The name is aardvark.
I am using aardvark to create Kubernetes 1.20(verified), 1.21(verified), 1.22(verified) on EKS.
Works very well, verified hundreds of times of terraform apply
and terraform destory
.
First, have aws cli configured correctly, terraform will use aws config&credential.
Ingore s3backend
directory and cd eks
.
- changes
default.auto.tfvars
accordintly. - changes
terraform.backend
part inproviders.tf
to useremote
instead ofs3
.
first cd s3backend
- changes
default.auto.tfvars
accordintly.var.cluster_name
is used as the name of both s3 bucket and dynamodb table.
- then
terraform init && terraform apply -auto-approve
.
second cd eks
- changes
default.auto.tfvars
accordintly. - changes
providers.tf
to use the correct s3 bucket and dynamodb table. - then
terraform init && terraform apply -auto-approve
.
In eks/users.tf
, I bind the aws role k8smaster
with k8s system:masters
.
If you want all the IAM users belonging a IAM group to have system:masters
permissions, just create a IAM group and bind the group with aws role k8smaster
.
Or if you want a specific IAM user to have system:masters
permissions, just add the user to "mapUsers"
part.
In my current environment, aws vpc and on-prem are preconfigured.