-| services | List of services and their parameters (version, configs, namespaces, etc.). | ```object({ argocd = optional(object({ enabled = bool chart_name = optional(string, "argocd") helm_version = optional(string, "9.0.5") namespace = optional(string, "argocd") service_account_name = optional(string, "argocd-sa") node_selector = optional(map(string), { pool = "system" }) additional_tolerations = optional(list(object({ key = string operator = optional(string, "Equal") value = string effect = optional(string, "NoSchedule") tolerationSeconds = optional(number, null) }))) create_namespace = optional(bool, true) additional_helm_values = optional(string, "") load_balancer_name = optional(string) load_balancer_group_name = optional(string, "internal") load_balancer_scheme = optional(string, "internal") notification_slack_token_secret = optional(string) argocd_url = optional(string) iam_role_arn = optional(string) iam_role_name = optional(string) custom_ingress = optional(string) custom_notifications = optional(string) }), { enabled = false }), aws-alb-ingress-controller = optional(object({ enabled = bool chart_name = optional(string, "aws-alb-ingress-controller") helm_version = optional(string, "1.14.1") namespace = optional(string, "general") service_account_name = optional(string, "aws-alb-ingress-controller-sa") default_ssl_policy = optional(string, "ELBSecurityPolicy-TLS13-1-2-2021-06") node_selector = optional(map(string), { pool = "system" }) additional_tolerations = optional(list(object({ key = string operator = optional(string, "Equal") value = string effect = optional(string, "NoSchedule") tolerationSeconds = optional(number, null) }))) additional_helm_values = optional(string, "") iam_role_arn = optional(string) iam_role_name = optional(string) iam_policy_json = optional(string) }), { enabled = false }), cluster-autoscaler = optional(object({ enabled = bool chart_name = optional(string, "cluster-autoscaler") helm_version = optional(string, "9.52.1") namespace = optional(string, "general") service_account_name = optional(string, "autoscaler-sa") node_selector = optional(map(string), { pool = "system" }) additional_tolerations = optional(list(object({ key = string operator = optional(string, "Equal") value = string effect = optional(string, "NoSchedule") tolerationSeconds = optional(number, null) }))) additional_helm_values = optional(string, "") iam_role_arn = optional(string) iam_role_name = optional(string) iam_policy_json = optional(string) }), { enabled = false }), external-dns = optional(object({ enabled = bool chart_name = optional(string, "external-dns") helm_version = optional(string, "1.19.0") namespace = optional(string, "general") service_account_name = optional(string, "external-dns-sa") node_selector = optional(map(string), { pool = "system" }) additional_tolerations = optional(list(object({ key = string operator = optional(string, "Equal") value = string effect = optional(string, "NoSchedule") tolerationSeconds = optional(number, null) }))) additional_helm_values = optional(string, "") iam_role_arn = optional(string) iam_role_name = optional(string) iam_policy_json = optional(string) }), { enabled = false }), external-secrets = optional(object({ chart_name = optional(string, "external-secrets") enabled = bool helm_version = optional(string, "0.20.4") namespace = optional(string, "general") service_account_name = optional(string, "external-secrets-sa") node_selector = optional(map(string), { pool = "system" }) additional_tolerations = optional(list(object({ key = string operator = optional(string, "Equal") value = string effect = optional(string, "NoSchedule") tolerationSeconds = optional(number, null) }))) additional_helm_values = optional(string, "") iam_role_arn = optional(string) iam_role_name = optional(string) iam_policy_json = optional(string) }), { enabled = false }), karpenter = optional(object({ chart_name = optional(string, "karpenter") chart_crd_name = optional(string, "karpenter-crd") enabled = bool helm_version = optional(string, "1.8.2") manage_crd = optional(bool, false) # Whether to directly manage CRD by Terraform. If false, CRD will be installed by the karpenter helm by dependency. If true, CRD will be installed with additional helm via terraform. Reference: https://github.com/aws/karpenter-provider-aws/tree/main/charts/karpenter-crd namespace = optional(string, "general") service_account_name = optional(string, "karpenter") node_selector = optional(map(string), { pool = "system" }) additional_tolerations = optional(list(object({ key = string operator = optional(string, "Equal") value = string effect = optional(string, "NoSchedule") tolerationSeconds = optional(number, null) }))) additional_helm_values = optional(string, "") crd_additional_helm_values = optional(string, "") deploy_default_nodeclass = optional(bool, true) default_nodeclass_max_pods = optional(string) default_nodeclass_pods_per_core = optional(string) default_nodeclass_ami_family = optional(string, "AL2023") default_nodeclass_ami_alias = optional(string, "al2023@latest") default_nodeclass_name = optional(string, "default") http_put_response_hop_limit = optional(string, "2") default_nodeclass_volume_size = optional(string, "20Gi") default_nodeclass_volume_type = optional(string, "gp3") deploy_default_nodepool = optional(bool, true) default_nodepool_instance_category = optional(list(string), ["t", "c", "m"]) default_nodepool_instance_cpu = optional(list(string), ["2", "4"]) default_nodepool_instance_generation = optional(list(string), []) default_nodepool_instance_cpu_manufacturer = optional(list(string), []) default_nodepool_cpu_limit = optional(string, "100") additional_nodepools_yaml = optional(map(any), {}) consolidation_policy = optional(string) enable_budgets = optional(bool, false) budgets = optional(any, [ { nodes = "10%" }, { nodes = "3" }, { nodes = "0", schedule = "0 9 * * sat-sun", duration = "24h" }, { nodes = "0", schedule = "0 17 * * mon-fri", duration = "16h", reasons = ["Drifted"] } ]) default_nodepool_capacity_type = optional(list(string), ["on-demand"]) default_nodepool_yaml = optional(string) default_nodeclass_yaml = optional(string) create_iam_role = optional(bool, true) iam_role_name = optional(string) iam_role_arn = optional(string) irsa_iam_role_additional_policies = optional(map(string), {}) create_node_iam_role = optional(bool, true) create_access_entry_for_node_iam_role = optional(bool, true) node_iam_role_name = optional(string) node_iam_role_additional_policies = optional(map(string), {}) node_iam_role_additional_tags = optional(map(string), {}) node_security_group_id = optional(string) }), { enabled = false }), keda = optional(object({ chart_name = optional(string, "keda") enabled = bool helm_version = optional(string, "2.18.1") namespace = optional(string, "general") service_account_name = optional(string, "keda-sa") node_selector = optional(map(string), { pool = "system" }) additional_tolerations = optional(list(object({ key = string operator = optional(string, "Equal") value = string effect = optional(string, "NoSchedule") tolerationSeconds = optional(number, null) }))) additional_helm_values = optional(string, "") iam_role_arn = optional(string) iam_role_name = optional(string) iam_policy_json = optional(string) }), { enabled = false }), metrics-server = optional(object({ chart_name = optional(string, "metrics-server") enabled = bool helm_version = optional(string, "3.13.0") namespace = optional(string, "general") node_selector = optional(map(string), { pool = "system" }) additional_tolerations = optional(list(object({ key = string operator = optional(string, "Equal") value = string effect = optional(string, "NoSchedule") tolerationSeconds = optional(number, null) }))) additional_helm_values = optional(string, "") }), { enabled = false }), local-dns = optional(object({ enabled = bool chart_name = optional(string, "node-local-dns") helm_version = optional(string, "0.1.0") namespace = optional(string, "kube-system") service_account_name = optional(string, "node-local-dns-sa") image_repository = optional(string, "registry.k8s.io/dns/k8s-dns-node-cache") image_tag = optional(string, "1.23.0") local_ip = optional(string, "169.254.20.10") cluster_domain = optional(string, "cluster.local") cache_ttl = optional(number, 3600) cluster_local_cache_ttl = optional(number, 65) upstream_cluster_ip = optional(string) upstream_service_name = optional(string, "kube-dns") upstream_namespace = optional(string, "kube-system") upstream_ips = optional(list(string), []) coredns_config_enabled = optional(bool, false) coredns_config_name = optional(string, "coredns") coredns_config_namespace = optional(string, "kube-system") coredns_config_mount_path = optional(string, "/etc/coredns") extra_zones = optional(list(object({ name = string cacheTTL = number })), []) additional_helm_values = optional(string, "") iam_role_arn = optional(string) iam_role_name = optional(string) iam_policy_json = optional(string) }), { enabled = false }), })``` | n/a | yes |
0 commit comments