diff --git a/examples/terraform-submodules/eks/module.tf b/examples/terraform-submodules/eks/module.tf new file mode 100644 index 0000000000..0b8830c69c --- /dev/null +++ b/examples/terraform-submodules/eks/module.tf @@ -0,0 +1,75 @@ +// Copyright 2020 Google LLC All Rights Reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + + +// Run: +// terraform apply [-var agones_version="1.2.0"] +// to install "1.2.0" version of agones + +variable "agones_version" { + default = "1.2.0" +} + +variable "cluster_name" { + default = "agones-cluster" +} + +variable "region" { + default = "us-west-2" +} + +variable "node_count" { + default = "4" +} + +provider "aws" { + version = "~> 2.8" + region = var.region +} + +variable "machine_type" { default = "t2.large" } + +module "eks_cluster" { + source = "git::https://github.com/googleforgames/agones.git//install/terraform/modules/eks/?ref=master" + + machine_type = "${var.machine_type}" + cluster_name = "${var.cluster_name}" + node_count = "${var.node_count}" + region = "${var.region}" +} + +data "aws_eks_cluster_auth" "example" { + name = "${var.cluster_name}" +} + +// Next Helm module cause "terraform destroy" timeout, unless helm release would be deleted first. +// Therefore "helm delete --purge agones" should be executed from the CLI before executing "terraform destroy". +module "helm_agones" { + source = "git::https://github.com/googleforgames/agones.git//install/terraform/modules/helm/?ref=master" + + udp_expose = "false" + agones_version = "${var.agones_version}" + values_file = "" + chart = "agones" + host = "${module.eks_cluster.host}" + token = "${data.aws_eks_cluster_auth.example.token}" + cluster_ca_certificate = "${module.eks_cluster.cluster_ca_certificate}" +} + +output "host" { + value = "${module.eks_cluster.host}" +} +output "cluster_ca_certificate" { + value = "${module.eks_cluster.cluster_ca_certificate}" +} diff --git a/install/terraform/modules/eks/eks.tf b/install/terraform/modules/eks/eks.tf new file mode 100644 index 0000000000..3908220a5d --- /dev/null +++ b/install/terraform/modules/eks/eks.tf @@ -0,0 +1,112 @@ +# Copyright 2020 Google LLC All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +terraform { + required_version = ">= 0.12.6" +} + +provider "aws" { + version = "~> 2.8" + region = var.region +} + +data "aws_availability_zones" "available" { +} + +resource "aws_security_group" "worker_group_mgmt_one" { + name_prefix = "worker_group_mgmt_one" + vpc_id = module.vpc.vpc_id + + ingress { + from_port = 22 + to_port = 22 + protocol = "tcp" + + cidr_blocks = [ + "10.0.0.0/8", + ] + } + ingress { + from_port = 7000 + to_port = 8000 + protocol = "udp" + + cidr_blocks = [ + "0.0.0.0/0", + ] + } + + egress { + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] + } +} + +module "vpc" { + source = "terraform-aws-modules/vpc/aws" + version = "2.21.0" + + name = "test-vpc-lt" + cidr = "10.0.0.0/16" + azs = data.aws_availability_zones.available.names + public_subnets = ["10.0.4.0/24", "10.0.5.0/24", "10.0.6.0/24"] + enable_dns_hostnames = false + + tags = { + "kubernetes.io/cluster/${var.cluster_name}" = "shared" + } + + public_subnet_tags = { + "kubernetes.io/cluster/${var.cluster_name}" = "shared" + "kubernetes.io/role/elb" = "1" + } +} + +module "eks" { + source = "git::github.com/terraform-aws-modules/terraform-aws-eks.git?ref=v7.0.1" + cluster_name = "${var.cluster_name}" + subnets = module.vpc.public_subnets + vpc_id = module.vpc.vpc_id + cluster_version = "1.13" + + worker_groups_launch_template = [ + { + name = "default" + instance_type = "${var.machine_type}" + asg_desired_capacity = "${var.node_count}" + asg_min_size = "${var.node_count}" + asg_max_size = "${var.node_count}" + additional_security_group_ids = [aws_security_group.worker_group_mgmt_one.id] + public_ip = true + }, + // Node Pools with taints for metrics and system + { + name = "agones-system" + instance_type = "${var.machine_type}" + asg_desired_capacity = 1 + kubelet_extra_args = "--node-labels=agones.dev/agones-system=true --register-with-taints=agones.dev/agones-system=true:NoExecute" + public_ip = true + }, + { + name = "agones-metrics" + instance_type = "${var.machine_type}" + asg_desired_capacity = 1 + kubelet_extra_args = "--node-labels=agones.dev/agones-metrics=true --register-with-taints=agones.dev/agones-metrics=true:NoExecute" + public_ip = true + } + ] +} \ No newline at end of file diff --git a/install/terraform/modules/eks/outputs.tf b/install/terraform/modules/eks/outputs.tf new file mode 100644 index 0000000000..6c2fbc944b --- /dev/null +++ b/install/terraform/modules/eks/outputs.tf @@ -0,0 +1,48 @@ +# Copyright 2020 Google LLC All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +output "cluster_endpoint" { + description = "Endpoint for EKS control plane." + value = module.eks.cluster_endpoint +} + +output "cluster_security_group_id" { + description = "Security group ids attached to the cluster control plane." + value = module.eks.cluster_security_group_id +} + +output "kubectl_config" { + description = "kubectl config as generated by the module." + value = module.eks.kubeconfig +} + +output "config_map_aws_auth" { + description = "A kubernetes configuration to authenticate to this EKS cluster." + value = module.eks.config_map_aws_auth +} + +output "region" { + description = "AWS region." + value = var.region +} + + + +output "cluster_ca_certificate" { + value = "${base64decode(module.eks.cluster_certificate_authority_data)}" +} + +output "host" { + depends_on = ["module.eks"] + value = "${module.eks.cluster_endpoint}" +} diff --git a/install/terraform/modules/eks/variables.tf b/install/terraform/modules/eks/variables.tf new file mode 100644 index 0000000000..12277d9f90 --- /dev/null +++ b/install/terraform/modules/eks/variables.tf @@ -0,0 +1,70 @@ +# Copyright 2020 Google LLC All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +variable "cluster_name" { + default = "test-cluster" +} + +variable "region" { + default = "us-west-2" +} + +variable "machine_type" { + default = "t2.large" +} + +variable "node_count" { + default = "4" +} + +variable "map_accounts" { + description = "Additional AWS account numbers to add to the aws-auth configmap." + type = list(string) + + default = [ + "777777777777", + "888888888888", + ] +} + +variable "map_roles" { + description = "Additional IAM roles to add to the aws-auth configmap." + type = list(map(string)) + + default = [ + { + role_arn = "arn:aws:iam::66666666666:role/role1" + username = "role1" + group = "system:masters" + }, + ] +} + +variable "map_users" { + description = "Additional IAM users to add to the aws-auth configmap." + type = list(map(string)) + + default = [ + { + user_arn = "arn:aws:iam::66666666666:user/user1" + username = "user1" + group = "system:masters" + }, + { + user_arn = "arn:aws:iam::66666666666:user/user2" + username = "user2" + group = "system:masters" + }, + ] +} \ No newline at end of file diff --git a/install/terraform/modules/helm/helm.tf b/install/terraform/modules/helm/helm.tf index 03f840b44f..6df619f906 100644 --- a/install/terraform/modules/helm/helm.tf +++ b/install/terraform/modules/helm/helm.tf @@ -124,10 +124,15 @@ resource "helm_release" "agones" { } set { - name = " agones.ping.http.serviceType" + name = "agones.ping.http.serviceType" value = "${var.ping_service_type}" } + set { + name = "agones.ping.udp.expose" + value ="${var.udp_expose}" + } + set { name = "agones.ping.udp.serviceType" value = "${var.ping_service_type}" diff --git a/install/terraform/modules/helm/variables.tf b/install/terraform/modules/helm/variables.tf index 1f15b07e71..68d6da52d4 100644 --- a/install/terraform/modules/helm/variables.tf +++ b/install/terraform/modules/helm/variables.tf @@ -22,6 +22,10 @@ variable "agones_version" { default = "" } +variable "udp_expose" { + default = "true" +} + variable "host" {} variable "token" {} diff --git a/site/content/en/docs/Installation/Terraform/_index.md b/site/content/en/docs/Installation/Terraform/_index.md index 3ac8d7f144..1d6e3e2330 100644 --- a/site/content/en/docs/Installation/Terraform/_index.md +++ b/site/content/en/docs/Installation/Terraform/_index.md @@ -10,5 +10,6 @@ description: > - [Terraform](https://www.terraform.io/) v0.12.3 - [Helm](https://docs.helm.sh/helm/) package manager 2.10.0+ -- Access to the the Kubernetes hosting provider you are using (e.g. `gcloud` or `az` utility installed) +- Access to the the Kubernetes hosting provider you are using (e.g. `gcloud` +{{% feature publishVersion="1.3.0" %}}, `awscli`{{% /feature %}} or `az` utility installed) - Git diff --git a/site/content/en/docs/Installation/Terraform/aks.md b/site/content/en/docs/Installation/Terraform/aks.md index 5a315b8ef0..d84bbdffa2 100644 --- a/site/content/en/docs/Installation/Terraform/aks.md +++ b/site/content/en/docs/Installation/Terraform/aks.md @@ -3,7 +3,7 @@ title: "Installing Agones on Azure Kubernetes Service using Terraform" linkTitle: "Azure" weight: 20 description: > - You can use Terraform to provision a AKS cluster and install Agones on it. + You can use Terraform to provision an AKS cluster and install Agones on it. --- ## Installation @@ -35,7 +35,7 @@ Once you created all resources on AKS you can get the credentials so that you ca az aks get-credentials --resource-group agonesRG --name test-cluster ``` -Check that you have access to kubernetes cluster: +Check that you have access to the Kubernetes cluster: ``` kubectl get nodes ``` diff --git a/site/content/en/docs/Installation/Terraform/eks.md b/site/content/en/docs/Installation/Terraform/eks.md new file mode 100644 index 0000000000..ecbe0cf3a0 --- /dev/null +++ b/site/content/en/docs/Installation/Terraform/eks.md @@ -0,0 +1,79 @@ +--- +title: "Installing Agones on AWS Elastic Kubernetes Service using Terraform" +linkTitle: "AWS" +weight: 20 +publishDate: 2020-01-21 +description: > + You can use Terraform to provision an EKS cluster and install Agones on it. +--- + +## Installation + +You can use Terraform to provision your Amazon EKS (Elastic Kubernetes Service) cluster and install Agones on it using the Helm Terraform provider. + +An example of the EKS submodule config file can be found here: + {{< ghlink href="examples/terraform-submodules/eks/module.tf" >}}Terraform configuration with Agones submodule{{< /ghlink >}} + +Copy this file into a separate folder. + +Configure your AWS CLI tool [CLI configure](https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-configure.html): +``` +aws configure +``` + +Initialise your terraform: +``` +terraform init +``` + +### Creating Cluster + +By editing `modules.tf` you can change the parameters that you need to. For instance, the - `machine_type` variable. + +Configurable parameters: + +- cluster_name - the name of the GKE cluster (default is "agones-terraform-example") +- agones_version - the version of agones to install (default is the latest version from the [Helm repository](https://agones.dev/chart/stable)) +- machine_type - EC2 instance type for hosting game servers (default is "t2.large") +- node_count - count of game server nodes for the default node pool (default is "4") + +Now you can create an EKS cluster and deploy Agones on EKS: +``` +terraform apply [-var agones_version="{{< release-version >}}"] +``` + +After deploying the cluster with Agones, you can get or update your kubeconfig by using: +``` +aws eks --region us-west-2 update-kubeconfig --name agones-cluster +``` + +With the following output: +``` +Added new context arn:aws:eks:us-west-2:601646756426:cluster/agones-cluster to /Users/user/.kube/config +``` + +Switch `kubectl` context to the recently created one: +``` +kubectl config use-context arn:aws:eks:us-west-2:601646756426:cluster/agones-cluster +``` + +Check that you are authenticated against the recently created Kubernetes cluster: +``` +kubectl get nodes +``` + +### Uninstall the Agones and delete EKS cluster + +Run the following commands to delete all Terraform provisioned resources if you choose helm: +``` +helm delete --purge agones +terraform destroy +``` + +{{< alert title="Note" color="info" >}} +There is an issue with the AWS Terraform provider: +https://github.com/terraform-providers/terraform-provider-aws/issues/9101 +Due to this issue you should remove helm release first (as stated above), +otherwise `terraform destroy` will timeout and never succeed. +Remove all created resources manually in that case, namely: 3 Auto Scaling groups, EKS cluster, and a VPC with all dependent resources. +{{< /alert >}} diff --git a/site/content/en/docs/Installation/Terraform/gke.md b/site/content/en/docs/Installation/Terraform/gke.md index 27a45af9e4..b5432eb4ce 100644 --- a/site/content/en/docs/Installation/Terraform/gke.md +++ b/site/content/en/docs/Installation/Terraform/gke.md @@ -112,7 +112,7 @@ To verify that the cluster was created successfully, set up your kubectl credent gcloud container clusters get-credentials --zone us-west1-c agones-terraform-example ``` -Then check that you have access to kubernetes cluster: +Then check that you have access to the Kubernetes cluster: ``` kubectl get nodes ```