Initial commit from kro/examples/aws/eks-cluster-mgmt
This commit is contained in:
@@ -0,0 +1,247 @@
|
||||
apiVersion: kro.run/v1alpha1
|
||||
kind: ResourceGraphDefinition
|
||||
metadata:
|
||||
name: vpc.kro.run
|
||||
annotations:
|
||||
argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true
|
||||
argocd.argoproj.io/sync-wave: "-1"
|
||||
spec:
|
||||
schema:
|
||||
apiVersion: v1alpha1
|
||||
kind: Vpc
|
||||
spec:
|
||||
name: string
|
||||
region: string
|
||||
cidr:
|
||||
vpcCidr: string | default="10.0.0.0/16"
|
||||
publicSubnet1Cidr: string | default="10.0.1.0/24"
|
||||
publicSubnet2Cidr: string | default="10.0.2.0/24"
|
||||
privateSubnet1Cidr: string | default="10.0.11.0/24"
|
||||
privateSubnet2Cidr: string | default="10.0.12.0/24"
|
||||
status:
|
||||
vpcID: ${vpc.status.vpcID}
|
||||
publicSubnet1ID: ${publicSubnet1.status.subnetID}
|
||||
publicSubnet2ID: ${publicSubnet2.status.subnetID}
|
||||
privateSubnet1ID: ${privateSubnet1.status.subnetID}
|
||||
privateSubnet2ID: ${privateSubnet2.status.subnetID}
|
||||
resources: # how to publish a field in the RG claim e.g. vpcID
|
||||
- id: vpc
|
||||
template:
|
||||
apiVersion: ec2.services.k8s.aws/v1alpha1
|
||||
kind: VPC
|
||||
metadata:
|
||||
namespace: ${schema.spec.name}
|
||||
name: ${schema.spec.name}-vpc
|
||||
annotations:
|
||||
services.k8s.aws/region: ${schema.spec.region}
|
||||
spec:
|
||||
cidrBlocks:
|
||||
- ${schema.spec.cidr.vpcCidr}
|
||||
enableDNSSupport: true
|
||||
enableDNSHostnames: true
|
||||
tags:
|
||||
- key: "Name"
|
||||
value: ${schema.spec.name}-vpc
|
||||
- id: internetGateway
|
||||
template:
|
||||
apiVersion: ec2.services.k8s.aws/v1alpha1
|
||||
kind: InternetGateway
|
||||
metadata:
|
||||
namespace: ${schema.spec.name}
|
||||
name: ${schema.spec.name}-igw
|
||||
annotations:
|
||||
services.k8s.aws/region: ${schema.spec.region}
|
||||
spec:
|
||||
vpc: ${vpc.status.vpcID}
|
||||
tags:
|
||||
- key: "Name"
|
||||
value: ${schema.spec.name}-igw
|
||||
- id: natGateway1
|
||||
template:
|
||||
apiVersion: ec2.services.k8s.aws/v1alpha1
|
||||
kind: NATGateway
|
||||
metadata:
|
||||
namespace: ${schema.spec.name}
|
||||
name: ${schema.spec.name}-nat-gateway1
|
||||
annotations:
|
||||
services.k8s.aws/region: ${schema.spec.region}
|
||||
spec:
|
||||
subnetID: ${publicSubnet1.status.subnetID}
|
||||
allocationID: ${eip1.status.allocationID}
|
||||
tags:
|
||||
- key: "Name"
|
||||
value: ${schema.spec.name}-nat-gateway1
|
||||
- id: natGateway2
|
||||
template:
|
||||
apiVersion: ec2.services.k8s.aws/v1alpha1
|
||||
kind: NATGateway
|
||||
metadata:
|
||||
namespace: ${schema.spec.name}
|
||||
name: ${schema.spec.name}-nat-gateway2
|
||||
annotations:
|
||||
services.k8s.aws/region: ${schema.spec.region}
|
||||
spec:
|
||||
subnetID: ${publicSubnet2.status.subnetID}
|
||||
allocationID: ${eip2.status.allocationID}
|
||||
tags:
|
||||
- key: "Name"
|
||||
value: ${schema.spec.name}-nat-gateway2
|
||||
- id: eip1
|
||||
template:
|
||||
apiVersion: ec2.services.k8s.aws/v1alpha1
|
||||
kind: ElasticIPAddress
|
||||
metadata:
|
||||
namespace: ${schema.spec.name}
|
||||
name: ${schema.spec.name}-eip1
|
||||
annotations:
|
||||
services.k8s.aws/region: ${schema.spec.region}
|
||||
spec:
|
||||
tags:
|
||||
- key: "Name"
|
||||
value: ${schema.spec.name}-eip1
|
||||
- id: eip2
|
||||
template:
|
||||
apiVersion: ec2.services.k8s.aws/v1alpha1
|
||||
kind: ElasticIPAddress
|
||||
metadata:
|
||||
namespace: ${schema.spec.name}
|
||||
name: ${schema.spec.name}-eip2
|
||||
annotations:
|
||||
services.k8s.aws/region: ${schema.spec.region}
|
||||
spec:
|
||||
tags:
|
||||
- key: "Name"
|
||||
value: ${schema.spec.name}-eip2
|
||||
- id: publicRoutetable
|
||||
template:
|
||||
apiVersion: ec2.services.k8s.aws/v1alpha1
|
||||
kind: RouteTable
|
||||
metadata:
|
||||
namespace: ${schema.spec.name}
|
||||
name: ${schema.spec.name}-public-routetable
|
||||
annotations:
|
||||
services.k8s.aws/region: ${schema.spec.region}
|
||||
spec:
|
||||
vpcID: ${vpc.status.vpcID}
|
||||
routes:
|
||||
- destinationCIDRBlock: 0.0.0.0/0
|
||||
gatewayID: ${internetGateway.status.internetGatewayID}
|
||||
tags:
|
||||
- key: "Name"
|
||||
value: ${schema.spec.name}-public-routetable
|
||||
- id: privateRoutetable1
|
||||
template:
|
||||
apiVersion: ec2.services.k8s.aws/v1alpha1
|
||||
kind: RouteTable
|
||||
metadata:
|
||||
namespace: ${schema.spec.name}
|
||||
name: ${schema.spec.name}-private-routetable1
|
||||
annotations:
|
||||
services.k8s.aws/region: ${schema.spec.region}
|
||||
spec:
|
||||
vpcID: ${vpc.status.vpcID}
|
||||
routes:
|
||||
- destinationCIDRBlock: 0.0.0.0/0
|
||||
natGatewayID: ${natGateway1.status.natGatewayID}
|
||||
tags:
|
||||
- key: "Name"
|
||||
value: ${schema.spec.name}-private-routetable1
|
||||
- id: privateRoutetable2
|
||||
template:
|
||||
apiVersion: ec2.services.k8s.aws/v1alpha1
|
||||
kind: RouteTable
|
||||
metadata:
|
||||
namespace: ${schema.spec.name}
|
||||
name: ${schema.spec.name}-private-routetable2
|
||||
annotations:
|
||||
services.k8s.aws/region: ${schema.spec.region}
|
||||
spec:
|
||||
vpcID: ${vpc.status.vpcID}
|
||||
routes:
|
||||
- destinationCIDRBlock: 0.0.0.0/0
|
||||
natGatewayID: ${natGateway2.status.natGatewayID}
|
||||
tags:
|
||||
- key: "Name"
|
||||
value: ${schema.spec.name}-private-routetable2
|
||||
- id: publicSubnet1
|
||||
template:
|
||||
apiVersion: ec2.services.k8s.aws/v1alpha1
|
||||
kind: Subnet
|
||||
metadata:
|
||||
namespace: ${schema.spec.name}
|
||||
name: ${schema.spec.name}-public-subnet1
|
||||
annotations:
|
||||
services.k8s.aws/region: ${schema.spec.region}
|
||||
spec:
|
||||
availabilityZone: ${schema.spec.region}a
|
||||
cidrBlock: ${schema.spec.cidr.publicSubnet1Cidr}
|
||||
mapPublicIPOnLaunch: true
|
||||
vpcID: ${vpc.status.vpcID}
|
||||
routeTables:
|
||||
- ${publicRoutetable.status.routeTableID}
|
||||
tags:
|
||||
- key: "Name"
|
||||
value: ${schema.spec.name}-public-subnet1
|
||||
- key: kubernetes.io/role/elb
|
||||
value: '1'
|
||||
- id: publicSubnet2
|
||||
template:
|
||||
apiVersion: ec2.services.k8s.aws/v1alpha1
|
||||
kind: Subnet
|
||||
metadata:
|
||||
namespace: ${schema.spec.name}
|
||||
name: ${schema.spec.name}-public-subnet2
|
||||
annotations:
|
||||
services.k8s.aws/region: ${schema.spec.region}
|
||||
spec:
|
||||
availabilityZone: ${schema.spec.region}b
|
||||
cidrBlock: ${schema.spec.cidr.publicSubnet2Cidr}
|
||||
mapPublicIPOnLaunch: true
|
||||
vpcID: ${vpc.status.vpcID}
|
||||
routeTables:
|
||||
- ${publicRoutetable.status.routeTableID}
|
||||
tags:
|
||||
- key: "Name"
|
||||
value: ${schema.spec.name}-public-subnet2
|
||||
- key: kubernetes.io/role/elb
|
||||
value: '1'
|
||||
- id: privateSubnet1
|
||||
template:
|
||||
apiVersion: ec2.services.k8s.aws/v1alpha1
|
||||
kind: Subnet
|
||||
metadata:
|
||||
namespace: ${schema.spec.name}
|
||||
name: ${schema.spec.name}-private-subnet1
|
||||
annotations:
|
||||
services.k8s.aws/region: ${schema.spec.region}
|
||||
spec:
|
||||
availabilityZone: ${schema.spec.region}a
|
||||
cidrBlock: ${schema.spec.cidr.privateSubnet1Cidr}
|
||||
vpcID: ${vpc.status.vpcID}
|
||||
routeTables:
|
||||
- ${privateRoutetable1.status.routeTableID}
|
||||
tags:
|
||||
- key: "Name"
|
||||
value: ${schema.spec.name}-private-subnet1
|
||||
- key: kubernetes.io/role/internal-elb
|
||||
value: '1'
|
||||
- id: privateSubnet2
|
||||
template:
|
||||
apiVersion: ec2.services.k8s.aws/v1alpha1
|
||||
kind: Subnet
|
||||
metadata:
|
||||
namespace: ${schema.spec.name}
|
||||
name: ${schema.spec.name}-private-subnet2
|
||||
annotations:
|
||||
services.k8s.aws/region: ${schema.spec.region}
|
||||
spec:
|
||||
availabilityZone: ${schema.spec.region}b
|
||||
cidrBlock: ${schema.spec.cidr.privateSubnet2Cidr}
|
||||
vpcID: ${vpc.status.vpcID}
|
||||
routeTables:
|
||||
- ${privateRoutetable2.status.routeTableID}
|
||||
tags:
|
||||
- key: "Name"
|
||||
value: ${schema.spec.name}-private-subnet2
|
||||
- key: kubernetes.io/role/internal-elb
|
||||
value: '1'
|
||||
Reference in New Issue
Block a user