This terraform play is designed to create a working development VPC for the user. It will create the following resources:
-
Three Public subnets
-
Three Private subnets "no nat to simulate airgapped"
-
s3 vpc_endpoint
-
ec2 vpc_endpoint
-
elb vpc_endpoint
-
Route 53 private zone
-
Security Groups
-
Bastion ec2 Instance
-
Registry ec2 Instance
Variable | Default | Comments (type) |
---|---|---|
aws_ssh_key |
abc |
AWS user key name |
ssh_public_key |
string |
Public ssh key. Can be drived from cat /home/ec2-user/authorized_keys |
rhcos_ami |
ami-XXXXXXXX |
RH CoreOS AMI ID |
vpc_id |
vpc-name |
The vpc name |
cluster_name |
cluster |
The cluster name |
cluster_domain |
example.io |
The cluster domain |
cidr_blocks |
10.0.0.0/16 |
Any private cidr scheme |
aws_region |
us-gov-west-1 |
Aws region |
default_tag |
Leave blank it will us the cluster_name to set tags |
|
aws_azs |
"a", "b", "c" |
This will align with the aws availability zones |
aws_availability_zones |
us-gov-west-1a |
This is the AZ for the public subnet |
vpc_private_subnet_cidrs |
"10.0.1.0/24","10.0.2.0/24","10.0.3.0/24 |
Private CIDR block |
vpc_public_subnet_cidr |
10.0.7.0/26", "10.0.8.0/26", "10.0.9.0/26" |
Public CIDR block |
The user will need to provide the following:
-
Aws ssh key for the bastion
-
AMI Ids for Rhel 8 and Rhcos images
-
download git repo:
mkdir devkit-vpc
podman run -it --rm -v $(pwd)/devkit-vpc:/clone:z \
quay.io/cloudctl/git --branch v00.21.0203 https://github.com/CodeSparta/devkit-vpc.git
cd devkit-vpc
-
setup your variables.tf
vi variables.tf
-
deploy
./devkit-build-vpc.sh -vv -e aws_cloud_region=us-gov-west-1 -e aws_access_key=xxxxxxxxxxxxx -e aws_secret_key=XXXXXXXXXXXXXXXXX