From a609ea26ac1ce18870b5b67b3bb75188521f563e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?M=C3=A5rten=20Svantesson?= <marten.svantesson@ticket.se>
Date: Mon, 7 Jun 2021 16:55:36 +0200
Subject: [PATCH] feat: Create cluster in existing VPC (#271)

---
 README.md                    |  7 +++++++
 main.tf                      |  2 ++
 modules/cluster/main.tf      |  6 +++---
 modules/cluster/variables.tf | 12 ++++++++++++
 variables.tf                 | 12 ++++++++++++
 5 files changed, 36 insertions(+), 3 deletions(-)

diff --git a/README.md b/README.md
index 24a502e..236e682 100644
--- a/README.md
+++ b/README.md
@@ -225,6 +225,7 @@ The following sections provide a full list of configuration in- and output varia
 | single\_nat\_gateway | Should be true if you want to provision a single shared NAT Gateway across all of your private networks | `bool` | `false` | no |
 | spot\_price | The spot price ceiling for spot instances | `string` | `"0.1"` | no |
 | subdomain | The subdomain to be added to the apex domain. If subdomain is set, it will be appended to the apex domain in  `jx-requirements-eks.yml` file | `string` | `""` | no |
+| subnets | The subnet ids to create EKS cluster in if create\_vpc is false | `list(string)` | `[]` | no |
 | tls\_email | The email to register the LetsEncrypt certificate with. Added to the `jx-requirements.yml` file | `string` | `""` | no |
 | use\_asm | Flag to specify if AWS Secrets manager is being used | `bool` | `false` | no |
 | use\_kms\_s3 | Flag to determine whether kms should be used for encrypting s3 buckets | `bool` | `false` | no |
@@ -238,6 +239,7 @@ The following sections provide a full list of configuration in- and output varia
 | volume\_size | The volume size in GB | `number` | `50` | no |
 | volume\_type | The volume type to use. Can be standard, gp2 or io1 | `string` | `"gp2"` | no |
 | vpc\_cidr\_block | The vpc CIDR block | `string` | `"10.0.0.0/16"` | no |
+| vpc\_id | The VPC to create EKS cluster in if create\_vpc is false | `string` | `""` | no | 
 | vpc\_name | The name of the VPC to be created for the cluster | `string` | `"tf-vpc-eks"` | no |
 
 #### Outputs
@@ -742,6 +744,11 @@ You need to execute the following command before `terraform apply` in order to r
 Creation of namespaces and service accounts using terraform is no longer required for JX3. 
 To keep compatibility with JX2, a flag `is_jx2` was introduced, in [v1.6.0](https://github.com/jenkins-x/terraform-aws-eks-jx/releases/tag/v1.6.0).
 
+### Existing VPC
+
+If you want to create the cluster in an existing VPC you can specify `create_vpc` to false and
+specify where to create the clsuter with `vpc_id` and `subnets`.
+ 
 ### Existing EKS cluster
 It is very common to have another module used to create EKS clusters for all your AWS accounts, in that case, you can 
 set `create_eks` and `create_vpc` to false and `cluster_name` to the id/name of the EKS cluster where jx components 
diff --git a/main.tf b/main.tf
index 4cf03be..f5191ce 100644
--- a/main.tf
+++ b/main.tf
@@ -35,6 +35,8 @@ module "cluster" {
   region                                = var.region
   create_eks                            = var.create_eks
   create_vpc                            = var.create_vpc
+  vpc_id                                = var.vpc_id
+  subnets                               = var.subnets
   cluster_name                          = local.cluster_name
   cluster_version                       = var.cluster_version
   desired_node_count                    = var.desired_node_count
diff --git a/modules/cluster/main.tf b/modules/cluster/main.tf
index cc87323..63aebac 100644
--- a/modules/cluster/main.tf
+++ b/modules/cluster/main.tf
@@ -64,12 +64,12 @@ module "eks" {
   create_eks      = var.create_eks
   cluster_name    = var.cluster_name
   cluster_version = var.cluster_version
-  subnets         = (var.cluster_in_private_subnet ? module.vpc.private_subnets : module.vpc.public_subnets)
-  vpc_id          = module.vpc.vpc_id
+  subnets         = var.create_vpc ? (var.cluster_in_private_subnet ? module.vpc.private_subnets : module.vpc.public_subnets) : var.subnets
+  vpc_id          = var.create_vpc ? module.vpc.vpc_id : var.vpc_id
   enable_irsa     = true
 
   worker_groups_launch_template = var.enable_worker_group && var.enable_worker_groups_launch_template ? [
-    for subnet in module.vpc.public_subnets :
+    for subnet in (var.create_vpc ? module.vpc.public_subnets : var.subnets) :
     {
       subnets                 = [subnet]
       asg_desired_capacity    = var.lt_desired_nodes_per_subnet
diff --git a/modules/cluster/variables.tf b/modules/cluster/variables.tf
index 6a51a44..2c36ab4 100644
--- a/modules/cluster/variables.tf
+++ b/modules/cluster/variables.tf
@@ -293,6 +293,18 @@ variable "create_vpc" {
   default     = true
 }
 
+variable "vpc_id" {
+    description = "The VPC to create EKS cluster in if create_vpc is false"
+    type        = string
+    default     = ""
+}
+
+variable "subnets" {
+    description = "The subnet ids to create EKS cluster in if create_vpc is false"    
+    type        = list(string)
+    default     = []
+}
+
 variable "encrypt_volume_self" {
   description = "Encrypt the ebs and root volume for the self managed worker nodes. This is only valid for the worker group launch template"
   type        = bool
diff --git a/variables.tf b/variables.tf
index 00468fe..edd2826 100644
--- a/variables.tf
+++ b/variables.tf
@@ -424,6 +424,18 @@ variable "create_vpc" {
   default     = true
 }
 
+variable "vpc_id" {
+    description = "The VPC to create EKS cluster in if create_vpc is false"
+    type        = string
+    default     = ""
+}
+
+variable "subnets" {
+    description = "The subnet ids to create EKS cluster in if create_vpc is false"    
+    type        = list(string)
+    default     = []
+}
+
 variable "use_vault" {
   description = "Flag to control vault resource creation"
   type        = bool