Skip to content

Commit

Permalink
feat: Consul addon (aws-ia#1029)
Browse files Browse the repository at this point in the history
Co-authored-by: Bryant Biggs <bryantbiggs@gmail.com>
  • Loading branch information
2 people authored and allamand committed Jan 10, 2023
1 parent ad75ed9 commit 9dfd3fa
Show file tree
Hide file tree
Showing 12 changed files with 171 additions and 0 deletions.
41 changes: 41 additions & 0 deletions docs/add-ons/consul.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,41 @@
# Consul

HashiCorp Consul is a service networking solution that enables teams to manage secure network connectivity between services and across on-prem and multi-cloud environments and runtimes. Consul offers service discovery, service mesh, traffic management, and automated updates to network infrastructure device.

For complete project documentation, please visit the [consul](https://developer.hashicorp.com/consul/docs/k8s/installation/install).

## Usage

Consul can be deployed by enabling the add-on via the following.

```hcl
enable_consul = true
```

You can optionally customize the Helm chart via the following configuration.

```hcl
enable_consul = true
# Optional consul_helm_config
consul_helm_config = {
name = "consul"
chart = "consul"
repository = "https://helm.releases.hashicorp.com"
version = "1.0.1"
namespace = "consul"
values = [templatefile("${path.module}/values.yaml", {
...
})]
}
```

### GitOps Configuration
The following properties are made available for use when managing the add-on via GitOps.

GitOps with ArgoCD Add-on repo is located [here](https://github.com/aws-samples/eks-blueprints-add-ons/blob/main/chart/values.yaml)

```hcl
consul = {
enable = true
}
```
3 changes: 3 additions & 0 deletions modules/kubernetes-addons/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -49,6 +49,7 @@
| <a name="module_chaos_mesh"></a> [chaos\_mesh](#module\_chaos\_mesh) | ./chaos-mesh | n/a |
| <a name="module_cilium"></a> [cilium](#module\_cilium) | ./cilium | n/a |
| <a name="module_cluster_autoscaler"></a> [cluster\_autoscaler](#module\_cluster\_autoscaler) | ./cluster-autoscaler | n/a |
| <a name="module_consul"></a> [consul](#module\_consul) | ./consul | n/a |
| <a name="module_coredns_autoscaler"></a> [coredns\_autoscaler](#module\_coredns\_autoscaler) | ./cluster-proportional-autoscaler | n/a |
| <a name="module_crossplane"></a> [crossplane](#module\_crossplane) | ./crossplane | n/a |
| <a name="module_csi_secrets_store_provider_aws"></a> [csi\_secrets\_store\_provider\_aws](#module\_csi\_secrets\_store\_provider\_aws) | ./csi-secrets-store-provider-aws | n/a |
Expand Down Expand Up @@ -155,6 +156,7 @@
| <a name="input_cilium_enable_wireguard"></a> [cilium\_enable\_wireguard](#input\_cilium\_enable\_wireguard) | Enable wiregaurd encryption | `bool` | `false` | no |
| <a name="input_cilium_helm_config"></a> [cilium\_helm\_config](#input\_cilium\_helm\_config) | Cilium Helm Chart config | `any` | `{}` | no |
| <a name="input_cluster_autoscaler_helm_config"></a> [cluster\_autoscaler\_helm\_config](#input\_cluster\_autoscaler\_helm\_config) | Cluster Autoscaler Helm Chart config | `any` | `{}` | no |
| <a name="input_consul_helm_config"></a> [consul\_helm\_config](#input\_consul\_helm\_config) | Consul Helm Chart config | `any` | `{}` | no |
| <a name="input_coredns_autoscaler_helm_config"></a> [coredns\_autoscaler\_helm\_config](#input\_coredns\_autoscaler\_helm\_config) | CoreDNS Autoscaler Helm Chart config | `any` | `{}` | no |
| <a name="input_coredns_cluster_proportional_autoscaler_helm_config"></a> [coredns\_cluster\_proportional\_autoscaler\_helm\_config](#input\_coredns\_cluster\_proportional\_autoscaler\_helm\_config) | Helm provider config for the CoreDNS cluster-proportional-autoscaler | `any` | `{}` | no |
| <a name="input_crossplane_aws_provider"></a> [crossplane\_aws\_provider](#input\_crossplane\_aws\_provider) | AWS Provider config for Crossplane | <pre>object({<br> enable = bool<br> provider_aws_version = string<br> additional_irsa_policies = list(string)<br> })</pre> | <pre>{<br> "additional_irsa_policies": [],<br> "enable": false,<br> "provider_aws_version": "v0.24.1"<br>}</pre> | no |
Expand Down Expand Up @@ -204,6 +206,7 @@
| <a name="input_enable_chaos_mesh"></a> [enable\_chaos\_mesh](#input\_enable\_chaos\_mesh) | Enable Chaos Mesh add-on | `bool` | `false` | no |
| <a name="input_enable_cilium"></a> [enable\_cilium](#input\_enable\_cilium) | Enable Cilium add-on | `bool` | `false` | no |
| <a name="input_enable_cluster_autoscaler"></a> [enable\_cluster\_autoscaler](#input\_enable\_cluster\_autoscaler) | Enable Cluster autoscaler add-on | `bool` | `false` | no |
| <a name="input_enable_consul"></a> [enable\_consul](#input\_enable\_consul) | Enable consul add-on | `bool` | `false` | no |
| <a name="input_enable_coredns_autoscaler"></a> [enable\_coredns\_autoscaler](#input\_enable\_coredns\_autoscaler) | Enable CoreDNS autoscaler add-on | `bool` | `false` | no |
| <a name="input_enable_coredns_cluster_proportional_autoscaler"></a> [enable\_coredns\_cluster\_proportional\_autoscaler](#input\_enable\_coredns\_cluster\_proportional\_autoscaler) | Enable cluster-proportional-autoscaler for CoreDNS | `bool` | `true` | no |
| <a name="input_enable_crossplane"></a> [enable\_crossplane](#input\_enable\_crossplane) | Enable Crossplane add-on | `bool` | `false` | no |
Expand Down
39 changes: 39 additions & 0 deletions modules/kubernetes-addons/consul/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
# Consul
Deploying Consul on EKS cluster
For more details checkout [Consul](https://https://developer.hashicorp.com/consul/tutorials/get-started-kubernetes/kubernetes-gs-deploy) docs

<!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
## Requirements

| Name | Version |
|------|---------|
| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.0.0 |

## Providers

No providers.

## Modules

| Name | Source | Version |
|------|--------|---------|
| <a name="module_helm_addon"></a> [helm\_addon](#module\_helm\_addon) | ../helm-addon | n/a |

## Resources

No resources.

## Inputs

| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| <a name="input_addon_context"></a> [addon\_context](#input\_addon\_context) | Input configuration for the addon | <pre>object({<br> aws_caller_identity_account_id = string<br> aws_caller_identity_arn = string<br> aws_eks_cluster_endpoint = string<br> aws_partition_id = string<br> aws_region_name = string<br> eks_cluster_id = string<br> eks_oidc_issuer_url = string<br> eks_oidc_provider_arn = string<br> tags = map(string)<br> irsa_iam_role_path = string<br> irsa_iam_permissions_boundary = string<br> })</pre> | n/a | yes |
| <a name="input_helm_config"></a> [helm\_config](#input\_helm\_config) | Helm Config for consul. | `any` | `{}` | no |
| <a name="input_manage_via_gitops"></a> [manage\_via\_gitops](#input\_manage\_via\_gitops) | Determines if the add-on should be managed via GitOps. | `bool` | `false` | no |

## Outputs

| Name | Description |
|------|-------------|
| <a name="output_argocd_gitops_config"></a> [argocd\_gitops\_config](#output\_argocd\_gitops\_config) | Configuration used for managing the add-on with ArgoCD |
<!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
20 changes: 20 additions & 0 deletions modules/kubernetes-addons/consul/locals.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
locals {
name = "consul"

default_helm_config = {
name = local.name
chart = local.name
repository = "https://helm.releases.hashicorp.com"
version = "1.0.1"
namespace = local.name
create_namespace = true
description = "Consul helm Chart deployment configuration"
values = [templatefile("${path.module}/values.yaml", {})]
}

helm_config = merge(local.default_helm_config, var.helm_config)

argocd_gitops_config = {
enable = true
}
}
6 changes: 6 additions & 0 deletions modules/kubernetes-addons/consul/main.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
module "helm_addon" {
source = "../helm-addon"
helm_config = local.helm_config
manage_via_gitops = var.manage_via_gitops
addon_context = var.addon_context
}
4 changes: 4 additions & 0 deletions modules/kubernetes-addons/consul/outputs.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
output "argocd_gitops_config" {
description = "Configuration used for managing the add-on with ArgoCD"
value = var.manage_via_gitops ? local.argocd_gitops_config : null
}
5 changes: 5 additions & 0 deletions modules/kubernetes-addons/consul/values.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
global:
name: consul

server:
replicas: 3
28 changes: 28 additions & 0 deletions modules/kubernetes-addons/consul/variables.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
variable "helm_config" {
description = "Helm Config for consul."
type = any
default = {}
}

variable "manage_via_gitops" {
description = "Determines if the add-on should be managed via GitOps."
type = bool
default = false
}

variable "addon_context" {
description = "Input configuration for the addon"
type = object({
aws_caller_identity_account_id = string
aws_caller_identity_arn = string
aws_eks_cluster_endpoint = string
aws_partition_id = string
aws_region_name = string
eks_cluster_id = string
eks_oidc_issuer_url = string
eks_oidc_provider_arn = string
tags = map(string)
irsa_iam_role_path = string
irsa_iam_permissions_boundary = string
})
}
3 changes: 3 additions & 0 deletions modules/kubernetes-addons/consul/versions.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
terraform {
required_version = ">= 1.0.0"
}
1 change: 1 addition & 0 deletions modules/kubernetes-addons/locals.tf
Original file line number Diff line number Diff line change
Expand Up @@ -47,6 +47,7 @@ locals {
kyverno_policies = var.enable_kyverno ? { enable = true } : null
kyverno_policy_reporter = var.enable_kyverno ? { enable = true } : null
nvidiaDevicePlugin = var.enable_nvidia_device_plugin ? module.nvidia_device_plugin[0].argocd_gitops_config : null
consul = var.enable_consul ? module.consul[0].argocd_gitops_config : null
}

addon_context = {
Expand Down
8 changes: 8 additions & 0 deletions modules/kubernetes-addons/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -781,3 +781,11 @@ module "emr_on_eks" {

tags = merge(var.tags, try(each.value.tags, {}))
}

module "consul" {
count = var.enable_consul ? 1 : 0
source = "./consul"
helm_config = var.consul_helm_config
manage_via_gitops = var.argocd_manage_add_ons
addon_context = local.addon_context
}
13 changes: 13 additions & 0 deletions modules/kubernetes-addons/variables.tf
Original file line number Diff line number Diff line change
Expand Up @@ -1397,3 +1397,16 @@ variable "emr_on_eks_config" {
type = any
default = {}
}

#-----------Consul addon-----------------------
variable "enable_consul" {
description = "Enable consul add-on"
type = bool
default = false
}

variable "consul_helm_config" {
description = "Consul Helm Chart config"
type = any
default = {}
}

0 comments on commit 9dfd3fa

Please sign in to comment.