kryptn · kryptn · Apr 12, 2024
diff --git a/cloud/aws/eks-fargate-karpenter/justfile b/cloud/aws/eks-fargate-karpenter/justfile
@@ -0,0 +1,8 @@
+tf-output value:
+    terraform output {{value}}
+
+write-kubeconfig:
+    #!/bin/bash
+    cluster_name=`terraform output -raw cluster_name`
+    aws eks update-kubeconfig --name $cluster_name --dry-run > kubeconfig.yaml
+    chmod go-r kubeconfig.yaml
diff --git a/cloud/aws/eks-fargate-karpenter/main.tf b/cloud/aws/eks-fargate-karpenter/main.tf
@@ -54,18 +54,20 @@ data "aws_ecrpublic_authorization_token" "token" {
 
 locals {
   # name            = "ex-${replace(basename(path.cwd), "_", "-")}"
-  name            = "ex-cluster"
-  cluster_version = "1.29"
-  region          = "us-west-2"
+  region          = var.region
+
+  actual_name = var.cluster_name != "" ? var.cluster_name : basename(path.cwd)
+  name = "aws-${replace(local.actual_name, "_", "-")}"
+  cluster_version = var.cluster_version
 
   vpc_cidr = "10.0.0.0/16"
   azs      = slice(data.aws_availability_zones.available.names, 0, 3)
 
   tags = {
-    Example    = local.name
-    GithubRepo = "tf-aws-eks-fargate-karpenter"
-    GithubOrg  = "kryptn"
+    repo = "github.com/kryptn/infra"
+    path = "/cloud/aws/eks-fargate-karpenter"
   }
+
 }
 
 ################################################################################
@@ -118,18 +120,18 @@ module "eks" {
   create_node_security_group    = false
 
   manage_aws_auth_configmap = true
-  aws_auth_roles = [
-    # We need to add in the Karpenter node IAM role for nodes launched by Karpenter
-    {
-      rolearn  = module.karpenter.role_arn
-      username = "system:node:{{EC2PrivateDNSName}}"
-      groups = [
-        "system:bootstrappers",
-        "system:nodes",
-      ]
-    },
-
-  ]
+  # aws_auth_roles = [
+  #   # We need to add in the Karpenter node IAM role for nodes launched by Karpenter
+  #   {
+  #     rolearn  = module.karpenter.role_arn
+  #     username = "system:node:{{EC2PrivateDNSName}}"
+  #     groups = [
+  #       "system:bootstrappers",
+  #       "system:nodes",
+  #     ]
+  #   },
+
+  # ]
 
   fargate_profiles = {
     karpenter = {
@@ -144,6 +146,8 @@ module "eks" {
     }
   }
 
+
+
 
   tags = merge(local.tags, {
     # NOTE - if creating multiple security groups with this module, only tag the
@@ -157,24 +161,24 @@ module "eks" {
 # Karpenter
 ################################################################################
 
-module "karpenter" {
-  source = "terraform-aws-modules/eks/aws//modules/karpenter"
+# module "karpenter" {
+#   source = "terraform-aws-modules/eks/aws//modules/karpenter"
 
-  cluster_name           = module.eks.cluster_name
-  irsa_oidc_provider_arn = module.eks.oidc_provider_arn
+#   cluster_name           = module.eks.cluster_name
+#   irsa_oidc_provider_arn = module.eks.oidc_provider_arn
 
-  # In v0.32.0/v1beta1, Karpenter now creates the IAM instance profile
-  # so we disable the Terraform creation and add the necessary permissions for Karpenter IRSA
-  enable_karpenter_instance_profile_creation = true
+#   # In v0.32.0/v1beta1, Karpenter now creates the IAM instance profile
+#   # so we disable the Terraform creation and add the necessary permissions for Karpenter IRSA
+#   enable_karpenter_instance_profile_creation = true
 
-  # Used to attach additional IAM policies to the Karpenter node IAM role
-  iam_role_additional_policies = {
-    AmazonSSMManagedInstanceCore = "arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore"
-  }
+#   # Used to attach additional IAM policies to the Karpenter node IAM role
+#   iam_role_additional_policies = {
+#     AmazonSSMManagedInstanceCore = "arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore"
+#   }
 
 
-  tags = local.tags
-}
+#   tags = local.tags
+# }
 
 # resource "helm_release" "karpenter" {
 #   namespace        = "karpenter"

diff --git a/cloud/aws/eks-fargate-karpenter/outputs.tf b/cloud/aws/eks-fargate-karpenter/outputs.tf
@@ -190,93 +190,3 @@ output "aws_auth_configmap_yaml" {
   description = "Formatted yaml output for base aws-auth configmap containing roles used in cluster node groups/fargate profiles"
   value       = module.eks.aws_auth_configmap_yaml
 }
-
-################################################################################
-# IAM Role for Service Account (IRSA)
-################################################################################
-
-output "karpenter_irsa_name" {
-  description = "The name of the IAM role for service accounts"
-  value       = module.karpenter.irsa_name
-}
-
-output "karpenter_irsa_arn" {
-  description = "The Amazon Resource Name (ARN) specifying the IAM role for service accounts"
-  value       = module.karpenter.irsa_arn
-}
-
-output "karpenter_irsa_unique_id" {
-  description = "Stable and unique string identifying the IAM role for service accounts"
-  value       = module.karpenter.irsa_unique_id
-}
-
-################################################################################
-# Node Termination Queue
-################################################################################
-
-output "karpenter_queue_arn" {
-  description = "The ARN of the SQS queue"
-  value       = module.karpenter.queue_arn
-}
-
-output "karpenter_queue_name" {
-  description = "The name of the created Amazon SQS queue"
-  value       = module.karpenter.queue_name
-}
-
-output "karpenter_queue_url" {
-  description = "The URL for the created Amazon SQS queue"
-  value       = module.karpenter.queue_url
-}
-
-################################################################################
-# Node Termination Event Rules
-################################################################################
-
-output "karpenter_event_rules" {
-  description = "Map of the event rules created and their attributes"
-  value       = module.karpenter.event_rules
-}
-
-################################################################################
-# Node IAM Role
-################################################################################
-
-output "karpenter_role_name" {
-  description = "The name of the IAM role"
-  value       = module.karpenter.role_name
-}
-
-output "karpenter_role_arn" {
-  description = "The Amazon Resource Name (ARN) specifying the IAM role"
-  value       = module.karpenter.role_arn
-}
-
-output "karpenter_role_unique_id" {
-  description = "Stable and unique string identifying the IAM role"
-  value       = module.karpenter.role_unique_id
-}
-
-################################################################################
-# Node IAM Instance Profile
-################################################################################
-
-output "karpenter_instance_profile_arn" {
-  description = "ARN assigned by AWS to the instance profile"
-  value       = module.karpenter.instance_profile_arn
-}
-
-output "karpenter_instance_profile_id" {
-  description = "Instance profile's ID"
-  value       = module.karpenter.instance_profile_id
-}
-
-output "karpenter_instance_profile_name" {
-  description = "Name of the instance profile"
-  value       = module.karpenter.instance_profile_name
-}
-
-output "karpenter_instance_profile_unique" {
-  description = "Stable and unique string identifying the IAM instance profile"
-  value       = module.karpenter.instance_profile_unique
-}
diff --git a/cloud/aws/eks-fargate-karpenter/variables.tf b/cloud/aws/eks-fargate-karpenter/variables.tf
@@ -0,0 +1,14 @@
+variable "region" {
+    type = string
+    default = "us-west-2"
+}
+
+variable "cluster_name" {
+    type = string
+    default = ""
+}
+
+variable "cluster_version" {
+    type = string
+    default ="1.29"
+}