Fix race condition in DigitalOcean cluster create
* DigitalOcean clusters must secure copy a kubeconfig to worker nodes, but Terraform could decide to try copying before firewall rules have been added to allow SSH access. * Add an explicit dependency on adding firewall rules first
This commit is contained in:
parent
f62286b677
commit
37ce722f9c
|
@ -12,6 +12,11 @@ Notable changes between versions.
|
||||||
|
|
||||||
* Only set internal VXLAN rules when `networking` is flannel (default: calico)
|
* Only set internal VXLAN rules when `networking` is flannel (default: calico)
|
||||||
|
|
||||||
|
#### DigitalOcean
|
||||||
|
|
||||||
|
* Add explicit ordering between firewall rule creation and secure copying Kubelet credentials ([#469](https://github.com/poseidon/typhoon/pull/469))
|
||||||
|
* Fix race scenario if copies to nodes were before rule creation, blocking cluster creation
|
||||||
|
|
||||||
#### Addons
|
#### Addons
|
||||||
|
|
||||||
* Update Prometheus from v2.8.1 to v2.9.2
|
* Update Prometheus from v2.8.1 to v2.9.2
|
||||||
|
|
|
@ -1,6 +1,9 @@
|
||||||
# Secure copy etcd TLS assets and kubeconfig to controllers. Activates kubelet.service
|
# Secure copy etcd TLS assets and kubeconfig to controllers. Activates kubelet.service
|
||||||
resource "null_resource" "copy-controller-secrets" {
|
resource "null_resource" "copy-controller-secrets" {
|
||||||
count = "${var.controller_count}"
|
count = "${var.controller_count}"
|
||||||
|
depends_on = [
|
||||||
|
"digitalocean_firewall.rules",
|
||||||
|
]
|
||||||
|
|
||||||
connection {
|
connection {
|
||||||
type = "ssh"
|
type = "ssh"
|
||||||
|
|
|
@ -1,6 +1,9 @@
|
||||||
# Secure copy etcd TLS assets and kubeconfig to controllers. Activates kubelet.service
|
# Secure copy etcd TLS assets and kubeconfig to controllers. Activates kubelet.service
|
||||||
resource "null_resource" "copy-controller-secrets" {
|
resource "null_resource" "copy-controller-secrets" {
|
||||||
count = "${var.controller_count}"
|
count = "${var.controller_count}"
|
||||||
|
depends_on = [
|
||||||
|
"digitalocean_firewall.rules",
|
||||||
|
]
|
||||||
|
|
||||||
connection {
|
connection {
|
||||||
type = "ssh"
|
type = "ssh"
|
||||||
|
|
Loading…
Reference in New Issue