Terraform Private EKS
We will build a private EKS cluster using Terraform, using Cloud9 IDE as a bastion host and also create a VPC hosted CI/CD pipeline using CodeCommit, CodeBuild & CodePipeline.
βοΈ Why we build a Private EKS cluster in Enterprise
-
Security is a critical component of configuring and maintaining Kubernetes clusters and applications.
Amazon EKSprovides secure, managedKubernetes clustersby default. -
Provisioning an
EKS clusterto operate in a private VPC with NO Internet ingress or egress connectivity.
π― 1. Initial Setup for centralize Terraform State π
-
S3-Bucket for Terraform state files -
DynamoDB-Tables for locking Terraform state files
π― 2. Setting up the VPC Networking π
π― 3. VPC Peering: Cloud9-VPC & CI/CD-VPC with EKS-VPC π
Inter-connects the Cloud9-VPC & CI/CD-VPC with the private EKS-VPC.
π― 4. IAM Roles and Policies for EKS π
The required IAM roles and policies for EKS
π― 5. EKS Cluster Creation π
π― 6. Create customized managed Node Group π
π― 7. Enable AWS Load Balancers on EKS π
Enable the aws Load Balancer Controller
π― 8. EFS CSI Driver π
Enable EFS CSI Driver
π― 9. Deploy K8s Addons π
π― 10. Deploy a K8s Application using the CLI π