github-mirrors/terraform-aws-eks
1
0
Fork 0
mirror of https://github.com/ysoftdevs/terraform-aws-eks.git synced 2026-04-26 18:38:49 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #52 from max-rocket-internet/kubeconfig-fixes

Browse Source 
Making kubeconfig file path and generated config unique
This commit is contained in:
Brandon J. O'Connor
2018-07-09 02:46:10 -07:00
committed by GitHub
parent d396e90940 7e4e93eeec
commit f385415c88
6 changed files with 20 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
README.md
View File

@@ -102,8 +102,7 @@ MIT Licensed. See [LICENSE](https://github.com/terraform-aws-modules/terraform-a
| kubeconfig_aws_authenticator_additional_args | Any additional arguments to pass to the authenticator such as the role to assume ["-r", "MyEksRole"] | string | `<list>` | no | | kubeconfig_aws_authenticator_additional_args | Any additional arguments to pass to the authenticator such as the role to assume ["-r", "MyEksRole"] | string | `<list>` | no |
| kubeconfig_aws_authenticator_command | Command to use to to fetch AWS EKS credentials | string | `heptio-authenticator-aws` | no | | kubeconfig_aws_authenticator_command | Command to use to to fetch AWS EKS credentials | string | `heptio-authenticator-aws` | no |
| kubeconfig_aws_authenticator_env_variables | Environment variables that should be used when executing the authenticator i.e. { AWS_PROFILE = "eks"} | string | `<map>` | no | | kubeconfig_aws_authenticator_env_variables | Environment variables that should be used when executing the authenticator i.e. { AWS_PROFILE = "eks"} | string | `<map>` | no |
| kubeconfig_context_name | Name of the kubeconfig context. | string | `aws` | no | | kubeconfig_name | Override the default name used for items kubeconfig. | string | `` | no |
| kubeconfig_user_name | Name of the kubeconfig user. | string | `aws` | no |
| subnets | A list of subnets to place the EKS cluster and workers within. | list | - | yes | | subnets | A list of subnets to place the EKS cluster and workers within. | list | - | yes |
| tags | A map of tags to add to all resources. | string | `<map>` | no | | tags | A map of tags to add to all resources. | string | `<map>` | no |
| vpc_id | VPC where the cluster and workers will be deployed. | string | - | yes | | vpc_id | VPC where the cluster and workers will be deployed. | string | - | yes |

3
data.tf
View File

@@ -49,11 +49,10 @@ data "template_file" "kubeconfig" {
vars { vars {
cluster_name = "${var.cluster_name}" cluster_name = "${var.cluster_name}"
kubeconfig_name = "${local.kubeconfig_name}"
endpoint = "${aws_eks_cluster.this.endpoint}" endpoint = "${aws_eks_cluster.this.endpoint}"
region = "${data.aws_region.current.name}" region = "${data.aws_region.current.name}"
cluster_auth_base64 = "${aws_eks_cluster.this.certificate_authority.0.data}" cluster_auth_base64 = "${aws_eks_cluster.this.certificate_authority.0.data}"
context_name = "${var.kubeconfig_context_name}"
user_name = "${var.kubeconfig_user_name}"
aws_authenticator_command = "${var.kubeconfig_aws_authenticator_command}" aws_authenticator_command = "${var.kubeconfig_aws_authenticator_command}"
aws_authenticator_additional_args = "${length(var.kubeconfig_aws_authenticator_additional_args) > 0 ? " - ${join("\n - ", var.kubeconfig_aws_authenticator_additional_args)}" : "" }" aws_authenticator_additional_args = "${length(var.kubeconfig_aws_authenticator_additional_args) > 0 ? " - ${join("\n - ", var.kubeconfig_aws_authenticator_additional_args)}" : "" }"
aws_authenticator_env_variables = "${length(var.kubeconfig_aws_authenticator_env_variables) > 0 ? " env:\n${join("\n", data.template_file.aws_authenticator_env_variables.*.rendered)}" : ""}" aws_authenticator_env_variables = "${length(var.kubeconfig_aws_authenticator_env_variables) > 0 ? " env:\n${join("\n", data.template_file.aws_authenticator_env_variables.*.rendered)}" : ""}"

6
kubectl.tf
View File

@@ -1,18 +1,18 @@
resource "local_file" "kubeconfig" { resource "local_file" "kubeconfig" {
content = "${data.template_file.kubeconfig.rendered}" content = "${data.template_file.kubeconfig.rendered}"
filename = "${var.config_output_path}/kubeconfig" filename = "${var.config_output_path}/kubeconfig_${var.cluster_name}"
count = "${var.configure_kubectl_session ? 1 : 0}" count = "${var.configure_kubectl_session ? 1 : 0}"
} }
resource "local_file" "config_map_aws_auth" { resource "local_file" "config_map_aws_auth" {
content = "${data.template_file.config_map_aws_auth.rendered}" content = "${data.template_file.config_map_aws_auth.rendered}"
filename = "${var.config_output_path}/config-map-aws-auth.yaml" filename = "${var.config_output_path}/config-map-aws-auth_${var.cluster_name}.yaml"
count = "${var.configure_kubectl_session ? 1 : 0}" count = "${var.configure_kubectl_session ? 1 : 0}"
} }
resource "null_resource" "configure_kubectl" { resource "null_resource" "configure_kubectl" {
provisioner "local-exec" { provisioner "local-exec" {
command = "kubectl apply -f ${var.config_output_path}/config-map-aws-auth.yaml --kubeconfig ${var.config_output_path}/kubeconfig" command = "kubectl apply -f ${var.config_output_path}/config-map-aws-auth_${var.cluster_name}.yaml --kubeconfig ${var.config_output_path}/kubeconfig_${var.cluster_name}"
} }
triggers { triggers {

2
local.tf
View File

@@ -9,6 +9,8 @@ locals {
workstation_external_cidr = "${chomp(data.http.workstation_external_ip.body)}/32" workstation_external_cidr = "${chomp(data.http.workstation_external_ip.body)}/32"
workstation_cidr = "${coalesce(var.workstation_cidr, local.workstation_external_cidr)}" workstation_cidr = "${coalesce(var.workstation_cidr, local.workstation_external_cidr)}"
kubeconfig_name = "${var.kubeconfig_name == "" ? "eks_${var.cluster_name}" : var.kubeconfig_name}"
# Mapping from the node type that we selected and the max number of pods that it can run # Mapping from the node type that we selected and the max number of pods that it can run
# Taken from https://amazon-eks.s3-us-west-2.amazonaws.com/1.10.3/2018-06-05/amazon-eks-nodegroup.yaml # Taken from https://amazon-eks.s3-us-west-2.amazonaws.com/1.10.3/2018-06-05/amazon-eks-nodegroup.yaml
max_pod_per_node = { max_pod_per_node = {

13
templates/kubeconfig.tpl
View File

@@ -6,17 +6,18 @@ clusters:
- cluster: - cluster:
server: ${endpoint} server: ${endpoint}
certificate-authority-data: ${cluster_auth_base64} certificate-authority-data: ${cluster_auth_base64}
name: ${cluster_name} name: ${kubeconfig_name}
contexts: contexts:
- context: - context:
cluster: ${cluster_name} cluster: ${kubeconfig_name}
user: ${user_name} user: ${kubeconfig_name}
name: ${context_name} name: ${kubeconfig_name}
current-context: ${context_name}
current-context: ${kubeconfig_name}
users: users:
- name: ${user_name} - name: ${kubeconfig_name}
user: user:
exec: exec:
apiVersion: client.authentication.k8s.io/v1alpha1 apiVersion: client.authentication.k8s.io/v1alpha1

15
variables.tf
View File

@@ -80,16 +80,6 @@ variable "worker_sg_ingress_from_port" {
default = "1025" default = "1025"
} }
variable "kubeconfig_context_name" {
description = "Name of the kubeconfig context."
default = "aws"
}
variable "kubeconfig_user_name" {
description = "Name of the kubeconfig user."
default = "aws"
}
variable "kubeconfig_aws_authenticator_command" { variable "kubeconfig_aws_authenticator_command" {
description = "Command to use to to fetch AWS EKS credentials" description = "Command to use to to fetch AWS EKS credentials"
default = "heptio-authenticator-aws" default = "heptio-authenticator-aws"
@@ -104,3 +94,8 @@ variable "kubeconfig_aws_authenticator_env_variables" {
description = "Environment variables that should be used when executing the authenticator i.e. { AWS_PROFILE = \"eks\"}" description = "Environment variables that should be used when executing the authenticator i.e. { AWS_PROFILE = \"eks\"}"
default = {} default = {}
} }
variable "kubeconfig_name" {
description = "Override the default name used for items kubeconfig"
default = ""
}