├── README.md ├── aks ├── aks-cluster.tf ├── outputs.tf ├── terraform.tfvars ├── variables.tf └── version.tf ├── eks.zip ├── eks ├── eks-cluster.tf ├── main.tf ├── outputs.tf ├── terraform.tf ├── variables.tf └── vpc.tf ├── gke ├── gke.tf ├── kubernetes-dashboard-admin.rbac.yaml ├── kubernetes-dashboard.yaml ├── outputs.tf ├── terraform.tfvars ├── versions.tf └── vpc.tf ├── pac-man.zip └── pac-man ├── kubernetes.tf └── modules ├── mongo ├── mongo-deployment.tf ├── mongo-pv.tf ├── mongo-pvc.tf ├── mongo-sc.tf ├── mongo-service.tf └── variables.tf └── pac-man ├── pac-man-deployment.tf ├── pac-man-service.tf └── variables.tf /README.md: -------------------------------------------------------------------------------- 1 | # 1241 - Deploying and Managing a Web Application in Kubernetes with Terraform 2 | Course code repository. 3 | -------------------------------------------------------------------------------- /aks/aks-cluster.tf: -------------------------------------------------------------------------------- 1 | provider "azurerm" { 2 | features {} 3 | skip_provider_registration = true 4 | } 5 | 6 | ## Import Resource Group Before Apply ## 7 | resource "azurerm_resource_group" "guru" { 8 | name = "1-83bd4599-playground-sandbox" 9 | location = "centralus" 10 | 11 | tags = { 12 | environment = "Demo" 13 | } 14 | } 15 | 16 | resource "azurerm_kubernetes_cluster" "guru" { 17 | name = "guru-aks" 18 | location = azurerm_resource_group.guru.location 19 | resource_group_name = azurerm_resource_group.guru.name 20 | dns_prefix = "guru-k8s" 21 | 22 | default_node_pool { 23 | name = "guru" 24 | node_count = 2 25 | vm_size = "Standard_B2s" 26 | os_disk_size_gb = 30 27 | } 28 | 29 | service_principal { 30 | client_id = var.appId 31 | client_secret = var.password 32 | } 33 | 34 | role_based_access_control { 35 | enabled = true 36 | } 37 | 38 | tags = { 39 | environment = "Demo" 40 | } 41 | } 42 | -------------------------------------------------------------------------------- /aks/outputs.tf: -------------------------------------------------------------------------------- 1 | output "resource_group_name" { 2 | value = azurerm_resource_group.guru.name 3 | } 4 | 5 | output "kubernetes_cluster_name" { 6 | value = azurerm_kubernetes_cluster.guru.name 7 | } -------------------------------------------------------------------------------- /aks/terraform.tfvars: -------------------------------------------------------------------------------- 1 | appId = "9517e5d1-d400-4317-b7ae-bb1b0bb121ab" 2 | password = "uT28Q~qo2MKOTodC2UOLTeN.nHZOdTmJLDvcpbHe" 3 | -------------------------------------------------------------------------------- /aks/variables.tf: -------------------------------------------------------------------------------- 1 | variable "appId" { 2 | description = "Azure Kubernetes Service Cluster service principal" 3 | } 4 | 5 | variable "password" { 6 | description = "Azure Kubernetes Service Cluster password" 7 | } -------------------------------------------------------------------------------- /aks/version.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | azurerm = { 4 | source = "hashicorp/azurerm" 5 | version = "2.66.0" 6 | } 7 | } 8 | 9 | required_version = ">= 0.14" 10 | } 11 | -------------------------------------------------------------------------------- /eks.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pluralsight-cloud/content-deploying-and-managing-a-web-application-in-kubernetes-with-terraform/ff5e665ec8b550e16d394d76b658eb8e3b25e2c0/eks.zip -------------------------------------------------------------------------------- /eks/eks-cluster.tf: -------------------------------------------------------------------------------- 1 | module "eks" { 2 | source = "terraform-aws-modules/eks/aws" 3 | version = "19.0.4" 4 | 5 | cluster_name = local.cluster_name 6 | cluster_version = "1.24" 7 | 8 | vpc_id = module.vpc.vpc_id 9 | subnet_ids = module.vpc.private_subnets 10 | cluster_endpoint_public_access = true 11 | 12 | eks_managed_node_group_defaults = { 13 | ami_type = "AL2_x86_64" 14 | 15 | } 16 | 17 | eks_managed_node_groups = { 18 | one = { 19 | name = "node-group-1" 20 | 21 | instance_types = ["t3.small"] 22 | 23 | min_size = 1 24 | max_size = 3 25 | desired_size = 2 26 | } 27 | 28 | two = { 29 | name = "node-group-2" 30 | 31 | instance_types = ["t3.small"] 32 | 33 | min_size = 1 34 | max_size = 2 35 | desired_size = 1 36 | } 37 | } 38 | } -------------------------------------------------------------------------------- /eks/main.tf: -------------------------------------------------------------------------------- 1 | provider "kubernetes" { 2 | host = module.eks.cluster_endpoint 3 | cluster_ca_certificate = base64decode(module.eks.cluster_certificate_authority_data) 4 | } 5 | 6 | provider "aws" { 7 | region = var.region 8 | } 9 | 10 | data "aws_availability_zones" "available" {} 11 | 12 | locals { 13 | cluster_name = "guru-eks-${random_string.suffix.result}" 14 | } 15 | 16 | resource "random_string" "suffix" { 17 | length = 8 18 | special = false 19 | } 20 | -------------------------------------------------------------------------------- /eks/outputs.tf: -------------------------------------------------------------------------------- 1 | output "cluster_endpoint" { 2 | description = "Endpoint for EKS control plane" 3 | value = module.eks.cluster_endpoint 4 | } 5 | 6 | output "cluster_security_group_id" { 7 | description = "Security group ids attached to the cluster control plane" 8 | value = module.eks.cluster_security_group_id 9 | } 10 | 11 | output "region" { 12 | description = "AWS region" 13 | value = var.region 14 | } 15 | 16 | output "cluster_name" { 17 | description = "Kubernetes Cluster Name" 18 | value = module.eks.cluster_name 19 | } -------------------------------------------------------------------------------- /eks/terraform.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | aws = { 4 | source = "hashicorp/aws" 5 | version = "~> 4.46.0" 6 | } 7 | 8 | random = { 9 | source = "hashicorp/random" 10 | version = "~> 3.4.3" 11 | } 12 | 13 | tls = { 14 | source = "hashicorp/tls" 15 | version = "~> 4.0.4" 16 | } 17 | 18 | cloudinit = { 19 | source = "hashicorp/cloudinit" 20 | version = "~> 2.2.0" 21 | } 22 | 23 | kubernetes = { 24 | source = "hashicorp/kubernetes" 25 | version = "~> 2.16.1" 26 | } 27 | } 28 | 29 | required_version = "~> 1.3" 30 | } 31 | -------------------------------------------------------------------------------- /eks/variables.tf: -------------------------------------------------------------------------------- 1 | variable "region" { 2 | description = "AWS region" 3 | type = string 4 | default = "us-east-1" 5 | } -------------------------------------------------------------------------------- /eks/vpc.tf: -------------------------------------------------------------------------------- 1 | module "vpc" { 2 | source = "terraform-aws-modules/vpc/aws" 3 | version = "3.14.2" 4 | 5 | name = "guru-vpc" 6 | 7 | cidr = "10.0.0.0/16" 8 | azs = slice(data.aws_availability_zones.available.names, 0, 3) 9 | 10 | private_subnets = ["10.0.1.0/24", "10.0.2.0/24", "10.0.3.0/24"] 11 | public_subnets = ["10.0.4.0/24", "10.0.5.0/24", "10.0.6.0/24"] 12 | 13 | enable_nat_gateway = true 14 | single_nat_gateway = true 15 | enable_dns_hostnames = true 16 | 17 | public_subnet_tags = { 18 | "kubernetes.io/cluster/${local.cluster_name}" = "shared" 19 | "kubernetes.io/role/elb" = 1 20 | } 21 | 22 | private_subnet_tags = { 23 | "kubernetes.io/cluster/${local.cluster_name}" = "shared" 24 | "kubernetes.io/role/internal-elb" = 1 25 | } 26 | } -------------------------------------------------------------------------------- /gke/gke.tf: -------------------------------------------------------------------------------- 1 | variable "gke_num_nodes" { 2 | default = 2 3 | description = "number of gke nodes" 4 | } 5 | 6 | # GKE cluster 7 | resource "google_container_cluster" "primary" { 8 | name = "${var.project_id}-gke" 9 | location = var.region 10 | 11 | # We can't create a cluster with no node pool defined, but we want to only use 12 | # separately managed node pools. So we create the smallest possible default 13 | # node pool and immediately delete it. 14 | remove_default_node_pool = true 15 | initial_node_count = 1 16 | 17 | network = google_compute_network.vpc.name 18 | subnetwork = google_compute_subnetwork.subnet.name 19 | } 20 | 21 | # Separately Managed Node Pool 22 | resource "google_container_node_pool" "primary_nodes" { 23 | name = google_container_cluster.primary.name 24 | location = var.region 25 | cluster = google_container_cluster.primary.name 26 | node_count = var.gke_num_nodes 27 | 28 | node_config { 29 | oauth_scopes = [ 30 | "https://www.googleapis.com/auth/logging.write", 31 | "https://www.googleapis.com/auth/monitoring", 32 | ] 33 | 34 | labels = { 35 | env = var.project_id 36 | } 37 | 38 | # preemptible = true 39 | machine_type = "n1-standard-1" 40 | disk_size_gb = 30 41 | tags = ["gke-node", "${var.project_id}-gke"] 42 | metadata = { 43 | disable-legacy-endpoints = "true" 44 | } 45 | } 46 | } 47 | 48 | 49 | -------------------------------------------------------------------------------- /gke/kubernetes-dashboard-admin.rbac.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | name: admin-user 5 | namespace: kubernetes-dashboard 6 | --- 7 | # Create ClusterRoleBinding 8 | apiVersion: rbac.authorization.k8s.io/v1 9 | kind: ClusterRoleBinding 10 | metadata: 11 | name: admin-user 12 | roleRef: 13 | apiGroup: rbac.authorization.k8s.io 14 | kind: ClusterRole 15 | name: cluster-admin 16 | subjects: 17 | - kind: ServiceAccount 18 | name: admin-user 19 | namespace: kubernetes-dashboard -------------------------------------------------------------------------------- /gke/kubernetes-dashboard.yaml: -------------------------------------------------------------------------------- 1 | # Copyright 2017 The Kubernetes Authors. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | apiVersion: v1 16 | kind: Namespace 17 | metadata: 18 | name: kubernetes-dashboard 19 | 20 | --- 21 | 22 | apiVersion: v1 23 | kind: ServiceAccount 24 | metadata: 25 | labels: 26 | k8s-app: kubernetes-dashboard 27 | name: kubernetes-dashboard 28 | namespace: kubernetes-dashboard 29 | 30 | --- 31 | 32 | kind: Service 33 | apiVersion: v1 34 | metadata: 35 | labels: 36 | k8s-app: kubernetes-dashboard 37 | name: kubernetes-dashboard 38 | namespace: kubernetes-dashboard 39 | spec: 40 | ports: 41 | - port: 443 42 | targetPort: 8443 43 | selector: 44 | k8s-app: kubernetes-dashboard 45 | 46 | --- 47 | 48 | apiVersion: v1 49 | kind: Secret 50 | metadata: 51 | labels: 52 | k8s-app: kubernetes-dashboard 53 | name: kubernetes-dashboard-certs 54 | namespace: kubernetes-dashboard 55 | type: Opaque 56 | 57 | --- 58 | 59 | apiVersion: v1 60 | kind: Secret 61 | metadata: 62 | labels: 63 | k8s-app: kubernetes-dashboard 64 | name: kubernetes-dashboard-csrf 65 | namespace: kubernetes-dashboard 66 | type: Opaque 67 | data: 68 | csrf: "" 69 | 70 | --- 71 | 72 | apiVersion: v1 73 | kind: Secret 74 | metadata: 75 | labels: 76 | k8s-app: kubernetes-dashboard 77 | name: kubernetes-dashboard-key-holder 78 | namespace: kubernetes-dashboard 79 | type: Opaque 80 | 81 | --- 82 | 83 | kind: ConfigMap 84 | apiVersion: v1 85 | metadata: 86 | labels: 87 | k8s-app: kubernetes-dashboard 88 | name: kubernetes-dashboard-settings 89 | namespace: kubernetes-dashboard 90 | 91 | --- 92 | 93 | kind: Role 94 | apiVersion: rbac.authorization.k8s.io/v1 95 | metadata: 96 | labels: 97 | k8s-app: kubernetes-dashboard 98 | name: kubernetes-dashboard 99 | namespace: kubernetes-dashboard 100 | rules: 101 | # Allow Dashboard to get, update and delete Dashboard exclusive secrets. 102 | - apiGroups: [""] 103 | resources: ["secrets"] 104 | resourceNames: ["kubernetes-dashboard-key-holder", "kubernetes-dashboard-certs", "kubernetes-dashboard-csrf"] 105 | verbs: ["get", "update", "delete"] 106 | # Allow Dashboard to get and update 'kubernetes-dashboard-settings' config map. 107 | - apiGroups: [""] 108 | resources: ["configmaps"] 109 | resourceNames: ["kubernetes-dashboard-settings"] 110 | verbs: ["get", "update"] 111 | # Allow Dashboard to get metrics. 112 | - apiGroups: [""] 113 | resources: ["services"] 114 | resourceNames: ["heapster", "dashboard-metrics-scraper"] 115 | verbs: ["proxy"] 116 | - apiGroups: [""] 117 | resources: ["services/proxy"] 118 | resourceNames: ["heapster", "http:heapster:", "https:heapster:", "dashboard-metrics-scraper", "http:dashboard-metrics-scraper"] 119 | verbs: ["get"] 120 | 121 | --- 122 | 123 | kind: ClusterRole 124 | apiVersion: rbac.authorization.k8s.io/v1 125 | metadata: 126 | labels: 127 | k8s-app: kubernetes-dashboard 128 | name: kubernetes-dashboard 129 | rules: 130 | # Allow Metrics Scraper to get metrics from the Metrics server 131 | - apiGroups: ["metrics.k8s.io"] 132 | resources: ["pods", "nodes"] 133 | verbs: ["get", "list", "watch"] 134 | 135 | --- 136 | 137 | apiVersion: rbac.authorization.k8s.io/v1 138 | kind: RoleBinding 139 | metadata: 140 | labels: 141 | k8s-app: kubernetes-dashboard 142 | name: kubernetes-dashboard 143 | namespace: kubernetes-dashboard 144 | roleRef: 145 | apiGroup: rbac.authorization.k8s.io 146 | kind: Role 147 | name: kubernetes-dashboard 148 | subjects: 149 | - kind: ServiceAccount 150 | name: kubernetes-dashboard 151 | namespace: kubernetes-dashboard 152 | 153 | --- 154 | 155 | apiVersion: rbac.authorization.k8s.io/v1 156 | kind: ClusterRoleBinding 157 | metadata: 158 | name: kubernetes-dashboard 159 | roleRef: 160 | apiGroup: rbac.authorization.k8s.io 161 | kind: ClusterRole 162 | name: kubernetes-dashboard 163 | subjects: 164 | - kind: ServiceAccount 165 | name: kubernetes-dashboard 166 | namespace: kubernetes-dashboard 167 | 168 | --- 169 | 170 | kind: Deployment 171 | apiVersion: apps/v1 172 | metadata: 173 | labels: 174 | k8s-app: kubernetes-dashboard 175 | name: kubernetes-dashboard 176 | namespace: kubernetes-dashboard 177 | spec: 178 | replicas: 1 179 | revisionHistoryLimit: 10 180 | selector: 181 | matchLabels: 182 | k8s-app: kubernetes-dashboard 183 | template: 184 | metadata: 185 | labels: 186 | k8s-app: kubernetes-dashboard 187 | spec: 188 | containers: 189 | - name: kubernetes-dashboard 190 | image: kubernetesui/dashboard:v2.0.0-beta8 191 | imagePullPolicy: Always 192 | ports: 193 | - containerPort: 8443 194 | protocol: TCP 195 | args: 196 | - --auto-generate-certificates 197 | - --namespace=kubernetes-dashboard 198 | # Uncomment the following line to manually specify Kubernetes API server Host 199 | # If not specified, Dashboard will attempt to auto discover the API server and connect 200 | # to it. Uncomment only if the default does not work. 201 | # - --apiserver-host=http://my-address:port 202 | volumeMounts: 203 | - name: kubernetes-dashboard-certs 204 | mountPath: /certs 205 | # Create on-disk volume to store exec logs 206 | - mountPath: /tmp 207 | name: tmp-volume 208 | livenessProbe: 209 | httpGet: 210 | scheme: HTTPS 211 | path: / 212 | port: 8443 213 | initialDelaySeconds: 30 214 | timeoutSeconds: 30 215 | securityContext: 216 | allowPrivilegeEscalation: false 217 | readOnlyRootFilesystem: true 218 | runAsUser: 1001 219 | runAsGroup: 2001 220 | volumes: 221 | - name: kubernetes-dashboard-certs 222 | secret: 223 | secretName: kubernetes-dashboard-certs 224 | - name: tmp-volume 225 | emptyDir: {} 226 | serviceAccountName: kubernetes-dashboard 227 | nodeSelector: 228 | "beta.kubernetes.io/os": linux 229 | # Comment the following tolerations if Dashboard must not be deployed on master 230 | tolerations: 231 | - key: node-role.kubernetes.io/master 232 | effect: NoSchedule 233 | 234 | --- 235 | 236 | kind: Service 237 | apiVersion: v1 238 | metadata: 239 | labels: 240 | k8s-app: dashboard-metrics-scraper 241 | name: dashboard-metrics-scraper 242 | namespace: kubernetes-dashboard 243 | spec: 244 | ports: 245 | - port: 8000 246 | targetPort: 8000 247 | selector: 248 | k8s-app: dashboard-metrics-scraper 249 | 250 | --- 251 | 252 | kind: Deployment 253 | apiVersion: apps/v1 254 | metadata: 255 | labels: 256 | k8s-app: dashboard-metrics-scraper 257 | name: dashboard-metrics-scraper 258 | namespace: kubernetes-dashboard 259 | spec: 260 | replicas: 1 261 | revisionHistoryLimit: 10 262 | selector: 263 | matchLabels: 264 | k8s-app: dashboard-metrics-scraper 265 | template: 266 | metadata: 267 | labels: 268 | k8s-app: dashboard-metrics-scraper 269 | annotations: 270 | seccomp.security.alpha.kubernetes.io/pod: 'runtime/default' 271 | spec: 272 | containers: 273 | - name: dashboard-metrics-scraper 274 | image: kubernetesui/metrics-scraper:v1.0.1 275 | ports: 276 | - containerPort: 8000 277 | protocol: TCP 278 | livenessProbe: 279 | httpGet: 280 | scheme: HTTP 281 | path: / 282 | port: 8000 283 | initialDelaySeconds: 30 284 | timeoutSeconds: 30 285 | volumeMounts: 286 | - mountPath: /tmp 287 | name: tmp-volume 288 | securityContext: 289 | allowPrivilegeEscalation: false 290 | readOnlyRootFilesystem: true 291 | runAsUser: 1001 292 | runAsGroup: 2001 293 | serviceAccountName: kubernetes-dashboard 294 | nodeSelector: 295 | "kubernetes.io/os": linux 296 | # Comment the following tolerations if Dashboard must not be deployed on master 297 | tolerations: 298 | - key: node-role.kubernetes.io/master 299 | effect: NoSchedule 300 | volumes: 301 | - name: tmp-volume 302 | emptyDir: {} 303 | -------------------------------------------------------------------------------- /gke/outputs.tf: -------------------------------------------------------------------------------- 1 | output "region" { 2 | value = var.region 3 | description = "GCloud Region" 4 | } 5 | 6 | output "project_id" { 7 | value = var.project_id 8 | description = "GCloud Project ID" 9 | } 10 | 11 | output "kubernetes_cluster_name" { 12 | value = google_container_cluster.primary.name 13 | description = "GKE Cluster Name" 14 | } 15 | 16 | output "kubernetes_cluster_host" { 17 | value = google_container_cluster.primary.endpoint 18 | description = "GKE Cluster Host" 19 | } -------------------------------------------------------------------------------- /gke/terraform.tfvars: -------------------------------------------------------------------------------- 1 | project_id = "" 2 | region = "us-central1" 3 | -------------------------------------------------------------------------------- /gke/versions.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | google = { 4 | source = "hashicorp/google" 5 | version = "4.27.0" 6 | } 7 | } 8 | 9 | required_version = ">= 0.14" 10 | } 11 | -------------------------------------------------------------------------------- /gke/vpc.tf: -------------------------------------------------------------------------------- 1 | variable "project_id" { 2 | description = "project id" 3 | } 4 | 5 | variable "region" { 6 | description = "region" 7 | } 8 | 9 | provider "google" { 10 | project = var.project_id 11 | region = var.region 12 | } 13 | 14 | # VPC 15 | resource "google_compute_network" "vpc" { 16 | name = "${var.project_id}-vpc" 17 | auto_create_subnetworks = "false" 18 | } 19 | 20 | # Subnet 21 | resource "google_compute_subnetwork" "subnet" { 22 | name = "${var.project_id}-subnet" 23 | region = var.region 24 | network = google_compute_network.vpc.name 25 | ip_cidr_range = "10.10.0.0/24" 26 | } -------------------------------------------------------------------------------- /pac-man.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pluralsight-cloud/content-deploying-and-managing-a-web-application-in-kubernetes-with-terraform/ff5e665ec8b550e16d394d76b658eb8e3b25e2c0/pac-man.zip -------------------------------------------------------------------------------- /pac-man/kubernetes.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | kubernetes = { 4 | source = "hashicorp/kubernetes" 5 | } 6 | } 7 | } 8 | 9 | provider "kubernetes" { 10 | config_path = "~/.kube/config" 11 | 12 | #host = var.host 13 | 14 | #client_certificate = base64decode(var.client_certificate) 15 | #client_key = base64decode(var.client_key) 16 | #cluster_ca_certificate = base64decode(var.cluster_ca_certificate) 17 | } 18 | 19 | resource "kubernetes_namespace" "pac-man" { 20 | metadata { 21 | annotations = { 22 | name = "pac-man_web_app" 23 | } 24 | 25 | labels = { 26 | namespace = "pac-man" 27 | } 28 | 29 | name = "pac-man" 30 | } 31 | } 32 | 33 | module "mongo" { 34 | source = "./modules/mongo" 35 | kubernetes_namespace = "pac-man" 36 | } 37 | 38 | module "pac-man" { 39 | source = "./modules/pac-man" 40 | kubernetes_namespace = "pac-man" 41 | depends_on = [module.mongo] 42 | } 43 | -------------------------------------------------------------------------------- /pac-man/modules/mongo/mongo-deployment.tf: -------------------------------------------------------------------------------- 1 | resource "kubernetes_deployment" "mongo" { 2 | metadata { 3 | name = "mongo" 4 | namespace = var.kubernetes_namespace 5 | 6 | labels = { 7 | name = "mongo" 8 | } 9 | } 10 | 11 | spec { 12 | replicas = 1 13 | 14 | selector { 15 | match_labels = { 16 | name = "mongo" 17 | } 18 | } 19 | 20 | template { 21 | metadata { 22 | labels = { 23 | name = "mongo" 24 | } 25 | } 26 | 27 | spec { 28 | volume { 29 | name = "mongo-db" 30 | 31 | persistent_volume_claim { 32 | claim_name = "mongo-storage" 33 | } 34 | } 35 | 36 | container { 37 | name = "mongo" 38 | image = "mongo" 39 | 40 | port { 41 | name = "mongo" 42 | container_port = 27017 43 | } 44 | 45 | volume_mount { 46 | name = "mongo-db" 47 | mount_path = "/mnt/data/db" 48 | } 49 | } 50 | } 51 | } 52 | } 53 | } 54 | 55 | -------------------------------------------------------------------------------- /pac-man/modules/mongo/mongo-pv.tf: -------------------------------------------------------------------------------- 1 | resource "kubernetes_persistent_volume" "mongo_pv" { 2 | metadata { 3 | name = "mongo-pv" 4 | } 5 | 6 | spec { 7 | capacity = { 8 | storage = "10Gi" 9 | } 10 | 11 | access_modes = ["ReadWriteOnce"] 12 | persistent_volume_reclaim_policy = "Retain" 13 | storage_class_name = "mongo-sc" 14 | persistent_volume_source { 15 | #aws_elastic_block_store { 16 | # fstype = "ext4" 17 | #} 18 | host_path { 19 | path = "/mnt/data" 20 | } 21 | } 22 | } 23 | } 24 | 25 | -------------------------------------------------------------------------------- /pac-man/modules/mongo/mongo-pvc.tf: -------------------------------------------------------------------------------- 1 | resource "kubernetes_persistent_volume_claim" "mongo_storage" { 2 | metadata { 3 | name = "mongo-storage" 4 | namespace = var.kubernetes_namespace 5 | } 6 | 7 | spec { 8 | access_modes = ["ReadWriteOnce"] 9 | 10 | resources { 11 | requests = { 12 | storage = "8Gi" 13 | } 14 | } 15 | 16 | storage_class_name = "mongo-sc" 17 | } 18 | } 19 | 20 | -------------------------------------------------------------------------------- /pac-man/modules/mongo/mongo-sc.tf: -------------------------------------------------------------------------------- 1 | resource "kubernetes_storage_class" "mongo_sc" { 2 | metadata { 3 | name = "mongo-sc" 4 | 5 | annotations = { 6 | "storageclass.kubernetes.io/is-default-class" = "true" 7 | } 8 | } 9 | 10 | storage_provisioner = "kubernetes.io/aws-ebs" 11 | reclaim_policy = "Retain" 12 | parameters = { 13 | fsType = "ext4" 14 | type = "gp2" 15 | } 16 | } 17 | 18 | -------------------------------------------------------------------------------- /pac-man/modules/mongo/mongo-service.tf: -------------------------------------------------------------------------------- 1 | resource "kubernetes_service" "mongo" { 2 | metadata { 3 | name = "mongo" 4 | namespace = var.kubernetes_namespace 5 | 6 | labels = { 7 | name = "mongo" 8 | } 9 | } 10 | 11 | spec { 12 | port { 13 | port = 27017 14 | target_port = "27017" 15 | } 16 | 17 | selector = { 18 | name = "mongo" 19 | } 20 | 21 | type = "LoadBalancer" 22 | } 23 | } 24 | 25 | -------------------------------------------------------------------------------- /pac-man/modules/mongo/variables.tf: -------------------------------------------------------------------------------- 1 | variable "kubernetes_namespace" {} -------------------------------------------------------------------------------- /pac-man/modules/pac-man/pac-man-deployment.tf: -------------------------------------------------------------------------------- 1 | resource "kubernetes_deployment" "pac-man" { 2 | metadata { 3 | name = "pac-man" 4 | namespace = var.kubernetes_namespace 5 | 6 | labels = { 7 | name = "pac-man" 8 | } 9 | } 10 | 11 | spec { 12 | replicas = 1 13 | 14 | selector { 15 | match_labels = { 16 | name = "pac-man" 17 | } 18 | } 19 | 20 | template { 21 | metadata { 22 | labels = { 23 | name = "pac-man" 24 | } 25 | } 26 | 27 | spec { 28 | container { 29 | name = "pac-man" 30 | #image = "quay.io/ifont/pacman-nodejs-app:latest" 31 | image = "docker.io/jessehoch/pacman-nodejs-app:latest" 32 | 33 | port { 34 | name = "http-server" 35 | container_port = 8080 36 | } 37 | } 38 | } 39 | } 40 | } 41 | } 42 | 43 | -------------------------------------------------------------------------------- /pac-man/modules/pac-man/pac-man-service.tf: -------------------------------------------------------------------------------- 1 | resource "kubernetes_service" "pac-man" { 2 | metadata { 3 | name = "pac-man" 4 | namespace = var.kubernetes_namespace 5 | 6 | labels = { 7 | name = "pac-man" 8 | } 9 | } 10 | 11 | spec { 12 | port { 13 | protocol = "TCP" 14 | port = 80 15 | target_port = "8080" 16 | } 17 | 18 | selector = { 19 | name = "pac-man" 20 | } 21 | 22 | type = "LoadBalancer" 23 | } 24 | } 25 | 26 | -------------------------------------------------------------------------------- /pac-man/modules/pac-man/variables.tf: -------------------------------------------------------------------------------- 1 | variable "kubernetes_namespace" {} --------------------------------------------------------------------------------