From 56261e4e7ca50fc177622d7af8b2d1688e57672a Mon Sep 17 00:00:00 2001 From: Khalezin Dmitrii Date: Wed, 5 May 2021 22:54:22 +0300 Subject: [PATCH 1/8] #57 pinned terragrunt version --- terraform/terragrunt.hcl | 3 +++ 1 file changed, 3 insertions(+) diff --git a/terraform/terragrunt.hcl b/terraform/terragrunt.hcl index 3295300d..75b73e98 100644 --- a/terraform/terragrunt.hcl +++ b/terraform/terragrunt.hcl @@ -22,3 +22,6 @@ remote_state { encrypt = true } } + +terragrunt_version_constraint = "= 0.29.2" + From 185e2a07c5ab4a4ade55cc23ceb50f80c3f6b47b Mon Sep 17 00:00:00 2001 From: Khalezin Dmitrii Date: Wed, 5 May 2021 23:05:03 +0300 Subject: [PATCH 2/8] #57 removed equals symbol --- terraform/terragrunt.hcl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/terraform/terragrunt.hcl b/terraform/terragrunt.hcl index 75b73e98..ce2aa832 100644 --- a/terraform/terragrunt.hcl +++ b/terraform/terragrunt.hcl @@ -23,5 +23,5 @@ remote_state { } } -terragrunt_version_constraint = "= 0.29.2" +terragrunt_version_constraint = "0.29.3" From 5d9f811fb4eaab03dc2856f2f75e83a70fdeb28b Mon Sep 17 00:00:00 2001 From: Khalezin Dmitrii Date: Wed, 5 May 2021 23:05:52 +0300 Subject: [PATCH 3/8] #57 changed terragrunt version to 0.29.2 --- terraform/terragrunt.hcl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/terraform/terragrunt.hcl b/terraform/terragrunt.hcl index ce2aa832..187d8e7c 100644 --- a/terraform/terragrunt.hcl +++ b/terraform/terragrunt.hcl @@ -23,5 +23,5 @@ remote_state { } } -terragrunt_version_constraint = "0.29.3" +terragrunt_version_constraint = "0.29.2" From 3b7a1565a974369bb3ec70e161858633c24b6a65 Mon Sep 17 00:00:00 2001 From: Khalezin Dmitrii Date: Thu, 6 May 2021 09:56:47 +0300 Subject: [PATCH 4/8] #58 added terragrant version to README --- README.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/README.md b/README.md index ef994618..0542e94f 100644 --- a/README.md +++ b/README.md @@ -349,6 +349,9 @@ Details can be found [here](https://www.terraform.io/docs/cli/run/index.html) ### terragrunt +* Terragrunt version: `0.29.2` +> Terragrunt version pinned in `terragrunt.hcl` file. + We've also used `terragrunt` to simplify s3 bucket creation and terraform backend configuration. All you need to do is to set s3 bucket name in the `TF_REMOTE_STATE_BUCKET` env variable and run terragrunt command in the `terraform/` directory: ```bash From b7f4d5e5b722c17423b6393f916fcd1126608b2d Mon Sep 17 00:00:00 2001 From: Khalezin Dmitrii Date: Fri, 7 May 2021 10:07:54 +0300 Subject: [PATCH 5/8] #58 updated README --- README.md | 38 +++++++++++++++++++ .../templates/cert-manager-values.yaml | 2 +- 2 files changed, 39 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 0542e94f..7df65ae6 100644 --- a/README.md +++ b/README.md @@ -146,6 +146,7 @@ This diagram shows the namespaces used in the cluster and the services deployed ## Useful tools - [tfenv](https://github.com/tfutils/tfenv) - tool for managing different versions of terraform; the required version can be specified directly as an argument or via `.terraform-version` +- [tgenv](https://github.com/cunymatthieu/tgenv) - tool for managing different versions of terragrunt. - [terraform](https://www.terraform.io/) - terraform itself, our main development tool: `tfenv install` - [awscli](https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-welcome.html) - console utility to work with AWS API - [kubectl](https://kubernetes.io/docs/tasks/tools/install-kubectl/) - conssole utility to work with Kubernetes API @@ -362,6 +363,43 @@ We've also used `terragrunt` to simplify s3 bucket creation and terraform backen By running this `terragrunt` will create s3 bucket, configure terraform backend and then will run `terraform init` and `terraform apply` in layer-1 and layer-2 sequentially. +#### Apply infrastructure by layers with `terragrunt` + +Go to layer folder `terraform/layer1-aws/` or `terraform/layer2-k8s/` and run this command: + +``` +terragrunt apply +``` + +> The `layer2-k8s` has a dependence on `layer1-aws`. + +#### Target apply by `terragrunt` + +Go to layer folder `terraform/layer1-aws/` or `terraform/layer2-k8s/` and run this command: + +``` +terragrunt apply -target=module.eks +``` + +> The `-target` is formed from the following parts `resource type` and `resource name`. +> For example: `-target=module.eks`, `-target=helm_release.loki_stack` + +#### Destroy infrastructure by `terragrunt` + +For destroy both layers, run this command from `terraform/` folder: + +``` +terragrant run-all destroy +``` + +For destroy `layer2-k8s`, run this command from `terraform/layare2-k8s` folder: + +``` +terragrunt destroy +``` + +> The `layer2-k8s` has dependence from `layer1-aws` and when you destroy `layer1-aws`, `layer2-k8s` destroyed automatically. + ## What to do after deployment After applying this configuration, you will get the infrastructure described and outlined at the beginning of the document. In AWS and within the EKS cluster, the basic resources and services necessary for the operation of the EKS k8s cluster will be created. diff --git a/terraform/layer2-k8s/templates/cert-manager-values.yaml b/terraform/layer2-k8s/templates/cert-manager-values.yaml index 7cefbedd..c2190061 100644 --- a/terraform/layer2-k8s/templates/cert-manager-values.yaml +++ b/terraform/layer2-k8s/templates/cert-manager-values.yaml @@ -14,7 +14,7 @@ affinity: - matchExpressions: - key: node.kubernetes.io/lifecycle operator: In - values: + values: - ondemand cainjector: From 68d2f2dddeb40d2f7761fddb8738b495da2e582f Mon Sep 17 00:00:00 2001 From: Khalezin Dmitrii Date: Fri, 7 May 2021 10:28:12 +0300 Subject: [PATCH 6/8] #58 added .terragrunt-version --- terraform/.terragrunt-version | 1 + 1 file changed, 1 insertion(+) create mode 100644 terraform/.terragrunt-version diff --git a/terraform/.terragrunt-version b/terraform/.terragrunt-version new file mode 100644 index 00000000..20f06870 --- /dev/null +++ b/terraform/.terragrunt-version @@ -0,0 +1 @@ +0.29.2 From 0f989df9aabc59c5f5e12a8a60a38e2175f94620 Mon Sep 17 00:00:00 2001 From: Khalezin Dmitrii Date: Fri, 7 May 2021 15:28:59 +0300 Subject: [PATCH 7/8] #58 update readme --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 7df65ae6..b489f1c7 100644 --- a/README.md +++ b/README.md @@ -146,14 +146,14 @@ This diagram shows the namespaces used in the cluster and the services deployed ## Useful tools - [tfenv](https://github.com/tfutils/tfenv) - tool for managing different versions of terraform; the required version can be specified directly as an argument or via `.terraform-version` -- [tgenv](https://github.com/cunymatthieu/tgenv) - tool for managing different versions of terragrunt. +- [tgenv](https://github.com/cunymatthieu/tgenv) - tool for managing different versions of terragrunt; the required version can be specified directly as an argument or via `.terragrunt-version` - [terraform](https://www.terraform.io/) - terraform itself, our main development tool: `tfenv install` - [awscli](https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-welcome.html) - console utility to work with AWS API - [kubectl](https://kubernetes.io/docs/tasks/tools/install-kubectl/) - conssole utility to work with Kubernetes API - [kubectx + kubens](https://github.com/ahmetb/kubectx) - power tools for kubectl help you switch between Kubernetes clusters and namespaces - [helm](https://helm.sh/docs/intro/install/) - tool to create application packages and deploy them into k8s - [helmfile](https://github.com/roboll/helmfile) - "docker compose" for helm -- [terragrunt](https://terragrunt.gruntwork.io/) - small terraform wrapper providing DRY approach in some cases +- [terragrunt](https://terragrunt.gruntwork.io/) - small terraform wrapper providing DRY approach in some cases: `tgenv install` - [awsudo](https://github.com/meltwater/awsudo) - simple console utility that allows running awscli commands assuming specific roles - [aws-vault](https://github.com/99designs/aws-vault) - tool for securely managing AWS keys and running console commands - [aws-mfa](https://github.com/broamski/aws-mfa) - utility for automating the reception of temporary STS tockens when MFA is enabled From a34c5908511be940fde51c851884f96ca901e21f Mon Sep 17 00:00:00 2001 From: Khalezin Dmitrii Date: Thu, 13 May 2021 10:19:08 +0300 Subject: [PATCH 8/8] #57 updated readme --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index b489f1c7..9f08a59d 100644 --- a/README.md +++ b/README.md @@ -386,13 +386,13 @@ terragrunt apply -target=module.eks #### Destroy infrastructure by `terragrunt` -For destroy both layers, run this command from `terraform/` folder: +To destroy both layers, run this command from `terraform/` folder: ``` terragrant run-all destroy ``` -For destroy `layer2-k8s`, run this command from `terraform/layare2-k8s` folder: +To destroy `layer2-k8s`, run this command from `terraform/layare2-k8s` folder: ``` terragrunt destroy