├── .dockerignore
├── .gitattributes
├── .gitignore
├── .idea
├── .gitignore
├── .name
├── devOpsTask.iml
├── inspectionProfiles
│ ├── Project_Default.xml
│ └── profiles_settings.xml
├── misc.xml
├── modules.xml
└── vcs.xml
├── Dockerfile
├── Images
├── devOpsAssignment.jpg
└── projectStructure.png
├── Jenkins
├── Jenkinsfile
├── build.groovy
└── push.groovy
├── README.md
├── main.py
├── requirements.txt
├── taskchart
├── .helmignore
├── Chart.yaml
├── templates
│ ├── Ingress.yaml
│ ├── NOTES.txt
│ ├── _helpers.tpl
│ └── deployment.yaml
└── values.yaml
└── terraform
├── README.md
├── main.tf
├── modules
├── ALB
│ ├── main.tf
│ ├── output.tf
│ └── variables.tf
├── ECR
│ ├── main.tf
│ ├── output.tf
│ └── variables.tf
├── EKS
│ ├── main.tf
│ ├── output.tf
│ └── variables.tf
├── RDS
│ ├── main.tf
│ ├── output.tf
│ └── variables.tf
└── VPC
│ ├── main.tf
│ ├── output.tf
│ └── variables.tf
├── output.tf
├── provider.tf
├── terraform.tfvars
└── variable.tf
/.dockerignore:
--------------------------------------------------------------------------------
1 | #All files that are not required in our project.
2 | Dockerfile
3 | .dockerignore
4 | .gitignore
5 |
6 | #Artifacts that will be built during image creation
7 | venv
8 |
--------------------------------------------------------------------------------
/.gitattributes:
--------------------------------------------------------------------------------
1 | # Auto detect text files and perform LF normalization
2 | * text=auto
3 |
4 |
5 |
--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
1 | # Byte-compiled / optimized / DLL files
2 | __pycache__/
3 | *.py[cod]
4 | *$py.class
5 |
6 | # C extensions
7 | *.so
8 |
9 | # Distribution / packaging
10 | .Python
11 | build/
12 | develop-eggs/
13 | dist/
14 | downloads/
15 | eggs/
16 | .eggs/
17 | lib/
18 | lib64/
19 | parts/
20 | sdist/
21 | var/
22 | wheels/
23 | share/python-wheels/
24 | *.egg-info/
25 | .installed.cfg
26 | *.egg
27 | MANIFEST
28 |
29 | # PyInstaller
30 | # Usually these files are written by a python script from a template
31 | # before PyInstaller builds the exe, so as to inject date/other infos into it.
32 | *.manifest
33 | *.spec
34 |
35 | # Installer logs
36 | pip-log.txt
37 | pip-delete-this-directory.txt
38 |
39 | # Unit test / coverage reports
40 | htmlcov/
41 | .tox/
42 | .nox/
43 | .coverage
44 | .coverage.*
45 | .cache
46 | nosetests.xml
47 | coverage.xml
48 | *.cover
49 | *.py,cover
50 | .hypothesis/
51 | .pytest_cache/
52 | cover/
53 |
54 | # Translations
55 | *.mo
56 | *.pot
57 |
58 | # Django stuff:
59 | *.log
60 | local_settings.py
61 | db.sqlite3
62 | db.sqlite3-journal
63 |
64 | # Flask stuff:
65 | instance/
66 | .webassets-cache
67 |
68 | # Scrapy stuff:
69 | .scrapy
70 |
71 | # Sphinx documentation
72 | docs/_build/
73 |
74 | # PyBuilder
75 | .pybuilder/
76 | target/
77 |
78 | # Jupyter Notebook
79 | .ipynb_checkpoints
80 |
81 | # IPython
82 | profile_default/
83 | ipython_config.py
84 |
85 | # pyenv
86 | # For a library or package, you might want to ignore these files since the code is
87 | # intended to run in multiple environments; otherwise, check them in:
88 | # .python-version
89 |
90 | # pipenv
91 | # According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control.
92 | # However, in case of collaboration, if having platform-specific dependencies or dependencies
93 | # having no cross-platform support, pipenv may install dependencies that don't work, or not
94 | # install all needed dependencies.
95 | #Pipfile.lock
96 |
97 | # poetry
98 | # Similar to Pipfile.lock, it is generally recommended to include poetry.lock in version control.
99 | # This is especially recommended for binary packages to ensure reproducibility, and is more
100 | # commonly ignored for libraries.
101 | # https://python-poetry.org/docs/basic-usage/#commit-your-poetrylock-file-to-version-control
102 | #poetry.lock
103 |
104 | # PEP 582; used by e.g. github.com/David-OConnor/pyflow
105 | __pypackages__/
106 |
107 | # Celery stuff
108 | celerybeat-schedule
109 | celerybeat.pid
110 |
111 | # SageMath parsed files
112 | *.sage.py
113 |
114 | # Environments
115 | .env
116 | .venv
117 | env/
118 | venv/
119 | ENV/
120 | env.bak/
121 | venv.bak/
122 |
123 | # Spyder project settings
124 | .spyderproject
125 | .spyproject
126 |
127 | # Rope project settings
128 | .ropeproject
129 |
130 | # mkdocs documentation
131 | /site
132 |
133 | # mypy
134 | .mypy_cache/
135 | .dmypy.json
136 | dmypy.json
137 |
138 | # Pyre type checker
139 | .pyre/
140 |
141 | # pytype static type analyzer
142 | .pytype/
143 |
144 | # Cython debug symbols
145 | cython_debug/
146 |
147 | # PyCharm
148 | # JetBrains specific template is maintainted in a separate JetBrains.gitignore that can
149 | # be found at https://github.com/github/gitignore/blob/main/Global/JetBrains.gitignore
150 | # and can be added to the global gitignore or merged into this file. For a more nuclear
151 | # option (not recommended) you can uncomment the following to ignore the entire idea folder.
152 | #.idea/
153 | *.csv
154 | Notes for task.txt
155 | .terraform
156 | .terraform.lock.hcl
157 | *.tfstate.backup
158 | *.tfstate
159 |
--------------------------------------------------------------------------------
/.idea/.gitignore:
--------------------------------------------------------------------------------
1 | # Default ignored files
2 | /shelf/
3 | /workspace.xml
4 |
--------------------------------------------------------------------------------
/.idea/.name:
--------------------------------------------------------------------------------
1 | main.py
--------------------------------------------------------------------------------
/.idea/devOpsTask.iml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
--------------------------------------------------------------------------------
/.idea/inspectionProfiles/Project_Default.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
10 |
11 |
12 |
--------------------------------------------------------------------------------
/.idea/inspectionProfiles/profiles_settings.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
--------------------------------------------------------------------------------
/.idea/misc.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
--------------------------------------------------------------------------------
/.idea/modules.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
--------------------------------------------------------------------------------
/.idea/vcs.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
--------------------------------------------------------------------------------
/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM python:3.10-slim-buster
2 |
3 | WORKDIR /app
4 |
5 | COPY . /app
6 |
7 | #Install the dependency
8 | RUN pip install -r requirements.txt
9 |
10 | # Expose the port that the application will listen on
11 | EXPOSE 5000
12 |
13 | # Start the application using the command passed in from the docker run command
14 | CMD ["sh", "-c", "PORT=${PORT:-5000} python main.py"]
15 |
--------------------------------------------------------------------------------
/Images/devOpsAssignment.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0marSater/devOpsTask/f867568a92fa22be7a994457b1ba5e66567f7055/Images/devOpsAssignment.jpg
--------------------------------------------------------------------------------
/Images/projectStructure.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0marSater/devOpsTask/f867568a92fa22be7a994457b1ba5e66567f7055/Images/projectStructure.png
--------------------------------------------------------------------------------
/Jenkins/Jenkinsfile:
--------------------------------------------------------------------------------
1 |
2 | pipeline {
3 | agent any
4 | environment{
5 | IMAGE_NAME = "flask:v-1.0.0"
6 |
7 | // replace with your account id, with your region and with your repository name.
8 | REPO_NAME = ".dkr.ecr..amazonaws.com/"
9 |
10 | }
11 |
12 | stages {
13 | stage('Clone repository') {
14 | steps {
15 | script{
16 | checkout scm
17 | }
18 | }
19 | }
20 | stage("Build image") {
21 | steps{
22 | script{
23 | // loading external build.groovy script
24 | def file= load "build.groovy"
25 | file.buildDockerImage()
26 | }
27 | }
28 | }
29 |
30 | stage("Push to ECR") {
31 | steps{
32 | script{
33 | // loading external push.groovy script
34 | def file = load "push.groovy"
35 | file.pushImage()
36 | }
37 | }
38 | }
39 | }
40 | }
41 |
--------------------------------------------------------------------------------
/Jenkins/build.groovy:
--------------------------------------------------------------------------------
1 | def buildDockerImage() {
2 | echo "Start building the docker image ... "
3 | sh "cd ${WORKSPACE} && docker build -t $IMAGE_NAME ."
4 | }
5 |
6 |
7 | return this
8 |
--------------------------------------------------------------------------------
/Jenkins/push.groovy:
--------------------------------------------------------------------------------
1 | def pushImage(){
2 | echo "Login to ecr ..."
3 | // replace with your account id, with your region, with your repository name,
4 | // and with ur credentials for iam jenkins on aws
5 | docker.withRegistry('https://.dkr.ecr..amazonaws.com/',
6 | 'ecr::'){
7 | echo "Start pushing image $IMAGE_NAME ..."
8 | sh "docker tag $IMAGE_NAME $REPO_NAME:latest"
9 | sh "docker push $REPO_NAME:latest"
10 | }
11 | }
12 |
13 | return this
14 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # DevOps Assignment
2 |
3 | This project is a part of a DevOps assignment that aims to assess your knowledge in various DevOps topics and tools. The assignment is divided into three parts, as outlined below:
4 |
5 | ## Part 1: Infrastructure Provisioning with Terraform
6 | - EKS (Elastic Kubernetes Service) cluster
7 | - ECR (Elastic Container Registry)
8 | - RDS (Relational Database Service)
9 | - ALB (Application Load balancer controller)
10 |
11 | ## Part 2: Building a Simple Web Application and Setting up CI/CD Pipeline
12 |
13 | Here, you will develop a simple web application and establish a CI/CD pipeline for it. The web application will have the following APIs:
14 |
15 | - ***http//hostname/client-ip*** - Accepts client requests and saves the public IP in the RDS database.
16 | - ***http//hostname/client-ip/list*** - Displays the list of IPs saved in the RDS database.
17 | - Build a Docker image for the web application.
18 | - Automate the Docker image build and push process to the private ECR using scripts (in my case i did with two external groovy scripts)
19 | -> "__build.groovy__" and "__push.groovy__".
20 |
21 | ## Part 3: Deployment with Helm Chart on __AWS EKS__
22 | - Create a Helm chart that includes all the necessary k8s resources to deploy the web application on AWS EKS.
23 | - The Helm chart can be found in the ***taskchart*** folder.
24 |
25 | -----------------------------------------------------------------------------------------------------------------------
26 |
27 |
28 | For first part This repository contains the necessary resources for provisioning the infrastructure using Terraform.
29 |
30 | ## Getting Started
31 |
32 | 1. Navigate to the ***terraform*** folder.
33 | 2. Run `terraform init` to initialize all modules and providers.
34 | 3. Use `terraform apply --auto-approve` to create the entire infrastructure.
35 | 4. Once the infrastructure is created, two outputs will be displayed on your screen: ***db_instance_address*** and ***repository_url***.
36 | Copy these values and paste them in the appropriate locations in the build.groovy and push.groovy files.
37 | and in ***main.py*** file you will paste ***db_instance_address*** to enable your app to connect to the database.
38 |
39 | > For more information about the resources used, please refer to the README file inside the ***terraform*** folder.
40 |
41 |
42 |
43 | # Web App Development with Flask and Docker
44 |
45 | - I have developed a simple web app with two APIs ***(client-ip, client-ip)*** using __FLASK__.
46 |
47 | The CI/CD pipeline for this project is implemented using Jenkins. It consists of three stages:
48 |
49 | 1. **Clone Repository:** Clone the project repository into the Jenkins pipeline workspace.
50 | 2. **Build Image:** Build the Docker image using the ***build.groovy*** script.
51 | 3. **Push to ECR:** Push the Docker image to a private ECR repository using the ***push.groovy*** script.
52 |
53 | ***NOTE: you should install AWS ECR and Docker plugins on Jnekins***
54 |
55 | Refer to the ***Jenkinsfile*** inside Jenkins folder for more details about the CI/CD pipeline stages.
56 |
57 |
58 |
59 | ## Deploy web app on EKS using Helm chart
60 | - After filling both groovy files with ( ***db_instance_address*** and ***repository_url*** ) values.
61 | - Run `helm install myapp` ***./taskchart`*** and that will deploy the app and its related resource on ***EKS***.
62 |
63 |
64 | #To access the web app:
65 | ------------------------
66 | 1. Run `kubectl get ingress`.
67 | 2. Locate the IP address in the output and navigate to that IP in your web browser.
68 |
69 | -----------------------------------------------------------------------------------------------------------
70 |
71 |
72 | #Cleaning up all works
73 | ---------------------
74 | 1. `helm uninstall myapp`
75 | 2. Navigate to the ***terraform*** folder.
76 | 3. Run `terraform destroy --auto-approve` to destroy and clean up all resource.
77 |
78 | #Helpful commands you will use
79 | -------------------------------
80 | - `aws congiure`: remotly connect to ur aws account with AWS_ACCESS_KEY_ID, AWS_SECRET_KEY_ID, and region.
81 | - `aws eks update-kubeconfig --region --name `: to update .kubeconfig in ur host with the created one on eks.
82 | - `kubectl config use-context `: to point and use the created eks cluster.
83 |
84 |
85 |
86 |
87 |
88 |
--------------------------------------------------------------------------------
/main.py:
--------------------------------------------------------------------------------
1 | from flask import Flask, jsonify, request
2 | import mysql.connector
3 | import os
4 |
5 | app = Flask(__name__)
6 |
7 | # Suppose you export ur environment either on Windows os or Linux.
8 | config = {
9 | 'user': os.environ.get('DB_USER'),
10 | 'password': os.environ.get('DB_PASSWORD'),
11 | 'host': os.environ.get('DB_HOST'),
12 | 'database': os.environ.get('DB_DATABASE')
13 | }
14 |
15 | conn = mysql.connector.connect(**config)
16 | cur = conn.cursor()
17 |
18 | # Create a table to store the IP addresses if it doesn't exist
19 | cur.execute('''
20 | CREATE TABLE IF NOT EXISTS ip_addresses (
21 | id INT AUTO_INCREMENT PRIMARY KEY,
22 | ip_address VARCHAR(255)
23 | )
24 | ''')
25 |
26 |
27 | @app.route('/', methods=['GET'])
28 | def land_page():
29 | return jsonify("Hello!")
30 |
31 |
32 | @app.route('/client-ip', methods=['GET'])
33 | def save_client_ip():
34 | # get the client IP address from the request
35 | client_ip_address = request.remote_addr
36 | # insert the IP address into database
37 | cur.execute('INSERT INTO ip_addresses (ip_address) VALUES (%s)', (client_ip_address,))
38 | conn.commit()
39 | return jsonify("Your ip address added")
40 |
41 |
42 | @app.route('/client-ip/list', methods=['GET'])
43 | def get_list_ip():
44 | # select * IP addresses from the database and return as a JSON object
45 | cur.execute('SELECT ip_address FROM ip_addresses')
46 | rows = cur.fetchall()
47 | ip_list = [row[0] for row in rows]
48 | return jsonify(ip_list)
49 |
50 |
51 | if __name__ == '__main__':
52 | app.run(debug=True, host='0.0.0.0')
53 |
--------------------------------------------------------------------------------
/requirements.txt:
--------------------------------------------------------------------------------
1 | Flask==2.2.3
2 | mysql-connector
3 |
--------------------------------------------------------------------------------
/taskchart/.helmignore:
--------------------------------------------------------------------------------
1 | # Patterns to ignore when building packages.
2 | # This supports shell glob matching, relative path matching, and
3 | # negation (prefixed with !). Only one pattern per line.
4 | .DS_Store
5 | # Common VCS dirs
6 | .git/
7 | .gitignore
8 | .bzr/
9 | .bzrignore
10 | .hg/
11 | .hgignore
12 | .svn/
13 | # Common backup files
14 | *.swp
15 | *.bak
16 | *.tmp
17 | *.orig
18 | *~
19 | # Various IDEs
20 | .project
21 | .idea/
22 | *.tmproj
23 | .vscode/
24 |
--------------------------------------------------------------------------------
/taskchart/Chart.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v2
2 | name: taskchart
3 | description: A Helm chart for Kubernetes
4 | type: application
5 | version: 0.1.0
6 | appVersion: "1.16.0"
7 |
--------------------------------------------------------------------------------
/taskchart/templates/Ingress.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: networking.k8s.io/v1
2 | kind: Ingress
3 | metadata:
4 | name: {{ .Values.Ingress.ingressName }}
5 | annotations:
6 | alb.ingress.kubernetes.io/scheme: internet-facing
7 | alb.ingress.kubernetes.io/target-type: ip
8 | service.beta.kubernetes.io/aws-load-balancer-type: external
9 | spec:
10 | ingressClassName: alb
11 | rules:
12 | - http:
13 | paths:
14 | - path: /
15 | pathType: Prefix
16 | backend:
17 | service:
18 | name: {{ .Values.Service.serviceName }}
19 | port:
20 | number: {{ .Values.Service.ports.port }}
21 |
22 |
--------------------------------------------------------------------------------
/taskchart/templates/NOTES.txt:
--------------------------------------------------------------------------------
1 | Hello!
2 | {{- if .Values.ingress.enabled }}
3 | {{- range $host := .Values.ingress.hosts }}
4 | {{- range .paths }}
5 | http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }}
6 | {{- end }}
7 | {{- end }}
8 | {{- else if contains "NodePort" .Values.service.type }}
9 | export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "taskchart.fullname" . }})
10 | export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
11 | echo http://$NODE_IP:$NODE_PORT
12 | {{- else if contains "LoadBalancer" .Values.service.type }}
13 | NOTE: It may take a few minutes for the LoadBalancer IP to be available.
14 | You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "taskchart.fullname" . }}'
15 | export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "taskchart.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}")
16 | echo http://$SERVICE_IP:{{ .Values.service.port }}
17 | {{- else if contains "ClusterIP" .Values.service.type }}
18 | export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "taskchart.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
19 | export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}")
20 | echo "Visit http://127.0.0.1:8080 to use your application"
21 | kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT
22 | {{- end }}
23 |
--------------------------------------------------------------------------------
/taskchart/templates/_helpers.tpl:
--------------------------------------------------------------------------------
1 | {{/*
2 | Expand the name of the chart.
3 | */}}
4 | {{- define "taskchart.name" -}}
5 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
6 | {{- end }}
7 |
8 | {{/*
9 | Create a default fully qualified app name.
10 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
11 | If release name contains chart name it will be used as a full name.
12 | */}}
13 | {{- define "taskchart.fullname" -}}
14 | {{- if .Values.fullnameOverride }}
15 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
16 | {{- else }}
17 | {{- $name := default .Chart.Name .Values.nameOverride }}
18 | {{- if contains $name .Release.Name }}
19 | {{- .Release.Name | trunc 63 | trimSuffix "-" }}
20 | {{- else }}
21 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
22 | {{- end }}
23 | {{- end }}
24 | {{- end }}
25 |
26 | {{/*
27 | Create chart name and version as used by the chart label.
28 | */}}
29 | {{- define "taskchart.chart" -}}
30 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
31 | {{- end }}
32 |
33 | {{/*
34 | Common labels
35 | */}}
36 | {{- define "taskchart.labels" -}}
37 | helm.sh/chart: {{ include "taskchart.chart" . }}
38 | {{ include "taskchart.selectorLabels" . }}
39 | {{- if .Chart.AppVersion }}
40 | app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
41 | {{- end }}
42 | app.kubernetes.io/managed-by: {{ .Release.Service }}
43 | {{- end }}
44 |
45 | {{/*
46 | Selector labels
47 | */}}
48 | {{- define "taskchart.selectorLabels" -}}
49 | app.kubernetes.io/name: {{ include "taskchart.name" . }}
50 | app.kubernetes.io/instance: {{ .Release.Name }}
51 | {{- end }}
52 |
53 | {{/*
54 | Create the name of the service account to use
55 | */}}
56 | {{- define "taskchart.serviceAccountName" -}}
57 | {{- if .Values.serviceAccount.create }}
58 | {{- default (include "taskchart.fullname" .) .Values.serviceAccount.name }}
59 | {{- else }}
60 | {{- default "default" .Values.serviceAccount.name }}
61 | {{- end }}
62 | {{- end }}
63 |
--------------------------------------------------------------------------------
/taskchart/templates/deployment.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | name: {{ .Values.appName }}
5 | labels:
6 | app: {{ .Values.appName }}
7 | spec:
8 | replicas: {{ .Values.replicaCount }}
9 | selector:
10 | matchLabels:
11 | app: {{ .Values.appName }}
12 | template:
13 | metadata:
14 | labels:
15 | app: {{ .Values.appName }}
16 | spec:
17 | containers:
18 | - name: {{ .Values.appName }}
19 | image: "{{ .Values.image.repo }}:{{ .Values.image.tag }}" #image name = repo name + tag
20 | imagePullPolicy: {{ .Values.image.imagePullPolicy }}
21 | ports:
22 | - containerPort: {{ .Values.image.ports.containerPort }}
23 |
24 | ---
25 | apiVersion: v1
26 | kind: Service
27 | metadata:
28 | name: {{ .Values.Service.serviceName }}
29 | spec:
30 | type: LoadBalancer
31 | selector:
32 | app: {{ .Values.appName }}
33 | ports:
34 | - protocol: {{ .Values.Service.ports.protocol }}
35 | port: {{ .Values.Service.ports.port }}
36 | targetPort: {{ .Values.image.ports.containerPort }}
37 |
--------------------------------------------------------------------------------
/taskchart/values.yaml:
--------------------------------------------------------------------------------
1 |
2 | #Deployment info
3 | appName: devops-task
4 | namespace: default
5 | replicaCount: 1
6 |
7 | #Image info
8 | image:
9 | # replace with your account id, with your region and with your repository name.
10 | repo: .dkr.ecr..amazonaws.com/
11 | tag: latest
12 | imagePullPolicy: IfNotPresent
13 | ports:
14 | containerPort: 5000
15 |
16 | #Service info
17 | Service:
18 | serviceName: task-service
19 | ports:
20 | protocol: TCP
21 | port: 5000
22 |
23 | #Ingress info
24 | Ingress:
25 | ingressName: devopstask-ingress
26 | ingress:
27 | enabled: true
28 |
29 |
30 |
--------------------------------------------------------------------------------
/terraform/README.md:
--------------------------------------------------------------------------------
1 |
2 |
3 | ## Project Structure
4 |
5 | The project structure is organized as follows:
6 |
7 | 
8 |
9 |
10 | The `modules` directory contains subfolders for each module. Each module has its `main.tf`, `variables.tf`, and `output.tf` files, which define the module's configuration, input variables, and output values, respectively.
11 |
12 | The root directory contains the following files:
13 |
14 | - `main.tf`: The main configuration file that declares all the modules used in the project.
15 | - `variables.tf`: The file where you can define and customize variables used across the project.
16 | - `output.tf`: The file specifying the outputs to be displayed after provisioning the infrastructure.
17 | - `terraform.tfvars`: The file where you can set the values for the variables defined in `variables.tf`.
18 |
19 | ## Usage
20 |
21 | To use this Terraform project:
22 | ```
23 | terraform init
24 | terraform plan
25 | terraform apply
26 |
--------------------------------------------------------------------------------
/terraform/main.tf:
--------------------------------------------------------------------------------
1 | data "aws_availability_zones" "azs" {}
2 | module "VPC" {
3 | source = "./modules/VPC"
4 | region = var.region
5 | vpc_name = var.vpc_name
6 | vpc_cidr_block = var.vpc_cidr_block
7 | private_subnets_cidr_blocks = var.private_subnets_cidr_blocks
8 | public_subnets_cidr_blocks = var.public_subnets_cidr_blocks
9 | enable_nat_gateway = var.enable_nat_gateway
10 | single_nat_gateway = var.single_nat_gateway
11 | enable_dns_hostnames = var.enable_dns_hostnames
12 |
13 | }
14 |
15 | module "RDS" {
16 | source = "./modules/RDS"
17 | instance_name = var.instance_name
18 | instance_class = var.instance_class
19 | allocated_storage = var.allocated_storage
20 | db_name = var.db_name
21 | username = var.username
22 | password = var.password
23 | port = var.port
24 | env_tag = var.env_tag
25 | delete_automated_backups = var.delete_automated_backups
26 | skip_final_snapshot = var.skip_final_snapshot
27 | publicly_accessible = var.publicly_accessible
28 | }
29 |
30 | module "ECR" {
31 | source = "./modules/ECR"
32 | repo_name = var.repo_name
33 | env_tag = var.env_tag
34 | }
35 |
36 | module "EKS" {
37 | source = "./modules/EKS"
38 | cluster_name = var.cluster_name
39 | cluster_version = var.cluster_version
40 | vpc_id = module.VPC.vpc_id
41 | private_subnets = module.VPC.private_subnets
42 | env_tag = var.env_tag
43 | min_size = var.min_size
44 | max_size = var.max_size
45 | desired_size = var.desired_size
46 | instance_types = var.instance_types
47 | coredns_version = var.coredns_version
48 | kube_proxy_version = var.kube_proxy_version
49 | vpc_cni_version = var.vpc_cni_version
50 | cluster_endpoint_public_access = var.cluster_endpoint_public_access
51 | }
52 |
53 | module "ALB" {
54 | source = "./modules/ALB"
55 | service_account_name = var.service_account_name
56 | cluster_name = module.EKS.cluster_name
57 | policy_name = var.policy_name
58 | iam_role_name = var.iam_role_name
59 | namespace = var.namespace
60 | cluster_oidc_issuer_url = module.EKS.cluster_oidc_issuer_url
61 | oidc_provider = module.EKS.oidc_provider
62 | cluster_certificate_authority_data = module.EKS.cluster_certificate_authority_data
63 | cluster_endpoint = module.EKS.cluster_endpoint
64 | vpc_id = module.VPC.vpc_id
65 | region = var.region
66 | }
67 |
68 |
69 |
70 |
71 |
72 |
73 |
--------------------------------------------------------------------------------
/terraform/modules/ALB/main.tf:
--------------------------------------------------------------------------------
1 |
2 | data "aws_caller_identity" "current" {}
3 |
4 |
5 |
6 | resource "aws_eks_identity_provider_config" "my-oidc" {
7 | cluster_name = var.cluster_name
8 | oidc {
9 | client_id = "sts.amazonaws.com"
10 | identity_provider_config_name = "task"
11 | issuer_url = var.cluster_oidc_issuer_url
12 | }
13 | }
14 |
15 | data "http" "lbc_iam_policy" {
16 | url = "https://raw.githubusercontent.com/kubernetes-sigs/aws-load-balancer-controller/main/docs/install/iam_policy.json"
17 | request_headers = {
18 | Accept = "application/json"
19 | }
20 | }
21 |
22 |
23 | # Resource: Create AWS Load Balancer Controller IAM Policy
24 | resource "aws_iam_policy" "lbc_iam_policy" {
25 | name = var.policy_name
26 | path = "/"
27 | description = "AWS Load Balancer Controller IAM Policy"
28 | policy = data.http.lbc_iam_policy.body
29 | }
30 |
31 | # Resource: Create IAM Role
32 | resource "aws_iam_role" "lbc_iam_role" {
33 | name = var.iam_role_name
34 |
35 | # Terraform's "jsonencode" function converts a Terraform expression result to valid JSON syntax.
36 | assume_role_policy = jsonencode({
37 | Version = "2012-10-17"
38 | Statement = [
39 | {
40 | Effect = "Allow"
41 | Principal = {
42 | #edit_1
43 | Federated = "arn:aws:iam::${data.aws_caller_identity.current.account_id}:oidc-provider/${var.oidc_provider}"
44 | },
45 | Action = "sts:AssumeRoleWithWebIdentity"
46 | Condition = {
47 | StringEquals = {
48 | "${var.oidc_provider}:aud" : "sts.amazonaws.com",
49 | "${var.oidc_provider}:sub" : "system:serviceaccount:${var.namespace}:${var.service_account_name}"
50 | }
51 | }
52 | },
53 | ]
54 | })
55 |
56 | tags = {
57 | tag-key = "AWSLoadBalancerControllerIAMPolicy"
58 | }
59 | }
60 |
61 | # Associate Load Balanacer Controller IAM Policy to IAM Role
62 | resource "aws_iam_role_policy_attachment" "lbc_iam_role_policy_attach" {
63 | policy_arn = aws_iam_policy.lbc_iam_policy.arn
64 | role = aws_iam_role.lbc_iam_role.name
65 | }
66 |
67 |
68 | # HELM Provider
69 | provider "helm" {
70 | kubernetes {
71 | host = var.cluster_endpoint
72 | cluster_ca_certificate = base64decode(var.cluster_certificate_authority_data)
73 | exec {
74 | api_version = "client.authentication.k8s.io/v1beta1"
75 | args = ["eks", "get-token", "--cluster-name", var.cluster_name]
76 | command = "aws"
77 | }
78 | }
79 | }
80 |
81 |
82 |
83 | resource "helm_release" "loadbalancer_controller" {
84 | depends_on = [aws_iam_role.lbc_iam_role]
85 | name = "aws-load-balancer-controller"
86 | repository = "https://aws.github.io/eks-charts"
87 | chart = "aws-load-balancer-controller"
88 | namespace = var.namespace
89 |
90 | set {
91 | name = "image.tag"
92 | value = "v2.5.1"
93 | }
94 |
95 | set {
96 | name = "serviceAccount.create"
97 | value = "true"
98 | }
99 |
100 | set {
101 | name = "serviceAccount.name"
102 | value = var.service_account_name
103 | }
104 |
105 | set {
106 | name = "serviceAccount.annotations.eks\\.amazonaws\\.com/role-arn"
107 | value = aws_iam_role.lbc_iam_role.arn
108 | }
109 |
110 | set {
111 | name = "vpcId"
112 | value = var.vpc_id
113 | }
114 |
115 | set {
116 | name = "region"
117 | value = var.region
118 | }
119 |
120 | set {
121 | name = "clusterName"
122 | value = var.cluster_name
123 | }
124 |
125 | }
--------------------------------------------------------------------------------
/terraform/modules/ALB/output.tf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0marSater/devOpsTask/f867568a92fa22be7a994457b1ba5e66567f7055/terraform/modules/ALB/output.tf
--------------------------------------------------------------------------------
/terraform/modules/ALB/variables.tf:
--------------------------------------------------------------------------------
1 | variable "cluster_name" {
2 | type = string
3 | description = "The name of the cluster."
4 | }
5 |
6 | variable "policy_name" {
7 | type = string
8 | description = "The name of policy which will be attach to the role."
9 | }
10 |
11 | variable "iam_role_name" {
12 | type = string
13 | description = "The name of iam role that will be attahced to the service account."
14 | }
15 |
16 | variable "cluster_oidc_issuer_url" {
17 | type = string
18 | description = "The URL of the OIDC issuer for the cluster."
19 | }
20 |
21 | variable "oidc_provider" {
22 | type = string
23 | description = "The name of the OIDC provider associated with the cluster."
24 | }
25 |
26 | variable "cluster_endpoint" {
27 | type = string
28 | description = "The endpoint URL for the cluster."
29 | }
30 |
31 | variable "cluster_certificate_authority_data" {
32 | type = string
33 | description = "The certificate authority data for the cluster."
34 | }
35 |
36 | variable "namespace" {
37 | type = string
38 | description = "The namespace where aws load balancer controller exist."
39 | }
40 |
41 | variable "service_account_name" {
42 | type = string
43 | description = "The name of the service account for the cluster."
44 | }
45 |
46 | variable "vpc_id" {
47 | type = string
48 | description = "The ID of (VPC) associated with the cluster."
49 | }
50 |
51 | variable "region" {
52 | type = string
53 | description = "The region where the cluster is located."
54 | }
55 |
--------------------------------------------------------------------------------
/terraform/modules/ECR/main.tf:
--------------------------------------------------------------------------------
1 |
2 | data "aws_caller_identity" "current" {}
3 |
4 | module "ecr" {
5 | source = "terraform-aws-modules/ecr/aws"
6 | version = "1.6.0"
7 | repository_name = var.repo_name
8 | # force_destroy = true #need test
9 |
10 | repository_read_write_access_arns = [data.aws_caller_identity.current.arn]
11 | repository_lifecycle_policy = jsonencode({
12 | rules = [
13 | {
14 | rulePriority = 1,
15 | description = "Keep last 30 images",
16 | selection = {
17 | tagStatus = "tagged",
18 | tagPrefixList = ["v"],
19 | countType = "imageCountMoreThan",
20 | countNumber = 30
21 | },
22 | action = {
23 | type = "expire"
24 | }
25 | }
26 | ]
27 | })
28 |
29 | tags = {
30 | environment = var.env_tag
31 | }
32 |
33 | }
34 |
35 |
36 |
--------------------------------------------------------------------------------
/terraform/modules/ECR/output.tf:
--------------------------------------------------------------------------------
1 | output "repository_url" {
2 | description = "The URL of the repository"
3 | value = module.ecr.repository_url
4 | }
--------------------------------------------------------------------------------
/terraform/modules/ECR/variables.tf:
--------------------------------------------------------------------------------
1 | variable "repo_name" {
2 | type = string
3 | description = "ECR repo name."
4 | }
5 |
6 | variable "env_tag" {
7 | type = string
8 | description = "The environment tag for the repo."
9 | }
--------------------------------------------------------------------------------
/terraform/modules/EKS/main.tf:
--------------------------------------------------------------------------------
1 | #catch the vpc_id from local terraform remote state file to pass it to the eks root module.
2 |
3 | #root EKS module
4 | module "eks" {
5 | source = "terraform-aws-modules/eks/aws"
6 | version = "19.14.0"
7 | cluster_name = var.cluster_name
8 | cluster_version = var.cluster_version
9 | vpc_id = var.vpc_id
10 | subnet_ids = var.private_subnets
11 | cluster_endpoint_public_access = var.cluster_endpoint_public_access
12 |
13 |
14 | tags = {
15 | environment = var.env_tag
16 | }
17 |
18 | # specify one or two worker nodes with different type if u want
19 | eks_managed_node_groups = {
20 | dev = {
21 | min_size = var.min_size
22 | max_size = var.max_size
23 | desired_size = var.desired_size
24 |
25 | instance_types = var.instance_types
26 | }
27 | }
28 |
29 | # requried addons
30 | cluster_addons = {
31 | coredns = {
32 | addon_version = var.coredns_version
33 | resolve_conflicts = "OVERWRITE"
34 | }
35 | kube-proxy = {
36 | addon_version = var.kube_proxy_version
37 | resolve_conflicts = "OVERWRITE"
38 | }
39 | vpc-cni = {
40 | addon_version = var.vpc_cni_version
41 | resolve_conflicts = "OVERWRITE"
42 | }
43 | }
44 | }
45 |
46 |
47 |
48 |
--------------------------------------------------------------------------------
/terraform/modules/EKS/output.tf:
--------------------------------------------------------------------------------
1 | #EKS root environment output
2 | output "cluster_name" {
3 | description = "The name of the cluster."
4 | value = module.eks.cluster_name
5 | }
6 |
7 |
8 | output "cluster_oidc_issuer_url" {
9 | description = "The cluster oidc issuer url."
10 | value = module.eks.cluster_oidc_issuer_url
11 | }
12 |
13 |
14 | output "oidc_provider" {
15 | description = "The cluster oidc provider."
16 | value = module.eks.oidc_provider
17 | }
18 |
19 |
20 |
21 | output "cluster_endpoint" {
22 | description = "The cluster endpoint."
23 | value = module.eks.cluster_endpoint
24 | }
25 |
26 |
27 | output "cluster_certificate_authority_data" {
28 | description = "The cluster certificate authority data."
29 | value = module.eks.cluster_certificate_authority_data
30 | }
--------------------------------------------------------------------------------
/terraform/modules/EKS/variables.tf:
--------------------------------------------------------------------------------
1 | variable "cluster_name" {
2 | type = string
3 | description = "Cluster name."
4 | }
5 |
6 | variable "cluster_version" {
7 | type = string
8 | description = "Cluster version."
9 | }
10 |
11 | variable "env_tag" {
12 | type = string
13 | description = "The environment tag for the cluster."
14 | }
15 |
16 | variable "min_size" {
17 | type = number
18 | description = "The minimum number of worker node."
19 | }
20 |
21 | variable "max_size" {
22 | type = number
23 | description = "The maximum number of worker node."
24 | }
25 |
26 | variable "desired_size" {
27 | type = number
28 | description = "The desire number of worker node."
29 | }
30 |
31 | variable "instance_types" {
32 | type = list(string)
33 | description = "The list of instance types for the cluster nodes."
34 | }
35 |
36 | variable "coredns_version" {
37 | type = string
38 | description = "The version of CoreDns."
39 | }
40 |
41 | variable "kube_proxy_version" {
42 | type = string
43 | description = "The version of kube-proxy."
44 | }
45 |
46 | variable "vpc_cni_version" {
47 | type = string
48 | description = "The version of VPC CNI plugin for the cluster."
49 | }
50 |
51 | variable "cluster_endpoint_public_access" {
52 | type = bool
53 | description = "Specify if the cluster endpoint should be publicly accessible."
54 | }
55 |
56 | variable "vpc_id" {
57 | type = string
58 | description = "The ID vpc associated with the cluster."
59 | }
60 |
61 | variable "private_subnets" {
62 | type = list(string)
63 | description = "The list of private subnets where the cluster nodes will be deployed."
64 | }
65 |
--------------------------------------------------------------------------------
/terraform/modules/RDS/main.tf:
--------------------------------------------------------------------------------
1 | module "rds" {
2 | source = "terraform-aws-modules/rds/aws"
3 | version = "5.9.0"
4 | engine = "mysql"
5 | engine_version = "8.0"
6 | major_engine_version = "8.0"
7 | family = "mysql8.0"
8 | instance_class = var.instance_class
9 | identifier = var.instance_name
10 | allocated_storage = var.allocated_storage
11 | db_name = var.db_name
12 | username = var.username
13 | password = var.password
14 | port = var.port
15 | delete_automated_backups = var.delete_automated_backups
16 | skip_final_snapshot = var.skip_final_snapshot
17 | publicly_accessible = var.publicly_accessible
18 |
19 | tags = {
20 | environment = var.env_tag
21 | }
22 | }
23 |
24 |
--------------------------------------------------------------------------------
/terraform/modules/RDS/output.tf:
--------------------------------------------------------------------------------
1 | #RDS root environment output
2 | output "db_instance_address" {
3 | description = "The address of the RDS instance."
4 | value = module.rds.db_instance_address
5 | }
--------------------------------------------------------------------------------
/terraform/modules/RDS/variables.tf:
--------------------------------------------------------------------------------
1 | variable "instance_name" {
2 | type = string
3 | description = "The name of the instance."
4 | }
5 |
6 | variable "instance_class" {
7 | type = string
8 | description = "The class of the instance."
9 | }
10 |
11 | variable "allocated_storage" {
12 | type = number
13 | description = "The allocated storage for the instance."
14 | }
15 |
16 | variable "db_name" {
17 | type = string
18 | description = "The name of the database."
19 | }
20 |
21 | variable "username" {
22 | type = string
23 | description = "The username for accessing the database."
24 | }
25 |
26 | variable "password" {
27 | type = string
28 | description = "The password for accessing the database."
29 | }
30 |
31 | variable "port" {
32 | type = number
33 | description = "The port number for database access."
34 | }
35 |
36 | variable "env_tag" {
37 | type = string
38 | description = "The environment tag for the instance."
39 | }
40 |
41 | variable "delete_automated_backups" {
42 | type = bool
43 | description = "Specify if automated backups should be deleted when the instance is deleted."
44 | }
45 |
46 | #to avoide an error while delation process.
47 | variable "skip_final_snapshot" {
48 | type = bool
49 | description = "Specify if a final snapshot should be skipped when the instance is deleted."
50 | }
51 |
52 | variable "publicly_accessible" {
53 | type = bool
54 | description = "Specify if the instance should be publicly accessible."
55 | }
56 |
--------------------------------------------------------------------------------
/terraform/modules/VPC/main.tf:
--------------------------------------------------------------------------------
1 | provider "aws" {
2 | region = var.region
3 | }
4 |
5 | #retrive the azs from specific region exist in provider --> eu-west-2
6 | data "aws_availability_zones" "azs" {}
7 |
8 | module "vpc" {
9 | source = "terraform-aws-modules/vpc/aws"
10 | version = "4.0.2"
11 | name = var.vpc_name
12 | cidr = var.vpc_cidr_block
13 | private_subnets = var.private_subnets_cidr_blocks
14 | public_subnets = var.public_subnets_cidr_blocks
15 | azs = slice(data.aws_availability_zones.azs.names, 0, 2) #retrive only 2 azs
16 | enable_nat_gateway = var.enable_nat_gateway
17 | single_nat_gateway = var.single_nat_gateway
18 | enable_dns_hostnames = var.enable_dns_hostnames
19 |
20 | #tags for vpc, to let know cloud control manager which vpc used for cluster
21 | tags = {
22 | "kubernetes.io/cluster/myapp-eks-cluster" = "shared"
23 | }
24 |
25 | #tag subnets
26 | public_subnet_tags = {
27 | "kubernetes.io/cluster/myapp-eks-cluster" = "shared"
28 | "kubernetes.io/role/elb" = 1
29 |
30 | }
31 |
32 | private_subnet_tags = {
33 | "kubernetes.io/cluster/myapp-eks-cluster" = "shared"
34 | "kubernetes.io/role/internal-elb" = 1
35 | }
36 |
37 | }
38 |
39 |
--------------------------------------------------------------------------------
/terraform/modules/VPC/output.tf:
--------------------------------------------------------------------------------
1 | output "azs" {
2 | description = "name of azs"
3 | value = module.vpc.azs
4 | }
5 |
6 | output "vpc_id" {
7 | description = "name of vpc"
8 | value = module.vpc.vpc_id
9 | }
10 |
11 |
12 | output "private_subnets" {
13 | description = "name of vpc"
14 | value = module.vpc.private_subnets
15 | }
--------------------------------------------------------------------------------
/terraform/modules/VPC/variables.tf:
--------------------------------------------------------------------------------
1 | variable "region" {
2 | type = string
3 | description = "VPC region."
4 | }
5 |
6 | variable "vpc_name" {
7 | type = string
8 | description = "VPC name."
9 | }
10 |
11 | variable "vpc_cidr_block" {
12 | type = string
13 | description = "The CIDR block for the VPC."
14 | }
15 |
16 | variable "private_subnets_cidr_blocks" {
17 | type = list(string)
18 | description = "The CIDR blocks for the private subnets."
19 | }
20 |
21 | variable "public_subnets_cidr_blocks" {
22 | type = list(string)
23 | description = "The CIDR blocks for the public subnets."
24 | }
25 |
26 | variable "enable_nat_gateway" {
27 | type = string
28 | description = "Specify if NAT gateways should be enabled for the subnets."
29 | }
30 |
31 | #true
32 | variable "single_nat_gateway" {
33 | type = string
34 | description = "Specify if a single NAT gateway should be used for all private subnets."
35 | }
36 |
37 | variable "enable_dns_hostnames" {
38 | type = string
39 | description = "Specify if DNS hostnames should be enabled for the VPC."
40 | }
41 |
--------------------------------------------------------------------------------
/terraform/output.tf:
--------------------------------------------------------------------------------
1 | #rds
2 | output "db_instance_address" {
3 | description = "The address of the RDS instance"
4 | value = module.RDS.db_instance_address
5 | }
6 |
7 | #eks
8 | output "cluster_name" {
9 | description = "The name of the cluster"
10 | value = module.EKS.cluster_name
11 | }
12 |
13 |
14 | #ecr
15 | output "repository_url" {
16 | description = "The URL of the repository"
17 | value = module.ECR.repository_url
18 | }
19 |
20 |
--------------------------------------------------------------------------------
/terraform/provider.tf:
--------------------------------------------------------------------------------
1 | terraform {
2 | required_providers {
3 | aws = {
4 | source = "hashicorp/aws"
5 | version = "~> 4.0"
6 | }
7 | }
8 | }
9 |
10 |
--------------------------------------------------------------------------------
/terraform/terraform.tfvars:
--------------------------------------------------------------------------------
1 | #vpc
2 | region = "eu-west-2"
3 | vpc_name = "myapp-vpc"
4 | vpc_cidr_block = "10.0.0.0/16"
5 | private_subnets_cidr_blocks = ["10.0.1.0/24", "10.0.2.0/24"]
6 | public_subnets_cidr_blocks = ["10.0.3.0/24", "10.0.4.0/24"]
7 | enable_nat_gateway = true
8 | single_nat_gateway = true
9 | enable_dns_hostnames = true
10 |
11 | #rds
12 | instance_name = "task-db"
13 | instance_class = "db.t3.micro"
14 | allocated_storage = 20
15 | db_name = "ipAdresses"
16 | username = "admin"
17 | password = "12345678db"
18 | port = 3306
19 | delete_automated_backups = true
20 | skip_final_snapshot = true
21 | publicly_accessible = true
22 |
23 | #eks
24 | cluster_name = "myapp-eks-cluster"
25 | cluster_version = "1.26"
26 | env_tag = "dev"
27 | min_size = 1
28 | max_size = 1
29 | desired_size = 1
30 | instance_types = ["t2.medium"]
31 | coredns_version = "v1.9.3-eksbuild.2"
32 | kube_proxy_version = "v1.26.2-eksbuild.1"
33 | vpc_cni_version = "v1.12.5-eksbuild.2"
34 | cluster_endpoint_public_access = true
35 |
36 | #ecr
37 | repo_name = "task-repo"
38 |
39 | #alb
40 | service_account_name = "aws-load-balancer-controller-sa"
41 | policy_name = "load-balancer-controller-iam-policy"
42 | iam_role_name = "load-balancer-role-terraform"
43 | namespace = "kube-system"
44 |
45 |
46 |
47 |
48 |
--------------------------------------------------------------------------------
/terraform/variable.tf:
--------------------------------------------------------------------------------
1 | #vpc
2 | variable "region" {
3 | type = string
4 | }
5 | variable "vpc_name" {
6 | type = string
7 | }
8 | variable "vpc_cidr_block" {
9 | type = string
10 | }
11 | variable "private_subnets_cidr_blocks" {}
12 | variable "public_subnets_cidr_blocks" {}
13 | variable "enable_nat_gateway" {
14 | type = string
15 | }
16 | variable "single_nat_gateway" {
17 | type = string
18 | }
19 | variable "enable_dns_hostnames" {
20 | type = string
21 | }
22 |
23 |
24 | #rds
25 | variable "instance_name" {
26 | type = string
27 | }
28 | variable "instance_class" {
29 | type = string
30 | }
31 | variable "allocated_storage" {
32 | type = number
33 | }
34 | variable "db_name" {
35 | type = string
36 | }
37 | variable "username" {
38 | type = string
39 | }
40 | variable "password" {
41 | type = string
42 | }
43 | variable "port" {
44 | type = number
45 | }
46 | variable "env_tag" {
47 | type = string
48 | }
49 | variable "delete_automated_backups" {
50 | type = bool
51 | }
52 |
53 | variable "skip_final_snapshot" {
54 | type = bool
55 | }
56 |
57 | variable "publicly_accessible" {
58 | type = bool
59 | }
60 |
61 |
62 | #eks
63 | variable "cluster_name" {
64 | type = string
65 | }
66 |
67 | variable "cluster_version" {
68 | type = string
69 | }
70 |
71 |
72 | variable "min_size" {
73 | type = number
74 | }
75 |
76 | variable "max_size" {
77 | type = number
78 | }
79 |
80 | variable "desired_size" {
81 | type = number
82 | }
83 |
84 | variable "instance_types" {
85 | type = list(string)
86 | }
87 |
88 | variable "coredns_version" {
89 | type = string
90 | }
91 |
92 | variable "kube_proxy_version" {
93 | type = string
94 | }
95 |
96 | variable "vpc_cni_version" {
97 | type = string
98 | }
99 |
100 | variable "cluster_endpoint_public_access" {
101 | type = bool
102 | }
103 |
104 |
105 | #ecr
106 | variable "repo_name" {
107 | type = string
108 | }
109 |
110 |
111 | #alb
112 | variable "service_account_name" {
113 | type = string
114 | }
115 |
116 | variable "policy_name" {
117 | type = string
118 | }
119 |
120 | variable "iam_role_name" {
121 | type = string
122 | }
123 |
124 | variable "namespace" {
125 | type = string
126 | }
127 |
128 |
--------------------------------------------------------------------------------