Skip to content
Jump to bottom

Sync new/demo-eks-cluster-01 into main #1

Open
wants to merge 28 commits into
base: main
Choose a base branch
from
+2,132 −2
Open

Sync new/demo-eks-cluster-01 into main #1

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
28 commits
Select commit Hold shift + click to select a range
2cf4d02
Update dev/us-gov-west-1/csvd-dev-ew-vpc-01/demo-eks-cluster-01/eks/t…
arnol377 May 8, 2026
9f98132
Update dev/us-gov-west-1/csvd-dev-ew-vpc-01/demo-eks-cluster-01/eks-d…
arnol377 May 8, 2026
d3dcc29
Update dev/us-gov-west-1/region.hcl
arnol377 May 8, 2026
a249b8b
Update config.json
arnol377 May 8, 2026
000ba31
Update _envcommon/prefixes.hcl
arnol377 May 8, 2026
ef67b4d
Update dev/us-gov-west-1/csvd-dev-ew-vpc-01/demo-eks-cluster-01/eks-p…
arnol377 May 8, 2026
da395cc
Update dev/us-gov-west-1/csvd-dev-ew-vpc-01/demo-eks-cluster-01/eks-k…
arnol377 May 8, 2026
1b9caca
Update dev/us-gov-west-1/csvd-dev-ew-vpc-01/demo-eks-cluster-01/eks-m…
arnol377 May 8, 2026
c06aeb2
Update _envcommon/common-variables.hcl
arnol377 May 8, 2026
c10a357
Update dev/us-gov-west-1/csvd-dev-ew-vpc-01/demo-eks-cluster-01/eks-g…
arnol377 May 8, 2026
20f66d8
Update dev/account.hcl
arnol377 May 8, 2026
93660b7
Update dev/us-gov-west-1/csvd-dev-ew-vpc-01/demo-eks-cluster-01/eks-g…
arnol377 May 8, 2026
c4e535d
Update dev/us-gov-west-1/csvd-dev-ew-vpc-01/demo-eks-cluster-01/eks-k…
arnol377 May 8, 2026
934c421
Update dev/us-gov-west-1/csvd-dev-ew-vpc-01/demo-eks-cluster-01/eks-k…
arnol377 May 8, 2026
bcc240a
Update dev/us-gov-west-1/csvd-dev-ew-vpc-01/demo-eks-cluster-01/eks-o…
arnol377 May 8, 2026
102c82b
Update dev/us-gov-west-1/csvd-dev-ew-vpc-01/demo-eks-cluster-01/eks-p…
arnol377 May 8, 2026
7fe705a
Update dev/us-gov-west-1/csvd-dev-ew-vpc-01/demo-eks-cluster-01/eks-k…
arnol377 May 8, 2026
c7164b0
Update dev/us-gov-west-1/csvd-dev-ew-vpc-01/demo-eks-cluster-01/eks-l…
arnol377 May 8, 2026
495c031
Update dev/us-gov-west-1/csvd-dev-ew-vpc-01/demo-eks-cluster-01/eks-c…
arnol377 May 8, 2026
9aa9f2c
Update dev/us-gov-west-1/csvd-dev-ew-vpc-01/demo-eks-cluster-01/eks-i…
arnol377 May 8, 2026
b77ba9d
Update dev/us-gov-west-1/csvd-dev-ew-vpc-01/demo-eks-cluster-01/eks-c…
arnol377 May 8, 2026
bce73ce
Update dev/us-gov-west-1/csvd-dev-ew-vpc-01/vpc.hcl
arnol377 May 8, 2026
d864b87
Update README.md
arnol377 May 8, 2026
93f689f
Update dev/us-gov-west-1/csvd-dev-ew-vpc-01/demo-eks-cluster-01/clust…
arnol377 May 8, 2026
7e7253a
Update root.hcl
arnol377 May 8, 2026
745f91b
Update dev/us-gov-west-1/csvd-dev-ew-vpc-01/demo-eks-cluster-01/eks-t…
arnol377 May 8, 2026
b498646
Update _envcommon/default-versions.hcl
arnol377 May 8, 2026
5578dc0
Update dev/us-gov-west-1/csvd-dev-ew-vpc-01/demo-eks-cluster-01/eks-p…
arnol377 May 8, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
41 changes: 39 additions & 2 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,2 +1,39 @@
# demo-eks-cluster-01
EKS Cluster Configuration for demo-eks-cluster-01
# EKS Cluster Configuration - DEMO-EKS-CLUSTER-01 - DEV

This EKS cluster configuration was generated using Terraform and the terraform-eks-deployment module.

## Environment Details

- **Environment**: dev
- **Region**: us-gov-west-1
- **Cluster Name**: demo-eks-cluster-01

## Directory Structure

## Getting Started

To apply this configuration:

1. Change to the directory of the module you want to deploy:
```
cd environment/region/vpc/cluster/eks
```

2. Initialize and apply the Terragrunt configuration:
```
terragrunt init
terragrunt plan
terragrunt apply
```

3. Deploy additional modules as needed:
```
cd ../eks-cconfig
terragrunt init
terragrunt plan
terragrunt apply
```

## Customization

Each module can be deployed independently using Terragrunt.
82 changes: 82 additions & 0 deletions _envcommon/common-variables.hcl
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,82 @@
# dev/_envcommon/common-variables.hcl

# ---------------------------------------------------------------------------------------------------------------------
# GLOBAL PARAMETERS
# These are the variables we pass to use across modules regardless of environment, i.e. these are the parameters
# that are common across all environments/accounts.
# ---------------------------------------------------------------------------------------------------------------------
locals {
state_bucket_prefix = "inf-tfstate"
state_table_name = "tf_remote_state"
environment_abbr = "dev"

route53_endpoints = {
route53_main = {
"account_id" = local.route53_info[local.environment_abbr]["account_id"]
"alias" = local.route53_info[local.environment_abbr]["alias"]
"us-gov-east-1" = local.route53_info[local.environment_abbr]["us-gov-east-1"]
"us-gov-west-1" = local.route53_info[local.environment_abbr]["us-gov-west-1"]
}
route53_main_legacy = {
"account_id" = local.route53_info["legacy"]["account_id"]
"alias" = local.route53_info["legacy"]["alias"]
"us-gov-east-1" = local.route53_info["legacy"]["us-gov-east-1"]
"us-gov-west-1" = local.route53_info["legacy"]["us-gov-west-1"]
}
}

route53_info = {
lab = {
"account_id" = "269244441389"
"alias" = "lab-gov-network-nonprod"
"us-gov-east-1" = "vpc-070595c5b133243dd"
"us-gov-west-1" = "vpc-08b7b4db6a5ddf9c1"
}
dev = {
"account_id" = "057405694017"
"alias" = "ent-ew-network-prod"
"us-gov-east-1" = "vpc-061325b37d748d17a"
"us-gov-west-1" = "vpc-0b22b68b90e47cb5f"
}
prod = {
"account_id" = "057405694017"
"alias" = "ent-ew-network-prod"
"us-gov-east-1" = "vpc-061325b37d748d17a"
"us-gov-west-1" = "vpc-0b22b68b90e47cb5f"
}
legacy = {
"account_id" = "107742151971"
"alias" = "do2-govcloud"
"us-gov-east-1" = "vpc-099a991da7c4eb8a5"
"us-gov-west-1" = "vpc-77877a12"
}
}

enterprise_ecr_account = {
lab = {
"account_id" = "269222635945"
"alias" = "lab-gov-shared-nonprod"
"profile" = "269222635945-lab-gov-shared-nonprod"
"region" = "us-gov-east-1"
}
dev = {
"account_id" = "067074201825"
"alias" = "ent-gov-shared-prod"
"profile" = "067074201825-ent-gov-shared-prod"
"region" = "us-gov-east-1"
}
prod = {
"account_id" = "067074201825"
"alias" = "ent-gov-shared-prod"
"profile" = "067074201825-ent-gov-shared-prod"
"region" = "us-gov-east-1"
}
}

eecr_info = {
account_id = local.enterprise_ecr_account[local.environment_abbr]["account_id"]
alias = local.enterprise_ecr_account[local.environment_abbr]["alias"]
profile = local.enterprise_ecr_account[local.environment_abbr]["profile"]
region = local.enterprise_ecr_account[local.environment_abbr]["region"]
}
}
225 changes: 225 additions & 0 deletions _envcommon/default-versions.hcl
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,225 @@
# dev/_envcommon/default-versions.hcl
locals {
module_name = basename(get_original_terragrunt_dir())
release_version = local.module_versions["2026.03.15"][local.module_name]

#####################
# Module Versions
#####################
cluster_version = "1.34"
eks_module_version = "21.11.1"

module_versions = {
"2025.20.04" = {
"eks-arcgis" = false
"eks-cert-manager" = "0.1.9"
"eks-config" = "1.0.5"
"eks-cribl" = "0.0.1"
"eks-dns" = "0.1.4"
"eks-gatekeeper" = "0.0.3"
"eks-grafana" = "0.1.5"
"eks-istio" = "1.0.9"
"eks-k8s-dashboard" = "0.1.4"
"eks-karpenter" = "0.1.7"
"eks-keycloak" = "0.0.8"
"eks-kiali" = "0.1.4"
"eks-loki" = "0.1.4"
"eks-metrics-server" = "0.1.4"
"eks-otel" = "0.0.4"
"eks-pipeline" = "initial"
"eks-postgresql" = false
"eks-prometheus" = "0.1.4"
"eks-tempo" = "0.1.4"
"eks" = "1.0.10"
"cluster" = "2025.20.04"
}
"2026.03.15" = {
"eks-arcgis" = false
"eks-config" = "1.0.6"
"eks-cribl" = "mcm_v2"
"eks-dns" = "0.1.7"
"eks-gatekeeper" = "0.0.4"
"eks-grafana" = "0.1.5"
"eks-istio" = "1.0.9"
"eks-karpenter" = "0.1.9"
"eks-keycloak" = "0.0.8"
"eks-kiali" = "0.1.5"
"eks-loki" = "0.1.6"
"eks-otel" = "0.0.4"
"eks-pipeline" = "initial"
"eks-postgresql" = false
"eks-prometheus" = "0.1.5"
"eks-tempo" = "0.1.6"
"eks" = "1.0.14"
"cluster" = "2026.03.15"
}
}

submodule_versions = {
"tfmod-istio-service-ingress" = "0.1.7"
"tfmod-config-job" = "0.1.8"
"tfmod-custom-iam-role-for-service-account-eks" = "1.0.1"
}

#####################
# Module Enablement
#####################

# Core modules that should always be enabled (cannot be disabled)
core_modules = [
"eks",
"eks-karpenter",
"eks-config",
"eks-istio",
"eks-dns",
]

# Optional modules with their default enablement state
enabled_modules = {
"eks-arcgis" = false
"eks-cribl" = false
"eks-gatekeeper" = true
"eks-grafana" = true
"eks-keycloak" = true
"eks-kiali" = true
"eks-loki" = true
"eks-otel" = true
"eks-pipeline" = false
"eks-postgresql" = false
"eks-prometheus" = true
"eks-tempo" = true
}

#####################
# TF Providers
#####################
aws_version = "6.0"
helm_version = "2.11.0"
kubernetes_version = "2.33.0"
null_version = "3.2.1"
random_version = "3.5.1"
template_version = "2.2.0"
tf_version = "1.5.5"

#####################
# Namespaces Config
#####################
operator_namespace = "operator"
telemetry_namespace = "telemetry"
system_namespace = "kube-system"
istio_namespace = "istio-system"
namespaces = {
arcgis = "arcgis"
cribl = "cribl"
gatekeeper = "keycloak"
grafana = local.telemetry_namespace
istio = local.istio_namespace
karpenter = local.system_namespace
keycloak = "keycloak"
kiali = local.istio_namespace
loki = local.telemetry_namespace
misp = "misp"
otel = local.telemetry_namespace
postgresql = "keycloak"
prometheus = local.telemetry_namespace
tempo = local.telemetry_namespace
}

#####################
# EKS Config
#####################

################
# Cert-Manager
################
cluster_issuer_name = "cert-manager"

#####################
# Cribl
#####################
cribl_chart_version = "4.15.1"
cribl_app_version = "4.15.1"

################
# GoGatekeeper
################
gatekeeper_tag = "4.4.0"
gatekeeper_chart_version = "0.1.60"
gatekeeper_service_name = "gatekeeper"

################
# Grafana
################
grafana_hostname = "grafana"
grafana_operator_chart_version = "4.9.8"
grafana_operator_tag = "5.16.0"
grafana_tag = "11.5.2"
os_shell_image_tag = local.utilities_tag

################
# Istio
################
istio_version = "1.28.3"

################
# Karpenter
################
karpenter_helm_chart = "1.8.5"
karpenter_tag = "1.8.5"

################
# Keycloak
################
keycloak_chart_version = "7.0.1"
keycloak_tag = "26.0.7"
postgresql_tag = "17.4.0-debian-12-r4"
postgres_exporter_tag = "0.17.1-debian-12-r0"
utilities_tag = "1.0.3"

################
# Kiali
################
kiali_operator_version = "2.21.0"
kiali_application_version = "${local.kiali_operator_version}"

################
# Loki
################
loki_chart_version = "6.49.0"
loki_tag = "3.6.3"
enterprise_logs_provisioner_tag = "3.6.2"
gateway_tag = "1.29.4"
memcached_tag = "1.6.40"
exporter_tag = "v0.15.3"
sidecar_tag = "2.4.0"

################
# Open Telemetry
################
auto_instrumentation_java_version = "2.9.0"
collector_contrib_version = "0.113.0-amd64"
collector_version = "0.111.0-amd64"
otel_helm_version = "0.71.2"
otel_version = "0.110.0"
rbac_proxy_version = "0.20.2"

################
# PostgreSQL
################
postgresql_chart_version = "16.5.0"

################
# Prometheus
################
prometheus_chart_version = "28.6.0"
prometheus_server_tag = "v3.9.1"
prometheus_config_reloader_tag = "v0.88.0"
alertmanager_tag = "v0.30.1"
pushgateway_tag = "v1.6.2"

################
# Tempo
################
tempo_chart_version = "1.24.3"
tempo_tag = "2.9.1"
}
37 changes: 37 additions & 0 deletions _envcommon/prefixes.hcl
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,37 @@
locals {
prefixes = {
"ebs" = "v-ebs-"
"efs" = "v-efs-"
"group" = "g-"
"kms" = "k-kms-"
"policy" = "p-"
"role" = "r-"
"s3" = "v-s3-"
"security-group" = "" # "sg-"
# VPC
"customer-gateway" = "cgw-"
"dhcp-options" = ""
"elastic-ip" = "eip-"
"internet-gateway" = "igw-"
"log-group" = "lg-"
"log-stream" = "lgs-"
"nat-gateway" = "nat-"
"network-acl" = "nacl-"
"route-table" = "route-"
"subnet" = ""
"vpc-endpoint" = "vpce-"
"vpc-peer" = "vpcp-"
"vpc" = ""
"vpn-connection" = "vpn_"
"vpn-gateway" = "vpcg-"
# EKS
"eks-policy" = "p-eks-"
"eks-queue" = "eks-q-"
"eks-role" = "r-eks-"
"eks-s3" = "v-s3-eks-"
"eks-security-group" = "eks-sg-" # "sg-eks-"
"eks-user" = "s-eks-"
"eks" = "eks-"
"eks-event" = "eks-ev-"
}
}
1 change: 1 addition & 0 deletions config.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
{"account":{"account_name":"csvd-test-ew","aws_account_id":"354680860571","aws_profile":"csvd-test-ew-dev","environment_abbr":"dev"},"cluster":{"CostAllocation":"census:ocio:csvd","cluster_mailing_list":"","cluster_name":"demo-eks-cluster-01","eks_instance_disk_size":200,"eks_ng_desired_size":2,"eks_ng_max_size":10,"eks_ng_min_size":2,"finops_project_name":"","finops_project_number":"","finops_project_role":"","organization":"census:ocio:csvd","tags":{}},"cluster_dir":"demo-eks-cluster-01","enable_all_modules":true,"environment":"dev","modules":{"cribl":false,"gatekeeper":false,"grafana":false,"keycloak":false,"kiali":false,"loki":false,"otel":false,"prometheus":false,"tempo":false},"region":"us-gov-west-1","vpc":{"vpc_domain_name":"dev.inf.csp1.census.gov","vpc_name":"csvd-dev-ew-vpc-01"}}