forked from AaronForce1/terraform-aws-infrastructure-eks
-
Notifications
You must be signed in to change notification settings - Fork 0
/
locals.tf
89 lines (82 loc) · 4.04 KB
/
locals.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
locals {
module_version = chomp(data.local_file.infrastructure-terraform-eks-version.content)
}
locals {
name_prefix = var.cluster_name != "" ? var.cluster_name : "${var.app_name}-${var.app_namespace}-${var.tfenv}"
base_tags = {
Environment = var.tfenv
Terraform = "true"
Version = local.module_version
Namespace = var.app_namespace
Billingcustomer = var.billingcustomer
Product = var.app_name
terraform-aws-infrastructure-eks = local.module_version
}
kubernetes_tags = merge({
Name = "${var.app_name}-${var.app_namespace}-${var.tfenv}"
"k8s.io/cluster-autoscaler/enabled" = true
"k8s.io/cluster-autoscaler/${var.app_name}-${var.app_namespace}-${var.tfenv}" = true
}, local.base_tags)
additional_kubernetes_tags = merge({
Name = "${var.app_name}-${var.app_namespace}-${var.tfenv}"
}, local.base_tags)
default_node_group = {
core = {
desired_capacity = var.instance_desired_size
max_capacity = var.instance_max_size
min_capacity = var.instance_min_size
instance_type = var.instance_type
key_name = var.node_key_name
public_ip = var.node_public_ip
create_launch_template = var.create_launch_template
disk_size = var.root_vol_size
k8s_labels = {
Environment = var.tfenv
}
tags = local.kubernetes_tags
additional_tags = local.additional_kubernetes_tags
}
}
aws_auth_roles = [
for x in module.eks_managed_node_group :
{
"groups" : ["system:bootstrappers", "system:nodes"]
"rolearn" : "${x.iam_role_arn}"
"username" : "system:node:{{EC2PrivateDNSName}}"
}
]
base_cidr = var.vpc_subnet_configuration.autogenerate ? format(var.vpc_subnet_configuration.base_cidr, random_integer.cidr_vpc[0].result) : var.vpc_subnet_configuration.base_cidr
nat_gateway_configuration = var.nat_gateway_custom_configuration.enabled ? {
"enable_nat_gateway" = var.nat_gateway_custom_configuration.enable_nat_gateway
"enable_dns_hostnames" = var.nat_gateway_custom_configuration.enable_dns_hostnames
"single_nat_gateway" = var.nat_gateway_custom_configuration.single_nat_gateway
"one_nat_gateway_per_az" = var.nat_gateway_custom_configuration.one_nat_gateway_per_az
"reuse_nat_ips" = var.elastic_ip_custom_configuration.enabled ? var.elastic_ip_custom_configuration.reuse_nat_ips : false
"external_nat_ip_ids" = var.elastic_ip_custom_configuration.enabled ? var.elastic_ip_custom_configuration.external_nat_ip_ids : []
"enable_vpn_gateway" = var.nat_gateway_custom_configuration.enable_vpn_gateway
"propagate_public_route_tables_vgw" = var.nat_gateway_custom_configuration.enable_vpn_gateway
} : {
enable_nat_gateway = true
enable_dns_hostnames = true
single_nat_gateway = var.tfenv == "prod" ? false : true
one_nat_gateway_per_az = false
reuse_nat_ips = var.elastic_ip_custom_configuration.enabled ? var.elastic_ip_custom_configuration.reuse_nat_ips : false
external_nat_ip_ids = var.elastic_ip_custom_configuration.enabled ? var.elastic_ip_custom_configuration.external_nat_ip_ids : []
enable_vpn_gateway = false
propagate_public_route_tables_vgw = false
}
namespaces = concat(
var.custom_namespaces,
["monitoring"],
(var.helm_installations.vault_consul ? ["hashicorp"] : []),
(var.helm_installations.argocd ? ["argocd"] : [])
)
}
resource "random_integer" "cidr_vpc" {
count = var.vpc_subnet_configuration.autogenerate ? 1 : 0
min = 0
max = 255
keepers = {
name = "eks-${var.app_namespace}-${var.tfenv}-cluster-vpc"
}
}