From ee0d78b284f00f7f77c41facf29031c4f2d5fbcd Mon Sep 17 00:00:00 2001 From: Seong-dong Date: Wed, 28 Dec 2022 23:26:21 +0900 Subject: [PATCH] =?UTF-8?q?eks-cluster=20=EC=9E=91=EC=97=85?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- modules/eks-cluster/main.tf | 15 +++++++++++++++ modules/eks-cluster/outputs.tf | 7 +++++++ modules/eks-cluster/valiables.tf | 14 ++++++++++++++ modules/eks/main.tf | 16 ---------------- modules/eks/outputs.tf | 0 modules/eks/valiables.tf | 0 modules/iam/outputs.tf | 4 ++++ prod-hq/main.tf | 14 +++++++++++++- 8 files changed, 53 insertions(+), 17 deletions(-) create mode 100644 modules/eks-cluster/main.tf create mode 100644 modules/eks-cluster/outputs.tf create mode 100644 modules/eks-cluster/valiables.tf delete mode 100644 modules/eks/main.tf delete mode 100644 modules/eks/outputs.tf delete mode 100644 modules/eks/valiables.tf diff --git a/modules/eks-cluster/main.tf b/modules/eks-cluster/main.tf new file mode 100644 index 0000000..b537c12 --- /dev/null +++ b/modules/eks-cluster/main.tf @@ -0,0 +1,15 @@ +resource "aws_eks_cluster" "eks-cluster" { + name = "${var.name}-eks-cluster" + role_arn = var.iam_role_arn + + #enabled_cluster_log_types = ["api", "audit", "authenticator", "controllerManager", "scheduler"] + + vpc_config { + security_group_ids = var.sg_list + subnet_ids = var.subnet_list + + #노드그룹 통신을 위한 설정 + endpoint_private_access = true + endpoint_public_access = true + } +} diff --git a/modules/eks-cluster/outputs.tf b/modules/eks-cluster/outputs.tf new file mode 100644 index 0000000..6eb05cf --- /dev/null +++ b/modules/eks-cluster/outputs.tf @@ -0,0 +1,7 @@ +output "endpoint" { + value = "${aws_eks_cluster.eks-cluster.endpoint}" +} + +output "kubeconfig-certificate-authority-data" { + value = "${aws_eks_cluster.eks-cluster.certificate_authority.0.data}" +} \ No newline at end of file diff --git a/modules/eks-cluster/valiables.tf b/modules/eks-cluster/valiables.tf new file mode 100644 index 0000000..bba5e49 --- /dev/null +++ b/modules/eks-cluster/valiables.tf @@ -0,0 +1,14 @@ +variable "name" { + type = string +} +variable "iam_role_arn" { + type = string +} +variable "sg_list" { + type = list(string) + +} +variable "subnet_list" { + type = list(string) + +} diff --git a/modules/eks/main.tf b/modules/eks/main.tf deleted file mode 100644 index 14e0ab7..0000000 --- a/modules/eks/main.tf +++ /dev/null @@ -1,16 +0,0 @@ -resource "aws_eks_cluster" "demo" { - name = var.cluster-name - role_arn = aws_iam_role.demo-cluster.arn - - enabled_cluster_log_types = ["api", "audit", "authenticator", "controllerManager", "scheduler"] - - vpc_config { - security_group_ids = [aws_security_group.demo-cluster.id] - subnet_ids = [ - aws_subnet.VPC_HQ_public_1a.id, - aws_subnet.VPC_HQ_public_1c.id - ] - endpoint_private_access = true - endpoint_public_access = true - } -} diff --git a/modules/eks/outputs.tf b/modules/eks/outputs.tf deleted file mode 100644 index e69de29..0000000 diff --git a/modules/eks/valiables.tf b/modules/eks/valiables.tf deleted file mode 100644 index e69de29..0000000 diff --git a/modules/iam/outputs.tf b/modules/iam/outputs.tf index c58258f..2c2b881 100644 --- a/modules/iam/outputs.tf +++ b/modules/iam/outputs.tf @@ -1,4 +1,8 @@ output "iam_name" { value = aws_iam_role.iam-role.name +} +output "iam_arn" { + value = aws_iam_role.iam-role.arn + } \ No newline at end of file diff --git a/prod-hq/main.tf b/prod-hq/main.tf index 6ff765c..f4e4caa 100644 --- a/prod-hq/main.tf +++ b/prod-hq/main.tf @@ -198,7 +198,6 @@ module "eks_sg_ingress_http" { security_group_id = module.eks_sg.sg_id tag_name = each.key - } module "eks_sg_egress_all" { @@ -211,7 +210,20 @@ module "eks_sg_egress_all" { security_group_id = module.eks_sg.sg_id tag_name = "egress-all" +} +module "eks_cluster" { + source = "../modules/eks-cluster" + name = local.common_tags.project + iam_role_arn = module.eks_cluster_iam.iam_arn + sg_list = [module.eks_sg.sg_id] + subnet_list = [module.subnet_public.subnet.zone-a.id, module.subnet_public.subnet.zone-c.id] #변경해야될수있음. + + depends_on = [ + module.eks_cluster_iam, + module.eks_sg, + module.vpc_hq + ] } # EKS테스트 할때 활성 # module "ecr" {