/terraform-k3s-aws-cluster

Primary LanguageHCLApache License 2.0Apache-2.0

Terraform K3S AWS Cluster

This module supports creating a k3s cluster with a postgres backend in AWS. It allows you to optionally install nginx-ingress, Rancher Server, and cert-manager, or import your K3S cluster into an existing Rancher Server.

Inputs

Name Description Type Default Required
agent_image_id AMI to use for k3s agent instances string "null" no
agent_instance_ssh_user Username for sshing into instances string "ubuntu" no
agent_instance_type string "m5.large" no
agent_node_count Number of agent nodes to launch number "3" no
aws_azs List of AWS Availability Zones in the VPC list "null" no
aws_profile Name of the AWS Profile to use for authentication string "null" no
aws_region string "null" no
certmanager_version Version of cert-manager to install string "0.9.1" no
create_external_nlb Boolean that defines whether or not to create an external load balancer bool "true" no
db_instance_type string "db.r5.large" no
db_name Name of database to create in RDS string "null" no
db_node_count Number of RDS database instances to launch number "1" no
db_pass Password for RDS user string n/a yes
db_user Username for RDS database string n/a yes
domain string "eng.rancher.space" no
extra_agent_security_groups Additional security groups to attach to k3s agent instances list [] no
extra_server_security_groups Additional security groups to attach to k3s server instances list [] no
install_certmanager Boolean that defines whether or not to install Cert-Manager bool "false" no
install_k3s_version Version of K3S to install string "0.9.1" no
install_nginx_ingress Boolean that defines whether or not to install nginx-ingress bool "false" no
install_rancher Boolean that defines whether or not to install Rancher bool "false" no
k3s_cluster_secret Override to set k3s cluster registration secret string "null" no
k3s_deploy_traefik Configures whether to deploy traefik ingress or not bool "true" no
k3s_disable_agent Whether to run the k3s agent on the same host as the k3s server bool "false" no
k3s_storage_cafile Location to download RDS CA Bundle string "/srv/rds-combined-ca-bundle.pem" no
k3s_storage_endpoint Storage Backend for K3S cluster to use. Valid options are 'sqlite' or 'postgres' string "sqlite" no
k3s_tls_san Sets k3s tls-san flag to this value instead of the default load balancer string "null" no
letsencrypt_email LetsEncrypt email address to use string "none@none.com" no
name Name for deployment string "rancher-demo" no
private_subnets List of private subnet ids. list [] no
private_subnets_cidr_blocks List of cidr_blocks of private subnets list [] no
public_subnets List of public subnet ids. list [] no
public_subnets_cidr_blocks List of cidr_blocks of public subnets list [] no
r53_domain DNS domain for Route53 zone (defaults to domain if unset) string "" no
rancher2_token_key Rancher2 API token for authentication string "null" no
rancher_chart Helm chart to use for Rancher install string "rancher-stable/rancher" no
rancher_password Password to set for admin user during bootstrap of Rancher Server string "" no
rancher_version Version of Rancher to install string "2.3.1" no
registration_command Registration command to import cluster into Rancher. Should not be used when installing Rancher in this same cluster string "" no
server_image_id AMI to use for k3s server instances string "null" no
server_instance_ssh_user Username for sshing into instances string "ubuntu" no
server_instance_type string "m5.large" no
server_node_count Number of server nodes to launch number "1" no
skip_final_snapshot Boolean that defines whether or not the final snapshot should be created on RDS cluster deletion bool "true" no
ssh_keys SSH keys to inject into Rancher instances list [] no
vpc_id The vpc id that Rancher should use string "null" no

Outputs

Name Description
rancher_admin_password
rancher_token
rancher_url

License

Copyright (c) 2014-2019 Rancher Labs, Inc.

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.