From 952ab03d2a0557baf28b3b03e3a9eac48a407a18 Mon Sep 17 00:00:00 2001 From: Vincent Schwarzer Date: Mon, 20 Mar 2017 12:06:07 +0100 Subject: [PATCH] Fixes for AWS Terraform Deployment --- contrib/terraform/aws/modules/elb/main.tf | 8 +++++ contrib/terraform/aws/modules/vpc/main.tf | 2 +- contrib/terraform/aws/terraform.tfvars | 1 - .../terraform/aws/terraform.tfvars.example | 32 +++++++++++++++++++ contrib/terraform/aws/variables.tf | 4 +-- 5 files changed, 43 insertions(+), 4 deletions(-) create mode 100644 contrib/terraform/aws/terraform.tfvars.example diff --git a/contrib/terraform/aws/modules/elb/main.tf b/contrib/terraform/aws/modules/elb/main.tf index 270e0cb35..6a0cdfe3d 100644 --- a/contrib/terraform/aws/modules/elb/main.tf +++ b/contrib/terraform/aws/modules/elb/main.tf @@ -17,6 +17,14 @@ resource "aws_security_group_rule" "aws-allow-api-access" { security_group_id = "${aws_security_group.aws-elb.id}" } +resource "aws_security_group_rule" "aws-allow-api-egress" { + type = "egress" + from_port = 0 + to_port = 65535 + protocol = "TCP" + cidr_blocks = ["0.0.0.0/0"] + security_group_id = "${aws_security_group.aws-elb.id}" +} # Create a new AWS ELB for K8S API resource "aws_elb" "aws-elb-api" { diff --git a/contrib/terraform/aws/modules/vpc/main.tf b/contrib/terraform/aws/modules/vpc/main.tf index c1ea1dc11..44fc4c357 100644 --- a/contrib/terraform/aws/modules/vpc/main.tf +++ b/contrib/terraform/aws/modules/vpc/main.tf @@ -76,7 +76,7 @@ resource "aws_route_table" "kubernetes-private" { vpc_id = "${aws_vpc.cluster-vpc.id}" route { cidr_block = "0.0.0.0/0" - gateway_id = "${element(aws_nat_gateway.cluster-nat-gateway.*.id, count.index)}" + nat_gateway_id = "${element(aws_nat_gateway.cluster-nat-gateway.*.id, count.index)}" } tags { Name = "kubernetes-${var.aws_cluster_name}-routetable-private-${count.index}" diff --git a/contrib/terraform/aws/terraform.tfvars b/contrib/terraform/aws/terraform.tfvars index 214ef89db..a538d46f3 100644 --- a/contrib/terraform/aws/terraform.tfvars +++ b/contrib/terraform/aws/terraform.tfvars @@ -1,6 +1,5 @@ #Global Vars aws_cluster_name = "devtest" -aws_region = "eu-central-1" #VPC Vars aws_vpc_cidr_block = "10.250.192.0/18" diff --git a/contrib/terraform/aws/terraform.tfvars.example b/contrib/terraform/aws/terraform.tfvars.example new file mode 100644 index 000000000..214ef89db --- /dev/null +++ b/contrib/terraform/aws/terraform.tfvars.example @@ -0,0 +1,32 @@ +#Global Vars +aws_cluster_name = "devtest" +aws_region = "eu-central-1" + +#VPC Vars +aws_vpc_cidr_block = "10.250.192.0/18" +aws_cidr_subnets_private = ["10.250.192.0/20","10.250.208.0/20"] +aws_cidr_subnets_public = ["10.250.224.0/20","10.250.240.0/20"] +aws_avail_zones = ["eu-central-1a","eu-central-1b"] + +#Bastion Host +aws_bastion_ami = "ami-5900cc36" +aws_bastion_size = "t2.small" + + +#Kubernetes Cluster + +aws_kube_master_num = 3 +aws_kube_master_size = "t2.medium" + +aws_etcd_num = 3 +aws_etcd_size = "t2.medium" + +aws_kube_worker_num = 4 +aws_kube_worker_size = "t2.medium" + +aws_cluster_ami = "ami-903df7ff" + +#Settings AWS ELB + +aws_elb_api_port = 443 +k8s_secure_api_port = 443 diff --git a/contrib/terraform/aws/variables.tf b/contrib/terraform/aws/variables.tf index 90f356d4b..82e2fb018 100644 --- a/contrib/terraform/aws/variables.tf +++ b/contrib/terraform/aws/variables.tf @@ -33,12 +33,12 @@ variable "aws_avail_zones" { } variable "aws_cidr_subnets_private" { - description = "CIDR Blocks for private subnets in Availability zones1" + description = "CIDR Blocks for private subnets in Availability Zones" type = "list" } variable "aws_cidr_subnets_public" { - description = "CIDR Blocks for public subnets in Availability zones1" + description = "CIDR Blocks for public subnets in Availability Zones" type = "list" }