docs: fix examples

remove deprecated examples and polish up and rename the existing-clsuter example
jenkins-x · Sep 10, 2024 · f449c14 · f449c14
1 parent 72e7f94
commit f449c14
Show file tree

Hide file tree

Showing 15 changed files with 358 additions and 829 deletions.
diff --git a/README.md b/README.md
@@ -57,17 +57,9 @@ You need the following binaries locally installed and configured on your _PATH_:
 
 ### Cluster provisioning
 
-A default Jenkins X ready cluster can be provisioned by creating a _main.tf_ file in an empty directory with the following content:
-
-```terraform
-module "eks-jx" {
-  source = "github.com/jenkins-x/terraform-aws-eks-jx"
-}
-
-output "jx_requirements" {
-  value = module.eks-jx.jx_requirements
-}
-```
+A Jenkins X ready cluster can be provisioned using the configuration in
+[jx3-terraform-eks](https://github.com/jx3-gitops-repositories/jx3-terraform-eks) as described in
+https://jenkins-x.io/v3/admin/platforms/eks/.
 
 All s3 buckets created by the module use Server-Side Encryption with Amazon S3-Managed Encryption Keys
 (SSE-S3) by default.
@@ -77,17 +69,9 @@ If you don't specify the value of `s3_kms_arn`, then the default aws managed cmk
 :warning: **Note**: Using AWS KMS with customer managed keys has cost
 [considerations](https://aws.amazon.com/blogs/storage/changing-your-amazon-s3-encryption-from-s3-managed-encryption-sse-s3-to-aws-key-management-service-sse-kms/).
 
-The _jx_requirements_ output is a helper for creating the initial input for `jx boot`.
+You should have your [AWS CLI configured correctly](https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-quickstart.html).
 
-If you do not want Terraform to create a new IAM user or you do not have permissions to create one, you need to provide the name of an existing IAM user.
 
-```terraform
-module "eks-jx" {
-  source     = "github.com/jenkins-x/terraform-aws-eks-jx"
-}
-```
-
-You should have your [AWS CLI configured correctly](https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-quickstart.html).
 
 #### AWS_REGION
 
@@ -109,6 +93,11 @@ This creates an EKS cluster with all possible configuration options defaulted.
 It is not intended for a production cluster.
 Refer to [Production cluster considerations](#production-cluster-considerations) for things to consider when creating a production cluster.
 
+
+### Migrating to current version of module from a version pre 3.0.0
+
+From version 3.0.0 this module creates neither the EKS cluster nor the VPC.  
+
 ### Cluster Autoscaling
 
 This does not automatically install cluster-autoscaler, it installs all of the prerequisite policies and roles required to install autoscaler.

diff --git a/examples/asm/main.tf b/examples/asm/main.tf
diff --git a/examples/asm/outputs.tf b/examples/asm/outputs.tf
diff --git a/examples/asm/variables.tf b/examples/asm/variables.tf
diff --git a/examples/basic/main.tf b/examples/basic/main.tf
@@ -1,29 +1,122 @@
-provider "aws" {
-  region  = var.region
-  profile = var.profile
+data "aws_availability_zones" "available" {}
+
+data "aws_eks_cluster" "cluster" {
+  name = module.eks.cluster_id
 }
 
+data "aws_eks_cluster_auth" "cluster" {
+  name = module.eks.cluster_id
+}
 
-module "eks-jx" {
-  source                               = "../../"
-  install_kuberhealthy                 = true
-  create_nginx                         = true
-  cluster_version                      = "1.21"
-  nginx_chart_version                  = "3.12.0"
-  enable_worker_groups_launch_template = true
-  volume_type                          = "gp3"
-  volume_size                          = "100"
-  encrypt_volume_self                  = true
-  boot_secrets = [
-    {
-      name  = "jxBootJobEnvVarSecrets.EXTERNAL_VAULT"
-      value = "true"
-      type  = "string"
-    },
-    {
-      name  = "jxBootJobEnvVarSecrets.VAULT_ADDR"
-      value = "http://external-vault:8200"
-      type  = "string"
+provider "kubernetes" {
+  host                   = data.aws_eks_cluster.cluster.endpoint
+  cluster_ca_certificate = base64decode(data.aws_eks_cluster.cluster.certificate_authority[0].data)
+  token                  = data.aws_eks_cluster_auth.cluster.token
+  load_config_file       = false
+  version                = "~> 1.11"
+}
+
+// This will create a vpc using the official vpc module
+module "vpc" {
+  source               = "terraform-aws-modules/vpc/aws"
+  version              = "5.9.0"
+  name                 = var.vpc_name
+  cidr                 = var.vpc_cidr_block
+  azs                  = data.aws_availability_zones.available.names
+  public_subnets       = var.public_subnets
+  private_subnets      = var.private_subnets
+  enable_dns_hostnames = true
+  enable_nat_gateway   = var.enable_nat_gateway
+  single_nat_gateway   = var.single_nat_gateway
+
+  tags = {
+    "kubernetes.io/cluster/${var.cluster_name}" = "shared"
+  }
+
+  public_subnet_tags = {
+    "kubernetes.io/cluster/${var.cluster_name}" = "shared"
+    "kubernetes.io/role/elb"                    = "1"
+  }
+
+  private_subnet_tags = {
+    "kubernetes.io/cluster/${var.cluster_name}" = "shared"
+    "kubernetes.io/role/internal-elb"           = "1"
+  }
+}
+
+// This will create the eks cluster using the official eks module
+module "eks" {
+  source          = "terraform-aws-modules/eks/aws"
+  version         = "12.20.0"
+  cluster_name    = var.cluster_name
+  cluster_version = var.cluster_version
+  subnets         = (var.cluster_in_private_subnet ? module.vpc.private_subnets : module.vpc.public_subnets)
+  vpc_id          = module.vpc.vpc_id
+  enable_irsa     = true
+
+  eks_managed_node_groups = {
+    eks-jx-node-group = {
+      ami_type     = var.node_group_ami
+      desired_size = var.desired_node_count
+      max_size     = var.max_node_count
+      min_size     = var.min_node_count
+
+      instance_types = [var.node_machine_type]
+      k8s_labels = {
+        "jenkins-x.io/name"       = var.cluster_name
+        "jenkins-x.io/part-of"    = "jx-platform"
+        "jenkins-x.io/managed-by" = "terraform"
+      }
+      additional_tags = {
+        aws_managed = "true"
+      }
     }
-  ]
+  }
+
+  # Cluster access entry
+  # To add the current caller identity as an administrator
+  enable_cluster_creator_admin_permissions = true
+
+  cluster_addons = {
+    coredns                = {}
+    eks-pod-identity-agent = {}
+    kube-proxy             = {}
+    vpc-cni                = {}
+  }
+
+  cluster_endpoint_private_access = var.cluster_endpoint_private_access
+  cluster_endpoint_public_access  = var.cluster_endpoint_public_access
+}
+
+
+module "eks-auth" {
+  depends_on = [module.eks]
+  source     = "terraform-aws-modules/eks/aws//modules/aws-auth"
+  version    = "~> 20.0"
+
+  manage_aws_auth_configmap = true
+
+  aws_auth_users    = var.map_users
+  aws_auth_roles    = var.map_roles
+  aws_auth_accounts = var.map_accounts
+}
+
+// The VPC and EKS resources have been created, just install the cloud resources required by jx
+module "eks-jx" {
+  source    = "../../"
+  region    = var.region
+  use_vault = var.use_vault
+  use_asm   = var.use_asm
+
+  jx_git_url      = var.jx_git_url
+  jx_bot_username = var.jx_bot_username
+  jx_bot_token    = var.jx_bot_token
+
+  enable_repository_storage = var.enable_repository_storage
+  enable_reports_storage    = var.enable_reports_storage
+  enable_logs_storage       = var.enable_logs_storage
+
+  force_destroy = var.force_destroy
+
+  cluster_name = module.eks.cluster_name // Cluster Name of the EKS cluster that we want to create jx cloud resources for
 }
diff --git a/examples/basic/nginx_values.yaml b/examples/basic/nginx_values.yaml