This project provides a minimalist yet production-ready foundation for deploying an EKS cluster on AWS using Terraform. It includes a VPC, EKS cluster, and worker nodes, and is automated with GitHub Actions for CI/CD.
.github/workflows/main.yml
: GitHub Actions configuration for CI/CD.main.tf
: Main Terraform configuration.variables.tf
: Variable definitions.outputs.tf
: Project outputs.modules/
: Separate modules for VPC and EKS.README.md
: Project documentation.
- Description: Configures a VPC with public and private subnets.
- Variables:
vpc_cidr
: CIDR block for the VPC.public_subnets
: List of public subnets.private_subnets
: List of private subnets.
- Description: Configures an EKS cluster with managed nodes.
- Variables:
cluster_name
: Name of the EKS cluster.vpc_id
: ID of the VPC.private_subnets
: Private subnets for the EKS cluster.instance_type
: Instance type for the nodes (defaultt3.medium
).desired_capacity
: Desired number of nodes (default2
).
GitHub Actions is used to automate the deployment of the infrastructure and applications.
Before you begin, ensure you have met the following requirements:
- AWS Account: You need an AWS account with appropriate permissions to create resources.
- AWS CLI: Installed and configured with your AWS credentials.
- Terraform: Installed on your local machine. This project is compatible with Terraform version 1.3.0 and later.
- kubectl: Installed to interact with your Kubernetes cluster.
- GitHub Account: If you plan to use GitHub Actions for CI/CD.
-
Clone the Repository:
git clone https://github.com/elliotsecops/eks-terraform.git cd eks-terraform
-
Initialize Terraform:
terraform init
-
Plan the Deployment:
terraform plan -var="cluster_name=my-production-cluster"
-
Apply the Deployment:
terraform apply -var="cluster_name=my-production-cluster"
-
AWS Credentials: Ensure your AWS credentials are configured correctly. You can set them up using the AWS CLI:
aws configure
Make sure to configure the correct AWS region.
-
Terraform Variables: Modify the
variables.tf
file or use aterraform.tfvars
file to set your specific values for variables likevpc_cidr
,public_subnets
, etc.Example
terraform.tfvars
:cluster_name = "my-dev-cluster" desired_capacity = 3 AWS_REGION = "us-east-1"
Apply using the
terraform.tfvars
file:terraform apply -var-file=terraform.tfvars
-
Verify Cluster:
kubectl get nodes
-
Deploy Applications:
kubectl apply -f path/to/your/application.yaml
-
Access the Cluster: After deployment, you can access the cluster using the following command:
aws eks --region us-east-1 update-kubeconfig --name my-production-cluster
After running this command, ensure your kubectl context is set correctly:
kubectl config use-context arn:aws:eks:us-east-1:123456789012:cluster/my-production-cluster
- Auto Scaling: Configure auto-scaling policies for your EKS cluster to handle varying workloads. Use metrics like CPU and memory to trigger scaling events. Refer to the AWS Auto Scaling documentation.
- IAM Roles: Ensure proper IAM roles and policies are in place for your EKS cluster and worker nodes. Refer to the AWS IAM documentation.
- Network Security: Review and configure security groups and network ACLs. Refer to the AWS VPC documentation.
- Common Issues:
- Deployment Errors: Check the Terraform logs for detailed error messages.
- Node Joining Issues: Verify the worker node IAM role and security group configurations.
- Access Issues: Ensure your AWS CLI is configured correctly and your IAM user has the necessary permissions.
- kubectl Context: Ensure your kubectl context is set correctly after running
aws eks update-kubeconfig
.
If you want to contribute to this project, please follow these steps:
- Fork the repository.
- Create a new branch (
git checkout -b feature-branch
). - Make your changes and commit them (
git commit -m 'Add some feature'
). - Push to the branch (
git push origin feature-branch
). - Open a pull request.
Please follow the coding style guidelines and ensure all tests pass before submitting a pull request.
This project is licensed under the MIT License. See the LICENSE file for details.
For questions or support, please contact:
- Email: [email protected]
- GitHub: elliotsecops