This module provides a working example of how to configure the network that the Exocompute EKS cluster will run on. While there are many networking designs this module takes the example of the EKS cluster running on 2 private subnets. Internet access is provided via a NAT gateway to a public subnet, which the module also defines. It is also important to note that this module tags the subnets and any other resources so that the EKS cluster will consume and use them. The minimum network ports have been opened in the NACLs and Security Groups for the Exocompute cluster to function, either privately or publicly.
module "exocompute_networking" {
source = "rubrikinc/polaris-cloud-native-exocompute-networking/aws"
aws_exocompute_subnet_public_cidr = "172.21.0.0/24"
aws_exocompute_subnet_1_cidr = "172.21.1.0/24"
aws_exocompute_subnet_2_cidr = "172.21.2.0/24"
aws_exocompute_vpc_cidr = "172.21.0.0/16"
}- Remove the AWS provider block from the module. Must now be provided in the Terraform root module.
- Add module usage examples.
- Mark the
aws_profileandrsc_exocompute_regionvariables as deprecated. They are no longer used by the module and have no replacements. The Exocompute region is now the region used by the AWS provider. - Add support for specifying additional tags to the resources being created in AWS.
- Add the
aws_security_group_control_plane_idandaws_security_group_worker_node_idoutputs. The existing outputs for the values partially used hyphens instead of underscores in their names. - Add the
rsc_exocompute_vpc_idoutput.
- Relax the AWS provider version constraint to
>=5.26.0. - Dynamically look up the primary and secondary availability zones from the set of available zones for the region.
Previously the availability zones were hardcoded to
aandb. Theuse_availability_zones_a_and_binput variable can be set totrueto restore the previous behavior.
Before upgrading the module, be sure to read through the changelog to understand the changes in the new version and any upgrade instructions for the version you are upgrading to.
To upgrade the module to a new version, use the following steps:
- Update the
versionfield in themoduleblock to the version you want to upgrade to, e.g.version = "0.3.0". - Run
terraform init --upgradeto update the providers and modules in your configuration. - Run
terraform planand check the output carefully to ensure that there are no unexpected changes caused by the upgrade. - Run
terraform applyif there are expected changes that you want to apply.
Note, as variables in the module are deprecated, you may see warnings in the output of terraform plan. It's
recommended that you follow the instructions in the deprecation message. Eventually deprecated variables will be
removed.
| Name | Version |
|---|---|
| terraform | >=1.5.6 |
| aws | >=5.26.0 |
| Name | Version |
|---|---|
| aws | >=5.26.0 |
No modules.
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| aws_eks_cluster_name | EKS cluster name. | string |
"Rubrik-Exocompute-Customer-Managed" |
no |
| aws_exocompute_igw_name | Name for the Internet Gateway that Exocompute will use in the AWS account and region. | string |
"Rubrik Exocompute Internet Gateway" |
no |
| aws_exocompute_nat_eip_name | Name for the Elastic IP that Exocompute will use in the AWS account and region. | string |
"Rubrik Exocompute NAT EIP" |
no |
| aws_exocompute_nat_gateway_name | Name for the NAT Gateway that Exocompute will use in the AWS account and region. | string |
"Rubrik Exocompute NAT Gateway" |
no |
| aws_exocompute_private_route_table_name | Name for the private route table that Exocompute will use in the AWS account and region. | string |
"Rubrik Exocompute Private Route Table" |
no |
| aws_exocompute_public_route_table_name | Name for the public route table that Exocompute will use in the AWS account and region. | string |
"Rubrik Exocompute Public Route Table" |
no |
| aws_exocompute_security_group_control_plane_name | Name for the security group that Exocompute will use for the EKS control plane in the AWS account and region. | string |
"Exocompute-eks-control-plane-customer-managed" |
no |
| aws_exocompute_security_group_worker_node_name | Name for the security group that Exocompute will use for the EKS nodes in the AWS account and region. | string |
"Exocompute-eks-worker-node-customer-managed" |
no |
| aws_exocompute_subnet_1_cidr | Subnet 1 CIDR for the AWS account hosting Exocompute. | string |
n/a | yes |
| aws_exocompute_subnet_2_cidr | Subnet 2 CIDR for the AWS account hosting Exocompute. | string |
n/a | yes |
| aws_exocompute_subnet_private_1_name | Name for the first private subnet that Exocompute will use in the AWS account and region. | string |
"Rubrik Exocompute Subnet 1" |
no |
| aws_exocompute_subnet_private_2_name | Name for the second private subnet that Exocompute will use in the AWS account and region. | string |
"Rubrik Exocompute Subnet 2" |
no |
| aws_exocompute_subnet_public_cidr | Public subnet CIDR for the AWS account hosting Exocompute. | string |
n/a | yes |
| aws_exocompute_subnet_public_name | Name for the public subnet that Exocompute will use in the AWS account and region. | string |
"Rubrik Exocompute Public Subnet" |
no |
| aws_exocompute_vpc_cidr | VPC CIDR for the AWS account hosting Exocompute. | string |
n/a | yes |
| aws_exocompute_vpc_endpoint_autoscaling_name | Autoscaling VPC endpoint name for the AWS account hosting Exocompute. | string |
"Rubrik Exocompute VPC Autoscaling Endpoint" |
no |
| aws_exocompute_vpc_endpoint_ec2_name | EC2 VPC endpoint name for the AWS account hosting Exocompute. | string |
"Rubrik Exocompute VPC EC2 Endpoint" |
no |
| aws_exocompute_vpc_endpoint_ecr_api_name | ECR API VPC endpoint name for the AWS account hosting Exocompute. | string |
"Rubrik Exocompute VPC ECR API Endpoint" |
no |
| aws_exocompute_vpc_endpoint_ecr_dkr_name | ECR DKR VPC endpoint name for the AWS account hosting Exocompute. | string |
"Rubrik Exocompute VPC ECR DKR Endpoint" |
no |
| aws_exocompute_vpc_endpoint_eks_name | EKS VPC endpoint name for the AWS account hosting Exocompute. | string |
"Rubrik Exocompute VPC EKS Endpoint" |
no |
| aws_exocompute_vpc_endpoint_s3_name | S3 VPC endpoint name for the AWS account hosting Exocompute. | string |
"Rubrik Exocompute VPC S3 Endpoint" |
no |
| aws_exocompute_vpc_name | VPC name for the AWS account hosting Exocompute. | string |
"Rubrik Exocompute VPC" |
no |
| aws_profile | AWS profile name. | string |
null |
no |
| rsc_exocompute_region | AWS region for the Exocompute cluster. | string |
null |
no |
| tags | Tags to apply to AWS resources created. | map(string) |
null |
no |
| use_availability_zones_a_and_b | Setting this variable to true forces the use of availability zones a and b for the subnets in the VPC. The default behavior is to use the first two availability zones in the region. |
bool |
false |
no |