Reminder of Terraform
Terraform is an open-source Infrastructure as Code (IaC) software tool created by HashiCorp. It enables users to define and provision a data center infrastructure. You can download and set it here.
Terraform will execute all
*.tf, so for this tutorial, I propose this architecture:
Get an AWS free trial account
If you already have an AWS account, you can skip this section.
For this tutorial, you need to have an AWS account. But don’t worry, AWS offers you a free trial account to try what most services they propose.
First, you have to create your AWS account. You will have to enter your credit card but don’t worry, every component you will deploy will not incur fees.
Then you also have to install AWS CLI.
After these steps, you can log in to your account.
Purpose of this tutorial
The purpose of this tutorial is to create an EKS cluster with Terraform. Amazon Elastic Kubernetes Service (Amazon EKS) is a fully managed Kubernetes service by AWS. To go deeper you can read this article which explains another way to deploy an EKS cluster with eksctl.
Step 1: Set up Terraform with AWS
The first thing to set up is your Terraform. We will create an AWS IAM users for Terraform.
In your AWS console, go to the IAM section and create a user named “FullAccess”. Then add your user to a group named “FullAccessGroup”. Attaches to this group the following rights:
After these steps, AWS will provide you a Secret Access Key and Access Key ID. Save them preciously because this will be the only time AWS gives it to you.
In your own console, create a
~/.aws/credentials file and put your credentials in it:
The last step is to create this file:
You are now able to run some Terraform.
Step 2: create provider.tf
We will start this tutorial by creating a
provider.tf file. This file contains all the information about which provider you want to use with Terraform.
We specify here to Terraform that we want to use an AWS provider. You also have to precise in which region you will deploy it and which configuration you will use. See step 1 to set up your AWS configuration.
Step 3: create all resources you need
So we want to create an EKS cluster. This EKS will be deployed in the default VPC of your account. First, you need to check in your AWS console, the subnet of the default VPC.
Here Terraform will create an IAM role to EKS, with 2 policies, our EKS cluster and finally a node group with 3 policies. We defined that we want one pod.
Step 4: Add output.tf
You can create a file outputs.tf. It will show you everything you need to connect to your EKS cluster. Here we want the endpoint of EKS and his certificate.
Step 5: Deploy all your resources
Once you have finished declaring the resources you want to create, you can deploy it. With terraform it is possible with a simple command:
- Terraform init: it is used to initialize a working directory containing Terraform configuration files.
- Terraform apply: it is used to apply the changes required to reach the desired state of the configuration.
When you launch the “terraform apply” command, Terraform will describe every resource you will create:
Check if it is all good and then you can accept by writing “yes”.
After the complete creation, you can go to your AWS account to see your resources:
You can also work with your EKS cluster with AWS CLI by using the command “
aws eks update-kubeconfig --name <eks_cluster_name>”. This command constructs a configuration with prepopulated server and certificate authority data values the cluster you specified.
Step 6: Destroy everything
If you want to destroy your resources with Terraform, you just have to run this command:
Terraform will show you every resource it will destroy and if you agree you can accept by writing “yes”.
Congratulations! You have just created your first EKS cluster.