Welcome to StackSimplify by Kalyan Reddy Daida

Author: stacksimplify

14-EBS-CSI-Install-Kubernetes-Storage/01-ekscluster-terraform-manifests/c1-versions.tf

@@ -1,11 +1,11 @@
 # Terraform Settings Block
 terraform {
-  required_version = ">= 1.0.0"
+  required_version = ">= 1.6.0"
   required_providers {
     aws = {
       source = "hashicorp/aws"
-      #version = "~> 3.70"
-      version = ">= 4.65"
+      #version = ">= 4.65"
+      version = ">= 5.31"      
      }
   }
   # Adding Backend as S3 for Remote State Storage

14-EBS-CSI-Install-Kubernetes-Storage/01-ekscluster-terraform-manifests/c3-02-vpc-module.tf

@@ -5,10 +5,9 @@ data "aws_availability_zones" "available" {
 # Create VPC Terraform Module
 module "vpc" {
   source  = "terraform-aws-modules/vpc/aws"
-  #version = "3.11.0"
-  #version = "~> 3.11"
-  version = "4.0.1"
-
+  #version = "4.0.1"
+  version = "5.4.0"    
+  
   # VPC Basic Details
   name = local.eks_cluster_name
   cidr = var.vpc_cidr_block

14-EBS-CSI-Install-Kubernetes-Storage/01-ekscluster-terraform-manifests/c4-03-ec2bastion-securitygroups.tf

@@ -2,8 +2,8 @@
 # Security Group for Public Bastion Host
 module "public_bastion_sg" {
   source  = "terraform-aws-modules/security-group/aws"
-  #version = "4.5.0"
-  version = "4.17.2"
+  #version = "4.17.2"  
+  version = "5.1.0"    
 
   name = "${local.name}-public-bastion-sg"
   description = "Security Group with SSH port open for everybody (IPv4 CIDR), egress ports are all world open"

14-EBS-CSI-Install-Kubernetes-Storage/01-ekscluster-terraform-manifests/c4-05-ec2bastion-instance.tf

@@ -2,8 +2,9 @@
 # Bastion Host - EC2 Instance that will be created in VPC Public Subnet
 module "ec2_public" {
   source  = "terraform-aws-modules/ec2-instance/aws"
-  #version = "3.3.0"
-  version = "5.0.0"
+  #version = "5.0.0"
+  version = "5.5.0"        
+  
   # insert the required variables here
   name                   = "${local.name}-BastionHost"
   ami                    = data.aws_ami.amzlinux2.id

14-EBS-CSI-Install-Kubernetes-Storage/01-ekscluster-terraform-manifests/c4-06-ec2bastion-elasticip.tf

@@ -3,7 +3,8 @@
 resource "aws_eip" "bastion_eip" {
   depends_on = [ module.ec2_public, module.vpc ]
   instance = module.ec2_public.id
-  vpc      = true
+  #vpc      = true
+  domain = "vpc"  
   tags = local.common_tags
 }
 

14-EBS-CSI-Install-Kubernetes-Storage/01-ekscluster-terraform-manifests/c6-02-iam-oidc-connect-provider.tf

@@ -26,6 +26,7 @@ output "aws_iam_openid_connect_provider_arn" {
 locals {
     aws_iam_oidc_connect_provider_extract_from_arn = element(split("oidc-provider/", "${aws_iam_openid_connect_provider.oidc_provider.arn}"), 1)
 }
+
 # Output: AWS IAM Open ID Connect Provider
 output "aws_iam_openid_connect_provider_extract_from_arn" {
   description = "AWS IAM Open ID Connect Provider extract from ARN"

14-EBS-CSI-Install-Kubernetes-Storage/01-ekscluster-terraform-manifests/eks.auto.tfvars

@@ -1,6 +1,6 @@
 cluster_name = "eksdemo1"
 cluster_service_ipv4_cidr = "172.20.0.0/16"
-cluster_version = "1.26"
+cluster_version = "1.28"
 cluster_endpoint_private_access = false
 cluster_endpoint_public_access = true
 cluster_endpoint_public_access_cidrs = ["0.0.0.0/0"]

14-EBS-CSI-Install-Kubernetes-Storage/01-ekscluster-terraform-manifests/local-exec-output-files/creation-time-vpc-id.txt

@@ -18,4 +18,8 @@ VPC created on Mon Jan 3 07:19:15 IST 2022 and VPC ID: vpc-0b1ccfc81d2c1115a
 VPC created on Tue Jan 4 17:21:40 IST 2022 and VPC ID: vpc-0a218019f176d4454
 VPC created on Tue Jan 4 18:45:05 IST 2022 and VPC ID: vpc-051d2dff249bb1da2
 VPC created on Wed Jan 5 09:01:42 IST 2022 and VPC ID: vpc-0c55acf7ed5d3eeee
-VPC created on Wed Jan 12 08:12:45 IST 2022 and VPC ID: vpc-01a400fc1bb12b228
+VPC created on Thu Jan 6 09:37:53 IST 2022 and VPC ID: vpc-0fe02ca9681849577
+VPC created on Sun Jan 9 14:39:06 IST 2022 and VPC ID: vpc-0f361e7e2252950c5
+VPC created on Mon Jan 10 09:07:06 IST 2022 and VPC ID: vpc-09a1b3d35a01948ef
+VPC created on Tue Jan 11 09:59:26 IST 2022 and VPC ID: vpc-0a226ca1703e61e04
+VPC created on Tue Dec 19 09:55:26 IST 2023 and VPC ID: vpc-044b87da63a19022a

14-EBS-CSI-Install-Kubernetes-Storage/02-ebs-terraform-manifests/c1-versions.tf

@@ -1,11 +1,11 @@
 # Terraform Settings Block
 terraform {
-  required_version = ">= 1.0.0"
+  required_version = ">= 1.6.0"
   required_providers {
     aws = {
       source = "hashicorp/aws"
-      #version = "~> 3.70"
-      version = ">= 4.65"
+      #version = ">= 4.65"
+      version = ">= 5.31"
      }
     helm = {
       source = "hashicorp/helm"

BACKUP-BEFORE-DEC2023/15-EBS-Kubernetes-SampleApp-YAML/01-ekscluster-terraform-manifests/c1-versions.tf

@@ -0,0 +1,25 @@
+# Terraform Settings Block
+terraform {
+  required_version = ">= 1.0.0"
+  required_providers {
+    aws = {
+      source = "hashicorp/aws"
+      #version = "~> 3.70"
+      version = ">= 4.65"
+     }
+  }
+  # Adding Backend as S3 for Remote State Storage
+  backend "s3" {
+    bucket = "terraform-on-aws-eks"
+    key    = "dev/eks-cluster/terraform.tfstate"
+    region = "us-east-1" 
+ 
+    # For State Locking
+    dynamodb_table = "dev-ekscluster"    
+  }  
+}
+
+# Terraform Provider Block
+provider "aws" {
+  region = var.aws_region
+}

BACKUP-BEFORE-DEC2023/15-EBS-Kubernetes-SampleApp-YAML/01-ekscluster-terraform-manifests/c2-01-generic-variables.tf

@@ -0,0 +1,19 @@
+# Input Variables
+# AWS Region
+variable "aws_region" {
+  description = "Region in which AWS Resources to be created"
+  type = string
+  default = "us-east-1"  
+}
+# Environment Variable
+variable "environment" {
+  description = "Environment Variable used as a prefix"
+  type = string
+  default = "dev"
+}
+# Business Division
+variable "business_divsion" {
+  description = "Business Division in the large organization this Infrastructure belongs"
+  type = string
+  default = "SAP"
+}

BACKUP-BEFORE-DEC2023/15-EBS-Kubernetes-SampleApp-YAML/01-ekscluster-terraform-manifests/c2-02-local-values.tf

@@ -0,0 +1,12 @@
+# Define Local Values in Terraform
+locals {
+  owners = var.business_divsion
+  environment = var.environment
+  name = "${var.business_divsion}-${var.environment}"
+  #name = "${local.owners}-${local.environment}"
+  common_tags = {
+    owners = local.owners
+    environment = local.environment
+  }
+  eks_cluster_name = "${local.name}-${var.cluster_name}"  
+} 

BACKUP-BEFORE-DEC2023/15-EBS-Kubernetes-SampleApp-YAML/01-ekscluster-terraform-manifests/c3-01-vpc-variables.tf

@@ -0,0 +1,79 @@
+# VPC Input Variables
+
+# VPC Name
+variable "vpc_name" {
+  description = "VPC Name"
+  type = string 
+  default = "myvpc"
+}
+
+# VPC CIDR Block
+variable "vpc_cidr_block" {
+  description = "VPC CIDR Block"
+  type = string 
+  default = "10.0.0.0/16"
+}
+
+# VPC Availability Zones
+/*
+variable "vpc_availability_zones" {
+  description = "VPC Availability Zones"
+  type = list(string)
+  default = ["us-east-1a", "us-east-1b"]
+}
+*/
+
+# VPC Public Subnets
+variable "vpc_public_subnets" {
+  description = "VPC Public Subnets"
+  type = list(string)
+  default = ["10.0.101.0/24", "10.0.102.0/24"]
+}
+
+# VPC Private Subnets
+variable "vpc_private_subnets" {
+  description = "VPC Private Subnets"
+  type = list(string)
+  default = ["10.0.1.0/24", "10.0.2.0/24"]
+}
+
+# VPC Database Subnets
+variable "vpc_database_subnets" {
+  description = "VPC Database Subnets"
+  type = list(string)
+  default = ["10.0.151.0/24", "10.0.152.0/24"]
+}
+
+# VPC Create Database Subnet Group (True / False)
+variable "vpc_create_database_subnet_group" {
+  description = "VPC Create Database Subnet Group"
+  type = bool
+  default = true 
+}
+
+# VPC Create Database Subnet Route Table (True or False)
+variable "vpc_create_database_subnet_route_table" {
+  description = "VPC Create Database Subnet Route Table"
+  type = bool
+  default = true   
+}
+
+  
+# VPC Enable NAT Gateway (True or False) 
+variable "vpc_enable_nat_gateway" {
+  description = "Enable NAT Gateways for Private Subnets Outbound Communication"
+  type = bool
+  default = true  
+}
+
+# VPC Single NAT Gateway (True or False)
+variable "vpc_single_nat_gateway" {
+  description = "Enable only single NAT Gateway in one Availability Zone to save costs during our demos"
+  type = bool
+  default = true
+}
+
+
+
+
+

BACKUP-BEFORE-DEC2023/15-EBS-Kubernetes-SampleApp-YAML/01-ekscluster-terraform-manifests/c3-02-vpc-module.tf

@@ -0,0 +1,55 @@
+# AWS Availability Zones Datasource
+data "aws_availability_zones" "available" {
+}
+
+# Create VPC Terraform Module
+module "vpc" {
+  source  = "terraform-aws-modules/vpc/aws"
+  #version = "3.11.0"
+  #version = "~> 3.11"
+  version = "4.0.1"
+  
+  # VPC Basic Details
+  name = local.eks_cluster_name
+  cidr = var.vpc_cidr_block
+  azs             = data.aws_availability_zones.available.names
+  public_subnets  = var.vpc_public_subnets
+  private_subnets = var.vpc_private_subnets  
+
+  # Database Subnets
+  database_subnets = var.vpc_database_subnets
+  create_database_subnet_group = var.vpc_create_database_subnet_group
+  create_database_subnet_route_table = var.vpc_create_database_subnet_route_table
+  # create_database_internet_gateway_route = true
+  # create_database_nat_gateway_route = true
+  
+  # NAT Gateways - Outbound Communication
+  enable_nat_gateway = var.vpc_enable_nat_gateway 
+  single_nat_gateway = var.vpc_single_nat_gateway
+
+  # VPC DNS Parameters
+  enable_dns_hostnames = true
+  enable_dns_support   = true
+
+  
+  tags = local.common_tags
+  vpc_tags = local.common_tags
+
+  # Additional Tags to Subnets
+  public_subnet_tags = {
+    Type = "Public Subnets"
+    "kubernetes.io/role/elb" = 1    
+    "kubernetes.io/cluster/${local.eks_cluster_name}" = "shared"        
+  }
+  private_subnet_tags = {
+    Type = "private-subnets"
+    "kubernetes.io/role/internal-elb" = 1    
+    "kubernetes.io/cluster/${local.eks_cluster_name}" = "shared"    
+  }
+
+  database_subnet_tags = {
+    Type = "database-subnets"
+  }
+  # Instances launched into the Public subnet should be assigned a public IP address.
+  map_public_ip_on_launch = true
+}

BACKUP-BEFORE-DEC2023/15-EBS-Kubernetes-SampleApp-YAML/01-ekscluster-terraform-manifests/c3-03-vpc-outputs.tf

@@ -0,0 +1,37 @@
+# VPC Output Values
+
+# VPC ID
+output "vpc_id" {
+  description = "The ID of the VPC"
+  value       = module.vpc.vpc_id
+}
+
+# VPC CIDR blocks
+output "vpc_cidr_block" {
+  description = "The CIDR block of the VPC"
+  value       = module.vpc.vpc_cidr_block
+}
+
+# VPC Private Subnets
+output "private_subnets" {
+  description = "List of IDs of private subnets"
+  value       = module.vpc.private_subnets
+}
+
+# VPC Public Subnets
+output "public_subnets" {
+  description = "List of IDs of public subnets"
+  value       = module.vpc.public_subnets
+}
+
+# VPC NAT gateway Public IP
+output "nat_public_ips" {
+  description = "List of public Elastic IPs created for AWS NAT Gateway"
+  value       = module.vpc.nat_public_ips
+}
+
+# VPC AZs
+output "azs" {
+  description = "A list of availability zones spefified as argument to this module"
+  value       = module.vpc.azs
+}

BACKUP-BEFORE-DEC2023/15-EBS-Kubernetes-SampleApp-YAML/01-ekscluster-terraform-manifests/c4-01-ec2bastion-variables.tf

@@ -0,0 +1,19 @@
+
+   
+# AWS EC2 Instance Terraform Variables
+# EC2 Instance Variables
+
+# AWS EC2 Instance Type
+variable "instance_type" {
+  description = "EC2 Instance Type"
+  type = string
+  default = "t3.micro"  
+}
+
+# AWS EC2 Instance Key Pair
+variable "instance_keypair" {
+  description = "AWS EC2 Key pair that need to be associated with EC2 Instance"
+  type = string
+  default = "eks-terraform-key"
+}
+

BACKUP-BEFORE-DEC2023/15-EBS-Kubernetes-SampleApp-YAML/01-ekscluster-terraform-manifests/c4-02-ec2bastion-outputs.tf

@@ -0,0 +1,14 @@
+# AWS EC2 Instance Terraform Outputs
+# Public EC2 Instances - Bastion Host
+
+## ec2_bastion_public_instance_ids
+output "ec2_bastion_public_instance_ids" {
+  description = "List of IDs of instances"
+  value       = module.ec2_public.id
+}
+
+## ec2_bastion_public_ip
+output "ec2_bastion_public_ip" {
+  description = "Elastic IP associated to the Bastion Host"
+  value       = aws_eip.bastion_eip.public_ip
+}

BACKUP-BEFORE-DEC2023/15-EBS-Kubernetes-SampleApp-YAML/01-ekscluster-terraform-manifests/c4-03-ec2bastion-securitygroups.tf

@@ -0,0 +1,17 @@
+# AWS EC2 Security Group Terraform Module
+# Security Group for Public Bastion Host
+module "public_bastion_sg" {
+  source  = "terraform-aws-modules/security-group/aws"
+  #version = "4.5.0"
+  version = "4.17.2"
+  
+  name = "${local.name}-public-bastion-sg"
+  description = "Security Group with SSH port open for everybody (IPv4 CIDR), egress ports are all world open"
+  vpc_id = module.vpc.vpc_id
+  # Ingress Rules & CIDR Blocks
+  ingress_rules = ["ssh-tcp"]
+  ingress_cidr_blocks = ["0.0.0.0/0"]
+  # Egress Rule - all-all open
+  egress_rules = ["all-all"]
+  tags = local.common_tags
+}