msfidelis/eks-with-istio msfidelis/eks-with-istio

  • Stars
    star
    136
  • Rank 266,272 (Top 6 %)
  • Language HCL
  • License
    MIT License
  • Created about 3 years ago
  • Updated about 1 month ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
msfidelis/eks-with-istio
github

msfidelis

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

🐳 📦 🚀 - Terraform template for a production ready EKS Cluster and ISTIO Service Mesh

Welcome to EKS with Istio Setup with Terraform 👋

Version Documentation License: MIT Twitter: fidelissauro

Terraform Versions Compatibility

Terraform 0.13 Terraform 0.14 Terraform 0.15 Terraform 1.0.0 Terraform 1.1.0

🏠 Architecture / Topology

topology

Requirements

Name Version
aws ~> 4.0
helm ~> 2.0
kubectl ~> 1.14
kubernetes ~> 2.0
tls ~> 3.1.0

Providers

Name Version
aws 4.67.0
helm 2.11.0
kubectl 1.14.0
kubernetes 2.23.0
tls 3.1.0

Modules

No modules.

Resources

Name Type
aws_api_gateway_vpc_link.nlb resource
aws_cloudwatch_event_rule.node_termination_handler_instance_terminate resource
aws_cloudwatch_event_rule.node_termination_handler_rebalance resource
aws_cloudwatch_event_rule.node_termination_handler_scheduled_change resource
aws_cloudwatch_event_rule.node_termination_handler_spot_termination resource
aws_cloudwatch_event_rule.node_termination_handler_state_change resource
aws_cloudwatch_event_target.node_termination_handler_instance_terminate resource
aws_cloudwatch_event_target.node_termination_handler_rebalance resource
aws_cloudwatch_event_target.node_termination_handler_scheduled_change resource
aws_cloudwatch_event_target.node_termination_handler_spot_termination resource
aws_cloudwatch_event_target.node_termination_handler_state_change resource
aws_eip.vpc_iep resource
aws_eks_addon.cni resource
aws_eks_addon.coredns resource
aws_eks_addon.csi_driver resource
aws_eks_addon.kubeproxy resource
aws_eks_cluster.eks_cluster resource
aws_eks_node_group.cluster resource
aws_iam_instance_profile.nodes resource
aws_iam_openid_connect_provider.eks resource
aws_iam_policy.aws_load_balancer_controller_policy resource
aws_iam_policy.aws_node_termination_handler_policy resource
aws_iam_policy.cluster_autoscaler_policy resource
aws_iam_policy.csi_driver resource
aws_iam_policy.karpenter_policy resource
aws_iam_policy.keda_policy resource
aws_iam_policy_attachment.aws_load_balancer_controller_policy resource
aws_iam_policy_attachment.aws_node_termination_handler_policy resource
aws_iam_policy_attachment.cluster_autoscaler resource
aws_iam_policy_attachment.csi_driver resource
aws_iam_policy_attachment.karpenter_policy resource
aws_iam_policy_attachment.keda resource
aws_iam_role.alb_controller resource
aws_iam_role.aws_node_termination_handler_role resource
aws_iam_role.cluster_autoscaler_role resource
aws_iam_role.eks_cluster_role resource
aws_iam_role.eks_nodes_roles resource
aws_iam_role.karpenter_role resource
aws_iam_role.keda_role resource
aws_iam_role_policy_attachment.cloudwatch resource
aws_iam_role_policy_attachment.cni resource
aws_iam_role_policy_attachment.ecr resource
aws_iam_role_policy_attachment.eks-cluster-cluster resource
aws_iam_role_policy_attachment.eks-cluster-service resource
aws_iam_role_policy_attachment.node resource
aws_iam_role_policy_attachment.ssm resource
aws_internet_gateway.gw resource
aws_kms_alias.eks resource
aws_kms_key.eks resource
aws_launch_template.karpenter resource
aws_lb.ingress resource
aws_lb_listener.ingress_443 resource
aws_lb_listener.ingress_80 resource
aws_lb_target_group.http resource
aws_lb_target_group.https resource
aws_nat_gateway.nat resource
aws_route.nat_access resource
aws_route.public_internet_access resource
aws_route53_record.nlb resource
aws_route53_zone.private resource
aws_route_table.igw_route_table resource
aws_route_table.nat resource
aws_route_table_association.pods_1a resource
aws_route_table_association.pods_1b resource
aws_route_table_association.pods_1c resource
aws_route_table_association.private1a resource
aws_route_table_association.private1b resource
aws_route_table_association.private1c resource
aws_route_table_association.public_1a resource
aws_route_table_association.public_1b resource
aws_route_table_association.public_1c resource
aws_security_group.cluster_nodes_sg resource
aws_security_group.cluster_sg resource
aws_security_group_rule.cluster_ingress_https resource
aws_security_group_rule.nodeport resource
aws_security_group_rule.nodeport_cluster resource
aws_security_group_rule.nodeport_cluster_udp resource
aws_sqs_queue.node_termination_handler resource
aws_sqs_queue_policy.node_termination_handler resource
aws_subnet.pods_subnet_1a resource
aws_subnet.pods_subnet_1b resource
aws_subnet.pods_subnet_1c resource
aws_subnet.private_subnet_1a resource
aws_subnet.private_subnet_1b resource
aws_subnet.private_subnet_1c resource
aws_subnet.public_subnet_1a resource
aws_subnet.public_subnet_1b resource
aws_subnet.public_subnet_1c resource
aws_vpc.cluster_vpc resource
aws_vpc_ipv4_cidr_block_association.pods resource
helm_release.alb_ingress_controller resource
helm_release.argo_rollouts resource
helm_release.chaos_mesh resource
helm_release.cluster_autoscaler resource
helm_release.descheduler resource
helm_release.istio_base resource
helm_release.istio_ingress resource
helm_release.istiod resource
helm_release.jaeger resource
helm_release.karpenter resource
helm_release.keda resource
helm_release.kiali-server resource
helm_release.kube_state_metrics resource
helm_release.metrics_server resource
helm_release.node_termination_handler resource
helm_release.prometheus resource
kubectl_manifest.grafana_gateway resource
kubectl_manifest.grafana_service resource
kubectl_manifest.istio_target_group_binding_http resource
kubectl_manifest.istio_target_group_binding_https resource
kubectl_manifest.jaeger_gateway resource
kubectl_manifest.jaeger_virtual_service resource
kubectl_manifest.karpenter_provisioner resource
kubectl_manifest.karpenter_template resource
kubectl_manifest.kiali_gateway resource
kubectl_manifest.kiali_virtual_service resource
kubernetes_config_map.aws-auth resource
aws_caller_identity.current data source
aws_eks_cluster_auth.default data source
aws_iam_policy_document.aws_load_balancer_controller_assume_role data source
aws_iam_policy_document.aws_load_balancer_controller_policy data source
aws_iam_policy_document.aws_node_termination_handler_policy data source
aws_iam_policy_document.aws_node_termination_handler_role data source
aws_iam_policy_document.cluster_autoscaler_policy data source
aws_iam_policy_document.cluster_autoscaler_role data source
aws_iam_policy_document.csi_driver data source
aws_iam_policy_document.eks_cluster_role data source
aws_iam_policy_document.eks_nodes_role data source
aws_iam_policy_document.karpenter_policy data source
aws_iam_policy_document.karpenter_role data source
aws_iam_policy_document.keda_policy data source
aws_iam_policy_document.keda_role data source
aws_ssm_parameter.eks data source
tls_certificate.eks data source

Inputs

Name Description Type Default Required
addon_cni_version VPC CNI Version string "v1.14.1-eksbuild.1" no
addon_coredns_version CoreDNS Version string "v1.10.1-eksbuild.4" no
addon_csi_version CSI Version string "v1.24.0-eksbuild.1" no
addon_kubeproxy_version Kubeproxy Version string "v1.28.1-eksbuild.1" no
argo_rollouts_toggle Enable Argo Rollouts Installation bool true no
auto_scale_options n/a map 
{
  "desired": 6,
  "max": 10,
  "min": 4
}
 no
aws_region n/a string "us-east-1" no
chaos_mesh_toggle Enable Chaos Mesh Installation bool false no
cluster_autoscaler_toggle Enable Cluster Autoscaler Installation bool false no
cluster_name n/a string "eks-cluster" no
cluster_private_zone n/a string "k8s.cluster" no
default_tags n/a map 
{
  "Environment": "prod",
  "Foo": "Bar",
  "Ping": "Pong"
}
 no
descheduler_toggle Enable Descheduler Installation bool false no
enable_cross_zone_load_balancing n/a bool false no
grafana_virtual_service_host n/a string "grafana.k8s.raj.ninja" no
istio_ingress_max_pods Maximum pods for istio-ingress-gateway number 9 no
istio_ingress_min_pods Minimum pods for istio-ingress-gateway number 3 no
jaeger_virtual_service_host n/a string "jaeger.k8s.raj.ninja" no
k8s_version n/a string "1.28" no
karpenter_availability_zones Availability zones to launch nodes list 
[
  "us-east-1a",
  "us-east-1b",
  "us-east-1c"
]
 no
karpenter_capacity_type Capacity Type; Ex spot, on_demand list 
[
  "spot"
]
 no
karpenter_instance_family Instance family list to launch on karpenter list 
[
  "c6",
  "c6a",
  "c5"
]
 no
karpenter_instance_sizes Instance sizes to diversify into instance family list 
[
  "large",
  "2xlarge"
]
 no
karpenter_toggle Enable Karpenter Installation bool true no
keda_toggle Enable Keda Installation bool true no
kiali_virtual_service_host n/a string "kiali.k8s.raj.ninja" no
nlb_ingress_enable_termination_protection n/a bool false no
nlb_ingress_internal n/a bool false no
nlb_ingress_type n/a string "network" no
node_termination_handler_toggle Enable AWS Node Termination Handler Setup bool true no
nodes_instances_sizes n/a list 
[
  "t3.large"
]
 no
proxy_protocol_v2 n/a bool false no

Outputs

Name Description
cluster_name n/a
istio_ingress_vpclink n/a

Demo

Install

terraform init

Usage

terraform apply

Run tests

terraform plan

Author

👤 Matheus Fidelis

🤝 Contributing

Contributions, issues and feature requests are welcome!
Feel free to check issues page.

Show your support

Give a ⭐️ if this project helped you!

📝 License

Copyright © 2021 Matheus Fidelis.
This project is MIT licensed.

_This README was generated with ❤️ by readme-md-generator_

More Repositories

1

serverless-architecture-boilerplate

📦 ⚡ 🚀 Boilerplate to organize and deploy big projects using AWS API Gateway and AWS Lambda with Serverless Framework
JavaScript
379
star
2

ecs-pipeline

☁️ 🐳 ⚡ 🚀 Create environment and deployment pipelines to ECS Fargate with CodePipeline, CodeBuild and Github using Terraform
HCL
115
star
3

terraformando-eks

🚀 📦 🐳 codebase da série de videos Terraformando o EKS no Youtube
HCL
102
star
4

CintoDeUtilidadesDocker

My Docker templates repository 🐳 ☁️ 🐳
VCL
94
star
5

kubernetes-with-cri-o

📦 🚀 📦 - Kubernetes Cluster setup using CRI-O Runtime
Jinja
93
star
6

Kill-Router-

Ferramenta para quebrar senhas administrativas de roteadores Wireless, routers, switches e outras plataformas de gestão de serviços de rede autenticados.
Python
86
star
7

ecs-microservices-orchestration

☁️ 🐳 ⚡ 🚀 📦 Complete microservices orchestration on ECS on AWS using Terraform
HCL
76
star
8

aws-turn-off-my-account

📦 🚀 📦 Lambda stack to turn off and destroy all resources from your personal AWS Account to avoid billing surprises
Go
67
star
9

cncf-platform-stack

🐳 📦 🚀 ⚡ Recursos da série de vídeos sobre stack da CNCF
64
star
10

cassler

🕷️ 🕷️ 🕷️ - Validate SSL Certificates around web
Go
60
star
11

kubedump

🐳 📦 🚀 - Simple tool to dump and restore kubernetes resources
Go
49
star
12

slim-microservices

Exemplos da evolução da nossa API usados na série de Posts sobre Slim Framework no Medium.
PHP
42
star
13

serverless-pipeline

Pipeline to build, test and deploy Serverless Framework Projects with CodeBuild and CodePipeline on AWS using Terraform. ⚡ 🚀 ⚡ 🚀
HCL
40
star
14

kafka-stress

CLI Tool to Stress Apache Kafka Clusters
Go
38
star
15

serverless-architecture-boilerplate-go

📦 ⚡ 🚀 Boilerplate to organize and deploy big projects using AWS API Gateway and AWS Lambda with Serverless Framework, but using Go!
Go
38
star
16

envoy-proxy-examples

Use cases for Envoy Proxy vanilla
Dockerfile
31
star
17

istio-disaster-recovery

Go
29
star
18

rsmq-promise

Promise interface for RSMQ
JavaScript
28
star
19

aws-multi-region-disaster-recovery

🔥 🔥 🔥 - Example to explain how to implement minimal multi-region architecture on AWS with disaster recovery
HCL
24
star
20

eks-karpenter-autonomous-cluster

🐳 📦 🚀 - Elastic Kubernetes Service fully managed using Karpenter Autoscaler, without Node Groups
HCL
23
star
21

kubernetes-kind-setup

📦 🐳 📦 - Bootstrap for my Kubernetes Cluster local using Kind
Smarty
23
star
22

chip

📦 🐳 🚀 - Smart "dummy" mock for cloud native tests
Go
21
star
23

TorrentRSSDownloader

Script/Daemon que eu diz em Python para baixar todos os novos episódios de Game of Thrones por Torrent. Mas na verdade você pode utilizar em qualquer série ;) #NãoSouResponsávelPeloUsoDessaParada
Python
21
star
24

eks-with-cilium

🐳 📦 🚀 - Terraform template for a production ready EKS Cluster and Cilium Service Mesh and eBPF
HCL
20
star
25

linuxtips-curso-containers-aws

🐧 🐧 🐧 - Repositório Central do Curso de Containers na AWS. Materiais extras e guia do curso.
20
star
26

hacking-scripts-sandbox

Sandbox for my White/Gray Hat Tools
PHP
19
star
27

gin-chaos-monkey

🍸 🍸 🍸 - Chaos Monkey assalts middleware for Gin Gonic
Go
19
star
28

analise-identificao-urnas-eletronicas

R
19
star
29

nutrition-overengineering

🍞 🍔 🍕 🥪 🥚 🥓 - Application to calc healthcare and nutrition metrics, but using the most over engineered as possible
Go
19
star
30

terraform-static-site-pipeline

Easy (🌴 🍺) and cheap (💸) way to deploy and scale frontend sites on AWS with Terraform 🌎
HCL
19
star
31

jmeter-grafana-influxdb

🐳 📦 📈 📉 📊 Loadtest Stack Automation with Jmeter
Dockerfile
18
star
32

boreal

REST interface for MySQL, MariaDB and Aurora servers running in containers! 🐳 ❄️
JavaScript
18
star
33

PythonBackupSystem

Rotinas de Backup Full e Diferencial feitas em Python #IndustriaFox
Python
17
star
34

jenkins-ecs-slaves

How to use ECS Cluster to build / deploy your applications with Jenkins Slaves
HCL
17
star
35

cloud-inventory

☁️ ☁️ ☁️ Simple tool to search tagged resources between all AWS resouces
Go
16
star
36

sonarqube-stack

📦 🐳 📦 🐳 Local and Kubernetes example to deploy Sonarqube server to CI
15
star
37

serverless-offline-sqs-esmq

Simple SQS and ESMQ plugin for Serverless Framework ⚡ ⚡
JavaScript
13
star
38

k8s-complete-stack

🐳 📦 🚀 I'm just trying to create the entire Kubernetes ecosystem with CNCF projects kkkkk
HCL
13
star
39

cloud-native-microservice-boilerplate

📦 🐳 🚀 ⚡ Personal project boilerplate to start new cloud native microservices projects with Go quickly
Go
13
star
40

aws-vpc-best-pratices

Personal compilation for best pratices for VPC Network architectures on AWS to improve performance, high avalilability and security for your apps. ☁️
HCL
12
star
41

sigil

🚪 🚪 🚪 - The Command Line of Doors - Just an "lsof" wrapper for lazy people
Go
12
star
42

atlantis-aws

Setup Atlantis on AWS to manage Terraform with GitOps
HCL
10
star
43

eks-terraform-orchestration

📦 🐳 🚀 Complete setup process to manage EKS cluster using Terraform
HCL
9
star
44

dotfiles

📁 📋 📎
Shell
9
star
45

micro-api

Personal boilerplate to bootstrap simple applications and microservices ⚡ ⚡ ⚡
JavaScript
9
star
46

pudim

Homenagem ao saudoso pudim.com.br rodando em containers. As vezes eu preciso de uma coisa nada a ver pra testar uns rolê aleatório.
HTML
9
star
47

eks-graviton2

🐳 📦 🚀 EKS Clusters for tests with Graviton2 Instances
HCL
8
star
48

elk-cluster

📊 📈 📉 Elasticsearch Cluster provisioned with Terraform and Ansible
Python
8
star
49

indices-economicos

📈 📉 📊 - Gerador de datasets de alguns indices econômicos utilizando crawlers.
Go
8
star
50

aws-multi-region-disaster-recovery-apps

🔥 🔥 🔥 - Apps to aws-multi-region-disaster-recovery example
Go
7
star
51

awswaf-production-automation

Complete provisioning and automation management for AWS WAF V1 Rules - Regional Mode
HCL
7
star
52

the-game

Perdi.
7
star
53

PPA-Repository-Debian

Simples Bash Script to add Ubuntu PPA Repository on Debian Distros.
Shell
6
star
54

HDWipeTool

Tool desenhada por diversão para apagar HD's, pendrives e partições a nível de tabelas de alocação e cópias de bit a bit de partições nulas.
Python
6
star
55

roleta-russa

🔫 Roleta russa do bash 🔫 Jogue em containers 🐳, ou nos servers de produção. Cada um com suas prioridades.
Shell
6
star
56

argo-rollouts-article

🐙 🐙 🐙 - Example files from argo-rollouts article
6
star
57

topper

Lightweight Node.js framework to build fast microservices on TCP Servers. 🔌 ⚡ 🔋
JavaScript
6
star
58

kubernetes-cluster-ansible

🐳 📦 🚀 Simple Kubernetes Cluster with Terraform and Ansible working with Dynamic Inventory 🐳
Python
6
star
59

take-my-hash

Crypto.js helper - for lazy people (like me) 🔐 🔑
JavaScript
5
star
60

aws-sre-redis-cluster

Terraform module to launch Redis Clusters on AWS using the best pratices by default to compliance, resiliency and high availability
HCL
5
star
61

VHostCreator

Script simples para automatizar a criação de Virtualhosts no Apache
Shell
5
star
62

personal-blog

📚 📚 📚 - Repositório dos meus posts públicos
HTML
5
star
63

opentelemetry-java-autoconfigure

Educational example explaining how to use OpenTelemetry's auto-instrumentation with Java and Spring Boot.
Java
5
star
64

feedly

Backup for my Feedly OPML feed
5
star
65

hexagonal-golang-microservice

Hexagonal architecture implementation in Golang
Go
5
star
66

aws-msk-glue-kafka-setup

Terraform setup for MSK as Kafka Cluster and Glue as Schema Registry
HCL
5
star
67

linuxtips-curso-containers-ecs-cluster

🐧 🐧 🐧 - Repositório de um cluster de ECS EC2
HCL
5
star
68

load-balancing-algorithms

Repository for my load balancing algorithms and comparisons between most commons Load Balancers
Dockerfile
4
star
69

eks-strimzi-kafka

🐳 📦 🚀 - Experimental kubernetes cluster to serve and manage high scale Kafka brokers using Strimzi Operator
HCL
4
star
70

system-design-examples

📖 📖 📖 - Exercicios de System Design em PT-BR
Go
4
star
71

vulnwebsite

Vulnerable SQL Injection photoblog for labs
CSS
4
star
72

raj

My (indian) toolset of day a day. 🔧 🔨 🔩 📎
JavaScript
4
star
73

msfidelis

4
star
74

DockerParaMaiores

Exemplos da talk "Docker Para Maiores" realizado na Superlogica Tecnologias
JavaScript
4
star
75

graylog-stack-swarm

Graylog Stack for Swarm Mode. :neckbeard: 🐳
4
star
76

hapijs-demo

Exemplos da palestra sobre HapiJS
JavaScript
4
star
77

GDG-IntroducaoAosContainers

Material da palestra de Introdução a Containers com Docker ministrada via Hangout no GDG Cabreúva em São Paulo.
HTML
4
star
78

go-kafka-labs

Studies for event driven architecture using go
Go
4
star
79

linuxtips-curso-containers-vpc

🐧 🐧 🐧 - Repositório da aula sobre construção de VPCs do curso de Arquitetura de Containers na AWS
HCL
4
star
80

dynamodb-eventbridge-pipes-to-sqs

Educational example to explain how to setup EventBridge Pipes to sync DynamoDB new itens to SQS
HCL
4
star
81

k8s-kops-superguide

In Brazil, we call it "colinha dos brother". Simple guide to run Kops on any cloud provider.
3
star
82

nutrition

Simple application to calc healthcare and nutrition metrics
Go
3
star
83

nJontas

Chrome plugin to change all images on webpages for Jontas pictures
JavaScript
3
star
84

terraform

My Terraform templates. ☁️ 🌲 🌎 🌏 🌍 📃 📁
HCL
3
star
85

aws-batch-fargate

Simple Proof of Concept to explain how to use AWS Batch Jobs with Terraform
HCL
3
star
86

silex-api-skeleton

API criada utilizando o microframework Silex com o ORM Doctrine no padrão MVC pra construção rápida de API's para MVPs 🚀 👾 :octocat:
PHP
3
star
87

aws-serverless-analytics-poc

[PoC] Simple stack to create ETLs and Data Warehouses on AWS
HCL
3
star
88

AulaAWS-Superlogica

Códigos e exemplos dados na aula de Introdução a Amazon AWS no Superlógica Labs.
Shell
3
star
89

eks-argo-sharding-multicluster

HCL
3
star
90

rinhadebackend-go-write-behind

Codebase do meu projeto para a rinha de backend 2024 - O objetivo é explorar as possibilidades de otimização de uso de caching aplicando os patterns de Write-Behind, ou Lazy Writting.
Go
3
star
91

microservice-nadave-whois

Using this shit to implement microservices tests on containers. "Nadavê" ⚡
JavaScript
2
star
92

react-jokenpo

Simple Jokenpo implementation with React Native
JavaScript
2
star
93

gke-terraform-cluster

Simple Kubernetes service on GCP with GKS and Terraform 🐳 🐳 🐳
HCL
2
star
94

indicadores-combustiveis-brasil

📈 📉 📊 Gerador de datasets dos indicadores de preço de combustíveis no Brasil
Python
2
star
95

fiber-cloud-native

☁️ 🐳 📦 Cloud Native Boilerplate for Fiber Framework
Go
2
star
96

QueuesComNodeEDocker

Escalando e Consumindo Filas Assincronas com Docker e NodeJS
JavaScript
2
star
97

crypto-utils-php

Pacote de gerenciamento de criptografia para PHP
PHP
2
star
98

devops-vagrant-box

My DevOps Environment Provisioning
Shell
2
star
99

rabbitmq-cluster

🐰 🐰 🐰 Setup your own rabbitmq cluster
Go
2
star
100

cakephp-smarty

My Personal CakePHP Core
JavaScript
2
star