/terraform-k3s-aws-cluster

Primary LanguageHCLApache License 2.0Apache-2.0

Terraform K3S AWS Cluster

This module supports creating a k3s cluster with a postgres backend in AWS. It allows you to optionally install Rancher Server cert-manager, or import your K3S cluster into an existing Rancher Server.

Requirements

Name Version
terraform >= 0.13
rancher2 >= 1.10.3

Providers

Name Version
aws n/a
aws.r53 n/a
null n/a
rancher2.bootstrap >= 1.10.3
random n/a
template n/a

Modules

No modules.

Resources

Name Type
aws_autoscaling_group.k3s_agent resource
aws_autoscaling_group.k3s_server resource
aws_db_subnet_group.private resource
aws_launch_template.k3s_agent resource
aws_launch_template.k3s_server resource
aws_lb.lb resource
aws_lb.server-lb resource
aws_lb_listener.port_443 resource
aws_lb_listener.port_80 resource
aws_lb_listener.server-port_6443 resource
aws_lb_target_group.agent-443 resource
aws_lb_target_group.agent-80 resource
aws_lb_target_group.server-6443 resource
aws_rds_cluster.k3s resource
aws_rds_cluster_instance.k3s resource
aws_rds_cluster_parameter_group.k3s resource
aws_route53_record.rancher resource
aws_security_group.database resource
aws_security_group.ingress resource
aws_security_group.self resource
aws_security_group_rule.database_egress_all resource
aws_security_group_rule.database_self resource
aws_security_group_rule.ingress_egress_all resource
aws_security_group_rule.ingress_http resource
aws_security_group_rule.ingress_https resource
aws_security_group_rule.ingress_self resource
aws_security_group_rule.self_k3s_server resource
aws_security_group_rule.self_self resource
null_resource.wait_for_rancher resource
rancher2_bootstrap.admin resource
random_password.k3s_cluster_secret resource
random_pet.lb resource
aws_ami.ubuntu data source
aws_route53_zone.dns_zone data source
aws_subnet_ids.available data source
aws_vpc.default data source
cloudinit_config.k3s_agent data source
cloudinit_config.k3s_server data source

Inputs

Name Description Type Default Required
agent_image_id AMI to use for k3s agent instances string null no
agent_instance_ssh_user Username for sshing into instances string "ubuntu" no
agent_instance_type n/a string "m5.large" no
agent_k3s_exec exec args to pass to k3s agents string null no
agent_node_count Number of agent nodes to launch number 3 no
agent_volume_type Volume Type for K3S Agent nodes string "gp3" no
aws_azs List of AWS Availability Zones in the VPC list(any) null no
aws_profile Name of the AWS Profile to use for authentication string null no
aws_region n/a string null no
certmanager_version Version of cert-manager to install string "1.1.0" no
create_external_nlb Boolean that defines whether or not to create an external load balancer bool true no
db_allow_major_version_upgrade Enable to allow major engine version upgrades when changing engine versions. bool true no
db_engine_version Engine Version for RDS Database string "10.11" no
db_instance_type n/a string "db.r5.large" no
db_name Name of database to create in RDS string null no
db_node_count Number of RDS database instances to launch number 1 no
db_parameter_group_family engine family for parameter group string "aurora-postgresql10" no
db_pass Password for RDS user string n/a yes
db_user Username for RDS database string n/a yes
domain n/a string "eng.rancher.space" no
extra_agent_security_groups Additional security groups to attach to k3s agent instances list(any) [] no
extra_server_security_groups Additional security groups to attach to k3s server instances list(any) [] no
install_certmanager Boolean that defines whether or not to install Cert-Manager bool false no
install_k3s_version Version of K3S to install string "1.19.4+k3s1" no
install_rancher Boolean that defines whether or not to install Rancher bool false no
k3s_cluster_secret Override to set k3s cluster registration secret string null no
k3s_datastore_cafile Location to download RDS CA Bundle string "/srv/rds-combined-ca-bundle.pem" no
k3s_datastore_endpoint Storage Backend for K3S cluster to use. Valid options are 'sqlite' or 'postgres' string "sqlite" no
k3s_disable_agent Whether to run the k3s agent on the same host as the k3s server bool false no
k3s_tls_san Sets k3s tls-san flag to this value instead of the default load balancer string null no
letsencrypt_email LetsEncrypt email address to use string "none@none.com" no
name Name for deployment string "rancher-demo" no
private_subnets List of private subnet ids. list(any) [] no
private_subnets_cidr_blocks List of cidr_blocks of private subnets list(any) [] no
public_subnets List of public subnet ids. list(any) [] no
public_subnets_cidr_blocks List of cidr_blocks of public subnets list(any) [] no
r53_domain DNS domain for Route53 zone (defaults to domain if unset) string "" no
rancher2_token_key Rancher2 API token for authentication string null no
rancher_chart Helm chart to use for Rancher install string "rancher-stable/rancher" no
rancher_password Password to set for admin user during bootstrap of Rancher Server string "" no
rancher_version Version of Rancher to install string "2.6.6" no
rds_ca_cert_identifier The identifier of the CA certificate for the DB instance. string "rds-ca-2019" no
registration_command Registration command to import cluster into Rancher. Should not be used when installing Rancher in this same cluster string "" no
server_image_id AMI to use for k3s server instances string null no
server_instance_ssh_user Username for sshing into instances string "ubuntu" no
server_instance_type n/a string "m5.large" no
server_k3s_exec exec args to pass to k3s server string null no
server_node_count Number of server nodes to launch number 1 no
server_volume_type Volume Type for K3S Server nodes string "gp3" no
skip_final_snapshot Boolean that defines whether or not the final snapshot should be created on RDS cluster deletion bool true no
ssh_keys SSH keys to inject into Rancher instances list(any) [] no
subdomain subdomain to host rancher on, instead of using var.name string null no
use_route53 Configures whether to use route_53 DNS or not bool true no
vpc_id The vpc id that Rancher should use string null no

Outputs

Name Description
external_lb_dns_name n/a
k3s_cluster_secret n/a
rancher_admin_password n/a
rancher_token n/a
rancher_url n/a

License

Copyright (c) 2014-2019 Rancher Labs, Inc.

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.