mirror of
https://github.com/puppetmaster/typhoon.git
synced 2025-07-23 07:11:35 +02:00
digital-ocean: Distribute kubeconfig via Terraform null_resource
* Keep kubeconfig out of DigitalOcean metadata user-data
This commit is contained in:
@ -1,7 +1,30 @@
|
||||
# Secure copy kubeconfig to all nodes. Activates kubelet.service
|
||||
resource "null_resource" "copy-secrets" {
|
||||
count = "${var.controller_count + var.worker_count}"
|
||||
|
||||
connection {
|
||||
type = "ssh"
|
||||
host = "${element(concat(digitalocean_droplet.controllers.*.ipv4_address, digitalocean_droplet.workers.*.ipv4_address), count.index)}"
|
||||
user = "core"
|
||||
timeout = "15m"
|
||||
}
|
||||
|
||||
provisioner "file" {
|
||||
content = "${module.bootkube.kubeconfig}"
|
||||
destination = "$HOME/kubeconfig"
|
||||
}
|
||||
|
||||
provisioner "remote-exec" {
|
||||
inline = [
|
||||
"sudo mv /home/core/kubeconfig /etc/kubernetes/kubeconfig",
|
||||
]
|
||||
}
|
||||
}
|
||||
|
||||
# Secure copy bootkube assets to ONE controller and start bootkube to perform
|
||||
# one-time self-hosted cluster bootstrapping.
|
||||
resource "null_resource" "bootkube-start" {
|
||||
depends_on = ["module.bootkube", "digitalocean_droplet.controllers"]
|
||||
depends_on = ["module.bootkube", "null_resource.copy-secrets", "digitalocean_droplet.controllers"]
|
||||
|
||||
connection {
|
||||
type = "ssh"
|
||||
|
Reference in New Issue
Block a user