Terraform code for creating a handful of simple managed Kubernetes clusters on multiple public cloud platforms.
Managed in this context means the master nodes (= control plane) are managed by the cloud platform provider. We only create the service, the worker nodes and the bare minimum of everything else to get a working K8s cluster.
ℹ️ This is for demonstration and/or learning purposes.
ℹ️ Please do not use this in production.
- ✅ Alibaba Cloud "Managed Kubernetes Cluster Service" (ACK)
- ✅ Amazon Web Services "Elastic Kubernetes Engine" (EKS)
- ✅ Digital Ocean "Kubernetes" (DOK)
- ✅ Google Cloud Platform "Google Kubernetes Engine" (GKE)
- ✅ Microsoft Azure "Azure Kubernets Service" (AKS)
- ✅ Oracle Cloud Infrastructure "Container Engine for Kubernetes" (OKE)
- 🔜 IBM Cloud Kubernetes Service" (IKS) (when their Terraform provider is 0.12-ready)
- Fully working K8s Clusters
- Terraform 0.12 code
- By default creates small node configurations (low costs!)
- Outputs ready-to-use kubeconfig files at the end
- 2-3 worker nodes
- Terraform >= 0.12.x
- You need to have an account on the cloud platforms (of course).
Name | Description | Type | Default | Required |
---|---|---|---|---|
enable_alibaba | Enable / Disable Alibaba | bool | false | yes |
enable_amazon | Enable / Disable Amazon | bool | false | yes |
enable_digitalocean | Enable / Disable DigitalOcean | bool | false | yes |
enable_google | Enable / Disable Google | bool | false | yes |
enable_microsoft | Enable / Disable Microsoft | bool | false | yes |
enable_oracle | Enable / Disable Oracle | bool | false | yes |
nodes | Kubernetes worker nodes (e.g. 2 ) |
number | 2 | no |
ali_access_key | Alibaba Cloud AccessKey ID | string | yes | |
ali_secret_key | Alibaba Cloud Access Key Secret | string | yes | |
aws_profile | AWS cli profile (e.g. default ) |
string | default | yes |
gcp_project | GCP Project ID | string | yes | |
az_client_id | Azure Service Principal appId | string | yes | |
az_client_secret | Azure Service Principal password | string | yes | |
az_tenant_id | Azure Service Principal tenant | string | yes | |
do_token | Digital Ocean personal access (API) token | string | yes | |
oci_user_ocid | OCI User OCID | string | yes | |
oci_tenancy_ocid | OCI Tenancy OCID | string | yes | |
oci_fingerprint | OCI SSH public key fingerprint | string | yes |
- Combine multiple kubeconfig files into one
- (partly implemented): Allow K8s API access only from workstation IP
- Fix OCI destroy dependencies