/
castai.tf
85 lines (69 loc) · 2.75 KB
/
castai.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
# 3. Connect EKS cluster to CAST AI.
locals {
role_name = "castai-eks-role"
}
# Configure Data sources and providers required for CAST AI connection.
data "aws_caller_identity" "current" {}
resource "castai_eks_user_arn" "castai_user_arn" {
cluster_id = castai_eks_clusterid.cluster_id.id
}
provider "castai" {
api_url = var.castai_api_url
api_token = var.castai_api_token
}
provider "helm" {
kubernetes {
host = module.eks.cluster_endpoint
cluster_ca_certificate = base64decode(module.eks.cluster_certificate_authority_data)
exec {
api_version = "client.authentication.k8s.io/v1beta1"
command = "aws"
# This requires the awscli to be installed locally where Terraform is executed.
args = ["eks", "get-token", "--cluster-name", module.eks.cluster_name, "--region", var.cluster_region]
}
}
}
# Create AWS IAM policies and a user to connect to CAST AI.
module "castai-eks-role-iam" {
source = "castai/eks-role-iam/castai"
aws_account_id = data.aws_caller_identity.current.account_id
aws_cluster_region = var.cluster_region
aws_cluster_name = var.cluster_name
aws_cluster_vpc_id = module.vpc.vpc_id
castai_user_arn = castai_eks_user_arn.castai_user_arn.arn
create_iam_resources_per_cluster = true
}
# Configure EKS cluster connection using CAST AI eks-cluster module.
resource "castai_eks_clusterid" "cluster_id" {
account_id = data.aws_caller_identity.current.account_id
region = var.cluster_region
cluster_name = var.cluster_name
}
module "castai-eks-cluster" {
source = "castai/eks-cluster/castai"
api_url = var.castai_api_url
castai_api_token = var.castai_api_token
grpc_url = var.castai_grpc_url
wait_for_cluster_ready = true
aws_account_id = data.aws_caller_identity.current.account_id
aws_cluster_region = var.cluster_region
aws_cluster_name = module.eks.cluster_name
aws_assume_role_arn = module.castai-eks-role-iam.role_arn
delete_nodes_on_disconnect = var.delete_nodes_on_disconnect
default_node_configuration = module.castai-eks-cluster.castai_node_configurations["default"]
node_configurations = {
default = {
subnets = module.vpc.private_subnets
tags = var.tags
security_groups = [
module.eks.cluster_security_group_id,
module.eks.node_security_group_id,
aws_security_group.additional.id,
]
instance_profile_arn = module.castai-eks-role-iam.instance_profile_arn
}
}
// depends_on helps Terraform with creating proper dependencies graph in case of resource creation and in this case destroy.
// module "castai-eks-cluster" has to be destroyed before module "castai-eks-role-iam".
depends_on = [module.castai-eks-role-iam]
}