Last active
May 31, 2018 17:36
-
-
Save limed/32dcc9c160a45f1ff588480697d6f51b to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
diff --git a/input.tf b/input.tf | |
index df22c1a..e66f48d 100644 | |
--- a/input.tf | |
+++ b/input.tf | |
@@ -55,6 +55,7 @@ variable features { | |
default = { | |
vpc = 1 | |
consul = 1 | |
+ kubernetes = 0 | |
jumphost = 0 | |
fluent = 0 | |
mig = 0 | |
@@ -187,6 +188,15 @@ variable sso { | |
} | |
} | |
+variable kubernetes { | |
+ default = { | |
+ master_type = "c4.large" | |
+ node_type = "t2.medium" | |
+ node_count = "2" | |
+ version = "" | |
+ } | |
+} | |
+ | |
variable fluentd { | |
default = { | |
sqs_queues = "" | |
diff --git a/main.tf b/main.tf | |
index 1cca946..2c06247 100644 | |
--- a/main.tf | |
+++ b/main.tf | |
@@ -157,6 +157,9 @@ module "vpcs" { | |
user_management_sudo_groups = "${lookup(var.user_management, "sudo_groups")}" | |
user_management_user_groups = "${lookup(var.user_management, "user_groups")}" | |
+ # kubernetes | |
+ kubernetes_version = "${lookup(var.kubernetes, "version")}" | |
+ | |
# MiG | |
mig = "${var.mig}" | |
diff --git a/modules/global/vpcs/inputs.tf b/modules/global/vpcs/inputs.tf | |
index ca8f21e..d7fd896 100644 | |
--- a/modules/global/vpcs/inputs.tf | |
+++ b/modules/global/vpcs/inputs.tf | |
@@ -147,3 +147,5 @@ variable mig { | |
variable instance_mfa { | |
type = "map" | |
} | |
+ | |
+variable kubernetes_version {} | |
diff --git a/modules/global/vpcs/main.tf b/modules/global/vpcs/main.tf | |
index 3105115..6a25728 100644 | |
--- a/modules/global/vpcs/main.tf | |
+++ b/modules/global/vpcs/main.tf | |
@@ -120,6 +120,9 @@ module "us-east-1" { | |
user_management_sudo_groups = "${var.user_management_sudo_groups}" | |
user_management_user_groups = "${var.user_management_user_groups}" | |
+ # kubernetes | |
+ kubernetes_version = "${var.kubernetes_version}" | |
+ | |
# MiG | |
mig = "${var.mig}" | |
@@ -238,6 +241,9 @@ module "us-west-2" { | |
user_management_sudo_groups = "${var.user_management_sudo_groups}" | |
user_management_user_groups = "${var.user_management_user_groups}" | |
+ # kubernetes | |
+ kubernetes_version = "${var.kubernetes_version}" | |
+ | |
# MiG | |
mig = "${var.mig}" | |
diff --git a/modules/vpc/inputs.tf b/modules/vpc/inputs.tf | |
index cd049e0..c57246a 100644 | |
--- a/modules/vpc/inputs.tf | |
+++ b/modules/vpc/inputs.tf | |
@@ -169,3 +169,9 @@ variable mig { | |
variable instance_mfa { | |
type = "map" | |
} | |
+ | |
+variable enable_kubernetes { | |
+ default = 1 | |
+} | |
+ | |
+variable "kubernetes_version" {} | |
diff --git a/modules/vpc/main.tf b/modules/vpc/main.tf | |
index 5a40acf..8cab8b0 100644 | |
--- a/modules/vpc/main.tf | |
+++ b/modules/vpc/main.tf | |
@@ -1065,6 +1065,25 @@ module "vpn" { | |
output_config = "${var.vpn_output_config}" | |
} | |
+module "kube-image" { | |
+ source = "github.com/nubisproject/nubis-terraform//images?ref=v2.2.0" | |
+ region = "${var.aws_region}" | |
+ image_version = "${coalesce(var.kubernetes_version, var.nubis_version)}" | |
+ project = "nubis-kubernetes" | |
+} | |
+ | |
+module "kubnernetes" { | |
+ source = "github.com/limed/nubis-kubernetes//nubis/terraform?ref=deploy-migrate" | |
+ | |
+ enabled = "${var.enabled * var.enable_kubernetes}" | |
+ region = "${var.aws_region}" | |
+ arena = "core" | |
+ environment = "core" | |
+ service_name = "kubernetes" | |
+ account = "${var.account_name}" | |
+ ami = "${module.kube-image.image_id}" | |
+} | |
+ | |
# Create a proxy discovery VPC DNS zone | |
resource "aws_route53_zone" "proxy" { | |
count = "${var.enabled * length(var.arenas)}" | |
@@ -1214,6 +1233,7 @@ resource "aws_s3_bucket_object" "public_state" { | |
], | |
"outputs": { | |
"nubis_version": ${jsonencode(var.nubis_version)}, | |
+ "nubis_domain": ${jsonencode(var.nubis_domain)}, | |
"region": ${jsonencode(var.aws_region)}, | |
"regions": ${jsonencode(var.aws_regions)}, | |
"arena": "${element(var.arenas, count.index)}", | |
@@ -1335,7 +1355,7 @@ resource "aws_lambda_function" "user_management" { | |
handler = "index.handler" | |
description = "Queries LDAP and inserts user into consul and create and delete IAM users" | |
memory_size = 128 | |
- runtime = "nodejs4.3" | |
+ runtime = "nodejs8.10" | |
timeout = "30" | |
vpc_config = { | |
diff --git a/modules/vpc/user_management/main.tf b/modules/vpc/user_management/main.tf | |
index 5c1daa2..d17a5ca 100644 | |
--- a/modules/vpc/user_management/main.tf | |
+++ b/modules/vpc/user_management/main.tf | |
@@ -53,7 +53,7 @@ resource "aws_lambda_function" "user_management" { | |
handler = "index.handler" | |
description = "Queries LDAP and inserts user into consul and create and delete IAM users" | |
memory_size = 128 | |
- runtime = "nodejs4.3" | |
+ runtime = "nodejs8.10" | |
timeout = "300" | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
* module.vpcs.module.us-east-1.module.kube-image.data.aws_ami.image: 1 error(s) occurred: | |
* module.vpcs.module.us-east-1.module.kube-image.data.aws_ami.image: data.aws_ami.image: Your query returned no results. Please change your search criteria and try again. | |
* module.vpcs.module.us-west-2.module.kube-image.data.aws_ami.image: 1 error(s) occurred: | |
* module.vpcs.module.us-west-2.module.kube-image.data.aws_ami.image: data.aws_ami.image: Your query returned no results. Please change your search criteria and try again. | |
* module.vpcs.module.us-east-1.module.kubnernetes.module.info.data.terraform_remote_state.info: 1 error(s) occurred: | |
* module.vpcs.module.us-east-1.module.kubnernetes.module.info.data.terraform_remote_state.info: data.terraform_remote_state.info: HTTP remote state endpoint invalid auth | |
* module.vpcs.module.us-east-1.module.kubnernetes.module.kops_bucket.module.info.data.terraform_remote_state.info: 1 error(s) occurred: | |
* module.vpcs.module.us-east-1.module.kubnernetes.module.kops_bucket.module.info.data.terraform_remote_state.info: data.terraform_remote_state.info: HTTP remote state endpoint invalid auth |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
diff --git a/nubis/terraform/main.tf b/nubis/terraform/main.tf | |
index 1ba5445..87189ad 100644 | |
--- a/nubis/terraform/main.tf | |
+++ b/nubis/terraform/main.tf | |
@@ -84,6 +84,7 @@ module "kops_cluster" { | |
# Master | |
master-availability-zones = "${split(",",module.info.availability_zones)}" | |
master-image = "${var.ami}" | |
+ master-machine-type = "${var.kubernetes_master_type}" | |
master-additional-sgs = "${local.security_groups}" | |
master-additional-sgs-count = "${local.security_groups_count}" | |
master-additional-user-data = "${data.template_file.userdata_master.rendered}" | |
@@ -97,23 +98,23 @@ module "kops_cluster" { | |
# First minion instance group | |
minion-image = "${var.ami}" | |
+ minion-machine-type = "${var.kubernetes_node_type}" | |
minion-additional-sgs = "${local.security_groups}" | |
minion-additional-sgs-count = "${local.security_groups_count}" | |
minion-additional-user-data = "${data.template_file.userdata_node.rendered}" | |
minion-update-interval = 4 | |
- min-minions = 2 | |
+ min-minions = "${var.kubernetes_node_minimum}" | |
} | |
resource "aws_security_group" "kubernetes" { | |
- name_prefix = "${var.service_name}-${var.arena}-${var.environment}-ssh-" | |
+ name_prefix = "${var.service_name}-${var.arena}-ssh-" | |
vpc_id = "${module.info.vpc_id}" | |
tags = { | |
- Name = "${var.service_name}-${var.arena}-${var.environment}-ssh" | |
+ Name = "${var.service_name}-${var.arena}-ssh" | |
Arena = "${var.arena}" | |
Region = "${var.region}" | |
- Environment = "${var.environment}" | |
} | |
ingress { | |
diff --git a/nubis/terraform/variables.tf b/nubis/terraform/variables.tf | |
index bdc8096..371b913 100644 | |
--- a/nubis/terraform/variables.tf | |
+++ b/nubis/terraform/variables.tf | |
@@ -1,3 +1,5 @@ | |
+variable "enabled" {} | |
+ | |
variable "account" {} | |
variable "region" {} | |
@@ -41,3 +43,15 @@ variable "ssh_pubkey" { | |
type = "string" | |
default = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC0/tR0k8b6gIQpd6IHyEJdzmGur60ShmOdQGpBoF7IPMBWTHgc5w3CTcqvK6aJ6GpZHyybi9D9EON4+1WZTf9tcsdUP8kyVOs66sw26FWeCri2k1zomsGP9Ysr3bSUe3dpi5vipk1PDXpaD6wYs/eEtQxO1U1wRCGEGclRdh5G8UbOMwrPIHvQd77ma5RyXzd36htzFtsKnuyTtG7xHGPphzVqLZmiDZeyxbr3mCuaMBW30syEKviiVbMo4RsmDqzR3N2ltInGKYgZpCW7fd7KrZL/G0oi/XS+Up5MvmYSsP2tYNx909CWFpWDsXEPMNddl7ZYizHXLbLexU8+0h5j nubis" | |
} | |
+ | |
+variable "kubernetes_master_type" { | |
+ default = "c4.large" | |
+} | |
+ | |
+variable "kubernetes_node_type" { | |
+ default = "t2.medium" | |
+} | |
+ | |
+variable "kubernetes_node_minimum" { | |
+ default = "2" | |
+} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment