Deploys VPC, EKS with addons, Ingress controller, Pulsar, Gooddata CN and monitoring.
- AWS Account with sufficient access
- Existing DNS domain registered in Route53
- VPC with several subnets (for EKS, Elasticache, Aurora)
- EKS with OIDC, addons and infrastructure helm charts:
- Cluster Autoscaler
- ExternalDNS
- AWS Loadbalancer Controller
- Ingress NGINX controller
- EKS addons for VPC CNI, EBS CSI, coredns, kube-proxy
- Metrics server
- Kube-prometheus-stack (Prometheus, Grafana, Alertmanager)
- Network Loadbalancer (NLB) with wildcard SSL certificate for your DNS zone provisioned by AWS ACM
- Wildcard DNS record for your DNS zone pointing to this NLB
- Apache Pulsar and GoodData CN installed
- Basic set of Grafana dashboards for monitoring Kubernetes, Pulsar, and GoodData CN
module "gooddata-cn" {
source = "github.com/mouchar/gooddata-cn-tools//gooddata-cn-on-eks?ref=master"
dns_domain = "example.com"
license_key = "key/eyJwc ... enter your key here ... hrWDQ=="
}
# terraform init
# terraform apply
terraform destroy
Note: Destroy command doesn't work well yet; Resource dependencies are not correctly set up and it may happen you end up
with resources that can't be removed. Typically, EKS node group tends to be deleted sooner than helm charts, leaving orphan
resources in AWS account and in terraform state file. These issues will be addressed in future. Until fixed, you may try to
destroy your stack with -target
, or with repeated runs of terraform destroy
.
Name | Version |
---|---|
terraform | >= 1.0.0 |
aws | ~> 5.0 |
helm | ~> 2.10 |
kubectl | ~> 1.14 |
kubernetes | >= 2.20 |
Name | Version |
---|---|
aws | 5.9.0 |
helm | 2.10.1 |
kubernetes | 2.22.0 |
local | 2.4.0 |
null | 3.2.1 |
random | 3.5.1 |
template | 2.2.0 |
time | 0.9.1 |
Name | Source | Version |
---|---|---|
eks | terraform-aws-modules/eks/aws | ~> 19.15 |
eks_addons | aws-ia/eks-blueprints-addons/aws | ~> 1.1 |
iam_eks_role_gooddata | terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks | ~> 5.28.0 |
ingress_nginx | aws-ia/eks-blueprints-addon/aws | 1.1.1 |
kube_prometheus_stack | aws-ia/eks-blueprints-addon/aws | 1.1.1 |
postgres | terraform-aws-modules/rds-aurora/aws | ~> 8.3 |
vpc | terraform-aws-modules/vpc/aws | ~> 5.0 |
Name | Description | Type | Default | Required |
---|---|---|---|---|
admin_roles | List of IAM role names that will be granted admin access to cluster | list(string) |
[] |
no |
auth_hostname | Short hostname of Dex IdP | string |
"auth" |
no |
cluster_instance_types | Set of instance types associated with the EKS Node Group | list(string) |
[ |
no |
cluster_name | cluster name, must conform to DNS label limitations (RFC-1035) | string |
"" |
no |
cluster_version | EKS Cluster Kubernetes version | string |
"1.26" |
no |
dns_domain | Route53 Domain where all DNS records will be created | string |
n/a | yes |
elasticache_node_type | cache.* node type to be deployed. Must support Redis replication group. |
string |
"cache.t4g.medium" |
no |
enable_ingress_nginx | Install Ingress-Nginx | bool |
true |
no |
enable_kube_prometheus_stack | Install Prometheus and Grafana | bool |
true |
no |
gooddata_cn_helm_chart | You can also pass helm chart package filename | string |
"gooddata-cn" |
no |
gooddata_cn_version | GoodData CN Helm chart version | string |
"2.4.0" |
no |
grafana_password | Admin password to Grafana | string |
"AdminGrafana" |
no |
kube_prometheus_stack_version | Prometheus Helm chart version | string |
"48.1.2" |
no |
kubernetes_version | Version of Kubernetes cluster to deploy | string |
"1.26" |
no |
license_key | GoodData CN License | string |
n/a | yes |
location | AWS Region where the services will be deployed. | string |
"us-east-2" |
no |
pulsar_version | Pulsar Helm chart version | string |
"3.0.0" |
no |
rds_instance_class | db.* instance class to be deployed. Must support aurora-postgresql engine. |
string |
"db.t4g.medium" |
no |
registry_hostname | Hostname of private container registry | string |
"registry.example.com" |
no |
registry_password | Password used to access private registry | string |
"dummypass" |
no |
registry_username | Username used to access private registry | string |
"dummyuser" |
no |
repository_prefix | Path to GoodData CN images | string |
"gooddata" |
no |
s3_bucket_prefix | Path prefix in S3 buckets where caches and exports will be stored | string |
"" |
no |
tags | Tags to be added to resources | map(string) |
{} |
no |
Name | Description |
---|---|
certiticate_arn | ARN of issued wildcard ACM Certificate |
cluster_name | Name of EKS cluster |
configure_kubectl | Configure kubectl: make sure you're logged in with the correct AWS profile and run the following command to update your kubeconfig |
elasticache_resource | aws_elasticache_replication_group resource created by this module. |
kubeconfig_path | Full path to generated kubeconfig file |
module_eks | Exposed module used to create EKS. Refer to docs for available outputs. |
module_eks_addons | Exposed module used to create EKS plugins. Refer to docs for available outputs. |
module_postgres | Exposed module used to create Aurora RDS. Refer to docs for available outputs. |
module_vpc | Exposed module used to create VPC. Refer to docs for available outputs. |