Skip to content

Private cluster with k3s. Why have 1 huge complicated cluster (pet) when you can have many simple, cheap clusters (cattle)?

License

Notifications You must be signed in to change notification settings

inscapist/terraform-k3s-private-cloud

Repository files navigation

K3s Private Cluster

asciicast

Asciicast for accessing cluster can be viewed here

Requirements

Name Version
terraform >= 0.14
SSM Agent >= 3.0.161.0

This module is published at Terraform registry

Why would you want this?

  • You are cost-conscious. RDS, Elasticache and EKS are too expensive and perhaps even too complicated
  • You want a cluster with low maintenance overhead and just works
  • You want to have this cluster for only 1 or 2 apps (App Clusters)

Why would I do this?

  • I wish to empower individual developers to have their own test/staging environment
  • Big clusters fail, coordination is hard, service mesh is expensive
  • I wish our code can simply run anywhere on any cloud, even if its stateful

Features

  • Private cluster with no exposed ports
  • Low memory usage and simpler architecture (thanks to K3S)
  • It has most of the expected features of kubernetes (PVC, LoadBalancer, MetricsServer)
  • Simple codebase with minimal magic
  • Network agnostic with ability to reuse VPC

What is this?

This module is designed for kubernetes workload that runs within private subnet. A private subnet is simply a subnet not associated with an internet gateway. This results in lower cost and reduction in moving parts, as you do not need to purchase a domain name, certificate and manage perimeter security.

If you don't need egress connectivity for cluster, you can use the VPC endpoints for SSM. Otherwise, session manager would not work.

This module currently supports only AWS cloud. However, I wish to support more clouds with minimal differences between API.

Various networking configurations are demonstrated in the following examples:

How do I start?

Refer Getting Started and other documentation