mirror of
https://github.com/puppetmaster/typhoon.git
synced 2024-12-25 16:29:35 +01:00
Fix race condition in DigitalOcean cluster create
* DigitalOcean clusters must secure copy a kubeconfig to worker nodes, but Terraform could decide to try copying before firewall rules have been added to allow SSH access. * Add an explicit dependency on adding firewall rules first
This commit is contained in:
parent
f62286b677
commit
37ce722f9c
@ -12,6 +12,11 @@ Notable changes between versions.
|
||||
|
||||
* Only set internal VXLAN rules when `networking` is flannel (default: calico)
|
||||
|
||||
#### DigitalOcean
|
||||
|
||||
* Add explicit ordering between firewall rule creation and secure copying Kubelet credentials ([#469](https://github.com/poseidon/typhoon/pull/469))
|
||||
* Fix race scenario if copies to nodes were before rule creation, blocking cluster creation
|
||||
|
||||
#### Addons
|
||||
|
||||
* Update Prometheus from v2.8.1 to v2.9.2
|
||||
|
@ -1,6 +1,9 @@
|
||||
# Secure copy etcd TLS assets and kubeconfig to controllers. Activates kubelet.service
|
||||
resource "null_resource" "copy-controller-secrets" {
|
||||
count = "${var.controller_count}"
|
||||
depends_on = [
|
||||
"digitalocean_firewall.rules",
|
||||
]
|
||||
|
||||
connection {
|
||||
type = "ssh"
|
||||
|
@ -1,6 +1,9 @@
|
||||
# Secure copy etcd TLS assets and kubeconfig to controllers. Activates kubelet.service
|
||||
resource "null_resource" "copy-controller-secrets" {
|
||||
count = "${var.controller_count}"
|
||||
depends_on = [
|
||||
"digitalocean_firewall.rules",
|
||||
]
|
||||
|
||||
connection {
|
||||
type = "ssh"
|
||||
|
Loading…
Reference in New Issue
Block a user