Skip to content

Latest commit

 

History

History
114 lines (92 loc) · 7.76 KB

README.md

File metadata and controls

114 lines (92 loc) · 7.76 KB

EKS with Windows Terraform module

ci workflow Terraform module to deploy EKS with Windows support

Requirements

Name Version
terraform >= 1.7.3
aws >= 5.38
helm 2.12.1
kubernetes >= 2.26.0

Providers

No providers.

Inputs

Name Description Type Default Required
aws_region Region to deploy EKS Cluster into string "us-east-1" no
eks_autoscaling_group_linux_desired_capacity Desired capacity for Linux nodes for the EKS. number 2 no
eks_autoscaling_group_linux_max_size Maximum number of Linux nodes for the EKS. number 3 no
eks_autoscaling_group_linux_min_size Minimum number of Linux nodes for the EKS. number 2 no
eks_autoscaling_group_windows_desired_capacity Desired capacity for Windows nodes for the EKS. number 2 no
eks_autoscaling_group_windows_max_size Maximum number of Windows nodes for the EKS. number 3 no
eks_autoscaling_group_windows_min_size Minimum number of Windows nodes for the EKS number 2 no
eks_cluster_name Name for the EKS Cluster string "eks" no
eks_cluster_version Kubernetes version for the EKS cluster string "1.29" no
eks_linux_instance_type Instance size for EKS worker nodes. string "m5.large" no
eks_users Additional AWS users to add to the EKS aws-auth configmap. 
list(object({
    userarn  = string
    username = string
    groups   = list(string)
  }))
 [] no
eks_windows_instance_type Instance size for EKS windows worker nodes. string "t3.medium" no
enable_calico_network_polices Installs and enables calico for netowrk policies bool false no
enable_cloudwatch_exported Enable cloudwatch exporter bool true no
enable_cluster_autoscaler Enable cluster autoscaler bool true no
enable_loadbalancer_controler Enable ALB load Balancer controller bool true no
enable_metrics_server Install metrics server into the cluster bool true no
external_dns_support Setup IAM, service accounts and cluster role for external_dns in EKS bool false no
vpc_cidr_private_subnets private subnets in the main CIDR block for the VPC. list(string) 
[
  "10.0.1.0/24",
  "10.0.2.0/24",
  "10.0.3.0/24"
]
 no
vpc_cidr_public_subnets private subnets in the main CIDR block for the VPC. list(string) 
[
  "10.0.4.0/24",
  "10.0.5.0/24",
  "10.0.6.0/24"
]
 no
windows_ami_type AMI type for the Windows Nodes. string "WINDOWS_CORE_2022_x86_64" no

Outputs

Name Description
eks_cluster_certificate_authority_data EKS cluster CA
eks_cluster_endpoint EKS cluster endpoint
eks_cluster_name EKS cluster ID
kubeconfig kubeconfig for the AWS EKS cluster
load_balancer_controller_helm_release_version Load Balancer controller helm release version. Depend on this in your kubernetes deployments if you use services with load balacers and want to be able to destroy from a single terraform deploymemt
network_polices_enabled Denotes if network policies where enabled
private_subnet_ids List of private subnets that contain backend infrastructure (RDS, ElastiCache, EC2)
public_subnet_ids List of public subnets that contain frontend infrastructure (ALB)
vpc_id Id for the VPC created for CTFd

Examples

Simple

terraform {
  required_version = ">= 1.7.3"
  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = ">= 5.38"
    }
  }
}

provider "aws" {
  region = "us-east-1"
}

module "eks_windows" {
  source = "../../" # Actually set to "1nval1dctf/eks-windows/aws"
}

Building / Contributing

Install prerequisites

Golang

wget https://go.dev/dl/go1.22.0.darwin-amd64.tar.gz
sudo tar -C /usr/local -xzf go1.22.0.darwin-amd64.tar.gz
rm go1.22.0.darwin-amd64.tar.gz

Add /usr/local/go/bin to the PATH environment variable

Terraform

LATEST_URL=$(curl https://releases.hashicorp.com/terraform/index.json | jq -r '.versions[].builds[].url | select(.|test("alpha|beta|rc")|not) | select(.|contains("linux_amd64"))' | sort -t. -k 1,1n -k 2,2n -k 3,3n | tail -1)
curl ${LATEST_URL} > /tmp/terraform.zip
(cd /tmp && unzip /tmp/terraform.zip && chmod +x /tmp/terraform && sudo mv /tmp/terraform /usr/local/bin/)

Pre-commit and tools

Follow: https://github.com/antonbabenko/pre-commit-terraform#how-to-install

Run tests

Default tests will deploy to AWS.

make

⚠️ Warning: This will spin up EKS and other services in AWS which will cost you some money.