This terraform code will deploy a new EKS cluster.
- ACM is already available in the AWS account.
- Clone this repository
- If not existing, create a folder for your target environment by duplicating/copying the templates folder.
- Edit the following files
- backend.tf - edit "key" . Replace the .tfstate with --.tfstate #this cannot be made variable so need to edit this manually.
- locals.tf - Jump to configuration section on how to configure locals.tf
- Set your terminal's AWS_PROFILE variable to your user's IAM profile for the AWS account to allow terraform to use the profile's access credentials.
export AWS_PROFILE=<env>
- Run the following commands
terraform init #This will initialize the providers
terraform validate #Check if there's any syntax errors
terraform plan #Check if there are any further errors that need fixing
terraform apply --auto-approve
- For arm64 deployment, the whole argocd is using official arm64 image except its applicationset-controller as of writing (4/20/2021). Make sure to monitor the release of the official arm64 image and use that once available.
- This script should support Arm64 and Amd64 deployment.
- NLB should not have TLS cert for rancher to work.
- Need to create the corresponding r53 entries in Prod AWS account after
- nacos
- rancher
- argocd
- api-gateway custom domain
- Modify configmap/auth-map.kube-system manually to provide cluster access. It is not yet automatically included in the terraform script.
- Take a look on the following tools. Probably helpful in the future
- Documentation
- TLS SSL
- Argocd dex configuration