10 months later, this is still saving hours of work. My first time dealing with Terraform and I learned all I needed today from this video. Thanks for taking the time to share this.
I just spent days trying to wrap my head around EKS with Terraform and trying to configure permissions. I even found the same module and the same example, but it's a massive file with no real explanation for what's going on in it. Thank you so much. And yes, I would like you to do a best practices video with all the goodness.
I stumbled two times into your clip. First time is in my preparation for CKA, second time is for a example to deploy a EKS cluster with terraform. Now I realize you have a total of six clips. I think you do great tutorials. You remind me of the python tutor Angela Yu who had 2 million students. Please keep doing more.
i complete the course and just leave it be, not realizing the node group still active and charge me for over 80$ for an empty cluster. thanks ascode :)
This was awesome! Very well detailed & explained, Thanks for sharing 💪I am currently working on Cluster AutoScalers on EKS as well HPA's. I seem to have the Cluster Autoscaler on point, HPA's is my next ball game. Great to see you back in action!
you mentioned terraform best practices... def keen on that, if you can cover the for_each loop also, I've got 9 subnets, 3 groups of 3, across 3 AZ's. so allot of repitition that i'm sure can be done better. thanks for easy to follow video.
thanks for the topic suggestions! here's some info to get you started: one of the ways you can automate this kind of set up is to dynamically get the az's and use functions like cidrsubnet() to generate the subnets. here's a thorough example: github.com/terraform-aws-modules/terraform-aws-vpc/blob/master/examples/complete/main.tf another way is to use for_each like you mentioned and will be the way to go if you strictly need to define which az's are being used and what subnets they receive. here's an example i've done in the past: github.com/kjpark/terraform-aws-eks-vpc-cni-custom-networking/blob/main/subnets.tf with vars defined like this: (also in that repo's readme) secondary_cidr = "100.64.0.0/16" secondary_subnets = { us-east-1a = "100.64.0.0/18" us-east-1b = "100.64.64.0/18" us-east-1c = "100.64.128.0/18" us-east-1d = "100.64.192.0/18" } personally i like the second option more as its more explicit.
its run perfect, the only thing that I had problem is about LB, when I create a service.yaml as type load balancer my status always stay as pedding, do you think that miss some module in terraform for it runing well? other thing is about SG...its looks creating more than 1 SG, that gave me problem with LB too....thanks for all man.
this probably deserves a video on its own... but check out these links out for now: aws-ia.github.io/terraform-aws-eks-blueprints/advanced/cluster-upgrades/ and maybe this for a more detailed upgrade aws-ia.github.io/terraform-aws-eks-blueprints/advanced/cluster-upgrades/
do you know of any resources on how I can use the fargate profiles? So far I have been able to do it with node group like in your video and that works great, but I want to try out serverless as well. From what I understand the problem is that the pods launched by default have an annotation in their yaml that forces them to use the node groups, do we update that? Or just leave those as is and only have our application run on the fargate nodes?
fargate nodes are pretty niche. i’d use them in tandem with regular nodes if you have to bc they have so many limitations. try using the complete example in the EKS terraform repo as a starter if you need to go down this path
Fantastic tutorial. I appreciate you keeping it simple. If you do create another with fargate and a bit more "prod" worthy config, I would surely not complain. :)
Very informative. I tried to create a GKE Auto Pilot cluster in GCP with a shared VPC private network through terraform, assigned necessary GKE service account permissions, and make sure the control plane, node, ranges IP range and the location are aligned correctly as per the GCP GKE documentation. But stuck with this exception again and again, 'Error: Error waiting for creating GKE cluster: All cluster resources were brought up, but: only 0 nodes out of 1 have registered; cluster may be unhealthy.' Pls share if there is any suggestions to troubleshoot this error ??
older versions of the gcp autopilot provider had a bug where you had to set an empty ip_allocation_policy github.com/hashicorp/terraform-provider-google/issues/10782 . Not sure if that's your exact issue without knowing more details.
Hey Amazing and very insightful video can you please make such video more and if possible can you include cloud projects or devops projects that newbies can practice
Great video. I am looking to configure a basic cluster with existing VPCs and private subnets, I suppose it's as simple as filling in the blanks. Thanks!
i agree, blueprints look cool but i would avoid bc they're not as popular or have as much support. if you're trying to stick with nodejs i'd take a look at pulumi for IaC. otherwise use terraform
Have you ever run into where the "coreDNS" become degraded? I'm working on a project that trying to launch an EKS that hosts a Minecraft server and every time I run the terraform apply the coredns hangs and end up being degraded in the cluster section in the add-on tab.
not sure without knowing more but i’d check your plugin versions and terraform / k8s versions. I’d also look at the plugins installed via the console UI to make sure it’s installed properly
interesting stuff. According to the 20.x upgrade notes... "This sub-module will be removed entirely in the next major release." Looks like major changes are still coming!
You would have to deploy a load balancer and route it to a service for your pods. Typically you would use load balancer controller in aws to do this. Hope that's enough to help you get started!
I'm a total noob and therefore have a question. We now deployed EKS with Terraform, how do I proceed from here? Using Kubernetes to deploy my application, load balancer, subnets etc?
After deploying service lb had an error: Error syncing load balancer: failed to ensure load balancer: Multiple tagged security groups found for instance i-01d5b3aa46279a7c2; ensure only the k8s security group is tagged; the tagged groups were sg-0a3e3e24c0bc7840c(ascode-cluster-node-20230804045954383900000009) sg-0a4c75831ab5db090(eks-cluster-sg-ascode-cluster-1526614196) Checked, really node instance has 2 sg attached. One sg for nodes, and one that automatically created by EKS. Do you have ideas how to fix it in terraform initial config?
hey! replied in discord but linking the workaround here if anybody else has the same issue github.com/terraform-aws-modules/terraform-aws-eks/issues/1810#issuecomment-1021202184
multiple ways to do this! easiest way is to configure your shell environment via awscli. you can make and use an access key. Here's general info: docs.aws.amazon.com/cli/v1/userguide/cli-chap-authentication.html
"Complete" is not one of the examples anymore. It is only self managed, or aws managed. I'm having a lot of trouble getting it to work without making the endpoint public
Personally I don’t like using remote modules . How would you deploy this cluster in different region ? Definitely I would go with my own module and call them from main module.
hi, it's called locals when being declared, local.xyz is the syntax when referring to them. More here: developer.hashicorp.com/terraform/language/values/locals
haha yeah i'm alive, been wanting to get back into it but life's just so busy. channel is a side project of mine but def not abandoned!! thanks for asking