richard
/
kubespray
mirror of https://github.com/kubernetes-sigs/kubespray.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

update terraform, fix deprecated values add default_tags, fix ansible inventory (#1821)

pull/1834/head
Aivars Sterns 7 years ago
committed by Matthew Mosesohn
parent
20d80311f0
commit
7ef1e1ef9d
12 changed files with 90 additions and 56 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 1
      .gitignore
  2. 52
      contrib/terraform/aws/create-infrastructure.tf
  3. 12
      contrib/terraform/aws/modules/elb/main.tf
  4. 5
      contrib/terraform/aws/modules/elb/variables.tf
  5. 4
      contrib/terraform/aws/modules/iam/main.tf
  6. 47
      contrib/terraform/aws/modules/vpc/main.tf
  7. 5
      contrib/terraform/aws/modules/vpc/outputs.tf
  8. 5
      contrib/terraform/aws/modules/vpc/variables.tf
  9. 4
      contrib/terraform/aws/output.tf
  10. 1
      contrib/terraform/aws/templates/inventory.tpl
  11. 5
      contrib/terraform/aws/terraform.tfvars
  12. 5
      contrib/terraform/aws/variables.tf

1
.gitignore
View File

@ -10,6 +10,7 @@ temp
*.bak
*.tfstate
*.tfstate.backup
contrib/terraform/aws/credentials.tfvars
**/*.sw[pon]
/ssh-bastion.conf
**/*.sw[pon]

52
contrib/terraform/aws/create-infrastructure.tf
View File

@ -19,9 +19,9 @@ module "aws-vpc" {
aws_cluster_name = "${var.aws_cluster_name}"
aws_vpc_cidr_block = "${var.aws_vpc_cidr_block}"
aws_avail_zones="${var.aws_avail_zones}"
aws_cidr_subnets_private="${var.aws_cidr_subnets_private}"
aws_cidr_subnets_public="${var.aws_cidr_subnets_public}"
default_tags="${var.default_tags}"
}
@ -35,6 +35,7 @@ module "aws-elb" {
aws_subnet_ids_public="${module.aws-vpc.aws_subnet_ids_public}"
aws_elb_api_port = "${var.aws_elb_api_port}"
k8s_secure_api_port = "${var.k8s_secure_api_port}"
default_tags="${var.default_tags}"
}
@ -61,11 +62,11 @@ resource "aws_instance" "bastion-server" {
key_name = "${var.AWS_SSH_KEY_NAME}"
tags {
Name = "kubernetes-${var.aws_cluster_name}-bastion-${count.index}"
Cluster = "${var.aws_cluster_name}"
Role = "bastion-${var.aws_cluster_name}-${count.index}"
}
tags = "${merge(var.default_tags, map(
">an class="s2">Name", "kubernetes-${var.aws_cluster_name}-bastion-${count.index}",
">an class="s2">Cluster", "${var.aws_cluster_name}",
">an class="s2">Role", "bastion-${var.aws_cluster_name}-${count.index}"
))}"
}
@ -92,11 +93,11 @@ resource "aws_instance" "k8s-master" {
key_name = "${var.AWS_SSH_KEY_NAME}"
tags {
Name = "kubernetes-${var.aws_cluster_name}-master${count.index}"
Cluster = "${var.aws_cluster_name}"
Role = "master"
}
tags = "${merge(var.default_tags, map(
">an class="s2">Name", "kubernetes-${var.aws_cluster_name}-master${count.index}",
">an class="s2">Cluster", "${var.aws_cluster_name}",
">an class="s2">Role", "master"
))}"
}
resource "aws_elb_attachment" "attach_master_nodes" {
@ -121,12 +122,11 @@ resource "aws_instance" "k8s-etcd" {
key_name = "${var.AWS_SSH_KEY_NAME}"
tags {
Name = "kubernetes-${var.aws_cluster_name}-etcd${count.index}"
Cluster = "${var.aws_cluster_name}"
Role = "etcd"
}
tags = "${merge(var.default_tags, map(
"Name", "kubernetes-${var.aws_cluster_name}-etcd${count.index}",
"Cluster", "${var.aws_cluster_name}",
"Role", "etcd"
))}"
}
@ -146,11 +146,11 @@ resource "aws_instance" "k8s-worker" {
key_name = "${var.AWS_SSH_KEY_NAME}"
tags {
Name = "kubernetes-${var.aws_cluster_name}-worker${count.index}"
Cluster = "${var.aws_cluster_name}"
Role = "worker"
}
tags = "${merge(var.default_tags, map(
">an class="s2">Name", "kubernetes-${var.aws_cluster_name}-worker${count.index}",
">an class="s2">Cluster", "${var.aws_cluster_name}",
">an class="s2">Role", "worker"
))}"
}
@ -164,10 +164,10 @@ data "template_file" "inventory" {
template = "${file("${path.module}/templates/inventory.tpl")}"
vars {
public_ip_address_bastion = "${join("\n",formatlist("bastion ansible_ssh_host=%s" , aws_instance.bastion-server.*.public_ip))}"
connection_strings_master = "${join("\n",formatlist("%s ansible_ssh_host=%s",aws_instance.k8s-master.*.tags.Name, aws_instance.k8s-master.*.private_ip))}"
connection_strings_node = "${join("\n", formatlist("%s ansible_ssh_host=%s", aws_instance.k8s-worker.*.tags.Name, aws_instance.k8s-worker.*.private_ip))}"
connection_strings_etcd = "${join("\n",formatlist("%s ansible_ssh_host=%s", aws_instance.k8s-etcd.*.tags.Name, aws_instance.k8s-etcd.*.private_ip))}"
public_ip_address_bastion = "${join("\n",formatlist("bastion ansible_host=%s" , aws_instance.bastion-server.*.public_ip))}"
connection_strings_master = "${join("\n",formatlist("%s ansible_host=%s",aws_instance.k8s-master.*.tags.Name, aws_instance.k8s-master.*.private_ip))}"
connection_strings_node = "${join("\n", formatlist("%s ansible_host=%s", aws_instance.k8s-worker.*.tags.Name, aws_instance.k8s-worker.*.private_ip))}"
connection_strings_etcd = "${join("\n",formatlist("%s ansible_host=%s", aws_instance.k8s-etcd.*.tags.Name, aws_instance.k8s-etcd.*.private_ip))}"
list_master = "${join("\n",aws_instance.k8s-master.*.tags.Name)}"
list_node = "${join("\n",aws_instance.k8s-worker.*.tags.Name)}"
list_etcd = "${join("\n",aws_instance.k8s-etcd.*.tags.Name)}"

12
contrib/terraform/aws/modules/elb/main.tf
View File

@ -2,9 +2,9 @@ resource "aws_security_group" "aws-elb" {
name = "kubernetes-${var.aws_cluster_name}-securitygroup-elb"
vpc_id = "${var.aws_vpc_id}"
tags {
Name = "kubernetes-${var.aws_cluster_name}-securitygroup-elb"
}
tags = "${merge(var.default_tags, map(
">an class="s2">Name", "kubernetes-${var.aws_cluster_name}-securitygroup-elb"
))}"
}
@ -52,7 +52,7 @@ resource "aws_elb" "aws-elb-api" {
connection_draining = true
connection_draining_timeout = 400
tags {
Name = "kubernetes-${var.aws_cluster_name}-elb-api"
}
tags = "${merge(var.default_tags, map(
">an class="s2">Name", "kubernetes-${var.aws_cluster_name}-elb-api"
))}"
}

5
contrib/terraform/aws/modules/elb/variables.tf
View File

@ -26,3 +26,8 @@ variable "aws_subnet_ids_public" {
description = "IDs of Public Subnets"
type = "list"
}
variable "default_tags" {
description = "Tags for all resources"
type = "map"
}

4
contrib/terraform/aws/modules/iam/main.tf
View File

@ -129,10 +129,10 @@ EOF
resource "aws_iam_instance_profile" "kube-master" {
name = "kube_${var.aws_cluster_name}_master_profile"
roles = ["${aws_iam_role.kube-master.name}"]
role = "${aws_iam_role.kube-master.name}"
}
resource "aws_iam_instance_profile" "kube-worker" {
name = "kube_${var.aws_cluster_name}_node_profile"
roles = ["${aws_iam_role.kube-worker.name}"]
role = "${aws_iam_role.kube-worker.name}"
}

47
contrib/terraform/aws/modules/vpc/main.tf
View File

@ -6,9 +6,9 @@ resource "aws_vpc" "cluster-vpc" {
enable_dns_support = true
enable_dns_hostnames = true
tags {
Name = "kubernetes-${var.aws_cluster_name}-vpc"
}
tags = "${merge(var.default_tags, map(
">an class="s2">Name", "kubernetes-${var.aws_cluster_name}-vpc"
))}"
}
@ -18,13 +18,13 @@ resource "aws_eip" "cluster-nat-eip" {
}
resource "aws_internet_gateway" "cluster-vpc-internetgw" {
vpc_id = "${aws_vpc.cluster-vpc.id}"
tags {
Name = "kubernetes-${var.aws_cluster_name}-internetgw"
}
tags = "${merge(var.default_tags, map(
"Name", "kubernetes-${var.aws_cluster_name}-internetgw"
))}"
}
resource "aws_subnet" "cluster-vpc-subnets-public" {
@ -33,9 +33,9 @@ resource "aws_subnet" "cluster-vpc-subnets-public" {
availability_zone = "${element(var.aws_avail_zones, count.index)}"
cidr_block = "${element(var.aws_cidr_subnets_public, count.index)}"
tags {
Name = "kubernetes-${var.aws_cluster_name}-${element(var.aws_avail_zones, count.index)}-public"
}
tags = "${merge(var.default_tags, map(
">an class="s2">Name", "kubernetes-${var.aws_cluster_name}-${element(var.aws_avail_zones, count.index)}-public"
))}"
}
resource "aws_nat_gateway" "cluster-nat-gateway" {
@ -51,9 +51,9 @@ resource "aws_subnet" "cluster-vpc-subnets-private" {
availability_zone = "${element(var.aws_avail_zones, count.index)}"
cidr_block = "${element(var.aws_cidr_subnets_private, count.index)}"
tags {
Name = "kubernetes-${var.aws_cluster_name}-${element(var.aws_avail_zones, count.index)}-private"
}
tags = "${merge(var.default_tags, map(
">an class="s2">Name", "kubernetes-${var.aws_cluster_name}-${element(var.aws_avail_zones, count.index)}-private"
))}"
}
#Routing in VPC
@ -66,9 +66,10 @@ resource "aws_route_table" "kubernetes-public" {
cidr_block = "0.0.0.0/0"
gateway_id = "${aws_internet_gateway.cluster-vpc-internetgw.id}"
}
tags {
Name = "kubernetes-${var.aws_cluster_name}-routetable-public"
}
tags = "${merge(var.default_tags, map(
"Name", "kubernetes-${var.aws_cluster_name}-routetable-public"
))}"
}
resource "aws_route_table" "kubernetes-private" {
@ -78,9 +79,11 @@ resource "aws_route_table" "kubernetes-private" {
cidr_block = "0.0.0.0/0"
nat_gateway_id = "${element(aws_nat_gateway.cluster-nat-gateway.*.id, count.index)}"
}
tags {
Name = "kubernetes-${var.aws_cluster_name}-routetable-private-${count.index}"
}
tags = "${merge(var.default_tags, map(
"Name", "kubernetes-${var.aws_cluster_name}-routetable-private-${count.index}"
))}"
}
resource "aws_route_table_association" "kubernetes-public" {
@ -104,9 +107,9 @@ resource "aws_security_group" "kubernetes" {
name = "kubernetes-${var.aws_cluster_name}-securitygroup"
vpc_id = "${aws_vpc.cluster-vpc.id}"
tags {
Name = "kubernetes-${var.aws_cluster_name}-securitygroup"
}
tags = "${merge(var.default_tags, map(
">an class="s2">Name", "kubernetes-${var.aws_cluster_name}-securitygroup"
))}"
}
resource "aws_security_group_rule" "allow-all-ingress" {

5
contrib/terraform/aws/modules/vpc/outputs.tf
View File

@ -14,3 +14,8 @@ output "aws_security_group" {
value = ["${aws_security_group.kubernetes.*.id}"]
}
output "default_tags" {
value = "${default_tags}"
}

5
contrib/terraform/aws/modules/vpc/variables.tf
View File

@ -22,3 +22,8 @@ variable "aws_cidr_subnets_public" {
description = "CIDR Blocks for public subnets in Availability zones"
type = "list"
}
variable "default_tags" {
description = "Default tags for all resources"
type = "map"
}

4
contrib/terraform/aws/output.tf
View File

@ -22,3 +22,7 @@ output "aws_elb_api_fqdn" {
output "inventory" {
value = "${data.template_file.inventory.rendered}"
}
output "default_tags" {
value = "${default_tags}"
}

1
contrib/terraform/aws/templates/inventory.tpl
View File

@ -1,3 +1,4 @@
[all]
${connection_strings_master}
${connection_strings_node}
${connection_strings_etcd}

5
contrib/terraform/aws/terraform.tfvars
View File

@ -30,3 +30,8 @@ aws_cluster_ami = "ami-db56b9a3"
aws_elb_api_port = 6443
k8s_secure_api_port = 6443
kube_insecure_apiserver_address = "0.0.0.0"
default_tags = {
# Env = "devtest"
# Product = "kubernetes"
}

5
contrib/terraform/aws/variables.tf
View File

@ -99,3 +99,8 @@ variable "k8s_secure_api_port" {
variable "loadbalancer_apiserver_address" {
description= "Bind Address for ELB of K8s API Server"
}
variable "default_tags" {
description = "Default tags for all resources"
type = "map"
}
Write Preview
Loading…
Cancel
Save