Skip to content

shamimice03/terraform-aws-eks-monitoring-logging

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

18 Commits
modules
modules
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
main.tf
main.tf
 
 
outputs.tf
outputs.tf
 
 
providers.tf
providers.tf
 
 
variables.tf
variables.tf
 
 
versions.tf
versions.tf
 
 

Repository files navigation

AWS EKS Monitoring and Logging (Using Container Insights)

Prerequisite:

We must grant IAM permissions to enable Amazon EKS worker nodes to send metrics and logs to CloudWatch:

Manual Steps:

  • Attach AWS managed CloudWatchAgentServerPolicy to the IAM roles of the EKS worker nodes.
  • Policy ARN : arn:aws:iam::aws:policy/CloudWatchAgentServerPolicy

Using terraform:

This terraform module provides an option to attach IAM Policy to EKS nodegroup roles :

# Attach CloudWatchAgentServerPolicy to EKS nodegroup roles

  nodegroup_roles = [
      "kubecloud-eks-private-nodegroup",
      "kubecloud-eks-public-nodegroup",
  ]

More about CloudWatch Container Insights

Usage:

With IAM Policy attachment option:

module "eks_monitoring_logging" {
    
    source = "shamimice03/eks-monitoring-logging/aws"
    
    cluster_name      = "kubecloud-eks"
    aws_region        = "ap-northeast-1"
    namespace         = "amazon-cloudwatch"

    enable_cwagent    = true
    enable_fluent_bit = true
    
    # Attach CloudWatchServerPolicy to EKS nodegroup roles
    nodegroup_roles = [
      "kubecloud-eks-private-nodegroup",
      "kubecloud-eks-public-nodegroup",
    ]
}

Without IAM Policy attachment option:

module "eks_monitoring_logging" {
    
    source = "shamimice03/eks-monitoring-logging/aws"
    
    cluster_name      = "kubecloud-eks"
    aws_region        = "ap-northeast-1"
    namespace         = "amazon-cloudwatch"
    
    enable_cwagent    = true
    enable_fluent_bit = true
}

Variables:

Common Variables:

Variable Type Description Default
cluster_name string EKS Cluster Name null
aws_region string Provide Cluster Region null
namespace string Name of the namespace amazon-cloudwatch
nodegroup_roles list(any) List of EKS nodegroup roles [ ]

Fluent Bit Variables:

Variable Type Description Default
enable_fluent_bit bool Enable or Disable Fluent-bit Agent on EKS cluster true
fluent_bit_http_server string Enable or Disable fluent bit HTTP server On
fluent_bit_http_port string Define fluent-bit HTTP Port 2020
fluent_bit_read_head string Enable or Disable fluent-bit Head read Off
fluent_bit_read_tail string Enable or Disable fluent-bit Tail read On
fluentbit_configmap_name string Name of the ConfigMap for Fluent Bit fluent-bit-cluster-info

CloudWatch Agent (CW Agent) Variables:

Variable Type Description Default
enable_cwagent bool Enable or Disable CloudWatch Agent on EKS cluster true
cwagent_configmap_name string Name of the ConfigMap for CloudWatch Agent cwagentconfig

Resources (kubernetes manifests):

Required providers and versions:

Provider Version
hashicorp/aws >= 5.0
hashicorp/kubernetes >= 2.21
hashicorp/http >= 3.4.0
gavinbunney/kubectl >= 1.14.0

About

Terraform Module for AWS EKS monitoring and logging

registry.terraform.io/modules/shamimice03/eks-monitoring-logging/aws/latest

Topics

kubernetes aws terraform cloudwatch cloudwatch-logs kubernetes-monitoring terraform-module fluentbit aws-eks terraform-eks kubernetes-logging

Resources

Readme

License

GPL-3.0 license
Activity

Stars

1 star

Watchers

2 watching

Forks

3 forks
Report repository

Releases 2

v1.0.0 Latest
Jul 25, 2023
+ 1 release

Packages

No packages published

Languages