| Name | Description | Generic | AWS | Scaleway | GCP | Azure |
|---|---|---|---|---|---|---|
| aws-ebs-csi-driver | Enable new feature and the use of gp3 volumes |
N/A | ✔️ | N/A | N/A | N/A |
| aws-for-fluent-bit | Cloudwatch logging with fluent bit instead of fluentd | N/A | ✔️ | N/A | N/A | N/A |
| aws-load-balancer-controller | Use AWS ALB/NLB for ingress and services | N/A | ✔️ | N/A | N/A | N/A |
| aws-node-termination-handler | Manage spot instance lifecyle | N/A | ✔️ | N/A | N/A | N/A |
| aws-calico | Use calico for network policy | N/A | ✔️ | N/A | N/A | N/A |
| cert-manager | automatically generate TLS certificates, supports ACME v2 | ✔️ | ✔️ | ✔️ | ❌ | N/A |
| cluster-autoscaler | scale worker nodes based on workload | N/A | ✔️ | Included | Included | Included |
| cni-metrics-helper | Provides cloudwatch metrics for VPC CNI plugins | N/A | ✔️ | N/A | N/A | N/A |
| external-dns | sync ingress and service records in route53 | ❌ | ✔️ | ✔️ | ❌ | ❌ |
| ingress-nginx | processes Ingress object and acts as a HTTP/HTTPS proxy (compatible with cert-manager) |
✔️ | ✔️ | ✔️ | ❌ | ❌ |
| istio-operator | Service mesh for Kubernetes | ✔️ | ✔️ | ✔️ | ✔️ | ✔️ |
| karma | An alertmanager dashboard | ✔️ | ✔️ | ✔️ | ✔️ | ✔️ |
| keycloak | Identity and access management | ✔️ | ✔️ | ✔️ | ✔️ | ✔️ |
| kong | API Gateway ingress controller | ✔️ | ✔️ | ✔️ | ❌ | ❌ |
| kube-prometheus-stack | Monitoring / Alerting / Dashboards | ✔️ | ✔️ | ✔️ | ❌ | ❌ |
| loki-stack | Grafana Loki logging stack | ✔️ | ✔️ | 🚧 | ❌ | ❌ |
| promtail | Ship log to loki from other cluster (eg. mTLS) | 🚧 | ✔️ | 🚧 | ❌ | ❌ |
| metrics-server | enable metrics API and horizontal pod scaling (HPA) | ✔️ | ✔️ | Included | Included | Included |
| node-problem-detector | Forwards node problems to Kubernetes events | ✔️ | ✔️ | Included | Included | Included |
| sealed-secrets | Technology agnostic, store secrets on git | ✔️ | ✔️ | ✔️ | ✔️ | ✔️ |
| strimzi-kafka-operator | Apache Kafka running on Kubernetes | ✔️ | ✔️ | ✔️ | ✔️ | ✔️ |
| thanos | Open source, highly available Prometheus setup with long term storage capabilities | ❌ | ✔️ | 🚧 | ❌ | ❌ |
| thanos-memcached | Open source, highly available Prometheus setup with long term storage capabilities | ❌ | ✔️ | 🚧 | ❌ | ❌ |
| thanos-storegateway | Additional storegateway to query multiple object stores | ❌ | ✔️ | 🚧 | ❌ | ❌ |
| thanos-tls-querier | Thanos TLS querier for cross cluster collection | ❌ | ✔️ | 🚧 | ❌ | ❌ |
Submodules are used for specific cloud provider configuration such as IAM role for AWS. For a Kubernetes vanilla cluster, generic addons should be used.
Any contribution supporting a new cloud provider is welcomed.
| Name | Version |
|---|---|
| terraform | >= 0.13 |
| helm | ~> 2.0 |
| kubectl | ~> 1.0 |
| kubernetes | ~> 2.0 |
| Name | Version |
|---|---|
| helm | ~> 2.0 |
| kubectl | ~> 1.0 |
| kubernetes | ~> 2.0 |
| random | n/a |
| time | n/a |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| cert-manager | Customize cert-manager chart, see cert-manager.tf for supported values |
any |
{} |
no |
| cluster-autoscaler | Customize cluster-autoscaler chart, see cluster-autoscaler.tf for supported values |
any |
{} |
no |
| cluster-name | Name of the Kubernetes cluster | string |
"sample-cluster" |
no |
| external-dns | Map of map for external-dns configuration: see external_dns.tf for supported values |
any |
{} |
no |
| flux | Customize Flux chart, see flux.tf for supported values |
any |
{} |
no |
| helm_defaults | Customize default Helm behavior | any |
{} |
no |
| ingress-nginx | Customize ingress-nginx chart, see nginx-ingress.tf for supported values |
any |
{} |
no |
| istio-operator | Customize istio operator deployment, see istio_operator.tf for supported values |
any |
{} |
no |
| karma | Customize karma chart, see karma.tf for supported values |
any |
{} |
no |
| keycloak | Customize keycloak chart, see keycloak.tf for supported values |
any |
{} |
no |
| kong | Customize kong-ingress chart, see kong.tf for supported values |
any |
{} |
no |
| kube-prometheus-stack | Customize kube-prometheus-stack chart, see kube-prometheus-stack.tf for supported values |
any |
{} |
no |
| labels_prefix | Custom label prefix used for network policy namespace matching | string |
"particule.io" |
no |
| loki-stack | Customize loki-stack chart, see loki-stack.tf for supported values |
any |
{} |
no |
| metrics-server | Customize metrics-server chart, see metrics_server.tf for supported values |
any |
{} |
no |
| npd | Customize node-problem-detector chart, see npd.tf for supported values |
any |
{} |
no |
| priority-class | Customize a priority class for addons | any |
{} |
no |
| priority-class-ds | Customize a priority class for addons daemonsets | any |
{} |
no |
| promtail | Customize promtail chart, see loki-stack.tf for supported values |
any |
{} |
no |
| sealed-secrets | Customize sealed-secrets chart, see sealed-secrets.tf for supported values |
any |
{} |
no |
| strimzi-kafka-operator | Customize strimzi-kafka-operator chart, see strimzi-kafka-operator.tf for supported values |
any |
{} |
no |
| thanos | Customize thanos chart, see thanos.tf for supported values |
any |
{} |
no |
| thanos-memcached | Customize thanos chart, see thanos.tf for supported values |
any |
{} |
no |
| thanos-storegateway | Customize thanos chart, see thanos.tf for supported values |
any |
{} |
no |
| thanos-tls-querier | Customize thanos chart, see thanos.tf for supported values |
any |
{} |
no |
| Name | Description |
|---|---|
| grafana_password | n/a |