38 lines
1.1 KiB
Markdown
38 lines
1.1 KiB
Markdown
# Infrastructure — Terraform / OpenTofu
|
|
|
|
> **Sprint 1 note**: Infrastructure provisioning is skipped in Sprint 1 (OpenTofu not yet installed locally).
|
|
> See `docs/adr/001-terraform-vs-pulumi.md` for the tooling decision.
|
|
|
|
## Prerequisites
|
|
|
|
```bash
|
|
brew install opentofu
|
|
```
|
|
|
|
## Structure (to be implemented in Sprint 4+)
|
|
|
|
```
|
|
deploy/terraform/
|
|
├── main.tf # Root module, providers, backend (S3 + DynamoDB lock)
|
|
├── variables.tf # Input variables
|
|
├── outputs.tf # VPC, cluster endpoint, kubeconfig
|
|
├── versions.tf # Pinned provider versions
|
|
├── vpc/ # VPC, subnets, NAT gateway
|
|
├── eks/ # EKS cluster, node groups (terraform-aws-eks v20.x)
|
|
└── monitoring/ # CloudWatch, alerts
|
|
```
|
|
|
|
## Before first apply
|
|
|
|
Create the state backend manually:
|
|
|
|
```bash
|
|
aws s3 mb s3://veylant-terraform-state-eu-west-3 --region eu-west-3
|
|
aws dynamodb create-table \
|
|
--table-name veylant-terraform-lock \
|
|
--attribute-definitions AttributeName=LockID,AttributeType=S \
|
|
--key-schema AttributeName=LockID,KeyType=HASH \
|
|
--billing-mode PAY_PER_REQUEST \
|
|
--region eu-west-3
|
|
```
|