如何使用 terraform 创建具有公共和私有 su.net 的 EKS 集群?
[英]How to create an EKS cluster with public and private subnets using terraform?
问题描述
I'm usin terraform to set up an EKS cluster i need to make sure that my worker nodes will be placed on private su.nets and that my public su.nets will be used for my load balancers but i don't actually know how to inject public and private su.nets in my cluster because i'm only using private ones.
我正在使用 terraform 来设置 EKS 集群,我需要确保我的工作节点将放置在私有 su.net 上,并且我的公共 su.net 将用于我的负载均衡器,但我实际上不知道如何在我的集群中注入公共和私有 su.net,因为我只使用私有的。
resource "aws_eks_cluster" "master_node" {
name = "my-cluster"
role_arn = aws_iam_role.master_iam_role.arn
version = "1.14"
vpc_config {
security_group_ids = [aws_security_group.master_security_group.id]
subnet_ids = var.private_subnet_eks_ids
}
depends_on = [
aws_iam_role_policy_attachment.main-cluster-AmazonEKSClusterPolicy,
aws_iam_role_policy_attachment.main-cluster-AmazonEKSServicePolicy,
]
}
resource "aws_autoscaling_group" "eks_autoscaling_group" {
desired_capacity = var.desired_capacity
launch_configuration = aws_launch_configuration.eks_launch_config.id
max_size = var.max_size
min_size = var.min_size
name = "my-autoscaling-group"
vpc_zone_identifier = var.private_subnet_eks_ids
depends_on = [
aws_efs_mount_target.efs_mount_target
]
}
2 个解决方案
解决方案1
2 2021-11-25 16:50:36
Give only private su.nets to your eks cluster but, before that, make sure you've tagged the public su.nets so:仅将私有 su.net 提供给您的 eks 集群,但在此之前,请确保您已将公共 su.net 标记为:
Key: kubernetes.io/role/elb
value: 1
as described here: https://aws.amazon.com/premiumsupport/knowledge-center/eks-vpc-su.net-discovery/如此处所述: https://aws.amazon.com/premiumsupport/knowledge-center/eks-vpc-su.net-discovery/
EKS will discover the public su.nets where to place the load balancer querying by tags. EKS 将通过标签查询发现公共 su.nets 在哪里放置负载均衡器。
解决方案2
1 2020-08-22 17:17:45
I make use to create both public and private su.nets on the VPC using the vpc module .我利用vpc 模块在 VPC 上创建公共和私有 su.net。 Then I create the EKS cluster using the eks module and refere to the vpc-data.然后我使用 eks模块创建 EKS 集群并引用 vpc-data。
Example例子
module "vpc" {
source = "terraform-aws-modules/vpc/aws"
name = "my-vpc"
cidr = "10.0.0.0/16"
azs = ["eu-north-1a", "eu-north-1b", "eu-north-1c"]
private_subnets = ["10.0.1.0/24", "10.0.2.0/24", "10.0.3.0/24"]
public_subnets = ["10.0.101.0/24", "10.0.102.0/24", "10.0.103.0/24"]
enable_nat_gateway = true
enable_vpn_gateway = true
}
And then EKS cluster where I refer to the VPC su.nets using module.vpc.private_su.nets and module.vpc.vpc_id :然后是 EKS 集群,我在其中使用module.vpc.private_su.nets和module.vpc.vpc_id引用 VPC su.nets:
module "eks-cluster" {
source = "terraform-aws-modules/eks/aws"
cluster_name = "my-eks-cluster"
cluster_version = "1.17"
subnets = module.vpc.private_subnets
vpc_id = module.vpc.vpc_id
worker_groups = [
{
instance_type = "t3.small"
asg_max_size = 2
}
]
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.