Skip to content

Commit 3d2d3df

Browse files
dak1n1dak1n1
committed
clarify readme and remove unneeded vars from eks
1 parent 83d63b3 commit 3d2d3df

File tree

5 files changed

+30
-27
lines changed

5 files changed

+30
-27
lines changed

_examples/eks/README.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -22,7 +22,7 @@ This example generates a kubeconfig file in the current working directory. Howev
2222

2323
```
2424
terraform apply
25-
export KUBECONFIG=$(terraform output kubeconfig_path)
25+
export KUBECONFIG=$(terraform output kubeconfig_path|jq -r)
2626
kubectl get pods -n test
2727
```
2828

_examples/eks/kubernetes-config/main.tf

Lines changed: 5 additions & 22 deletions
Original file line numberDiff line numberDiff line change
@@ -1,33 +1,13 @@
1-
data "aws_eks_cluster_auth" "cluster" {
2-
name = var.cluster_name
3-
}
4-
5-
data "aws_eks_cluster" "cluster" {
6-
name = var.cluster_name
7-
}
8-
91
provider "kubernetes" {
102
host = var.cluster_endpoint
11-
token = data.aws_eks_cluster_auth.cluster.token
12-
cluster_ca_certificate = base64decode(data.aws_eks_cluster.cluster.certificate_authority.0.data)
3+
cluster_ca_certificate = base64decode(var.cluster_ca_cert)
134
exec {
145
api_version = "client.authentication.k8s.io/v1alpha1"
156
args = ["eks", "get-token", "--cluster-name", var.cluster_name]
167
command = "aws"
178
}
189
}
1910

20-
locals {
21-
mapped_role_format = <<MAPPEDROLE
22-
- rolearn: %s
23-
username: system:node:{{EC2PrivateDNSName}}
24-
groups:
25-
- system:bootstrappers
26-
- system:nodes
27-
MAPPEDROLE
28-
29-
}
30-
3111
resource "kubernetes_config_map" "name" {
3212
depends_on = [var.cluster_name]
3313
metadata {
@@ -56,12 +36,14 @@ resource "null_resource" "generate-kubeconfig" {
5636

5737

5838
resource "kubernetes_namespace" "test" {
39+
depends_on = [var.cluster_name]
5940
metadata {
6041
name = "test"
6142
}
6243
}
6344

6445
resource "kubernetes_deployment" "test" {
46+
depends_on = [var.cluster_name]
6547
metadata {
6648
name = "test"
6749
namespace= kubernetes_namespace.test.metadata.0.name
@@ -103,7 +85,7 @@ resource "kubernetes_deployment" "test" {
10385
provider "helm" {
10486
kubernetes {
10587
host = var.cluster_endpoint
106-
cluster_ca_certificate = base64decode(data.aws_eks_cluster.cluster.certificate_authority.0.data)
88+
cluster_ca_certificate = base64decode(var.cluster_ca_cert)
10789
exec {
10890
api_version = "client.authentication.k8s.io/v1alpha1"
10991
args = ["eks", "get-token", "--cluster-name", var.cluster_name]
@@ -113,6 +95,7 @@ provider "helm" {
11395
}
11496

11597
resource helm_release nginx_ingress {
98+
depends_on = [var.cluster_name]
11699
name = "nginx-ingress-controller"
117100

118101
repository = "https://charts.bitnami.com/bitnami"

_examples/eks/kubernetes-config/variables.tf

Lines changed: 13 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,10 @@ variable "k8s_node_role_arn" {
22
type = list(string)
33
}
44

5+
variable "cluster_ca_cert" {
6+
type = string
7+
}
8+
59
variable "cluster_endpoint" {
610
type = string
711
}
@@ -10,6 +14,13 @@ variable "cluster_name" {
1014
type = string
1115
}
1216

13-
variable "cluster_oidc_issuer_url" {
14-
type = string
17+
locals {
18+
mapped_role_format = <<MAPPEDROLE
19+
- rolearn: %s
20+
username: system:node:{{EC2PrivateDNSName}}
21+
groups:
22+
- system:bootstrappers
23+
- system:nodes
24+
MAPPEDROLE
25+
1526
}

_examples/eks/main.tf

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -48,7 +48,7 @@ module "cluster" {
4848
module "kubernetes-config" {
4949
source = "./kubernetes-config"
5050
k8s_node_role_arn = list(module.cluster.worker_iam_role_arn)
51+
cluster_ca_cert = module.cluster.cluster_certificate_authority_data
5152
cluster_name = module.cluster.cluster_id # creates dependency on cluster creation
5253
cluster_endpoint = module.cluster.cluster_endpoint
53-
cluster_oidc_issuer_url = module.cluster.cluster_oidc_issuer_url
5454
}

_examples/gke/README.md

Lines changed: 10 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -42,9 +42,18 @@ gcloud container get-server-config --region $GOOGLE_REGION
4242

4343
## Kubeconfig for manual CLI access
4444

45-
This example generates a kubeconfig file in the current working directory. However, the token in this config will expire after 1 hour. The token can be refreshed by running `terraform apply` again. Alternatively, a longer-lived configuration can be generated using the gcloud tool. Note: this command will overwrite the default kubeconfig at `$HOME/.kube/config`.
45+
This example generates a kubeconfig file in the current working directory. However, the token in this config will expire after 1 hour. The token can be refreshed by running `terraform apply` again.
46+
47+
```
48+
terraform apply
49+
export KUBECONFIG=$(terraform output kubeconfig_path|jq -r)
50+
kubectl get pods -n test
51+
```
52+
53+
Alternatively, a longer-lived configuration can be generated using the gcloud tool. Note: this command will overwrite the default kubeconfig at `$HOME/.kube/config`.
4654

4755
```
4856
gcloud container clusters get-credentials $(terraform output cluster_name|jq -r) --zone $(terraform output google_zone |jq -r)
57+
kubectl get pods -n test
4958
```
5059

0 commit comments

Comments
 (0)