CadolesKube/typhoon
7
0
Fork 0
mirror of https://github.com/puppetmaster/typhoon.git synced 2025-02-13 21:51:27 +01:00
Code Issues Packages Projects Releases Wiki Activity
typhoon/bare-metal/container-linux/kubernetes/variables.tf

167 lines
4.4 KiB
Terraform
Raw Normal View History

Organize and cleanup variable descriptions
2018-03-25 21:36:10 -07:00
variable "cluster_name" {
Migrate bare-metal module Terraform v0.11 to v0.12 * Replace v0.11 bracket type hints with Terraform v0.12 list expressions * Use expression syntax instead of interpolated strings, where suggested * Update bare-metal tutorial * Define `clc_snippets` type constraint map(list(string)) * Define Terraform and plugin version requirements in versions.tf * Require matchbox ~> 0.3.0 to support Terraform v0.12 * Require ct ~> 0.3.2 to support Terraform v0.12
2019-05-28 19:19:23 -07:00
type = string
Organize and cleanup variable descriptions
2018-03-25 21:36:10 -07:00
description = "Unique cluster name"
}
# bare-metal
Add bare-metal support for Container Linux with Matchbox
2017-07-24 23:16:34 -07:00
variable "matchbox_http_endpoint" {
Migrate bare-metal module Terraform v0.11 to v0.12 * Replace v0.11 bracket type hints with Terraform v0.12 list expressions * Use expression syntax instead of interpolated strings, where suggested * Update bare-metal tutorial * Define `clc_snippets` type constraint map(list(string)) * Define Terraform and plugin version requirements in versions.tf * Require matchbox ~> 0.3.0 to support Terraform v0.12 * Require ct ~> 0.3.2 to support Terraform v0.12
2019-05-28 19:19:23 -07:00
type = string
Add bare-metal support for Container Linux with Matchbox
2017-07-24 23:16:34 -07:00
description = "Matchbox HTTP read-only endpoint (e.g. http://matchbox.example.com:8080)"
}
Rename container_linux_ bare-metal variables * Allow for Container Linux derivatives * Replace container_linux_channel variable with `os_channel` * Replace `container_linux_version` variable with `os_version` * Please change values `stable`, `beta`, or `alpha` to `coreos-stable`, `coreos-beta`, `coreos-alpha` (action required!)
2018-05-16 22:37:37 -07:00
variable "os_channel" {
Migrate bare-metal module Terraform v0.11 to v0.12 * Replace v0.11 bracket type hints with Terraform v0.12 list expressions * Use expression syntax instead of interpolated strings, where suggested * Update bare-metal tutorial * Define `clc_snippets` type constraint map(list(string)) * Define Terraform and plugin version requirements in versions.tf * Require matchbox ~> 0.3.0 to support Terraform v0.12 * Require ct ~> 0.3.2 to support Terraform v0.12
2019-05-28 19:19:23 -07:00
type = string
Remove references to CoreOS Container Linux * CoreOS Container Linux was deprecated in v1.18.3 (May 2020) in favor of Fedora CoreOS and Flatcar Linux. CoreOS Container Linux references were kept to give folks more time to migrate, but AMIs have now been deleted. Time is up. Rel: https://coreos.com/os/eol/
2020-09-24 19:55:32 -07:00
description = "Channel for a Flatcar Linux (flatcar-stable, flatcar-beta, flatcar-alpha, flatcar-edge)"
Add bare-metal support for Container Linux with Matchbox
2017-07-24 23:16:34 -07:00
}
Rename container_linux_ bare-metal variables * Allow for Container Linux derivatives * Replace container_linux_channel variable with `os_channel` * Replace `container_linux_version` variable with `os_version` * Please change values `stable`, `beta`, or `alpha` to `coreos-stable`, `coreos-beta`, `coreos-alpha` (action required!)
2018-05-16 22:37:37 -07:00
variable "os_version" {
Migrate bare-metal module Terraform v0.11 to v0.12 * Replace v0.11 bracket type hints with Terraform v0.12 list expressions * Use expression syntax instead of interpolated strings, where suggested * Update bare-metal tutorial * Define `clc_snippets` type constraint map(list(string)) * Define Terraform and plugin version requirements in versions.tf * Require matchbox ~> 0.3.0 to support Terraform v0.12 * Require ct ~> 0.3.2 to support Terraform v0.12
2019-05-28 19:19:23 -07:00
type = string
Allow using Flatcar Linux Edge on bare-metal and AWS * On AWS, use Flatcar Linux Edge by setting `os_image` to "flatcar-edge" * On bare-metal, Flatcar Linux Edge by setting `os_channel` to "flatcar-edge"
2019-06-11 22:13:41 -07:00
description = "Version for a Container Linux derivative to PXE and install (e.g. 2079.5.1)"
Add bare-metal support for Container Linux with Matchbox
2017-07-24 23:16:34 -07:00
}
Organize and cleanup variable descriptions
2018-03-25 21:36:10 -07:00
# machines
Add bare-metal support for Container Linux with Matchbox
2017-07-24 23:16:34 -07:00
Introduce list of detail objects for bare-metal machines * Define bare-metal `controllers` and `workers` as a complex type list(object{name=string, mac=string, domain=string}) to allow clusters with many machines to be defined more cleanly * Remove `controller_names` list variable * Remove `controller_macs` list variable * Remove `controller_domains` list variable * Remove `worker_names` list variable * Remove `worker_macs` list variable * Remove `worker_domains` list variable
2019-10-06 12:57:15 -07:00
variable "controllers" {
type = list(object({
Fix terraform fmt formatting
2019-11-13 23:44:02 -08:00
name = string
mac = string
Introduce list of detail objects for bare-metal machines * Define bare-metal `controllers` and `workers` as a complex type list(object{name=string, mac=string, domain=string}) to allow clusters with many machines to be defined more cleanly * Remove `controller_names` list variable * Remove `controller_macs` list variable * Remove `controller_domains` list variable * Remove `worker_names` list variable * Remove `worker_macs` list variable * Remove `worker_domains` list variable
2019-10-06 12:57:15 -07:00
domain = string
}))
description = <<EOD
List of controller machine details (unique name, identifying MAC address, FQDN)
[{ name = "node1", mac = "52:54:00:a1:9c:ae", domain = "node1.example.com"}]
EOD
Add bare-metal support for Container Linux with Matchbox
2017-07-24 23:16:34 -07:00
}
Introduce list of detail objects for bare-metal machines * Define bare-metal `controllers` and `workers` as a complex type list(object{name=string, mac=string, domain=string}) to allow clusters with many machines to be defined more cleanly * Remove `controller_names` list variable * Remove `controller_macs` list variable * Remove `controller_domains` list variable * Remove `worker_names` list variable * Remove `worker_macs` list variable * Remove `worker_domains` list variable
2019-10-06 12:57:15 -07:00
variable "workers" {
type = list(object({
Fix terraform fmt formatting
2019-11-13 23:44:02 -08:00
name = string
mac = string
Introduce list of detail objects for bare-metal machines * Define bare-metal `controllers` and `workers` as a complex type list(object{name=string, mac=string, domain=string}) to allow clusters with many machines to be defined more cleanly * Remove `controller_names` list variable * Remove `controller_macs` list variable * Remove `controller_domains` list variable * Remove `worker_names` list variable * Remove `worker_macs` list variable * Remove `worker_domains` list variable
2019-10-06 12:57:15 -07:00
domain = string
}))
description = <<EOD
List of worker machine details (unique name, identifying MAC address, FQDN)
[
{ name = "node2", mac = "52:54:00:b2:2f:86", domain = "node2.example.com"},
{ name = "node3", mac = "52:54:00:c3:61:77", domain = "node3.example.com"}
]
EOD
Support Container Linux Config snippets on bare-metal
2018-07-25 22:44:07 -07:00
}
Rename Container Linux snippets variable for consistency * Rename controller_clc_snippets to controller_snippets (cloud platforms) * Rename worker_clc_snippets to worker_snippets (cloud platforms) * Rename clc_snippets to snippets (bare-metal)
2020-03-29 11:46:22 -07:00
variable "snippets" {
Migrate bare-metal module Terraform v0.11 to v0.12 * Replace v0.11 bracket type hints with Terraform v0.12 list expressions * Use expression syntax instead of interpolated strings, where suggested * Update bare-metal tutorial * Define `clc_snippets` type constraint map(list(string)) * Define Terraform and plugin version requirements in versions.tf * Require matchbox ~> 0.3.0 to support Terraform v0.12 * Require ct ~> 0.3.2 to support Terraform v0.12
2019-05-28 19:19:23 -07:00
type = map(list(string))
Combine bare-metal CLC snippets maps into one map
2018-07-26 23:31:08 -07:00
description = "Map from machine names to lists of Container Linux Config snippets"
Fix terraform fmt
2018-08-21 21:59:55 -07:00
default = {}
Add bare-metal support for Container Linux with Matchbox
2017-07-24 23:16:34 -07:00
}
Accept initial worker node labels and taints map on bare-metal * Add `worker_node_labels` map from node name to a list of initial node label strings * Add `worker_node_taints` map from node name to a list of initial node taint strings * Unlike cloud platforms, bare-metal node labels and taints are defined via a map from node name to list of labels/taints. Bare-metal clusters may have heterogeneous hardware so per node labels and taints are accepted * Only worker node names are allowed. Workloads are not scheduled on controller nodes so altering their labels/taints isn't suitable ``` module "mercury" { ... worker_node_labels = { "node2" = ["role=special"] } worker_node_taints = { "node2" = ["role=special:NoSchedule"] } } ``` Related: https://github.com/poseidon/typhoon/issues/429
2020-03-08 20:39:18 -07:00
variable "worker_node_labels" {
Fix terraform fmt
2020-03-31 21:42:51 -07:00
type = map(list(string))
Accept initial worker node labels and taints map on bare-metal * Add `worker_node_labels` map from node name to a list of initial node label strings * Add `worker_node_taints` map from node name to a list of initial node taint strings * Unlike cloud platforms, bare-metal node labels and taints are defined via a map from node name to list of labels/taints. Bare-metal clusters may have heterogeneous hardware so per node labels and taints are accepted * Only worker node names are allowed. Workloads are not scheduled on controller nodes so altering their labels/taints isn't suitable ``` module "mercury" { ... worker_node_labels = { "node2" = ["role=special"] } worker_node_taints = { "node2" = ["role=special:NoSchedule"] } } ``` Related: https://github.com/poseidon/typhoon/issues/429
2020-03-08 20:39:18 -07:00
description = "Map from worker names to lists of initial node labels"
Fix terraform fmt
2020-03-31 21:42:51 -07:00
default = {}
Accept initial worker node labels and taints map on bare-metal * Add `worker_node_labels` map from node name to a list of initial node label strings * Add `worker_node_taints` map from node name to a list of initial node taint strings * Unlike cloud platforms, bare-metal node labels and taints are defined via a map from node name to list of labels/taints. Bare-metal clusters may have heterogeneous hardware so per node labels and taints are accepted * Only worker node names are allowed. Workloads are not scheduled on controller nodes so altering their labels/taints isn't suitable ``` module "mercury" { ... worker_node_labels = { "node2" = ["role=special"] } worker_node_taints = { "node2" = ["role=special:NoSchedule"] } } ``` Related: https://github.com/poseidon/typhoon/issues/429
2020-03-08 20:39:18 -07:00
}
variable "worker_node_taints" {
Fix terraform fmt
2020-03-31 21:42:51 -07:00
type = map(list(string))
Accept initial worker node labels and taints map on bare-metal * Add `worker_node_labels` map from node name to a list of initial node label strings * Add `worker_node_taints` map from node name to a list of initial node taint strings * Unlike cloud platforms, bare-metal node labels and taints are defined via a map from node name to list of labels/taints. Bare-metal clusters may have heterogeneous hardware so per node labels and taints are accepted * Only worker node names are allowed. Workloads are not scheduled on controller nodes so altering their labels/taints isn't suitable ``` module "mercury" { ... worker_node_labels = { "node2" = ["role=special"] } worker_node_taints = { "node2" = ["role=special:NoSchedule"] } } ``` Related: https://github.com/poseidon/typhoon/issues/429
2020-03-08 20:39:18 -07:00
description = "Map from worker names to lists of initial node taints"
Fix terraform fmt
2020-03-31 21:42:51 -07:00
default = {}
Accept initial worker node labels and taints map on bare-metal * Add `worker_node_labels` map from node name to a list of initial node label strings * Add `worker_node_taints` map from node name to a list of initial node taint strings * Unlike cloud platforms, bare-metal node labels and taints are defined via a map from node name to list of labels/taints. Bare-metal clusters may have heterogeneous hardware so per node labels and taints are accepted * Only worker node names are allowed. Workloads are not scheduled on controller nodes so altering their labels/taints isn't suitable ``` module "mercury" { ... worker_node_labels = { "node2" = ["role=special"] } worker_node_taints = { "node2" = ["role=special:NoSchedule"] } } ``` Related: https://github.com/poseidon/typhoon/issues/429
2020-03-08 20:39:18 -07:00
}
Organize and cleanup variable descriptions
2018-03-25 21:36:10 -07:00
# configuration
Add bare-metal support for Container Linux with Matchbox
2017-07-24 23:16:34 -07:00
variable "k8s_domain_name" {
Migrate bare-metal module Terraform v0.11 to v0.12 * Replace v0.11 bracket type hints with Terraform v0.12 list expressions * Use expression syntax instead of interpolated strings, where suggested * Update bare-metal tutorial * Define `clc_snippets` type constraint map(list(string)) * Define Terraform and plugin version requirements in versions.tf * Require matchbox ~> 0.3.0 to support Terraform v0.12 * Require ct ~> 0.3.2 to support Terraform v0.12
2019-05-28 19:19:23 -07:00
type = string
Add stricter types for bare-metal modules * Review variables available in bare-metal kubernetes modules for Container Linux and Fedora CoreOS * Deprecate cluster_domain_suffix variable * Remove deprecated container_linux_oem variable
2019-10-06 11:53:49 -07:00
description = "Controller DNS name which resolves to a controller instance. Workers and kubeconfig's will communicate with this endpoint (e.g. cluster.example.com)"
Add bare-metal support for Container Linux with Matchbox
2017-07-24 23:16:34 -07:00
}
Organize and cleanup variable descriptions
2018-03-25 21:36:10 -07:00
variable "ssh_authorized_key" {
Migrate bare-metal module Terraform v0.11 to v0.12 * Replace v0.11 bracket type hints with Terraform v0.12 list expressions * Use expression syntax instead of interpolated strings, where suggested * Update bare-metal tutorial * Define `clc_snippets` type constraint map(list(string)) * Define Terraform and plugin version requirements in versions.tf * Require matchbox ~> 0.3.0 to support Terraform v0.12 * Require ct ~> 0.3.2 to support Terraform v0.12
2019-05-28 19:19:23 -07:00
type = string
Organize and cleanup variable descriptions
2018-03-25 21:36:10 -07:00
description = "SSH public key for user 'core'"
}
bare-metal: Add support for Calico networking * Add variable networking with "flannel" or "calico"
2017-09-01 14:23:25 -07:00
variable "networking" {
Migrate bare-metal module Terraform v0.11 to v0.12 * Replace v0.11 bracket type hints with Terraform v0.12 list expressions * Use expression syntax instead of interpolated strings, where suggested * Update bare-metal tutorial * Define `clc_snippets` type constraint map(list(string)) * Define Terraform and plugin version requirements in versions.tf * Require matchbox ~> 0.3.0 to support Terraform v0.12 * Require ct ~> 0.3.2 to support Terraform v0.12
2019-05-28 19:19:23 -07:00
type = string
Add stricter types for bare-metal modules * Review variables available in bare-metal kubernetes modules for Container Linux and Fedora CoreOS * Deprecate cluster_domain_suffix variable * Remove deprecated container_linux_oem variable
2019-10-06 11:53:49 -07:00
description = "Choice of networking provider (flannel or calico)"
Change bare-metal and GCE networking default to calico * Switch networking default from flannel to calico
2017-09-12 09:16:58 -07:00
default = "calico"
bare-metal: Add support for Calico networking * Add variable networking with "flannel" or "calico"
2017-09-01 14:23:25 -07:00
}
Allow MTU for bare-metal Calico to be customized * Calico on bare-metal defaults to IP-in-IP encapsulation and MTU 1480
2017-09-05 18:24:57 -07:00
variable "network_mtu" {
Add stricter types for bare-metal modules * Review variables available in bare-metal kubernetes modules for Container Linux and Fedora CoreOS * Deprecate cluster_domain_suffix variable * Remove deprecated container_linux_oem variable
2019-10-06 11:53:49 -07:00
type = number
Allow MTU for bare-metal Calico to be customized * Calico on bare-metal defaults to IP-in-IP encapsulation and MTU 1480
2017-09-05 18:24:57 -07:00
description = "CNI interface MTU (applies to calico only)"
Add stricter types for bare-metal modules * Review variables available in bare-metal kubernetes modules for Container Linux and Fedora CoreOS * Deprecate cluster_domain_suffix variable * Remove deprecated container_linux_oem variable
2019-10-06 11:53:49 -07:00
default = 1480
Allow MTU for bare-metal Calico to be customized * Calico on bare-metal defaults to IP-in-IP encapsulation and MTU 1480
2017-09-05 18:24:57 -07:00
}
Add bare-metal network_ip_autodetection_method variable for multi-NIC * Allow setting the Calico host IPv4 address autodetection method * Use Calico's default "first-found" method to support single NIC and bonded NIC nodes * Allow methods like `can-reach=IP` or `interface=REGEX` for multi NIC nodes * https://docs.projectcalico.org/v3.1/reference/node/configuration#ip-autodetection-methods
2018-05-14 23:35:16 -07:00
variable "network_ip_autodetection_method" {
Migrate bare-metal module Terraform v0.11 to v0.12 * Replace v0.11 bracket type hints with Terraform v0.12 list expressions * Use expression syntax instead of interpolated strings, where suggested * Update bare-metal tutorial * Define `clc_snippets` type constraint map(list(string)) * Define Terraform and plugin version requirements in versions.tf * Require matchbox ~> 0.3.0 to support Terraform v0.12 * Require ct ~> 0.3.2 to support Terraform v0.12
2019-05-28 19:19:23 -07:00
type = string
Add stricter types for bare-metal modules * Review variables available in bare-metal kubernetes modules for Container Linux and Fedora CoreOS * Deprecate cluster_domain_suffix variable * Remove deprecated container_linux_oem variable
2019-10-06 11:53:49 -07:00
description = "Method to autodetect the host IPv4 address (applies to calico only)"
Add bare-metal network_ip_autodetection_method variable for multi-NIC * Allow setting the Calico host IPv4 address autodetection method * Use Calico's default "first-found" method to support single NIC and bonded NIC nodes * Allow methods like `can-reach=IP` or `interface=REGEX` for multi NIC nodes * https://docs.projectcalico.org/v3.1/reference/node/configuration#ip-autodetection-methods
2018-05-14 23:35:16 -07:00
default = "first-found"
}
Add bare-metal support for Container Linux with Matchbox
2017-07-24 23:16:34 -07:00
variable "pod_cidr" {
Migrate bare-metal module Terraform v0.11 to v0.12 * Replace v0.11 bracket type hints with Terraform v0.12 list expressions * Use expression syntax instead of interpolated strings, where suggested * Update bare-metal tutorial * Define `clc_snippets` type constraint map(list(string)) * Define Terraform and plugin version requirements in versions.tf * Require matchbox ~> 0.3.0 to support Terraform v0.12 * Require ct ~> 0.3.2 to support Terraform v0.12
2019-05-28 19:19:23 -07:00
type = string
Add stricter types for bare-metal modules * Review variables available in bare-metal kubernetes modules for Container Linux and Fedora CoreOS * Deprecate cluster_domain_suffix variable * Remove deprecated container_linux_oem variable
2019-10-06 11:53:49 -07:00
description = "CIDR IPv4 range to assign Kubernetes pods"
Add bare-metal support for Container Linux with Matchbox
2017-07-24 23:16:34 -07:00
default = "10.2.0.0/16"
}
variable "service_cidr" {
Fix terraform fmt formatting
2019-11-13 23:44:02 -08:00
type = string
Add bare-metal support for Container Linux with Matchbox
2017-07-24 23:16:34 -07:00
description = <<EOD
Organize and cleanup variable descriptions
2018-03-25 21:36:10 -07:00
CIDR IPv4 range to assign Kubernetes services.
Replace kube-dns with CoreDNS * Add system:coredns ClusterRole and binding * Annotate CoreDNS for Prometheus metrics scraping * Remove kube-dns deployment, service, & service account * https://github.com/poseidon/terraform-render-bootkube/pull/71 * https://kubernetes.io/blog/2018/06/27/kubernetes-1.11-release-announcement/
2018-07-01 19:41:57 -07:00
The 1st IP will be reserved for kube_apiserver, the 10th IP will be reserved for coredns.
Add bare-metal support for Container Linux with Matchbox
2017-07-24 23:16:34 -07:00
EOD
Fix terraform fmt formatting
2019-11-13 23:44:02 -08:00
default = "10.3.0.0/16"
Add bare-metal support for Container Linux with Matchbox
2017-07-24 23:16:34 -07:00
}
# optional
Change default iPXE kernel/initrd download from HTTP to HTTPS * Require an iPXE-enabled network boot environment with support for TLS downloads. PXE clients must chainload to iPXE firmware compiled with `DOWNLOAD_PROTO_HTTPS` enabled ([crypto](https://ipxe.org/crypto)) * iPXE's pre-compiled firmware binaries do _not_ enable HTTPS. Admins should build iPXE from source with support enabled * Affects the Container Linux and Flatcar Linux install profiles that pull from public downloads. No effect when cached_install=true or using Fedora Atomic, as those download from Matchbox * Add `download_protocol` variable. Recognizing boot firmware TLS support is difficult in some environments, set the protocol to "http" for the old behavior (discouraged)
2019-03-09 19:34:15 -08:00
variable "download_protocol" {
Fix terraform fmt formatting
2019-11-13 23:44:02 -08:00
type = string
Change default iPXE kernel/initrd download from HTTP to HTTPS * Require an iPXE-enabled network boot environment with support for TLS downloads. PXE clients must chainload to iPXE firmware compiled with `DOWNLOAD_PROTO_HTTPS` enabled ([crypto](https://ipxe.org/crypto)) * iPXE's pre-compiled firmware binaries do _not_ enable HTTPS. Admins should build iPXE from source with support enabled * Affects the Container Linux and Flatcar Linux install profiles that pull from public downloads. No effect when cached_install=true or using Fedora Atomic, as those download from Matchbox * Add `download_protocol` variable. Recognizing boot firmware TLS support is difficult in some environments, set the protocol to "http" for the old behavior (discouraged)
2019-03-09 19:34:15 -08:00
description = "Protocol iPXE should use to download the kernel and initrd. Defaults to https, which requires iPXE compiled with crypto support. Unused if cached_install is true."
Fix terraform fmt formatting
2019-11-13 23:44:02 -08:00
default = "https"
Change default iPXE kernel/initrd download from HTTP to HTTPS * Require an iPXE-enabled network boot environment with support for TLS downloads. PXE clients must chainload to iPXE firmware compiled with `DOWNLOAD_PROTO_HTTPS` enabled ([crypto](https://ipxe.org/crypto)) * iPXE's pre-compiled firmware binaries do _not_ enable HTTPS. Admins should build iPXE from source with support enabled * Affects the Container Linux and Flatcar Linux install profiles that pull from public downloads. No effect when cached_install=true or using Fedora Atomic, as those download from Matchbox * Add `download_protocol` variable. Recognizing boot firmware TLS support is difficult in some environments, set the protocol to "http" for the old behavior (discouraged)
2019-03-09 19:34:15 -08:00
}
Add bare-metal support for Container Linux with Matchbox
2017-07-24 23:16:34 -07:00
variable "cached_install" {
Fix terraform fmt formatting
2019-11-13 23:44:02 -08:00
type = bool
Rename container_linux_ bare-metal variables * Allow for Container Linux derivatives * Replace container_linux_channel variable with `os_channel` * Replace `container_linux_version` variable with `os_version` * Please change values `stable`, `beta`, or `alpha` to `coreos-stable`, `coreos-beta`, `coreos-alpha` (action required!)
2018-05-16 22:37:37 -07:00
description = "Whether Container Linux should PXE boot and install from matchbox /assets cache. Note that the admin must have downloaded the os_version into matchbox assets."
Fix terraform fmt formatting
2019-11-13 23:44:02 -08:00
default = false
Add bare-metal support for Container Linux with Matchbox
2017-07-24 23:16:34 -07:00
}
variable "install_disk" {
Fix terraform fmt formatting
2019-11-13 23:44:02 -08:00
type = string
default = "/dev/sda"
Add bare-metal support for Container Linux with Matchbox
2017-07-24 23:16:34 -07:00
description = "Disk device to which the install profiles should install Container Linux (e.g. /dev/sda)"
}
Allow setting custom PXE boot kernel_args on bare-metal
2017-10-02 11:47:44 -05:00
variable "kernel_args" {
Fix terraform fmt formatting
2019-11-13 23:44:02 -08:00
type = list(string)
Add stricter types for bare-metal modules * Review variables available in bare-metal kubernetes modules for Container Linux and Fedora CoreOS * Deprecate cluster_domain_suffix variable * Remove deprecated container_linux_oem variable
2019-10-06 11:53:49 -07:00
description = "Additional kernel arguments to provide at PXE boot."
Fix terraform fmt formatting
2019-11-13 23:44:02 -08:00
default = []
Allow setting custom PXE boot kernel_args on bare-metal
2017-10-02 11:47:44 -05:00
}
Fix Calico Felix reporting usage data, require opt-in * Calico Felix has been reporting anonymous usage data about the version and cluster size, which violates Typhoon's privacy policy where analytics should be opt-in only * Add a variable enable_reporting (default: false) to allow opting in to reporting usage data to Calico (or future components)
2018-11-19 22:45:02 -08:00
variable "enable_reporting" {
Fix terraform fmt formatting
2019-11-13 23:44:02 -08:00
type = bool
Fix Calico Felix reporting usage data, require opt-in * Calico Felix has been reporting anonymous usage data about the version and cluster size, which violates Typhoon's privacy policy where analytics should be opt-in only * Add a variable enable_reporting (default: false) to allow opting in to reporting usage data to Calico (or future components)
2018-11-19 22:45:02 -08:00
description = "Enable usage or analytics reporting to upstreams (Calico)"
Fix terraform fmt formatting
2019-11-13 23:44:02 -08:00
default = false
Fix Calico Felix reporting usage data, require opt-in * Calico Felix has been reporting anonymous usage data about the version and cluster size, which violates Typhoon's privacy policy where analytics should be opt-in only * Add a variable enable_reporting (default: false) to allow opting in to reporting usage data to Calico (or future components)
2018-11-19 22:45:02 -08:00
}
Add enable_aggregation option (defaults to false) * Add an `enable_aggregation` variable to enable the kube-apiserver aggregation layer for adding extension apiservers to clusters * Aggregation is **disabled** by default. Typhoon recommends you not enable aggregation. Consider whether less invasive ways to achieve your goals are possible and whether those goals are well-founded * Enabling aggregation and extension apiservers increases the attack surface of a cluster and makes extensions a part of the control plane. Admins must scrutinize and trust any extension apiserver used. * Passing a v1.14 CNCF conformance test requires aggregation be enabled. Having an option for aggregation keeps compliance, but retains the stricter security posture on default clusters
2019-04-07 02:29:07 -07:00
variable "enable_aggregation" {
Fix terraform fmt formatting
2019-11-13 23:44:02 -08:00
type = bool
Add enable_aggregation option (defaults to false) * Add an `enable_aggregation` variable to enable the kube-apiserver aggregation layer for adding extension apiservers to clusters * Aggregation is **disabled** by default. Typhoon recommends you not enable aggregation. Consider whether less invasive ways to achieve your goals are possible and whether those goals are well-founded * Enabling aggregation and extension apiservers increases the attack surface of a cluster and makes extensions a part of the control plane. Admins must scrutinize and trust any extension apiserver used. * Passing a v1.14 CNCF conformance test requires aggregation be enabled. Having an option for aggregation keeps compliance, but retains the stricter security posture on default clusters
2019-04-07 02:29:07 -07:00
description = "Enable the Kubernetes Aggregation Layer (defaults to false)"
Fix terraform fmt formatting
2019-11-13 23:44:02 -08:00
default = false
Add stricter types for bare-metal modules * Review variables available in bare-metal kubernetes modules for Container Linux and Fedora CoreOS * Deprecate cluster_domain_suffix variable * Remove deprecated container_linux_oem variable
2019-10-06 11:53:49 -07:00
}
# unofficial, undocumented, unsupported
Change `container-linux` module preference to Flatcar Linux * No change to Fedora CoreOS modules * For Container Linx AWS and Azure, change the `os_image` default from coreos-stable to flatcar-stable * For Container Linux GCP and DigitalOcean, change `os_image` to be required since users should upload a Flatcar Linux image and set the variable * For Container Linux bare-metal, recommend users change the `os_channel` to Flatcar Linux. No actual module change.
2020-04-11 14:52:30 -07:00
variable "asset_dir" {
type = string
description = "Absolute path to a directory where generated assets should be placed (contains secrets)"
default = ""
}
Add stricter types for bare-metal modules * Review variables available in bare-metal kubernetes modules for Container Linux and Fedora CoreOS * Deprecate cluster_domain_suffix variable * Remove deprecated container_linux_oem variable
2019-10-06 11:53:49 -07:00
variable "cluster_domain_suffix" {
Fix terraform fmt formatting
2019-11-13 23:44:02 -08:00
type = string
Add stricter types for bare-metal modules * Review variables available in bare-metal kubernetes modules for Container Linux and Fedora CoreOS * Deprecate cluster_domain_suffix variable * Remove deprecated container_linux_oem variable
2019-10-06 11:53:49 -07:00
description = "Queries for domains with the suffix will be answered by coredns. Default is cluster.local (e.g. foo.default.svc.cluster.local) "
Fix terraform fmt formatting
2019-11-13 23:44:02 -08:00
default = "cluster.local"
Add enable_aggregation option (defaults to false) * Add an `enable_aggregation` variable to enable the kube-apiserver aggregation layer for adding extension apiservers to clusters * Aggregation is **disabled** by default. Typhoon recommends you not enable aggregation. Consider whether less invasive ways to achieve your goals are possible and whether those goals are well-founded * Enabling aggregation and extension apiservers increases the attack surface of a cluster and makes extensions a part of the control plane. Admins must scrutinize and trust any extension apiserver used. * Passing a v1.14 CNCF conformance test requires aggregation be enabled. Having an option for aggregation keeps compliance, but retains the stricter security posture on default clusters
2019-04-07 02:29:07 -07:00
}
Migrate bare-metal module Terraform v0.11 to v0.12 * Replace v0.11 bracket type hints with Terraform v0.12 list expressions * Use expression syntax instead of interpolated strings, where suggested * Update bare-metal tutorial * Define `clc_snippets` type constraint map(list(string)) * Define Terraform and plugin version requirements in versions.tf * Require matchbox ~> 0.3.0 to support Terraform v0.12 * Require ct ~> 0.3.2 to support Terraform v0.12
2019-05-28 19:19:23 -07:00
Reference in New Issue Copy Permalink