diff --git a/.gitignore b/.gitignore index 4791280e9..66c9b4867 100644 --- a/.gitignore +++ b/.gitignore @@ -10,6 +10,7 @@ temp *.bak *.tfstate *.tfstate.backup +contrib/terraform/aws/credentials.tfvars **/*.sw[pon] /ssh-bastion.conf **/*.sw[pon] diff --git a/contrib/terraform/aws/create-infrastructure.tf b/contrib/terraform/aws/create-infrastructure.tf index 04c5a8881..c332ea9bc 100644 --- a/contrib/terraform/aws/create-infrastructure.tf +++ b/contrib/terraform/aws/create-infrastructure.tf @@ -19,9 +19,9 @@ module "aws-vpc" { aws_cluster_name = "${var.aws_cluster_name}" aws_vpc_cidr_block = "${var.aws_vpc_cidr_block}" aws_avail_zones="${var.aws_avail_zones}" - aws_cidr_subnets_private="${var.aws_cidr_subnets_private}" aws_cidr_subnets_public="${var.aws_cidr_subnets_public}" + default_tags="${var.default_tags}" } @@ -35,6 +35,7 @@ module "aws-elb" { aws_subnet_ids_public="${module.aws-vpc.aws_subnet_ids_public}" aws_elb_api_port = "${var.aws_elb_api_port}" k8s_secure_api_port = "${var.k8s_secure_api_port}" + default_tags="${var.default_tags}" } @@ -61,11 +62,11 @@ resource "aws_instance" "bastion-server" { key_name = "${var.AWS_SSH_KEY_NAME}" - tags { - Name = "kubernetes-${var.aws_cluster_name}-bastion-${count.index}" - Cluster = "${var.aws_cluster_name}" - Role = "bastion-${var.aws_cluster_name}-${count.index}" - } + tags = "${merge(var.default_tags, map( + "Name", "kubernetes-${var.aws_cluster_name}-bastion-${count.index}", + "Cluster", "${var.aws_cluster_name}", + "Role", "bastion-${var.aws_cluster_name}-${count.index}" + ))}" } @@ -92,11 +93,11 @@ resource "aws_instance" "k8s-master" { key_name = "${var.AWS_SSH_KEY_NAME}" - tags { - Name = "kubernetes-${var.aws_cluster_name}-master${count.index}" - Cluster = "${var.aws_cluster_name}" - Role = "master" - } + tags = "${merge(var.default_tags, map( + "Name", "kubernetes-${var.aws_cluster_name}-master${count.index}", + "Cluster", "${var.aws_cluster_name}", + "Role", "master" + ))}" } resource "aws_elb_attachment" "attach_master_nodes" { @@ -121,12 +122,11 @@ resource "aws_instance" "k8s-etcd" { key_name = "${var.AWS_SSH_KEY_NAME}" - - tags { - Name = "kubernetes-${var.aws_cluster_name}-etcd${count.index}" - Cluster = "${var.aws_cluster_name}" - Role = "etcd" - } + tags = "${merge(var.default_tags, map( + "Name", "kubernetes-${var.aws_cluster_name}-etcd${count.index}", + "Cluster", "${var.aws_cluster_name}", + "Role", "etcd" + ))}" } @@ -146,11 +146,11 @@ resource "aws_instance" "k8s-worker" { key_name = "${var.AWS_SSH_KEY_NAME}" - tags { - Name = "kubernetes-${var.aws_cluster_name}-worker${count.index}" - Cluster = "${var.aws_cluster_name}" - Role = "worker" - } + tags = "${merge(var.default_tags, map( + "Name", "kubernetes-${var.aws_cluster_name}-worker${count.index}", + "Cluster", "${var.aws_cluster_name}", + "Role", "worker" + ))}" } @@ -164,10 +164,10 @@ data "template_file" "inventory" { template = "${file("${path.module}/templates/inventory.tpl")}" vars { - public_ip_address_bastion = "${join("\n",formatlist("bastion ansible_ssh_host=%s" , aws_instance.bastion-server.*.public_ip))}" - connection_strings_master = "${join("\n",formatlist("%s ansible_ssh_host=%s",aws_instance.k8s-master.*.tags.Name, aws_instance.k8s-master.*.private_ip))}" - connection_strings_node = "${join("\n", formatlist("%s ansible_ssh_host=%s", aws_instance.k8s-worker.*.tags.Name, aws_instance.k8s-worker.*.private_ip))}" - connection_strings_etcd = "${join("\n",formatlist("%s ansible_ssh_host=%s", aws_instance.k8s-etcd.*.tags.Name, aws_instance.k8s-etcd.*.private_ip))}" + public_ip_address_bastion = "${join("\n",formatlist("bastion ansible_host=%s" , aws_instance.bastion-server.*.public_ip))}" + connection_strings_master = "${join("\n",formatlist("%s ansible_host=%s",aws_instance.k8s-master.*.tags.Name, aws_instance.k8s-master.*.private_ip))}" + connection_strings_node = "${join("\n", formatlist("%s ansible_host=%s", aws_instance.k8s-worker.*.tags.Name, aws_instance.k8s-worker.*.private_ip))}" + connection_strings_etcd = "${join("\n",formatlist("%s ansible_host=%s", aws_instance.k8s-etcd.*.tags.Name, aws_instance.k8s-etcd.*.private_ip))}" list_master = "${join("\n",aws_instance.k8s-master.*.tags.Name)}" list_node = "${join("\n",aws_instance.k8s-worker.*.tags.Name)}" list_etcd = "${join("\n",aws_instance.k8s-etcd.*.tags.Name)}" diff --git a/contrib/terraform/aws/modules/elb/main.tf b/contrib/terraform/aws/modules/elb/main.tf index 6a0cdfe3d..991e7be42 100644 --- a/contrib/terraform/aws/modules/elb/main.tf +++ b/contrib/terraform/aws/modules/elb/main.tf @@ -2,9 +2,9 @@ resource "aws_security_group" "aws-elb" { name = "kubernetes-${var.aws_cluster_name}-securitygroup-elb" vpc_id = "${var.aws_vpc_id}" - tags { - Name = "kubernetes-${var.aws_cluster_name}-securitygroup-elb" - } + tags = "${merge(var.default_tags, map( + "Name", "kubernetes-${var.aws_cluster_name}-securitygroup-elb" + ))}" } @@ -52,7 +52,7 @@ resource "aws_elb" "aws-elb-api" { connection_draining = true connection_draining_timeout = 400 - tags { - Name = "kubernetes-${var.aws_cluster_name}-elb-api" - } + tags = "${merge(var.default_tags, map( + "Name", "kubernetes-${var.aws_cluster_name}-elb-api" + ))}" } diff --git a/contrib/terraform/aws/modules/elb/variables.tf b/contrib/terraform/aws/modules/elb/variables.tf index c7f86847d..1ed9edd40 100644 --- a/contrib/terraform/aws/modules/elb/variables.tf +++ b/contrib/terraform/aws/modules/elb/variables.tf @@ -26,3 +26,8 @@ variable "aws_subnet_ids_public" { description = "IDs of Public Subnets" type = "list" } + +variable "default_tags" { + description = "Tags for all resources" + type = "map" +} diff --git a/contrib/terraform/aws/modules/iam/main.tf b/contrib/terraform/aws/modules/iam/main.tf index 88da00d90..7818d7b0f 100644 --- a/contrib/terraform/aws/modules/iam/main.tf +++ b/contrib/terraform/aws/modules/iam/main.tf @@ -129,10 +129,10 @@ EOF resource "aws_iam_instance_profile" "kube-master" { name = "kube_${var.aws_cluster_name}_master_profile" - roles = ["${aws_iam_role.kube-master.name}"] + role = "${aws_iam_role.kube-master.name}" } resource "aws_iam_instance_profile" "kube-worker" { name = "kube_${var.aws_cluster_name}_node_profile" - roles = ["${aws_iam_role.kube-worker.name}"] + role = "${aws_iam_role.kube-worker.name}" } diff --git a/contrib/terraform/aws/modules/vpc/main.tf b/contrib/terraform/aws/modules/vpc/main.tf index 44fc4c357..4ab078f0f 100644 --- a/contrib/terraform/aws/modules/vpc/main.tf +++ b/contrib/terraform/aws/modules/vpc/main.tf @@ -6,9 +6,9 @@ resource "aws_vpc" "cluster-vpc" { enable_dns_support = true enable_dns_hostnames = true - tags { - Name = "kubernetes-${var.aws_cluster_name}-vpc" - } + tags = "${merge(var.default_tags, map( + "Name", "kubernetes-${var.aws_cluster_name}-vpc" + ))}" } @@ -18,13 +18,13 @@ resource "aws_eip" "cluster-nat-eip" { } - resource "aws_internet_gateway" "cluster-vpc-internetgw" { vpc_id = "${aws_vpc.cluster-vpc.id}" - tags { - Name = "kubernetes-${var.aws_cluster_name}-internetgw" - } + + tags = "${merge(var.default_tags, map( + "Name", "kubernetes-${var.aws_cluster_name}-internetgw" + ))}" } resource "aws_subnet" "cluster-vpc-subnets-public" { @@ -33,9 +33,9 @@ resource "aws_subnet" "cluster-vpc-subnets-public" { availability_zone = "${element(var.aws_avail_zones, count.index)}" cidr_block = "${element(var.aws_cidr_subnets_public, count.index)}" - tags { - Name = "kubernetes-${var.aws_cluster_name}-${element(var.aws_avail_zones, count.index)}-public" - } + tags = "${merge(var.default_tags, map( + "Name", "kubernetes-${var.aws_cluster_name}-${element(var.aws_avail_zones, count.index)}-public" + ))}" } resource "aws_nat_gateway" "cluster-nat-gateway" { @@ -51,9 +51,9 @@ resource "aws_subnet" "cluster-vpc-subnets-private" { availability_zone = "${element(var.aws_avail_zones, count.index)}" cidr_block = "${element(var.aws_cidr_subnets_private, count.index)}" - tags { - Name = "kubernetes-${var.aws_cluster_name}-${element(var.aws_avail_zones, count.index)}-private" - } + tags = "${merge(var.default_tags, map( + "Name", "kubernetes-${var.aws_cluster_name}-${element(var.aws_avail_zones, count.index)}-private" + ))}" } #Routing in VPC @@ -66,9 +66,10 @@ resource "aws_route_table" "kubernetes-public" { cidr_block = "0.0.0.0/0" gateway_id = "${aws_internet_gateway.cluster-vpc-internetgw.id}" } - tags { - Name = "kubernetes-${var.aws_cluster_name}-routetable-public" - } + + tags = "${merge(var.default_tags, map( + "Name", "kubernetes-${var.aws_cluster_name}-routetable-public" + ))}" } resource "aws_route_table" "kubernetes-private" { @@ -78,9 +79,11 @@ resource "aws_route_table" "kubernetes-private" { cidr_block = "0.0.0.0/0" nat_gateway_id = "${element(aws_nat_gateway.cluster-nat-gateway.*.id, count.index)}" } - tags { - Name = "kubernetes-${var.aws_cluster_name}-routetable-private-${count.index}" - } + + tags = "${merge(var.default_tags, map( + "Name", "kubernetes-${var.aws_cluster_name}-routetable-private-${count.index}" + ))}" + } resource "aws_route_table_association" "kubernetes-public" { @@ -104,9 +107,9 @@ resource "aws_security_group" "kubernetes" { name = "kubernetes-${var.aws_cluster_name}-securitygroup" vpc_id = "${aws_vpc.cluster-vpc.id}" - tags { - Name = "kubernetes-${var.aws_cluster_name}-securitygroup" - } + tags = "${merge(var.default_tags, map( + "Name", "kubernetes-${var.aws_cluster_name}-securitygroup" + ))}" } resource "aws_security_group_rule" "allow-all-ingress" { diff --git a/contrib/terraform/aws/modules/vpc/outputs.tf b/contrib/terraform/aws/modules/vpc/outputs.tf index 950462a48..2bb4bf309 100644 --- a/contrib/terraform/aws/modules/vpc/outputs.tf +++ b/contrib/terraform/aws/modules/vpc/outputs.tf @@ -14,3 +14,8 @@ output "aws_security_group" { value = ["${aws_security_group.kubernetes.*.id}"] } + +output "default_tags" { + value = "${default_tags}" + +} \ No newline at end of file diff --git a/contrib/terraform/aws/modules/vpc/variables.tf b/contrib/terraform/aws/modules/vpc/variables.tf index 55adf2be3..b6295cbb9 100644 --- a/contrib/terraform/aws/modules/vpc/variables.tf +++ b/contrib/terraform/aws/modules/vpc/variables.tf @@ -22,3 +22,8 @@ variable "aws_cidr_subnets_public" { description = "CIDR Blocks for public subnets in Availability zones" type = "list" } + +variable "default_tags" { + description = "Default tags for all resources" + type = "map" +} diff --git a/contrib/terraform/aws/output.tf b/contrib/terraform/aws/output.tf index fabc0d218..8819b4558 100644 --- a/contrib/terraform/aws/output.tf +++ b/contrib/terraform/aws/output.tf @@ -22,3 +22,7 @@ output "aws_elb_api_fqdn" { output "inventory" { value = "${data.template_file.inventory.rendered}" } + +output "default_tags" { + value = "${default_tags}" +} \ No newline at end of file diff --git a/contrib/terraform/aws/templates/inventory.tpl b/contrib/terraform/aws/templates/inventory.tpl index dd8126002..0e64902b1 100644 --- a/contrib/terraform/aws/templates/inventory.tpl +++ b/contrib/terraform/aws/templates/inventory.tpl @@ -1,3 +1,4 @@ +[all] ${connection_strings_master} ${connection_strings_node} ${connection_strings_etcd} diff --git a/contrib/terraform/aws/terraform.tfvars b/contrib/terraform/aws/terraform.tfvars index bc83a719d..c0e179a49 100644 --- a/contrib/terraform/aws/terraform.tfvars +++ b/contrib/terraform/aws/terraform.tfvars @@ -30,3 +30,8 @@ aws_cluster_ami = "ami-db56b9a3" aws_elb_api_port = 6443 k8s_secure_api_port = 6443 kube_insecure_apiserver_address = "0.0.0.0" + +default_tags = { +# Env = "devtest" +# Product = "kubernetes" +} diff --git a/contrib/terraform/aws/variables.tf b/contrib/terraform/aws/variables.tf index c7c65c772..0e8509686 100644 --- a/contrib/terraform/aws/variables.tf +++ b/contrib/terraform/aws/variables.tf @@ -99,3 +99,8 @@ variable "k8s_secure_api_port" { variable "loadbalancer_apiserver_address" { description= "Bind Address for ELB of K8s API Server" } + +variable "default_tags" { + description = "Default tags for all resources" + type = "map" +}