|
|
@ -9,12 +9,12 @@ resource "openstack_networking_secgroup_v2" "k8s_master" { |
|
|
|
} |
|
|
|
|
|
|
|
resource "openstack_networking_secgroup_rule_v2" "k8s_master" { |
|
|
|
direction = "ingress" |
|
|
|
ethertype = "IPv4" |
|
|
|
protocol = "tcp" |
|
|
|
port_range_min = "6443" |
|
|
|
port_range_max = "6443" |
|
|
|
remote_ip_prefix = "0.0.0.0/0" |
|
|
|
direction = "ingress" |
|
|
|
ethertype = "IPv4" |
|
|
|
protocol = "tcp" |
|
|
|
port_range_min = "6443" |
|
|
|
port_range_max = "6443" |
|
|
|
remote_ip_prefix = "0.0.0.0/0" |
|
|
|
security_group_id = "${openstack_networking_secgroup_v2.k8s_master.id}" |
|
|
|
} |
|
|
|
|
|
|
@ -24,13 +24,13 @@ resource "openstack_networking_secgroup_v2" "bastion" { |
|
|
|
} |
|
|
|
|
|
|
|
resource "openstack_networking_secgroup_rule_v2" "bastion" { |
|
|
|
count = "${length(var.bastion_allowed_remote_ips)}" |
|
|
|
direction = "ingress" |
|
|
|
ethertype = "IPv4" |
|
|
|
protocol = "tcp" |
|
|
|
port_range_min = "22" |
|
|
|
port_range_max = "22" |
|
|
|
remote_ip_prefix = "${var.bastion_allowed_remote_ips[count.index]}" |
|
|
|
count = "${length(var.bastion_allowed_remote_ips)}" |
|
|
|
direction = "ingress" |
|
|
|
ethertype = "IPv4" |
|
|
|
protocol = "tcp" |
|
|
|
port_range_min = "22" |
|
|
|
port_range_max = "22" |
|
|
|
remote_ip_prefix = "${var.bastion_allowed_remote_ips[count.index]}" |
|
|
|
security_group_id = "${openstack_networking_secgroup_v2.bastion.id}" |
|
|
|
} |
|
|
|
|
|
|
@ -40,9 +40,9 @@ resource "openstack_networking_secgroup_v2" "k8s" { |
|
|
|
} |
|
|
|
|
|
|
|
resource "openstack_networking_secgroup_rule_v2" "k8s" { |
|
|
|
direction = "ingress" |
|
|
|
ethertype = "IPv4" |
|
|
|
remote_group_id = "${openstack_networking_secgroup_v2.k8s.id}" |
|
|
|
direction = "ingress" |
|
|
|
ethertype = "IPv4" |
|
|
|
remote_group_id = "${openstack_networking_secgroup_v2.k8s.id}" |
|
|
|
security_group_id = "${openstack_networking_secgroup_v2.k8s.id}" |
|
|
|
} |
|
|
|
|
|
|
@ -52,13 +52,13 @@ resource "openstack_networking_secgroup_v2" "worker" { |
|
|
|
} |
|
|
|
|
|
|
|
resource "openstack_networking_secgroup_rule_v2" "worker" { |
|
|
|
count = "${length(var.worker_allowed_ports)}" |
|
|
|
direction = "ingress" |
|
|
|
ethertype = "IPv4" |
|
|
|
protocol = "${lookup(var.worker_allowed_ports[count.index], "protocol", "tcp")}" |
|
|
|
port_range_min = "${lookup(var.worker_allowed_ports[count.index], "port_range_min")}" |
|
|
|
port_range_max = "${lookup(var.worker_allowed_ports[count.index], "port_range_max")}" |
|
|
|
remote_ip_prefix = "${lookup(var.worker_allowed_ports[count.index], "remote_ip_prefix", "0.0.0.0/0")}" |
|
|
|
count = "${length(var.worker_allowed_ports)}" |
|
|
|
direction = "ingress" |
|
|
|
ethertype = "IPv4" |
|
|
|
protocol = "${lookup(var.worker_allowed_ports[count.index], "protocol", "tcp")}" |
|
|
|
port_range_min = "${lookup(var.worker_allowed_ports[count.index], "port_range_min")}" |
|
|
|
port_range_max = "${lookup(var.worker_allowed_ports[count.index], "port_range_max")}" |
|
|
|
remote_ip_prefix = "${lookup(var.worker_allowed_ports[count.index], "remote_ip_prefix", "0.0.0.0/0")}" |
|
|
|
security_group_id = "${openstack_networking_secgroup_v2.worker.id}" |
|
|
|
} |
|
|
|
|
|
|
@ -87,16 +87,15 @@ resource "openstack_compute_instance_v2" "bastion" { |
|
|
|
provisioner "local-exec" { |
|
|
|
command = "sed s/USER/${var.ssh_user}/ contrib/terraform/openstack/ansible_bastion_template.txt | sed s/BASTION_ADDRESS/${var.bastion_fips[0]}/ > contrib/terraform/group_vars/no-floating.yml" |
|
|
|
} |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
resource "openstack_compute_instance_v2" "k8s_master" { |
|
|
|
name = "${var.cluster_name}-k8s-master-${count.index+1}" |
|
|
|
count = "${var.number_of_k8s_masters}" |
|
|
|
name = "${var.cluster_name}-k8s-master-${count.index+1}" |
|
|
|
count = "${var.number_of_k8s_masters}" |
|
|
|
availability_zone = "${element(var.az_list, count.index)}" |
|
|
|
image_name = "${var.image}" |
|
|
|
flavor_id = "${var.flavor_k8s_master}" |
|
|
|
key_pair = "${openstack_compute_keypair_v2.k8s.name}" |
|
|
|
image_name = "${var.image}" |
|
|
|
flavor_id = "${var.flavor_k8s_master}" |
|
|
|
key_pair = "${openstack_compute_keypair_v2.k8s.name}" |
|
|
|
|
|
|
|
network { |
|
|
|
name = "${var.network_name}" |
|
|
@ -117,16 +116,15 @@ resource "openstack_compute_instance_v2" "k8s_master" { |
|
|
|
provisioner "local-exec" { |
|
|
|
command = "sed s/USER/${var.ssh_user}/ contrib/terraform/openstack/ansible_bastion_template.txt | sed s/BASTION_ADDRESS/${element( concat(var.bastion_fips, var.k8s_master_fips), 0)}/ > contrib/terraform/group_vars/no-floating.yml" |
|
|
|
} |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
resource "openstack_compute_instance_v2" "k8s_master_no_etcd" { |
|
|
|
name = "${var.cluster_name}-k8s-master-ne-${count.index+1}" |
|
|
|
count = "${var.number_of_k8s_masters_no_etcd}" |
|
|
|
name = "${var.cluster_name}-k8s-master-ne-${count.index+1}" |
|
|
|
count = "${var.number_of_k8s_masters_no_etcd}" |
|
|
|
availability_zone = "${element(var.az_list, count.index)}" |
|
|
|
image_name = "${var.image}" |
|
|
|
flavor_id = "${var.flavor_k8s_master}" |
|
|
|
key_pair = "${openstack_compute_keypair_v2.k8s.name}" |
|
|
|
image_name = "${var.image}" |
|
|
|
flavor_id = "${var.flavor_k8s_master}" |
|
|
|
key_pair = "${openstack_compute_keypair_v2.k8s.name}" |
|
|
|
|
|
|
|
network { |
|
|
|
name = "${var.network_name}" |
|
|
@ -146,16 +144,15 @@ resource "openstack_compute_instance_v2" "k8s_master_no_etcd" { |
|
|
|
provisioner "local-exec" { |
|
|
|
command = "sed s/USER/${var.ssh_user}/ contrib/terraform/openstack/ansible_bastion_template.txt | sed s/BASTION_ADDRESS/${element( concat(var.bastion_fips, var.k8s_master_fips), 0)}/ > contrib/terraform/group_vars/no-floating.yml" |
|
|
|
} |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
resource "openstack_compute_instance_v2" "etcd" { |
|
|
|
name = "${var.cluster_name}-etcd-${count.index+1}" |
|
|
|
count = "${var.number_of_etcd}" |
|
|
|
name = "${var.cluster_name}-etcd-${count.index+1}" |
|
|
|
count = "${var.number_of_etcd}" |
|
|
|
availability_zone = "${element(var.az_list, count.index)}" |
|
|
|
image_name = "${var.image}" |
|
|
|
flavor_id = "${var.flavor_etcd}" |
|
|
|
key_pair = "${openstack_compute_keypair_v2.k8s.name}" |
|
|
|
image_name = "${var.image}" |
|
|
|
flavor_id = "${var.flavor_etcd}" |
|
|
|
key_pair = "${openstack_compute_keypair_v2.k8s.name}" |
|
|
|
|
|
|
|
network { |
|
|
|
name = "${var.network_name}" |
|
|
@ -168,16 +165,15 @@ resource "openstack_compute_instance_v2" "etcd" { |
|
|
|
kubespray_groups = "etcd,vault,no-floating" |
|
|
|
depends_on = "${var.network_id}" |
|
|
|
} |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
resource "openstack_compute_instance_v2" "k8s_master_no_floating_ip" { |
|
|
|
name = "${var.cluster_name}-k8s-master-nf-${count.index+1}" |
|
|
|
count = "${var.number_of_k8s_masters_no_floating_ip}" |
|
|
|
name = "${var.cluster_name}-k8s-master-nf-${count.index+1}" |
|
|
|
count = "${var.number_of_k8s_masters_no_floating_ip}" |
|
|
|
availability_zone = "${element(var.az_list, count.index)}" |
|
|
|
image_name = "${var.image}" |
|
|
|
flavor_id = "${var.flavor_k8s_master}" |
|
|
|
key_pair = "${openstack_compute_keypair_v2.k8s.name}" |
|
|
|
image_name = "${var.image}" |
|
|
|
flavor_id = "${var.flavor_k8s_master}" |
|
|
|
key_pair = "${openstack_compute_keypair_v2.k8s.name}" |
|
|
|
|
|
|
|
network { |
|
|
|
name = "${var.network_name}" |
|
|
@ -193,16 +189,15 @@ resource "openstack_compute_instance_v2" "k8s_master_no_floating_ip" { |
|
|
|
kubespray_groups = "etcd,kube-master,${var.supplementary_master_groups},k8s-cluster,vault,no-floating" |
|
|
|
depends_on = "${var.network_id}" |
|
|
|
} |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
resource "openstack_compute_instance_v2" "k8s_master_no_floating_ip_no_etcd" { |
|
|
|
name = "${var.cluster_name}-k8s-master-ne-nf-${count.index+1}" |
|
|
|
count = "${var.number_of_k8s_masters_no_floating_ip_no_etcd}" |
|
|
|
name = "${var.cluster_name}-k8s-master-ne-nf-${count.index+1}" |
|
|
|
count = "${var.number_of_k8s_masters_no_floating_ip_no_etcd}" |
|
|
|
availability_zone = "${element(var.az_list, count.index)}" |
|
|
|
image_name = "${var.image}" |
|
|
|
flavor_id = "${var.flavor_k8s_master}" |
|
|
|
key_pair = "${openstack_compute_keypair_v2.k8s.name}" |
|
|
|
image_name = "${var.image}" |
|
|
|
flavor_id = "${var.flavor_k8s_master}" |
|
|
|
key_pair = "${openstack_compute_keypair_v2.k8s.name}" |
|
|
|
|
|
|
|
network { |
|
|
|
name = "${var.network_name}" |
|
|
@ -217,16 +212,15 @@ resource "openstack_compute_instance_v2" "k8s_master_no_floating_ip_no_etcd" { |
|
|
|
kubespray_groups = "kube-master,${var.supplementary_master_groups},k8s-cluster,vault,no-floating" |
|
|
|
depends_on = "${var.network_id}" |
|
|
|
} |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
resource "openstack_compute_instance_v2" "k8s_node" { |
|
|
|
name = "${var.cluster_name}-k8s-node-${count.index+1}" |
|
|
|
count = "${var.number_of_k8s_nodes}" |
|
|
|
name = "${var.cluster_name}-k8s-node-${count.index+1}" |
|
|
|
count = "${var.number_of_k8s_nodes}" |
|
|
|
availability_zone = "${element(var.az_list, count.index)}" |
|
|
|
image_name = "${var.image}" |
|
|
|
flavor_id = "${var.flavor_k8s_node}" |
|
|
|
key_pair = "${openstack_compute_keypair_v2.k8s.name}" |
|
|
|
image_name = "${var.image}" |
|
|
|
flavor_id = "${var.flavor_k8s_node}" |
|
|
|
key_pair = "${openstack_compute_keypair_v2.k8s.name}" |
|
|
|
|
|
|
|
network { |
|
|
|
name = "${var.network_name}" |
|
|
@ -247,16 +241,15 @@ resource "openstack_compute_instance_v2" "k8s_node" { |
|
|
|
provisioner "local-exec" { |
|
|
|
command = "sed s/USER/${var.ssh_user}/ contrib/terraform/openstack/ansible_bastion_template.txt | sed s/BASTION_ADDRESS/${element( concat(var.bastion_fips, var.k8s_node_fips), 0)}/ > contrib/terraform/group_vars/no-floating.yml" |
|
|
|
} |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
resource "openstack_compute_instance_v2" "k8s_node_no_floating_ip" { |
|
|
|
name = "${var.cluster_name}-k8s-node-nf-${count.index+1}" |
|
|
|
count = "${var.number_of_k8s_nodes_no_floating_ip}" |
|
|
|
name = "${var.cluster_name}-k8s-node-nf-${count.index+1}" |
|
|
|
count = "${var.number_of_k8s_nodes_no_floating_ip}" |
|
|
|
availability_zone = "${element(var.az_list, count.index)}" |
|
|
|
image_name = "${var.image}" |
|
|
|
flavor_id = "${var.flavor_k8s_node}" |
|
|
|
key_pair = "${openstack_compute_keypair_v2.k8s.name}" |
|
|
|
image_name = "${var.image}" |
|
|
|
flavor_id = "${var.flavor_k8s_node}" |
|
|
|
key_pair = "${openstack_compute_keypair_v2.k8s.name}" |
|
|
|
|
|
|
|
network { |
|
|
|
name = "${var.network_name}" |
|
|
@ -272,7 +265,6 @@ resource "openstack_compute_instance_v2" "k8s_node_no_floating_ip" { |
|
|
|
kubespray_groups = "kube-node,k8s-cluster,no-floating,${var.supplementary_node_groups}" |
|
|
|
depends_on = "${var.network_id}" |
|
|
|
} |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
resource "openstack_compute_floatingip_associate_v2" "bastion" { |
|
|
@ -301,12 +293,12 @@ resource "openstack_blockstorage_volume_v2" "glusterfs_volume" { |
|
|
|
} |
|
|
|
|
|
|
|
resource "openstack_compute_instance_v2" "glusterfs_node_no_floating_ip" { |
|
|
|
name = "${var.cluster_name}-gfs-node-nf-${count.index+1}" |
|
|
|
count = "${var.number_of_gfs_nodes_no_floating_ip}" |
|
|
|
name = "${var.cluster_name}-gfs-node-nf-${count.index+1}" |
|
|
|
count = "${var.number_of_gfs_nodes_no_floating_ip}" |
|
|
|
availability_zone = "${element(var.az_list, count.index)}" |
|
|
|
image_name = "${var.image_gfs}" |
|
|
|
flavor_id = "${var.flavor_gfs_node}" |
|
|
|
key_pair = "${openstack_compute_keypair_v2.k8s.name}" |
|
|
|
image_name = "${var.image_gfs}" |
|
|
|
flavor_id = "${var.flavor_gfs_node}" |
|
|
|
key_pair = "${openstack_compute_keypair_v2.k8s.name}" |
|
|
|
|
|
|
|
network { |
|
|
|
name = "${var.network_name}" |
|
|
@ -321,7 +313,6 @@ resource "openstack_compute_instance_v2" "glusterfs_node_no_floating_ip" { |
|
|
|
kubespray_groups = "gfs-cluster,network-storage,no-floating" |
|
|
|
depends_on = "${var.network_id}" |
|
|
|
} |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
resource "openstack_compute_volume_attach_v2" "glusterfs_volume" { |
|
|
|