Skip to content

tf_mod_aws_vpc
tf_mod_aws_vpc
Commit 3e9471d3 authored by Chris Merrett's avatar Chris Merrett
Browse files
Options

Enable EKS Kubernetes support for VPC module

parent b5570009
Pipeline #4955 passed with stage
    in 18 seconds
    Hide whitespace changes
    Inline Side-by-side
    Showing with 50 additions and 23 deletions
    .gitignore 0 → 100644
    View file @ 3e9471d3
    .DS_Store
    .terraform/
    .gitlab-ci.yml
    View file @ 3e9471d3
    image: alpine:latest image: alpine:latest
    variables: variables:
    TERRAFORM_URL: "https://releases.hashicorp.com/terraform/0.7.1/terraform_0.7.1_linux_amd64.zip" TERRAFORM_URL: "https://releases.hashicorp.com/terraform/0.11.7/terraform_0.11.7_linux_amd64.zip"
    before_script: before_script:
    - apk update && apk add ca-certificates && update-ca-certificates && apk add openssl - apk update && apk add ca-certificates && update-ca-certificates && apk add openssl
    - wget -O /tmp/terraform.zip $TERRAFORM_URL - wget -O /tmp/terraform.zip $TERRAFORM_URL
    - unzip /tmp/terraform.zip -d /usr/local/bin - unzip /tmp/terraform.zip -d /usr/local/bin
    test: test:
    script: terraform validate script: terraform init && terraform validate -check-variables=false
    main.tf
    View file @ 3e9471d3
    variable "name" { variable "name" {
    description = "Name of the VPC" description = "Name of the VPC"
    } }
    variable "cidr" { variable "cidr" {
    description = "The CIDR block for the VPC" description = "The CIDR block for the VPC"
    } }
    variable "availability_zones" { variable "availability_zones" {
    description = "List of availability zones" description = "List of availability zones"
    type = "list" type = "list"
    } }
    variable "public_subnets" { variable "public_subnets" {
    description = "List of public subnets to availability zones" description = "List of public subnets to availability zones"
    type = "list" type = "list"
    } }
    variable "private_subnets" { variable "private_subnets" {
    description = "List of private subnets to availability zones" description = "List of private subnets to availability zones"
    type = "list" type = "list"
    } }
    variable "enable_dns_hostnames" { variable "enable_dns_hostnames" {
    description = "When set to true, instances in the VPC get DNS hostname" description = "When set to true, instances in the VPC get DNS hostname"
    default = true default = true
    } }
    variable "enable_dns_support" { variable "enable_dns_support" {
    description = "When set to true, the Amazon DNS server is enabled within the VPC" description = "When set to true, the Amazon DNS server is enabled within the VPC"
    default = true default = true
    } }
    variable "enable_eks_support" {
    description = "When set to true, properly tags VPC assets with proper discovery assets"
    default = "true"
    }
    variable "eks_cluster_name" {
    description = "Name of the EKS cluster to reside within the VPC"
    }
    resource "aws_vpc" "mod" { resource "aws_vpc" "mod" {
    cidr_block = "${var.cidr}" cidr_block = "${var.cidr}"
    enable_dns_hostnames = "${var.enable_dns_hostnames}" enable_dns_hostnames = "${var.enable_dns_hostnames}"
    enable_dns_support = "${var.enable_dns_support}" enable_dns_support = "${var.enable_dns_support}"
    tags { tags = "${var.enable_eks_support == "true" ?
    Name = "${var.name}" map(
    } "Name", "${var.name}",
    "kubernetes.io/cluster/${var.eks_cluster_name}", "shared",
    ) :
    map(
    "Name", "${var.name}",
    )
    }"
    } }
    resource "aws_subnet" "public" { resource "aws_subnet" "public" {
    lifecycle { create_before_destroy = true } lifecycle {
    create_before_destroy = true
    }
    vpc_id = "${aws_vpc.mod.id}" vpc_id = "${aws_vpc.mod.id}"
    cidr_block = "${element(var.public_subnets, count.index)}" cidr_block = "${element(var.public_subnets, count.index)}"
    ...@@ -56,16 +73,24 @@ resource "aws_subnet" "public" { ...@@ -56,16 +73,24 @@ resource "aws_subnet" "public" {
    } }
    resource "aws_subnet" "private" { resource "aws_subnet" "private" {
    lifecycle { create_before_destroy = true } lifecycle {
    create_before_destroy = true
    }
    vpc_id = "${aws_vpc.mod.id}" vpc_id = "${aws_vpc.mod.id}"
    cidr_block = "${element(var.private_subnets, count.index)}" cidr_block = "${element(var.private_subnets, count.index)}"
    availability_zone = "${element(var.availability_zones, count.index)}" availability_zone = "${element(var.availability_zones, count.index)}"
    count = "${length(var.private_subnets)}" count = "${length(var.private_subnets)}"
    tags { tags = "${var.enable_eks_support == "true" ?
    Name = "${var.name}.private.${element(var.availability_zones, count.index)}" map(
    } "Name", "${var.name}.private.${element(var.availability_zones, count.index)}",
    "kubernetes.io/cluster/${var.eks_cluster_name}", "shared",
    ) :
    map(
    "Name", "${var.name}.private.${element(var.availability_zones, count.index)}",
    )
    }"
    } }
    resource "aws_internet_gateway" "mod" { resource "aws_internet_gateway" "mod" {
    ...@@ -91,8 +116,8 @@ resource "aws_nat_gateway" "nat" { ...@@ -91,8 +116,8 @@ resource "aws_nat_gateway" "nat" {
    resource "aws_route_table" "public" { resource "aws_route_table" "public" {
    vpc_id = "${aws_vpc.mod.id}" vpc_id = "${aws_vpc.mod.id}"
    tags { tags {
    Name = "${var.name}.public" Name = "${var.name}.public"
    } }
    } }
    ...@@ -117,7 +142,7 @@ resource "aws_route" "nat_gateway" { ...@@ -117,7 +142,7 @@ resource "aws_route" "nat_gateway" {
    nat_gateway_id = "${element(aws_nat_gateway.nat.*.id, count.index)}" nat_gateway_id = "${element(aws_nat_gateway.nat.*.id, count.index)}"
    count = "${length(var.public_subnets)}" count = "${length(var.public_subnets)}"
    depends_on = ["aws_route_table.private"] depends_on = ["aws_route_table.private"]
    } }
    resource "aws_route_table_association" "public" { resource "aws_route_table_association" "public" {
    ......
    Markdown is supported
    0% or
    You are about to add 0 people to the discussion. Proceed with caution.
    Finish editing this message first!
    Please register or to comment