Moved to eks and vpc community modules | Added awsaccountid & awsregi…

…on commit0 kubernetes vars
commitdev · Oct 28, 2019 · 46a3fcd · 46a3fcd
1 parent 8c27716
commit 46a3fcd
Show file tree

Hide file tree

Showing 57 changed files with 1,977 additions and 401 deletions.
diff --git a/internal/config/config.go b/internal/config/config.go
@@ -60,9 +60,10 @@ type Commit0Config struct {
 }
 
 type Kubernetes struct {
-	ClusterName string
-	DNSName     string
-	Deploy      bool
+	ClusterName  string
+	Deploy       bool
+	AWSAccountId string
+	AWSRegion    string
 }
 
 func LoadConfig(filePath string) *Commit0Config {

diff --git a/internal/generate/kubernetes/generate.go b/internal/generate/kubernetes/generate.go
@@ -2,7 +2,6 @@ package kubernetes
 
 import (
 	"bytes"
-	"fmt"
 	"github.com/commitdev/commit0/config"
 	"github.com/commitdev/commit0/templator"
 	"io"
@@ -44,7 +43,7 @@ func execute(cmd *exec.Cmd) {
 		log.Fatal(err1)
 	}
 
-	cmd.Dir = dir + "/kubernetes/terraform"
+	cmd.Dir = dir + "/kubernetes/terraform/environments/staging"
 
 	var errStdout, errStderr error
 	stdoutIn, _ := cmd.StdoutPipe()
@@ -74,9 +73,6 @@ func execute(cmd *exec.Cmd) {
 	if errStdout != nil || errStderr != nil {
 		log.Fatal("failed to capture stdout or stderr\n")
 	}
-	outStr, errStr := string(stdout.Bytes()), string(stderr.Bytes())
-	fmt.Printf("\nout:\n%s\nerr:\n%s\n", outStr, errStr)
-
 }
 
 // CapturingPassThroughWriter is a writer that remembers

diff --git a/templates/kubernetes/terraform/README.md b/templates/kubernetes/terraform/README.md
@@ -1,29 +1,95 @@
-# EKS Terraform 
+## Guidelines & Style Convention Summary
 
-AWS Resources created: 
+- All Terraform configuration should be formatted with `terraform fmt` before being accepted into this repository.
+- This repository is Terraform version >= 0.12, as such, leverage features from this release whenever possible.
+    See https://www.terraform.io/upgrade-guides/0-12.html for more information.
+- Leverage community-maintained Terraform modules whenever possible.
+- Attempt to minimize duplication whenever possible, but only within reason -- sometimes duplication is an acceptable solution.
+- Follow style conventions described in `docs/guide.pdf` whenever possible.
+- Whenever possible, inject resources down versus referencing resources across modules. This has been made easier with new features in v0.12.
+- Whenever possible, define the types of variables.
 
-- EKS Cluster: AWS managed Kubernetes cluster of master servers
-- AutoScaling Group containing 2 m4.large instances based on the latest EKS Amazon Linux 2 AMI: Operator managed Kubernetes worker nodes for running Kubernetes service deployments
-- Associated VPC, Internet Gateway, Security Groups, and Subnets: Operator managed networking resources for the EKS Cluster and worker node instances
-- Associated IAM Roles and Policies: Operator managed access resources for EKS and worker node instances
+### Module Conventions
 
-## Pre-requisites
+- All modules should contain the following:
 
-- Setup the [AWS credentials](https://www.terraform.io/docs/providers/aws/index.html#environment-variables) for terraform 
+    `README.md`: A description of the module.
+    `main.tf`: Module entrypoint where instantiation of resources happens.
+    `variables.tf`: Module variables.
+    `outputs.tf`: Output values (optional).
+    `files/`: Any / all files required by the module.
 
-## Spin up cluster
+- All module variables must have a description.
+- Again, leverage community-maintained Terraform modules whenever possible.
+- Avoid writing a module that is simply a wrapper of a Terraform resource unless absolutely necessary.
 
-```shell
+### Environment Conventions
 
-terraform plan 
-terraform apply 
+- All environments should contain the following:
+
+    `main.tf`: Toplevel terraform configuration file that instantiates the `environment` module.
+
+- Configuration should be pushed "top->down" from the `environment` module to it's submodules.
+
+### The Environment Module
+
+- The `environment` module can be considered the top-level module, all other modules are imported from this module.
+- Environment-specific variables should be exposed via the `variables.tf` file in this module, where they will be set from within the appropriate environment in the `environments/` directory.
+- The `environment` module contains the following:
+
+    `main.tf`: Module entrypoint where instantiation of resources happens.
+    `backend.tf`: Terraform remote state configuration.
+    `provider.tf`: Provider configuration.
+    `variables.tf`: Environment-specific variables are desclared here.
+    `versions.tf`: Terraform version information.
+    `files/`: (DEPRECATED)
+
+## Directory Structure
 
 ```
+    README.md
+    environments/
+        production/
+            main.tf
+        staging/
+            main.tf
+        development/
+            main.tf
+    docs/
+        guide.pdf
+    modules/
+        environment/
+            ...
+        <module-a>/
+            files/
+            scripts/
+            main.tf
+            outputs.tf
+            variables.tf
+        <module-n>/
+        ...
+```
+
+## AWS Guidelines
+
+- TODO: Identity/Access Management (IAM) Guidelines
+
+## Kubernetes Guidelines
+
+- When to use the Terraform Kuberenetes Provider and when to use manifests?
+
+    - Use the Terraform Kubernetes Provider (`provider "kubernetes"`) whenever you are provisioning a resource that could be considered relatively static (think Ingress, RoleBinding, CluterRoleBinding, etc).
+
+    - Use conventional Kubernetes manifests / `kubectl` when provisioning resouirces that could be considered dynamic (think Deployments).
+
+## Application
+
+ 1. Set up a profile for your project with your credentials in a specific profile in `~/.aws/credentials` and then export the following env var:
+ `export AWS_PROFILE=<project_name>`
 
-### Connect to cluster
-The EKS service does not provide a cluster-level API parameter or resource to automatically configure the underlying Kubernetes cluster to allow worker nodes to join the cluster via AWS IAM role authentication.
+ 2. Run the following from the appropriate environment directory under `environments/`:
 
-- Run `aws eks update-kubeconfig --name staging` to configure `kubectl`
-- Run `terraform output config_map_aws_auth` and save the configuration into a file, e.g. config_map_aws_auth.yaml
-- Run `kubectl apply -f config_map_aws_auth.yaml`
-- You can verify the worker nodes are joining the cluster via: `kubectl get nodes --watch`
+ ```
+ environment/development$ terraform init
+ environment/development$ terraform plan
+ ```
diff --git a/templates/kubernetes/terraform/eks-cluster.tf b/templates/kubernetes/terraform/eks-cluster.tf
diff --git a/templates/kubernetes/terraform/eks-worker-ndoes.tf b/templates/kubernetes/terraform/eks-worker-ndoes.tf