Create EKS cluster and associated resources wrapper module on top of terraform-aws-modules#12
Create EKS cluster and associated resources wrapper module on top of terraform-aws-modules#12marcelovilla wants to merge 52 commits intomainfrom
Conversation
… created in the correct vpc
…eter to node group mapping
… not a supported variable anymore
…t the module can be used along other resources created in the same terraform configuration
…ndpoints are created and whether an existing security group is provided
| on: | ||
| workflow_dispatch: | ||
| pull_request: | ||
| types: [ready_for_review] |
There was a problem hiding this comment.
@dcmcand curious about what you think of this strategy? Maybe we can also add labels to trigger the tests after the PR has been marked for review. What I found annoying is that if the tests fail, one would need to convert it back to a draft PR, work on the tests and then mark it ready for review again. But once this is merged, one could always run it manually using workflow dispatch.
dcmcand
left a comment
dcmcand
left a comment
There was a problem hiding this comment.
ok, both the IAM module and vpc-endpoints module should have version constraints.
Make sure we are documenting the requirements for a vpc if they bring their own and for iam if they bring their own. This can be in a follow on pr, but it should at least have an issue if it doesn't.
Have you tested efs with them supplying their own vpc?
@dcmcand I had not but I modified the examples to enable EFS when bringing their own resources and added an extra ingress rule to the security group which users should have when using their own. Passing integration tests for the updated examples can be found here: https://github.com/nebari-dev/terraform-aws-eks-cluster/actions/runs/21406140439/job/61632379633 |
2 participants
Reference Issues or PRs
Closes #8
Closes #9
Closes #11
What does this implement/fix?
This PR implements a Terraform wrapper module built on top of the terraform-aws-modules/terraform-aws-eks and terraform-aws-modules/terraform-aws-vpc modules to deploy an EKS cluster and optionally, all networking resources associated (VPC, VPC endpoints, public and private subnets, NAT Gateways, Internet Gateway, and security group) as well as the creation of necessary IAM roles and an EFS filesystem.
This PR includes an examples folder with two different examples: one using the module to create the cluster and all its associated resources, and another using independent Terraform resources to represent existing infrastructure and then passing those to the module to only create the EKS cluster.
Testing
To test this PR locally, make sure you have OpenTofu installed and AWS credentials configured. Then, run:
This PR includes a GHA workflow that will run the same tests. Results of the latest run can be found here: https://github.com/nebari-dev/terraform-aws-eks-cluster/actions/runs/20991759225/job/60338743785?pr=12
Any other comments?
This is the initial implementation of the wrapper module and we'll likely need to adjust several things as we start using it with different inputs. The tests are very basic now, testing only deploy and destroy functionality. I'll add a new issue to add meaningful checks to the integration tests. Furthermore, documentation is not great yet, and although one of the examples is a good starting point, we should add some notes on what requirements we have for users bringing their own networking resources and IAM roles.