particuleio/terraform-kubernetes-addons particuleio/terraform-kubernetes-addons

  • Stars
    star
    201
  • Rank 194,491 (Top 4 %)
  • Language HCL
  • License
    Apache License 2.0
  • Created about 4 years ago
  • Updated 2 months ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
particuleio/terraform-kubernetes-addons
github

particuleio

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Terraform module to deploy curated Kubernetes middlewares on multiple cloud providers.

terraform-kubernetes-addons

semantic-release terraform-kubernetes-addons

Main components

Name Description Generic AWS Scaleway GCP Azure
admiralty A system of Kubernetes controllers that intelligently schedules workloads across clusters βœ”οΈ βœ”οΈ βœ”οΈ βœ”οΈ βœ”οΈ
aws-ebs-csi-driver Enable new feature and the use of gp3 volumes N/A βœ”οΈ N/A N/A N/A
aws-efs-csi-driver Enable EFS Support N/A βœ”οΈ N/A N/A N/A
aws-for-fluent-bit Cloudwatch logging with fluent bit instead of fluentd N/A βœ”οΈ N/A N/A N/A
aws-load-balancer-controller Use AWS ALB/NLB for ingress and services N/A βœ”οΈ N/A N/A N/A
aws-node-termination-handler Manage spot instance lifecyle N/A βœ”οΈ N/A N/A N/A
aws-calico Use calico for network policy N/A βœ”οΈ N/A N/A N/A
secrets-store-csi-driver-provider-aws AWS Secret Store and Parameter store driver for secret store CSI driver βœ”οΈ N/A N/A N/A N/A
cert-manager automatically generate TLS certificates, supports ACME v2 βœ”οΈ βœ”οΈ βœ”οΈ ❌ N/A
cluster-autoscaler scale worker nodes based on workload N/A βœ”οΈ Included Included Included
cni-metrics-helper Provides cloudwatch metrics for VPC CNI plugins N/A βœ”οΈ N/A N/A N/A
external-dns sync ingress and service records in route53 ❌ βœ”οΈ βœ”οΈ ❌ ❌
flux2 Open and extensible continuous delivery solution for Kubernetes. Powered by GitOps Toolkit βœ”οΈ βœ”οΈ βœ”οΈ βœ”οΈ βœ”οΈ
ingress-nginx processes Ingress object and acts as a HTTP/HTTPS proxy (compatible with cert-manager) βœ”οΈ βœ”οΈ βœ”οΈ ❌ ❌
k8gb A cloud native Kubernetes Global Balancer βœ”οΈ βœ”οΈ βœ”οΈ βœ”οΈ βœ”οΈ
karma An alertmanager dashboard βœ”οΈ βœ”οΈ βœ”οΈ βœ”οΈ βœ”οΈ
keda Kubernetes Event-driven Autoscaling βœ”οΈ βœ”οΈ βœ”οΈ βœ”οΈ βœ”οΈ
kong API Gateway ingress controller βœ”οΈ βœ”οΈ βœ”οΈ ❌ ❌
kube-prometheus-stack Monitoring / Alerting / Dashboards βœ”οΈ βœ”οΈ βœ”οΈ ❌ ❌
loki-stack Grafana Loki logging stack βœ”οΈ βœ”οΈ 🚧 ❌ ❌
promtail Ship log to loki from other cluster (eg. mTLS) 🚧 βœ”οΈ 🚧 ❌ ❌
prometheus-adapter Prometheus metrics for use with the autoscaling/v2 Horizontal Pod Autoscaler in Kubernetes 1.6+ βœ”οΈ βœ”οΈ βœ”οΈ βœ”οΈ βœ”οΈ
prometheus-cloudwatch-exporter An exporter for Amazon CloudWatch, for Prometheus. βœ”οΈ βœ”οΈ βœ”οΈ βœ”οΈ βœ”οΈ
prometheus-blackbox-exporter The blackbox exporter allows blackbox probing of endpoints over HTTP, HTTPS, DNS, TCP and ICMP. βœ”οΈ βœ”οΈ βœ”οΈ βœ”οΈ βœ”οΈ
rabbitmq-cluster-operator The RabbitMQ Cluster Operator automates provisioning, management of RabbitMQ clusters. βœ”οΈ βœ”οΈ βœ”οΈ βœ”οΈ βœ”οΈ
metrics-server enable metrics API and horizontal pod scaling (HPA) βœ”οΈ βœ”οΈ Included Included Included
node-problem-detector Forwards node problems to Kubernetes events βœ”οΈ βœ”οΈ Included Included Included
secrets-store-csi-driver Secrets Store CSI driver for Kubernetes secrets - Integrates secrets stores with Kubernetes via a CSI volume. βœ”οΈ βœ”οΈ βœ”οΈ βœ”οΈ βœ”οΈ
sealed-secrets Technology agnostic, store secrets on git βœ”οΈ βœ”οΈ βœ”οΈ βœ”οΈ βœ”οΈ
thanos Open source, highly available Prometheus setup with long term storage capabilities ❌ βœ”οΈ 🚧 ❌ ❌
thanos-memcached Open source, highly available Prometheus setup with long term storage capabilities ❌ βœ”οΈ 🚧 ❌ ❌
thanos-storegateway Additional storegateway to query multiple object stores ❌ βœ”οΈ 🚧 ❌ ❌
thanos-tls-querier Thanos TLS querier for cross cluster collection ❌ βœ”οΈ 🚧 ❌ ❌

Submodules

Submodules are used for specific cloud provider configuration such as IAM role for AWS. For a Kubernetes vanilla cluster, generic addons should be used.

Any contribution supporting a new cloud provider is welcomed.

Doc generation

Code formatting and documentation for variables and outputs is generated using pre-commit-terraform hooks which uses terraform-docs.

Follow these instructions to install pre-commit locally.

And install terraform-docs with go get github.com/segmentio/terraform-docs or brew install terraform-docs.

Contributing

Report issues/questions/feature requests on in the issues section.

Full contributing guidelines are covered here.

Requirements

Name Version
terraform >= 1.0
flux 1.0.0-rc.5
github ~> 5.0
helm ~> 2.0
http >= 3
kubectl ~> 1.0
kubernetes ~> 2.0, != 2.12
tls ~> 4.0

Providers

Name Version
flux 1.0.0-rc.5
github ~> 5.0
helm ~> 2.0
http >= 3
kubectl ~> 1.0
kubernetes ~> 2.0, != 2.12
random n/a
time n/a
tls ~> 4.0

Modules

No modules.

Resources

Name Type
flux_bootstrap_git.flux resource
github_branch_default.main resource
github_repository.main resource
github_repository_deploy_key.main resource
helm_release.admiralty resource
helm_release.cert-manager resource
helm_release.cert-manager-csi-driver resource
helm_release.ingress-nginx resource
helm_release.k8gb resource
helm_release.karma resource
helm_release.keda resource
helm_release.kong resource
helm_release.kube-prometheus-stack resource
helm_release.linkerd-control-plane resource
helm_release.linkerd-crds resource
helm_release.linkerd-viz resource
helm_release.linkerd2-cni resource
helm_release.loki-stack resource
helm_release.metrics-server resource
helm_release.node-problem-detector resource
helm_release.prometheus-adapter resource
helm_release.prometheus-blackbox-exporter resource
helm_release.promtail resource
helm_release.sealed-secrets resource
helm_release.secrets-store-csi-driver resource
helm_release.tigera-operator resource
helm_release.traefik resource
helm_release.victoria-metrics-k8s-stack resource
kubectl_manifest.calico_crds resource
kubectl_manifest.cert-manager_cluster_issuers resource
kubectl_manifest.csi-external-snapshotter resource
kubectl_manifest.kong_crds resource
kubectl_manifest.linkerd resource
kubectl_manifest.linkerd-viz resource
kubectl_manifest.prometheus-operator_crds resource
kubectl_manifest.tigera-operator_crds resource
kubernetes_config_map.loki-stack_grafana_ds resource
kubernetes_namespace.admiralty resource
kubernetes_namespace.cert-manager resource
kubernetes_namespace.flux2 resource
kubernetes_namespace.ingress-nginx resource
kubernetes_namespace.k8gb resource
kubernetes_namespace.karma resource
kubernetes_namespace.keda resource
kubernetes_namespace.kong resource
kubernetes_namespace.kube-prometheus-stack resource
kubernetes_namespace.linkerd resource
kubernetes_namespace.linkerd-viz resource
kubernetes_namespace.linkerd2-cni resource
kubernetes_namespace.loki-stack resource
kubernetes_namespace.metrics-server resource
kubernetes_namespace.node-problem-detector resource
kubernetes_namespace.prometheus-adapter resource
kubernetes_namespace.prometheus-blackbox-exporter resource
kubernetes_namespace.promtail resource
kubernetes_namespace.sealed-secrets resource
kubernetes_namespace.secrets-store-csi-driver resource
kubernetes_namespace.tigera-operator resource
kubernetes_namespace.traefik resource
kubernetes_namespace.victoria-metrics-k8s-stack resource
kubernetes_network_policy.admiralty_allow_namespace resource
kubernetes_network_policy.admiralty_default_deny resource
kubernetes_network_policy.cert-manager_allow_control_plane resource
kubernetes_network_policy.cert-manager_allow_monitoring resource
kubernetes_network_policy.cert-manager_allow_namespace resource
kubernetes_network_policy.cert-manager_default_deny resource
kubernetes_network_policy.flux2_allow_monitoring resource
kubernetes_network_policy.flux2_allow_namespace resource
kubernetes_network_policy.ingress-nginx_allow_control_plane resource
kubernetes_network_policy.ingress-nginx_allow_ingress resource
kubernetes_network_policy.ingress-nginx_allow_linkerd_viz resource
kubernetes_network_policy.ingress-nginx_allow_monitoring resource
kubernetes_network_policy.ingress-nginx_allow_namespace resource
kubernetes_network_policy.ingress-nginx_default_deny resource
kubernetes_network_policy.k8gb_allow_namespace resource
kubernetes_network_policy.k8gb_default_deny resource
kubernetes_network_policy.karma_allow_ingress resource
kubernetes_network_policy.karma_allow_namespace resource
kubernetes_network_policy.karma_default_deny resource
kubernetes_network_policy.keda_allow_namespace resource
kubernetes_network_policy.keda_default_deny resource
kubernetes_network_policy.kong_allow_ingress resource
kubernetes_network_policy.kong_allow_monitoring resource
kubernetes_network_policy.kong_allow_namespace resource
kubernetes_network_policy.kong_default_deny resource
kubernetes_network_policy.kube-prometheus-stack_allow_control_plane resource
kubernetes_network_policy.kube-prometheus-stack_allow_ingress resource
kubernetes_network_policy.kube-prometheus-stack_allow_namespace resource
kubernetes_network_policy.kube-prometheus-stack_default_deny resource
kubernetes_network_policy.linkerd-viz_allow_control_plane resource
kubernetes_network_policy.linkerd-viz_allow_monitoring resource
kubernetes_network_policy.linkerd-viz_allow_namespace resource
kubernetes_network_policy.linkerd-viz_default_deny resource
kubernetes_network_policy.linkerd2-cni_allow_namespace resource
kubernetes_network_policy.linkerd2-cni_default_deny resource
kubernetes_network_policy.loki-stack_allow_ingress resource
kubernetes_network_policy.loki-stack_allow_namespace resource
kubernetes_network_policy.loki-stack_default_deny resource
kubernetes_network_policy.metrics-server_allow_control_plane resource
kubernetes_network_policy.metrics-server_allow_namespace resource
kubernetes_network_policy.metrics-server_default_deny resource
kubernetes_network_policy.npd_allow_namespace resource
kubernetes_network_policy.npd_default_deny resource
kubernetes_network_policy.prometheus-adapter_allow_namespace resource
kubernetes_network_policy.prometheus-adapter_default_deny resource
kubernetes_network_policy.prometheus-blackbox-exporter_allow_namespace resource
kubernetes_network_policy.prometheus-blackbox-exporter_default_deny resource
kubernetes_network_policy.promtail_allow_ingress resource
kubernetes_network_policy.promtail_allow_namespace resource
kubernetes_network_policy.promtail_default_deny resource
kubernetes_network_policy.sealed-secrets_allow_namespace resource
kubernetes_network_policy.sealed-secrets_default_deny resource
kubernetes_network_policy.secrets-store-csi-driver_allow_namespace resource
kubernetes_network_policy.secrets-store-csi-driver_default_deny resource
kubernetes_network_policy.tigera-operator_allow_namespace resource
kubernetes_network_policy.tigera-operator_default_deny resource
kubernetes_network_policy.traefik_allow_ingress resource
kubernetes_network_policy.traefik_allow_monitoring resource
kubernetes_network_policy.traefik_allow_namespace resource
kubernetes_network_policy.traefik_default_deny resource
kubernetes_network_policy.victoria-metrics-k8s-stack_allow_control_plane resource
kubernetes_network_policy.victoria-metrics-k8s-stack_allow_ingress resource
kubernetes_network_policy.victoria-metrics-k8s-stack_allow_namespace resource
kubernetes_network_policy.victoria-metrics-k8s-stack_default_deny resource
kubernetes_priority_class.kubernetes_addons resource
kubernetes_priority_class.kubernetes_addons_ds resource
kubernetes_secret.linkerd_trust_anchor resource
kubernetes_secret.loki-stack-ca resource
kubernetes_secret.promtail-tls resource
kubernetes_secret.webhook_issuer_tls resource
random_string.grafana_password resource
time_sleep.cert-manager_sleep resource
tls_cert_request.promtail-csr resource
tls_locally_signed_cert.promtail-cert resource
tls_private_key.identity resource
tls_private_key.linkerd_trust_anchor resource
tls_private_key.loki-stack-ca-key resource
tls_private_key.promtail-key resource
tls_private_key.webhook_issuer_tls resource
tls_self_signed_cert.linkerd_trust_anchor resource
tls_self_signed_cert.loki-stack-ca-cert resource
tls_self_signed_cert.webhook_issuer_tls resource
github_repository.main data source
http_http.calico_crds data source
http_http.csi-external-snapshotter data source
http_http.kong_crds data source
http_http.prometheus-operator_crds data source
http_http.prometheus-operator_version data source
http_http.tigera-operator_crds data source
kubectl_file_documents.calico_crds data source
kubectl_file_documents.csi-external-snapshotter data source
kubectl_file_documents.kong_crds data source
kubectl_file_documents.tigera-operator_crds data source
kubectl_path_documents.cert-manager_cluster_issuers data source

Inputs

Name Description Type Default Required
admiralty Customize admiralty chart, see admiralty.tf for supported values any {} no
cert-manager Customize cert-manager chart, see cert-manager.tf for supported values any {} no
cert-manager-csi-driver Customize cert-manager-csi-driver chart, see cert-manager.tf for supported values any {} no
cluster-autoscaler Customize cluster-autoscaler chart, see cluster-autoscaler.tf for supported values any {} no
cluster-name Name of the Kubernetes cluster string "sample-cluster" no
csi-external-snapshotter Customize csi-external-snapshotter, see csi-external-snapshotter.tf for supported values any {} no
external-dns Map of map for external-dns configuration: see external_dns.tf for supported values any {} no
flux2 Customize Flux chart, see flux2.tf for supported values any {} no
helm_defaults Customize default Helm behavior any {} no
ingress-nginx Customize ingress-nginx chart, see nginx-ingress.tf for supported values any {} no
k8gb Customize k8gb chart, see k8gb.tf for supported values any {} no
karma Customize karma chart, see karma.tf for supported values any {} no
keda Customize keda chart, see keda.tf for supported values any {} no
kong Customize kong-ingress chart, see kong.tf for supported values any {} no
kube-prometheus-stack Customize kube-prometheus-stack chart, see kube-prometheus-stack.tf for supported values any {} no
labels_prefix Custom label prefix used for network policy namespace matching string "particule.io" no
linkerd Customize linkerd chart, see linkerd.tf for supported values any {} no
linkerd-viz Customize linkerd-viz chart, see linkerd-viz.tf for supported values any {} no
linkerd2 Customize linkerd2 chart, see linkerd2.tf for supported values any {} no
linkerd2-cni Customize linkerd2-cni chart, see linkerd2-cni.tf for supported values any {} no
loki-stack Customize loki-stack chart, see loki-stack.tf for supported values any {} no
metrics-server Customize metrics-server chart, see metrics_server.tf for supported values any {} no
npd Customize node-problem-detector chart, see npd.tf for supported values any {} no
priority-class Customize a priority class for addons any {} no
priority-class-ds Customize a priority class for addons daemonsets any {} no
prometheus-adapter Customize prometheus-adapter chart, see prometheus-adapter.tf for supported values any {} no
prometheus-blackbox-exporter Customize prometheus-blackbox-exporter chart, see prometheus-blackbox-exporter.tf for supported values any {} no
promtail Customize promtail chart, see loki-stack.tf for supported values any {} no
sealed-secrets Customize sealed-secrets chart, see sealed-secrets.tf for supported values any {} no
secrets-store-csi-driver Customize secrets-store-csi-driver chart, see secrets-store-csi-driver.tf for supported values any {} no
thanos Customize thanos chart, see thanos.tf for supported values any {} no
thanos-memcached Customize thanos chart, see thanos.tf for supported values any {} no
thanos-storegateway Customize thanos chart, see thanos.tf for supported values any {} no
thanos-tls-querier Customize thanos chart, see thanos.tf for supported values any {} no
tigera-operator Customize tigera-operator chart, see tigera-operator.tf for supported values any {} no
traefik Customize traefik chart, see traefik.tf for supported values any {} no
victoria-metrics-k8s-stack Customize Victoria Metrics chart, see victoria-metrics-k8s-stack.tf for supported values any {} no

Outputs

Name Description
grafana_password n/a
loki-stack-ca n/a
promtail-cert n/a
promtail-key n/a

More Repositories

1

teks

Full feature EKS cluster with Terragrunt/Terraform
HCL
330
star
2

symplegma

Streamlined Ansible Kubernetes deployment tool
HCL
38
star
3

formations

Supports de cours des formations Particule.
TeX
27
star
4

terraform-scaleway-kapsule

Terraform module to deploy a Scaleway Kapsule Kubernetes Cluster
HCL
15
star
5

tkap

Full feature Kapsule cluster with Terragrunt/Terraform
HCL
6
star
6

terraform-aws-vault

Deploy a multi region Vault cluster backed by DynamoDB
HCL
5
star
7

terraform-scaleway-database

Terraform module to create and configure Scaleway Databases. Create RDB instances with managed databases, user creation and ACLs support.
HCL
5
star
8

terraform-tls-pki

Manage a certificate authority with Terraform
HCL
4
star
9

symplegma-kubeadm

Ansible role to bootstrap Kubeadm Kubernetes cluster
Jinja
4
star
10

terraform-scaleway-loadbalancer

Terraform module used to create and configure Scaleway Loadbalancers.
HCL
2
star
11

gitops-demo

1
star
12

vault-packer

HCL
1
star
13

charts

particule. curated Helm charts
Go
1
star
14

symplegma-os_bootstrap

Ansible role to bootstrap OS
Shell
1
star
15

website

particule. website
HCL
1
star
16

terraform-vault-kubernetes-config

HCL
1
star