From 9d50d28ec4e4e42e1c4523571ed57188b62b6d1c Mon Sep 17 00:00:00 2001 From: furiousme Date: Mon, 21 Oct 2024 01:05:01 +0300 Subject: [PATCH] k8s: create cluster --- bastion.tf | 5 +++-- cluster.tf | 41 +++++++++++++++++++++++++++++++++++++++++ k8s_agent.sh | 2 ++ k8s_server.sh | 1 + securitygroups.tf | 20 ++++++++++++++++++++ variables.tf | 5 +++++ 6 files changed, 72 insertions(+), 2 deletions(-) create mode 100644 cluster.tf create mode 100644 k8s_agent.sh create mode 100644 k8s_server.sh diff --git a/bastion.tf b/bastion.tf index 78145b4..905ffb6 100644 --- a/bastion.tf +++ b/bastion.tf @@ -1,5 +1,5 @@ resource "aws_instance" "terraform_course_bastion" { - ami = "ami-06b21ccaeff8cd686" + ami = "ami-0ddc798b3f1a5117e" instance_type = "t2.micro" subnet_id = aws_subnet.terraform_course_public_subnet_1.id key_name = var.ec2_key_name @@ -13,4 +13,5 @@ resource "aws_instance" "terraform_course_bastion" { output "terraform_course_bastion_ip_addr" { value = aws_instance.terraform_course_bastion.public_ip sensitive = true -} \ No newline at end of file +} + diff --git a/cluster.tf b/cluster.tf new file mode 100644 index 0000000..59e0484 --- /dev/null +++ b/cluster.tf @@ -0,0 +1,41 @@ +resource "aws_instance" "terraform_course_k8s_server" { + ami = "ami-0ddc798b3f1a5117e" + instance_type = "t2.micro" + subnet_id = aws_subnet.terraform_course_private_subnet_1.id + key_name = var.ec2_key_name + security_groups = [aws_security_group.terraform_course_k8s_sg.id] + + user_data = templatefile("k8s_server.sh", {}) + + tags = { + Name = "terraform_course_k8s_server" + } +} + +resource "aws_instance" "terraform_course_k8s_agent" { + ami = "ami-0ddc798b3f1a5117e" + instance_type = "t2.micro" + subnet_id = aws_subnet.terraform_course_private_subnet_2.id + key_name = var.ec2_key_name + security_groups = [aws_security_group.terraform_course_k8s_sg.id] + depends_on = [aws_instance.terraform_course_k8s_server] + + user_data = templatefile("k8s_agent.sh", { + token = var.k8s_token, + server_private_ip = aws_instance.terraform_course_k8s_server.private_ip + }) + + tags = { + Name = "terraform_course_k8s_agent" + } +} + +output "terraform_course_k8s_server_ip_addr" { + value = aws_instance.terraform_course_k8s_server.private_ip + sensitive = true +} + +output "terraform_course_k8s_agent_ip_addr" { + value = aws_instance.terraform_course_k8s_agent.private_ip + sensitive = true +} diff --git a/k8s_agent.sh b/k8s_agent.sh new file mode 100644 index 0000000..37f7700 --- /dev/null +++ b/k8s_agent.sh @@ -0,0 +1,2 @@ +#!/bin/bash +curl -sfL https://get.k3s.io | K3S_URL="https://${server_private_ip}:6443" K3S_TOKEN=${token} sh -s - \ No newline at end of file diff --git a/k8s_server.sh b/k8s_server.sh new file mode 100644 index 0000000..b556d39 --- /dev/null +++ b/k8s_server.sh @@ -0,0 +1 @@ +curl -sfL https://get.k3s.io | sh - \ No newline at end of file diff --git a/securitygroups.tf b/securitygroups.tf index 5357c5a..6a07d92 100644 --- a/securitygroups.tf +++ b/securitygroups.tf @@ -62,3 +62,23 @@ resource "aws_security_group" "terraform_course_bastion_sg" { Name = "terraform_course_bastion_sg" } } + +resource "aws_security_group" "terraform_course_k8s_sg" { + vpc_id = aws_vpc.terraform_course_main_vpc.id + ingress { + from_port = 6443 + to_port = 6443 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + } + egress { + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] + } + + tags = { + Name = "terraform_course_k8s_sg" + } +} \ No newline at end of file diff --git a/variables.tf b/variables.tf index 887cf5f..5623511 100644 --- a/variables.tf +++ b/variables.tf @@ -49,4 +49,9 @@ variable "ip_address" { variable "ec2_key_name" { type = string sensitive = true +} + +variable "k8s_token" { + type = string + sensitive = true } \ No newline at end of file