From 1366ae404b35b17e6c8eb6230e13f2702fcc39ad Mon Sep 17 00:00:00 2001 From: Dalton Hubble Date: Mon, 27 May 2019 15:37:36 -0700 Subject: [PATCH] Migrate DigitalOcean module from Terraform v0.11 to v0.12 * Replace v0.11 bracket type hints with Terraform v0.12 list expressions * Use expression syntax instead of interpolated strings, where suggested * Update DigitalOcean tutorial documentation * Define Terraform and plugin version requirements in versions.tf * Require digitalocean ~> v1.3 to support Terraform v0.12 * Require ct ~> v0.3.2 to support Terraform v0.12 --- CHANGES.md | 6 + .../container-linux/kubernetes/bootkube.tf | 23 +-- .../container-linux/kubernetes/controllers.tf | 58 ++++--- .../container-linux/kubernetes/network.tf | 150 +++++++++--------- .../container-linux/kubernetes/outputs.tf | 19 +-- .../container-linux/kubernetes/require.tf | 25 --- .../container-linux/kubernetes/ssh.tf | 39 ++--- .../container-linux/kubernetes/variables.tf | 44 ++--- .../container-linux/kubernetes/versions.tf | 12 ++ .../container-linux/kubernetes/workers.tf | 37 ++--- docs/cl/digital-ocean.md | 39 +---- 11 files changed, 211 insertions(+), 241 deletions(-) delete mode 100644 digital-ocean/container-linux/kubernetes/require.tf create mode 100644 digital-ocean/container-linux/kubernetes/versions.tf diff --git a/CHANGES.md b/CHANGES.md index d0476328..6bb34544 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -2,6 +2,12 @@ Notable changes between versions. +#### DigitalOcean + +* Migrate from Terraform v0.11 to v0.12.x (**action required!**) + * Require `terraform-provider-digitalocean` v1.3+ to support Terraform v0.12 + * Require `terraform-provider-ct` ~> v0.3.2+ to support Terraform v0.12 + ## Latest ## v1.14.3 diff --git a/digital-ocean/container-linux/kubernetes/bootkube.tf b/digital-ocean/container-linux/kubernetes/bootkube.tf index 1ec7a1e0..31ffe924 100644 --- a/digital-ocean/container-linux/kubernetes/bootkube.tf +++ b/digital-ocean/container-linux/kubernetes/bootkube.tf @@ -1,21 +1,22 @@ # Self-hosted Kubernetes assets (kubeconfig, manifests) module "bootkube" { - source = "git::https://github.com/poseidon/terraform-render-bootkube.git?ref=082921d67905417755609eebda7d39a7e26f7fdb" + source = "git::https://github.com/poseidon/terraform-render-bootkube.git?ref=0103bc06bb3f597455a765bf5d916f9b241cbea0" - cluster_name = "${var.cluster_name}" - api_servers = ["${format("%s.%s", var.cluster_name, var.dns_zone)}"] - etcd_servers = "${digitalocean_record.etcds.*.fqdn}" - asset_dir = "${var.asset_dir}" + cluster_name = var.cluster_name + api_servers = [format("%s.%s", var.cluster_name, var.dns_zone)] + etcd_servers = digitalocean_record.etcds.*.fqdn + asset_dir = var.asset_dir - networking = "${var.networking}" + networking = var.networking # only effective with Calico networking network_encapsulation = "vxlan" network_mtu = "1450" - pod_cidr = "${var.pod_cidr}" - service_cidr = "${var.service_cidr}" - cluster_domain_suffix = "${var.cluster_domain_suffix}" - enable_reporting = "${var.enable_reporting}" - enable_aggregation = "${var.enable_aggregation}" + pod_cidr = var.pod_cidr + service_cidr = var.service_cidr + cluster_domain_suffix = var.cluster_domain_suffix + enable_reporting = var.enable_reporting + enable_aggregation = var.enable_aggregation } + diff --git a/digital-ocean/container-linux/kubernetes/controllers.tf b/digital-ocean/container-linux/kubernetes/controllers.tf index 1f8f15c7..58458b4b 100644 --- a/digital-ocean/container-linux/kubernetes/controllers.tf +++ b/digital-ocean/container-linux/kubernetes/controllers.tf @@ -1,25 +1,25 @@ # Controller Instance DNS records resource "digitalocean_record" "controllers" { - count = "${var.controller_count}" + count = var.controller_count # DNS zone where record should be created - domain = "${var.dns_zone}" + domain = var.dns_zone # DNS record (will be prepended to domain) - name = "${var.cluster_name}" + name = var.cluster_name type = "A" ttl = 300 # IPv4 addresses of controllers - value = "${element(digitalocean_droplet.controllers.*.ipv4_address, count.index)}" + value = element(digitalocean_droplet.controllers.*.ipv4_address, count.index) } # Discrete DNS records for each controller's private IPv4 for etcd usage resource "digitalocean_record" "etcds" { - count = "${var.controller_count}" + count = var.controller_count # DNS zone where record should be created - domain = "${var.dns_zone}" + domain = var.dns_zone # DNS record (will be prepended to domain) name = "${var.cluster_name}-etcd${count.index}" @@ -27,34 +27,32 @@ resource "digitalocean_record" "etcds" { ttl = 300 # private IPv4 address for etcd - value = "${element(digitalocean_droplet.controllers.*.ipv4_address_private, count.index)}" + value = element(digitalocean_droplet.controllers.*.ipv4_address_private, count.index) } # Controller droplet instances resource "digitalocean_droplet" "controllers" { - count = "${var.controller_count}" + count = var.controller_count name = "${var.cluster_name}-controller-${count.index}" - region = "${var.region}" + region = var.region - image = "${var.image}" - size = "${var.controller_type}" + image = var.image + size = var.controller_type # network ipv6 = true private_networking = true - user_data = "${element(data.ct_config.controller-ignitions.*.rendered, count.index)}" - ssh_keys = ["${var.ssh_fingerprints}"] + user_data = element(data.ct_config.controller-ignitions.*.rendered, count.index) + ssh_keys = var.ssh_fingerprints tags = [ - "${digitalocean_tag.controllers.id}", + digitalocean_tag.controllers.id, ] lifecycle { - ignore_changes = [ - "user_data", - ] + ignore_changes = [user_data] } } @@ -65,37 +63,37 @@ resource "digitalocean_tag" "controllers" { # Controller Ignition configs data "ct_config" "controller-ignitions" { - count = "${var.controller_count}" - content = "${element(data.template_file.controller-configs.*.rendered, count.index)}" + count = var.controller_count + content = element(data.template_file.controller-configs.*.rendered, count.index) pretty_print = false - snippets = ["${var.controller_clc_snippets}"] + snippets = var.controller_clc_snippets } # Controller Container Linux configs data "template_file" "controller-configs" { - count = "${var.controller_count}" + count = var.controller_count - template = "${file("${path.module}/cl/controller.yaml.tmpl")}" + template = file("${path.module}/cl/controller.yaml.tmpl") vars = { # Cannot use cyclic dependencies on controllers or their DNS records etcd_name = "etcd${count.index}" etcd_domain = "${var.cluster_name}-etcd${count.index}.${var.dns_zone}" - # etcd0=https://cluster-etcd0.example.com,etcd1=https://cluster-etcd1.example.com,... - etcd_initial_cluster = "${join(",", data.template_file.etcds.*.rendered)}" - cluster_dns_service_ip = "${cidrhost(var.service_cidr, 10)}" - cluster_domain_suffix = "${var.cluster_domain_suffix}" + etcd_initial_cluster = join(",", data.template_file.etcds.*.rendered) + cluster_dns_service_ip = cidrhost(var.service_cidr, 10) + cluster_domain_suffix = var.cluster_domain_suffix } } data "template_file" "etcds" { - count = "${var.controller_count}" + count = var.controller_count template = "etcd$${index}=https://$${cluster_name}-etcd$${index}.$${dns_zone}:2380" vars = { - index = "${count.index}" - cluster_name = "${var.cluster_name}" - dns_zone = "${var.dns_zone}" + index = count.index + cluster_name = var.cluster_name + dns_zone = var.dns_zone } } + diff --git a/digital-ocean/container-linux/kubernetes/network.tf b/digital-ocean/container-linux/kubernetes/network.tf index 76342f66..b145cdf3 100644 --- a/digital-ocean/container-linux/kubernetes/network.tf +++ b/digital-ocean/container-linux/kubernetes/network.tf @@ -1,50 +1,51 @@ resource "digitalocean_firewall" "rules" { - name = "${var.cluster_name}" + name = var.cluster_name tags = ["${var.cluster_name}-controller", "${var.cluster_name}-worker"] # allow ssh, internal flannel, internal node-exporter, internal kubelet - inbound_rule = [ - { - protocol = "tcp" - port_range = "22" - source_addresses = ["0.0.0.0/0", "::/0"] - }, - { - protocol = "udp" - port_range = "4789" - source_tags = ["${digitalocean_tag.controllers.name}", "${digitalocean_tag.workers.name}"] - }, - { - protocol = "tcp" - port_range = "9100" - source_tags = ["${digitalocean_tag.workers.name}"] - }, - { - protocol = "tcp" - port_range = "10250" - source_tags = ["${digitalocean_tag.controllers.name}", "${digitalocean_tag.workers.name}"] - }, - ] + inbound_rule { + protocol = "tcp" + port_range = "22" + source_addresses = ["0.0.0.0/0", "::/0"] + } + + inbound_rule { + protocol = "udp" + port_range = "4789" + source_tags = [digitalocean_tag.controllers.name, digitalocean_tag.workers.name] + } + + inbound_rule { + protocol = "tcp" + port_range = "9100" + source_tags = [digitalocean_tag.workers.name] + } + + inbound_rule { + protocol = "tcp" + port_range = "10250" + source_tags = [digitalocean_tag.controllers.name, digitalocean_tag.workers.name] + } # allow all outbound traffic - outbound_rule = [ - { - protocol = "tcp" - port_range = "1-65535" - destination_addresses = ["0.0.0.0/0", "::/0"] - }, - { - protocol = "udp" - port_range = "1-65535" - destination_addresses = ["0.0.0.0/0", "::/0"] - }, - { - protocol = "icmp" - port_range = "1-65535" - destination_addresses = ["0.0.0.0/0", "::/0"] - }, - ] + outbound_rule { + protocol = "tcp" + port_range = "1-65535" + destination_addresses = ["0.0.0.0/0", "::/0"] + } + + outbound_rule { + protocol = "udp" + port_range = "1-65535" + destination_addresses = ["0.0.0.0/0", "::/0"] + } + + outbound_rule { + protocol = "icmp" + port_range = "1-65535" + destination_addresses = ["0.0.0.0/0", "::/0"] + } } resource "digitalocean_firewall" "controllers" { @@ -53,23 +54,23 @@ resource "digitalocean_firewall" "controllers" { tags = ["${var.cluster_name}-controller"] # etcd, kube-apiserver, kubelet - inbound_rule = [ - { - protocol = "tcp" - port_range = "2379-2380" - source_tags = ["${digitalocean_tag.controllers.name}"] - }, - { - protocol = "tcp" - port_range = "2381" - source_tags = ["${digitalocean_tag.workers.name}"] - }, - { - protocol = "tcp" - port_range = "6443" - source_addresses = ["0.0.0.0/0", "::/0"] - }, - ] + inbound_rule { + protocol = "tcp" + port_range = "2379-2380" + source_tags = [digitalocean_tag.controllers.name] + } + + inbound_rule { + protocol = "tcp" + port_range = "2381" + source_tags = [digitalocean_tag.workers.name] + } + + inbound_rule { + protocol = "tcp" + port_range = "6443" + source_addresses = ["0.0.0.0/0", "::/0"] + } } resource "digitalocean_firewall" "workers" { @@ -78,21 +79,22 @@ resource "digitalocean_firewall" "workers" { tags = ["${var.cluster_name}-worker"] # allow HTTP/HTTPS ingress - inbound_rule = [ - { - protocol = "tcp" - port_range = "80" - source_addresses = ["0.0.0.0/0", "::/0"] - }, - { - protocol = "tcp" - port_range = "443" - source_addresses = ["0.0.0.0/0", "::/0"] - }, - { - protocol = "tcp" - port_range = "10254" - source_addresses = ["0.0.0.0/0"] - }, - ] + inbound_rule { + protocol = "tcp" + port_range = "80" + source_addresses = ["0.0.0.0/0", "::/0"] + } + + inbound_rule { + protocol = "tcp" + port_range = "443" + source_addresses = ["0.0.0.0/0", "::/0"] + } + + inbound_rule { + protocol = "tcp" + port_range = "10254" + source_addresses = ["0.0.0.0/0"] + } } + diff --git a/digital-ocean/container-linux/kubernetes/outputs.tf b/digital-ocean/container-linux/kubernetes/outputs.tf index 15172d7f..bf05b4a0 100644 --- a/digital-ocean/container-linux/kubernetes/outputs.tf +++ b/digital-ocean/container-linux/kubernetes/outputs.tf @@ -1,40 +1,41 @@ output "kubeconfig-admin" { - value = "${module.bootkube.kubeconfig-admin}" + value = module.bootkube.kubeconfig-admin } output "controllers_dns" { - value = "${digitalocean_record.controllers.0.fqdn}" + value = digitalocean_record.controllers[0].fqdn } output "workers_dns" { # Multiple A and AAAA records with the same FQDN - value = "${digitalocean_record.workers-record-a.0.fqdn}" + value = digitalocean_record.workers-record-a[0].fqdn } output "controllers_ipv4" { - value = ["${digitalocean_droplet.controllers.*.ipv4_address}"] + value = [digitalocean_droplet.controllers.*.ipv4_address] } output "controllers_ipv6" { - value = ["${digitalocean_droplet.controllers.*.ipv6_address}"] + value = [digitalocean_droplet.controllers.*.ipv6_address] } output "workers_ipv4" { - value = ["${digitalocean_droplet.workers.*.ipv4_address}"] + value = [digitalocean_droplet.workers.*.ipv4_address] } output "workers_ipv6" { - value = ["${digitalocean_droplet.workers.*.ipv6_address}"] + value = [digitalocean_droplet.workers.*.ipv6_address] } # Outputs for custom firewalls output "controller_tag" { description = "Tag applied to controller droplets" - value = "${digitalocean_tag.controllers.name}" + value = digitalocean_tag.controllers.name } output "worker_tag" { description = "Tag applied to worker droplets" - value = "${digitalocean_tag.workers.name}" + value = digitalocean_tag.workers.name } + diff --git a/digital-ocean/container-linux/kubernetes/require.tf b/digital-ocean/container-linux/kubernetes/require.tf deleted file mode 100644 index 4651337d..00000000 --- a/digital-ocean/container-linux/kubernetes/require.tf +++ /dev/null @@ -1,25 +0,0 @@ -# Terraform version and plugin versions - -terraform { - required_version = ">= 0.11.0" -} - -provider "digitalocean" { - version = "~> 1.0" -} - -provider "local" { - version = "~> 1.0" -} - -provider "null" { - version = "~> 1.0" -} - -provider "template" { - version = "~> 1.0" -} - -provider "tls" { - version = "~> 1.0" -} diff --git a/digital-ocean/container-linux/kubernetes/ssh.tf b/digital-ocean/container-linux/kubernetes/ssh.tf index 1816f564..cc9385d2 100644 --- a/digital-ocean/container-linux/kubernetes/ssh.tf +++ b/digital-ocean/container-linux/kubernetes/ssh.tf @@ -1,55 +1,55 @@ # Secure copy etcd TLS assets and kubeconfig to controllers. Activates kubelet.service resource "null_resource" "copy-controller-secrets" { - count = "${var.controller_count}" + count = var.controller_count depends_on = [ - "digitalocean_firewall.rules", + digitalocean_firewall.rules ] connection { type = "ssh" - host = "${element(concat(digitalocean_droplet.controllers.*.ipv4_address), count.index)}" + host = element(digitalocean_droplet.controllers.*.ipv4_address, count.index) user = "core" timeout = "15m" } provisioner "file" { - content = "${module.bootkube.kubeconfig-kubelet}" + content = module.bootkube.kubeconfig-kubelet destination = "$HOME/kubeconfig" } provisioner "file" { - content = "${module.bootkube.etcd_ca_cert}" + content = module.bootkube.etcd_ca_cert destination = "$HOME/etcd-client-ca.crt" } provisioner "file" { - content = "${module.bootkube.etcd_client_cert}" + content = module.bootkube.etcd_client_cert destination = "$HOME/etcd-client.crt" } provisioner "file" { - content = "${module.bootkube.etcd_client_key}" + content = module.bootkube.etcd_client_key destination = "$HOME/etcd-client.key" } provisioner "file" { - content = "${module.bootkube.etcd_server_cert}" + content = module.bootkube.etcd_server_cert destination = "$HOME/etcd-server.crt" } provisioner "file" { - content = "${module.bootkube.etcd_server_key}" + content = module.bootkube.etcd_server_key destination = "$HOME/etcd-server.key" } provisioner "file" { - content = "${module.bootkube.etcd_peer_cert}" + content = module.bootkube.etcd_peer_cert destination = "$HOME/etcd-peer.crt" } provisioner "file" { - content = "${module.bootkube.etcd_peer_key}" + content = module.bootkube.etcd_peer_key destination = "$HOME/etcd-peer.key" } @@ -72,17 +72,17 @@ resource "null_resource" "copy-controller-secrets" { # Secure copy kubeconfig to all workers. Activates kubelet.service. resource "null_resource" "copy-worker-secrets" { - count = "${var.worker_count}" + count = var.worker_count connection { type = "ssh" - host = "${element(concat(digitalocean_droplet.workers.*.ipv4_address), count.index)}" + host = element(digitalocean_droplet.workers.*.ipv4_address, count.index) user = "core" timeout = "15m" } provisioner "file" { - content = "${module.bootkube.kubeconfig-kubelet}" + content = module.bootkube.kubeconfig-kubelet destination = "$HOME/kubeconfig" } @@ -97,20 +97,20 @@ resource "null_resource" "copy-worker-secrets" { # one-time self-hosted cluster bootstrapping. resource "null_resource" "bootkube-start" { depends_on = [ - "module.bootkube", - "null_resource.copy-controller-secrets", - "null_resource.copy-worker-secrets", + module.bootkube, + null_resource.copy-controller-secrets, + null_resource.copy-worker-secrets, ] connection { type = "ssh" - host = "${digitalocean_droplet.controllers.0.ipv4_address}" + host = digitalocean_droplet.controllers[0].ipv4_address user = "core" timeout = "15m" } provisioner "file" { - source = "${var.asset_dir}" + source = var.asset_dir destination = "$HOME/assets" } @@ -121,3 +121,4 @@ resource "null_resource" "bootkube-start" { ] } } + diff --git a/digital-ocean/container-linux/kubernetes/variables.tf b/digital-ocean/container-linux/kubernetes/variables.tf index bd8b4195..e1940120 100644 --- a/digital-ocean/container-linux/kubernetes/variables.tf +++ b/digital-ocean/container-linux/kubernetes/variables.tf @@ -1,60 +1,60 @@ variable "cluster_name" { - type = "string" + type = string description = "Unique cluster name (prepended to dns_zone)" } # Digital Ocean variable "region" { - type = "string" + type = string description = "Digital Ocean region (e.g. nyc1, sfo2, fra1, tor1)" } variable "dns_zone" { - type = "string" + type = string description = "Digital Ocean domain (i.e. DNS zone) (e.g. do.example.com)" } # instances variable "controller_count" { - type = "string" + type = string default = "1" description = "Number of controllers (i.e. masters)" } variable "worker_count" { - type = "string" + type = string default = "1" description = "Number of workers" } variable "controller_type" { - type = "string" + type = string default = "s-2vcpu-2gb" description = "Droplet type for controllers (e.g. s-2vcpu-2gb, s-2vcpu-4gb, s-4vcpu-8gb)." } variable "worker_type" { - type = "string" + type = string default = "s-1vcpu-1gb" description = "Droplet type for workers (e.g. s-1vcpu-1gb, s-1vcpu-2gb, s-2vcpu-2gb)" } variable "image" { - type = "string" + type = string default = "coreos-stable" description = "Container Linux image for instances (e.g. coreos-stable)" } variable "controller_clc_snippets" { - type = "list" + type = list(string) description = "Controller Container Linux Config snippets" default = [] } variable "worker_clc_snippets" { - type = "list" + type = list(string) description = "Worker Container Linux Config snippets" default = [] } @@ -62,24 +62,24 @@ variable "worker_clc_snippets" { # configuration variable "ssh_fingerprints" { - type = "list" + type = list(string) description = "SSH public key fingerprints. (e.g. see `ssh-add -l -E md5`)" } variable "asset_dir" { description = "Path to a directory where generated assets should be placed (contains secrets)" - type = "string" + type = string } variable "networking" { description = "Choice of networking provider (flannel or calico)" - type = "string" + type = string default = "flannel" } variable "pod_cidr" { description = "CIDR IPv4 range to assign Kubernetes pods" - type = "string" + type = string default = "10.2.0.0/16" } @@ -89,24 +89,26 @@ CIDR IPv4 range to assign Kubernetes services. The 1st IP will be reserved for kube_apiserver, the 10th IP will be reserved for coredns. EOD - type = "string" + + type = string default = "10.3.0.0/16" } variable "cluster_domain_suffix" { description = "Queries for domains with the suffix will be answered by coredns. Default is cluster.local (e.g. foo.default.svc.cluster.local) " - type = "string" - default = "cluster.local" + type = string + default = "cluster.local" } variable "enable_reporting" { - type = "string" + type = string description = "Enable usage or analytics reporting to upstreams (Calico)" - default = "false" + default = "false" } variable "enable_aggregation" { description = "Enable the Kubernetes Aggregation Layer (defaults to false)" - type = "string" - default = "false" + type = string + default = "false" } + diff --git a/digital-ocean/container-linux/kubernetes/versions.tf b/digital-ocean/container-linux/kubernetes/versions.tf new file mode 100644 index 00000000..e10ec96d --- /dev/null +++ b/digital-ocean/container-linux/kubernetes/versions.tf @@ -0,0 +1,12 @@ +# Terraform version and plugin versions + +terraform { + required_version = "~> 0.12.0" + required_providers { + digitalocean = "~> 1.3" + ct = "~> 0.3.2" + template = "~> 2.1" + null = "~> 2.1" + } +} + diff --git a/digital-ocean/container-linux/kubernetes/workers.tf b/digital-ocean/container-linux/kubernetes/workers.tf index dfa96908..fb2fa02d 100644 --- a/digital-ocean/container-linux/kubernetes/workers.tf +++ b/digital-ocean/container-linux/kubernetes/workers.tf @@ -1,47 +1,47 @@ # Worker DNS records resource "digitalocean_record" "workers-record-a" { - count = "${var.worker_count}" + count = var.worker_count # DNS zone where record should be created - domain = "${var.dns_zone}" + domain = var.dns_zone name = "${var.cluster_name}-workers" type = "A" ttl = 300 - value = "${element(digitalocean_droplet.workers.*.ipv4_address, count.index)}" + value = element(digitalocean_droplet.workers.*.ipv4_address, count.index) } resource "digitalocean_record" "workers-record-aaaa" { - count = "${var.worker_count}" + count = var.worker_count # DNS zone where record should be created - domain = "${var.dns_zone}" + domain = var.dns_zone name = "${var.cluster_name}-workers" type = "AAAA" ttl = 300 - value = "${element(digitalocean_droplet.workers.*.ipv6_address, count.index)}" + value = element(digitalocean_droplet.workers.*.ipv6_address, count.index) } # Worker droplet instances resource "digitalocean_droplet" "workers" { - count = "${var.worker_count}" + count = var.worker_count name = "${var.cluster_name}-worker-${count.index}" - region = "${var.region}" + region = var.region - image = "${var.image}" - size = "${var.worker_type}" + image = var.image + size = var.worker_type # network ipv6 = true private_networking = true - user_data = "${data.ct_config.worker-ignition.rendered}" - ssh_keys = ["${var.ssh_fingerprints}"] + user_data = data.ct_config.worker-ignition.rendered + ssh_keys = var.ssh_fingerprints tags = [ - "${digitalocean_tag.workers.id}", + digitalocean_tag.workers.id, ] lifecycle { @@ -56,17 +56,18 @@ resource "digitalocean_tag" "workers" { # Worker Ignition config data "ct_config" "worker-ignition" { - content = "${data.template_file.worker-config.rendered}" + content = data.template_file.worker-config.rendered pretty_print = false - snippets = ["${var.worker_clc_snippets}"] + snippets = var.worker_clc_snippets } # Worker Container Linux config data "template_file" "worker-config" { - template = "${file("${path.module}/cl/worker.yaml.tmpl")}" + template = file("${path.module}/cl/worker.yaml.tmpl") vars = { - cluster_dns_service_ip = "${cidrhost(var.service_cidr, 10)}" - cluster_domain_suffix = "${var.cluster_domain_suffix}" + cluster_dns_service_ip = cidrhost(var.service_cidr, 10) + cluster_domain_suffix = var.cluster_domain_suffix } } + diff --git a/docs/cl/digital-ocean.md b/docs/cl/digital-ocean.md index 9e0e6bb8..afe0bb48 100644 --- a/docs/cl/digital-ocean.md +++ b/docs/cl/digital-ocean.md @@ -10,15 +10,15 @@ Controllers are provisioned to run an `etcd-member` peer and a `kubelet` service * Digital Ocean Account and Token * Digital Ocean Domain (registered Domain Name or delegated subdomain) -* Terraform v0.11.x and [terraform-provider-ct](https://github.com/poseidon/terraform-provider-ct) installed locally +* Terraform v0.12.x and [terraform-provider-ct](https://github.com/poseidon/terraform-provider-ct) installed locally ## Terraform Setup -Install [Terraform](https://www.terraform.io/downloads.html) v0.11.x on your system. +Install [Terraform](https://www.terraform.io/downloads.html) v0.12.x on your system. ```sh $ terraform version -Terraform v0.11.14 +Terraform v0.12.0 ``` Add the [terraform-provider-ct](https://github.com/poseidon/terraform-provider-ct) plugin binary for your system to `~/.terraform.d/plugins/`, noting the final name. @@ -50,34 +50,13 @@ Configure the DigitalOcean provider to use your token in a `providers.tf` file. ```tf provider "digitalocean" { - version = "~> 1.3.0" + version = "1.3.0" token = "${chomp(file("~/.config/digital-ocean/token"))}" - alias = "default" } provider "ct" { version = "0.3.2" } - -provider "local" { - version = "~> 1.0" - alias = "default" -} - -provider "null" { - version = "~> 1.0" - alias = "default" -} - -provider "template" { - version = "~> 1.0" - alias = "default" -} - -provider "tls" { - version = "~> 1.0" - alias = "default" -} ``` ## Cluster @@ -86,15 +65,7 @@ Define a Kubernetes cluster using the module `digital-ocean/container-linux/kube ```tf module "digital-ocean-nemo" { - source = "git::https://github.com/poseidon/typhoon//digital-ocean/container-linux/kubernetes?ref=v1.14.3" - - providers = { - digitalocean = "digitalocean.default" - local = "local.default" - null = "null.default" - template = "template.default" - tls = "tls.default" - } + source = "git::https://github.com/poseidon/typhoon//digital-ocean/container-linux/kubernetes?ref=v1.14.4" # Digital Ocean cluster_name = "nemo"