Skip to content
This repository has been archived by the owner on Oct 1, 2024. It is now read-only.

andreswebs/terraform-aws-eks-monitoring

Repository files navigation

terraform-aws-eks-monitoring

Deploys the "Grafana + Prometheus + Loki" monitoring stack via Helm on AWS EKS.

Usage

Example:

module "monitoring" {
  source = "github.com/andreswebs/terraform-aws-eks-monitoring"

  cluster_oidc_provider = var.eks_cluster_oidc_provider

  loki_iam_role_name           = "loki-${var.eks_cluster_id}"
  loki_compactor_iam_role_name = "loki-compactor-${var.eks_cluster_id}"
  grafana_iam_role_name        = "grafana-${var.eks_cluster_id}"

  loki_storage_s3_bucket_name = var.loki_storage_s3_bucket_name

  chart_version_loki_distributed = var.chart_version_loki_distributed
  chart_version_promtail         = var.chart_version_promtail
  chart_version_prometheus       = var.chart_version_prometheus
  chart_version_grafana          = var.chart_version_grafana

  grafana_enabled = true

}

Inputs

Name Description Type Default Required
chart_version_fluent_bit Chart version string null no
chart_version_grafana Chart version string null no
chart_version_loki Chart version string null no
chart_version_loki_distributed Chart version string null no
chart_version_metrics_server Chart version string null no
chart_version_prometheus Chart version string null no
chart_version_promtail Chart version string null no
cluster_oidc_provider OpenID Connect (OIDC) Identity Provider associated with the Kubernetes cluster string "" no
create_loki_storage Create S3 bucket for Loki storage? bool false no
create_loki_storage_id_suffix Append a random identifier string suffix to the Loki storage S3 bucket name? bool false no
create_loki_storage_kms_key Create KMS key? bool true no
grafana_enabled Enable Grafana? bool true no
grafana_iam_role_name Name of IAM role for Grafana string "grafana" no
grafana_service_account_name Name of the Kubernetes service account for Grafana string "grafana" no
helm_atomic_creation Purge resources on installation failure ? The wait flag will be set automatically if atomic is used bool true no
helm_cleanup_on_fail Deletion new resources created in this upgrade if the upgrade fails ? bool true no
helm_create_namespace Create the namespace if it does not yet exist ? bool true no
helm_dependency_update Run helm dependency update before installing the chart ? bool false no
helm_force_update Force resource update through delete/recreate if needed ? bool false no
helm_keyring Location of public keys used for verification; used only if verify is true string ".gnupg/pubring.gpg" no
helm_max_history Maximum number of release versions stored per release; 0 means no limit number 3 no
helm_recreate_pods Perform pods restart during upgrade/rollback ? bool true no
helm_release_name_fluent_bit Release name string "fluent-bit" no
helm_release_name_grafana Release name string "grafana" no
helm_release_name_loki Release name string "loki" no
helm_release_name_metrics_server Release name string "metrics-server" no
helm_release_name_prometheus Release name string "prometheus" no
helm_release_name_promtail Release name string "promtail" no
helm_replace Re-use the given name, even if that name is already used; this is unsafe in production bool false no
helm_reset_values When upgrading, reset the values to the ones built into the chart ? bool false no
helm_reuse_values When upgrading, reuse the last release's values and merge any overrides ? If 'reset_values' is specified, this is ignored bool false no
helm_skip_crds Skip installing CRDs ? bool false no
helm_timeout_seconds Time in seconds to wait for any individual kubernetes operation number 300 no
helm_verify Verify the package before installing it. Helm uses a provenance file to verify the integrity of the chart bool false no
helm_wait_for_completion Wait until all resources are in a ready state before marking the release as successful ? bool true no
helm_wait_for_jobs Wait until all Jobs have been completed before marking the release as successful ? bool true no
k8s_namespace Name of the Kubernetes namespace to which resources will be deployed string "monitoring" no
loki_aggregator Loki aggregator to install, must be either promtail or fluent-bit string "promtail" no
loki_compactor_iam_role_name Name of IAM role for Loki Compactor string "loki-compactor" no
loki_compactor_service_account_name Name of the Kubernetes service account for the Loki compactor string "loki-compactor" no
loki_enabled Enable Loki? bool true no
loki_iam_role_name Name of IAM role for Loki string "loki" no
loki_mode Loki mode, must be either single or distributed string "distributed" no
loki_service_account_name Name of the Kubernetes service account for Loki components string "loki" no
loki_storage_expiration_days Number of days to retain objects; 0 means never expire number 90 no
loki_storage_kms_key_arn (Optional) ARN of KMS key used to encrypt bucket objects; ignored if create_kms_key is set to true string null no
loki_storage_kms_key_deletion_window_in_days KMS key deletion window in days number 30 no
loki_storage_kms_key_enable_rotation Enable KMS key rotation? bool true no
loki_storage_s3_bucket_name Name of S3 bucket used for Loki storage string "" no
loki_storage_s3_force_destroy Force destroy bucket when running terraform destroy? bool false no
metrics_server_enabled Enable Metrics Server? bool true no
prometheus_enabled Enable Prometheus? bool true no

Modules

Name Source Version
iam ./modules/iam n/a
log_storage ./modules/storage n/a
resources ./modules/resources n/a

Outputs

Name Description
namespace The name (metadata.name) of the namespace

Providers

Name Version
random ~> 3.4

Requirements

Name Version
terraform ~> 1.3
aws ~> 4.50
helm ~> 2.9
random ~> 3.4

Resources

Name Type
random_id.id resource

Authors

Andre Silva - @andreswebs

License

This project is licensed under the Unlicense.