(module.eks.cluster_certificate_authority_data)
exec {
api_version = "client.authentication.k8s.io/v1alpha1"
api_version = "client.authentication.k8s.io/v1beta1"
command = "aws"
# This requires the awscli to be installed locally where Terraform is executed
args = ["eks", "get-token", "--cluster-name", module.eks.cluster_id]