diff --git a/CHANGES.md b/CHANGES.md index 49e3bf8b..b1fdfb51 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -25,6 +25,8 @@ Notable changes between versions. #### Google Cloud * Add kubelet `--volume-plugin-dir` flag to allow flexvolume plugins ([#142](https://github.com/poseidon/typhoon/pull/142)) +* Add `kubeconfig` variable to `controllers` and `workers` submodules ([#147](https://github.com/poseidon/typhoon/pull/147)) +* Remove `kubeconfig_*` variables from `controllers` and `workers` submodules ([#147](https://github.com/poseidon/typhoon/pull/147)) #### Addons diff --git a/aws/container-linux/kubernetes/cl/controller.yaml.tmpl b/aws/container-linux/kubernetes/cl/controller.yaml.tmpl index 6e7f860b..551925ad 100644 --- a/aws/container-linux/kubernetes/cl/controller.yaml.tmpl +++ b/aws/container-linux/kubernetes/cl/controller.yaml.tmpl @@ -109,22 +109,7 @@ storage: mode: 0644 contents: inline: | - apiVersion: v1 - kind: Config - clusters: - - name: local - cluster: - server: ${kubeconfig_server} - certificate-authority-data: ${kubeconfig_ca_cert} - users: - - name: kubelet - user: - client-certificate-data: ${kubeconfig_kubelet_cert} - client-key-data: ${kubeconfig_kubelet_key} - contexts: - - context: - cluster: local - user: kubelet + ${kubeconfig} - path: /etc/kubernetes/kubelet.env filesystem: root mode: 0644 diff --git a/aws/container-linux/kubernetes/cl/worker.yaml.tmpl b/aws/container-linux/kubernetes/cl/worker.yaml.tmpl index f6f3e060..8f1a748e 100644 --- a/aws/container-linux/kubernetes/cl/worker.yaml.tmpl +++ b/aws/container-linux/kubernetes/cl/worker.yaml.tmpl @@ -83,22 +83,7 @@ storage: mode: 0644 contents: inline: | - apiVersion: v1 - kind: Config - clusters: - - name: local - cluster: - server: ${kubeconfig_server} - certificate-authority-data: ${kubeconfig_ca_cert} - users: - - name: kubelet - user: - client-certificate-data: ${kubeconfig_kubelet_cert} - client-key-data: ${kubeconfig_kubelet_key} - contexts: - - context: - cluster: local - user: kubelet + ${kubeconfig} - path: /etc/kubernetes/kubelet.env filesystem: root mode: 0644 diff --git a/aws/container-linux/kubernetes/controllers.tf b/aws/container-linux/kubernetes/controllers.tf index ff1e571c..316dfb3f 100644 --- a/aws/container-linux/kubernetes/controllers.tf +++ b/aws/container-linux/kubernetes/controllers.tf @@ -56,13 +56,10 @@ data "template_file" "controller_config" { # etcd0=https://cluster-etcd0.example.com,etcd1=https://cluster-etcd1.example.com,... etcd_initial_cluster = "${join(",", formatlist("%s=https://%s:2380", null_resource.repeat.*.triggers.name, null_resource.repeat.*.triggers.domain))}" - k8s_dns_service_ip = "${cidrhost(var.service_cidr, 10)}" - ssh_authorized_key = "${var.ssh_authorized_key}" - cluster_domain_suffix = "${var.cluster_domain_suffix}" - kubeconfig_ca_cert = "${module.bootkube.ca_cert}" - kubeconfig_kubelet_cert = "${module.bootkube.kubelet_cert}" - kubeconfig_kubelet_key = "${module.bootkube.kubelet_key}" - kubeconfig_server = "${module.bootkube.server}" + k8s_dns_service_ip = "${cidrhost(var.service_cidr, 10)}" + ssh_authorized_key = "${var.ssh_authorized_key}" + cluster_domain_suffix = "${var.cluster_domain_suffix}" + kubeconfig = "${indent(10, module.bootkube.kubeconfig)}" } } diff --git a/aws/container-linux/kubernetes/workers.tf b/aws/container-linux/kubernetes/workers.tf index 49ab684d..fbf5ef92 100644 --- a/aws/container-linux/kubernetes/workers.tf +++ b/aws/container-linux/kubernetes/workers.tf @@ -61,14 +61,11 @@ data "template_file" "worker_config" { template = "${file("${path.module}/cl/worker.yaml.tmpl")}" vars = { - k8s_dns_service_ip = "${cidrhost(var.service_cidr, 10)}" - k8s_etcd_service_ip = "${cidrhost(var.service_cidr, 15)}" - ssh_authorized_key = "${var.ssh_authorized_key}" - cluster_domain_suffix = "${var.cluster_domain_suffix}" - kubeconfig_ca_cert = "${module.bootkube.ca_cert}" - kubeconfig_kubelet_cert = "${module.bootkube.kubelet_cert}" - kubeconfig_kubelet_key = "${module.bootkube.kubelet_key}" - kubeconfig_server = "${module.bootkube.server}" + k8s_dns_service_ip = "${cidrhost(var.service_cidr, 10)}" + k8s_etcd_service_ip = "${cidrhost(var.service_cidr, 15)}" + ssh_authorized_key = "${var.ssh_authorized_key}" + cluster_domain_suffix = "${var.cluster_domain_suffix}" + kubeconfig = "${indent(10, module.bootkube.kubeconfig)}" } } diff --git a/google-cloud/container-linux/kubernetes/cluster.tf b/google-cloud/container-linux/kubernetes/cluster.tf index 2f94470b..ad722827 100644 --- a/google-cloud/container-linux/kubernetes/cluster.tf +++ b/google-cloud/container-linux/kubernetes/cluster.tf @@ -13,13 +13,10 @@ module "controllers" { os_image = "${var.os_image}" # configuration - networking = "${var.networking}" - service_cidr = "${var.service_cidr}" - cluster_domain_suffix = "${var.cluster_domain_suffix}" - kubeconfig_ca_cert = "${module.bootkube.ca_cert}" - kubeconfig_kubelet_cert = "${module.bootkube.kubelet_cert}" - kubeconfig_kubelet_key = "${module.bootkube.kubelet_key}" - kubeconfig_server = "${module.bootkube.server}" + networking = "${var.networking}" + service_cidr = "${var.service_cidr}" + cluster_domain_suffix = "${var.cluster_domain_suffix}" + kubeconfig = "${module.bootkube.kubeconfig}" } module "workers" { @@ -36,10 +33,7 @@ module "workers" { preemptible = "${var.worker_preemptible}" # configuration - service_cidr = "${var.service_cidr}" - cluster_domain_suffix = "${var.cluster_domain_suffix}" - kubeconfig_ca_cert = "${module.bootkube.ca_cert}" - kubeconfig_kubelet_cert = "${module.bootkube.kubelet_cert}" - kubeconfig_kubelet_key = "${module.bootkube.kubelet_key}" - kubeconfig_server = "${module.bootkube.server}" + service_cidr = "${var.service_cidr}" + cluster_domain_suffix = "${var.cluster_domain_suffix}" + kubeconfig = "${module.bootkube.kubeconfig}" } diff --git a/google-cloud/container-linux/kubernetes/controllers/cl/controller.yaml.tmpl b/google-cloud/container-linux/kubernetes/controllers/cl/controller.yaml.tmpl index f71b28b7..6655f001 100644 --- a/google-cloud/container-linux/kubernetes/controllers/cl/controller.yaml.tmpl +++ b/google-cloud/container-linux/kubernetes/controllers/cl/controller.yaml.tmpl @@ -110,22 +110,7 @@ storage: mode: 0644 contents: inline: | - apiVersion: v1 - kind: Config - clusters: - - name: local - cluster: - server: ${kubeconfig_server} - certificate-authority-data: ${kubeconfig_ca_cert} - users: - - name: kubelet - user: - client-certificate-data: ${kubeconfig_kubelet_cert} - client-key-data: ${kubeconfig_kubelet_key} - contexts: - - context: - cluster: local - user: kubelet + ${kubeconfig} - path: /etc/kubernetes/kubelet.env filesystem: root mode: 0644 diff --git a/google-cloud/container-linux/kubernetes/controllers/controllers.tf b/google-cloud/container-linux/kubernetes/controllers/controllers.tf index 8211affb..1b882c87 100644 --- a/google-cloud/container-linux/kubernetes/controllers/controllers.tf +++ b/google-cloud/container-linux/kubernetes/controllers/controllers.tf @@ -65,13 +65,10 @@ data "template_file" "controller_config" { # etcd0=https://cluster-etcd0.example.com,etcd1=https://cluster-etcd1.example.com,... etcd_initial_cluster = "${join(",", formatlist("%s=https://%s:2380", null_resource.repeat.*.triggers.name, null_resource.repeat.*.triggers.domain))}" - k8s_dns_service_ip = "${cidrhost(var.service_cidr, 10)}" - cluster_domain_suffix = "${var.cluster_domain_suffix}" - ssh_authorized_key = "${var.ssh_authorized_key}" - kubeconfig_ca_cert = "${var.kubeconfig_ca_cert}" - kubeconfig_kubelet_cert = "${var.kubeconfig_kubelet_cert}" - kubeconfig_kubelet_key = "${var.kubeconfig_kubelet_key}" - kubeconfig_server = "${var.kubeconfig_server}" + k8s_dns_service_ip = "${cidrhost(var.service_cidr, 10)}" + cluster_domain_suffix = "${var.cluster_domain_suffix}" + ssh_authorized_key = "${var.ssh_authorized_key}" + kubeconfig = "${indent(10, var.kubeconfig)}" } } diff --git a/google-cloud/container-linux/kubernetes/controllers/variables.tf b/google-cloud/container-linux/kubernetes/controllers/variables.tf index bbca15b1..ee4e2570 100644 --- a/google-cloud/container-linux/kubernetes/controllers/variables.tf +++ b/google-cloud/container-linux/kubernetes/controllers/variables.tf @@ -75,24 +75,7 @@ variable "cluster_domain_suffix" { default = "cluster.local" } -// kubeconfig - -variable "kubeconfig_ca_cert" { +variable "kubeconfig" { type = "string" - description = "Generated kubeconfig CA certificate" -} - -variable "kubeconfig_kubelet_cert" { - type = "string" - description = "Generated kubeconfig kubelet certificate" -} - -variable "kubeconfig_kubelet_key" { - type = "string" - description = "Generated kubeconfig kubelet private key" -} - -variable "kubeconfig_server" { - type = "string" - description = "Generated kubeconfig server" + description = "Generated Kubelet kubeconfig" } diff --git a/google-cloud/container-linux/kubernetes/workers/cl/worker.yaml.tmpl b/google-cloud/container-linux/kubernetes/workers/cl/worker.yaml.tmpl index 588bae80..ee9516f8 100644 --- a/google-cloud/container-linux/kubernetes/workers/cl/worker.yaml.tmpl +++ b/google-cloud/container-linux/kubernetes/workers/cl/worker.yaml.tmpl @@ -84,22 +84,7 @@ storage: mode: 0644 contents: inline: | - apiVersion: v1 - kind: Config - clusters: - - name: local - cluster: - server: ${kubeconfig_server} - certificate-authority-data: ${kubeconfig_ca_cert} - users: - - name: kubelet - user: - client-certificate-data: ${kubeconfig_kubelet_cert} - client-key-data: ${kubeconfig_kubelet_key} - contexts: - - context: - cluster: local - user: kubelet + ${kubeconfig} - path: /etc/kubernetes/kubelet.env filesystem: root mode: 0644 diff --git a/google-cloud/container-linux/kubernetes/workers/variables.tf b/google-cloud/container-linux/kubernetes/workers/variables.tf index b02e5789..ff99e3c2 100644 --- a/google-cloud/container-linux/kubernetes/workers/variables.tf +++ b/google-cloud/container-linux/kubernetes/workers/variables.tf @@ -65,24 +65,7 @@ variable "cluster_domain_suffix" { default = "cluster.local" } -# kubeconfig - -variable "kubeconfig_ca_cert" { +variable "kubeconfig" { type = "string" - description = "Generated kubeconfig CA certificate" -} - -variable "kubeconfig_kubelet_cert" { - type = "string" - description = "Generated kubeconfig kubelet certificate" -} - -variable "kubeconfig_kubelet_key" { - type = "string" - description = "Generated kubeconfig kubelet private key" -} - -variable "kubeconfig_server" { - type = "string" - description = "Generated kubeconfig server" + description = "Generated Kubelet kubeconfig" } diff --git a/google-cloud/container-linux/kubernetes/workers/workers.tf b/google-cloud/container-linux/kubernetes/workers/workers.tf index 2914b60f..77ffd03f 100644 --- a/google-cloud/container-linux/kubernetes/workers/workers.tf +++ b/google-cloud/container-linux/kubernetes/workers/workers.tf @@ -22,14 +22,11 @@ data "template_file" "worker_config" { template = "${file("${path.module}/cl/worker.yaml.tmpl")}" vars = { - k8s_dns_service_ip = "${cidrhost(var.service_cidr, 10)}" - k8s_etcd_service_ip = "${cidrhost(var.service_cidr, 15)}" - cluster_domain_suffix = "${var.cluster_domain_suffix}" - ssh_authorized_key = "${var.ssh_authorized_key}" - kubeconfig_ca_cert = "${var.kubeconfig_ca_cert}" - kubeconfig_kubelet_cert = "${var.kubeconfig_kubelet_cert}" - kubeconfig_kubelet_key = "${var.kubeconfig_kubelet_key}" - kubeconfig_server = "${var.kubeconfig_server}" + k8s_dns_service_ip = "${cidrhost(var.service_cidr, 10)}" + k8s_etcd_service_ip = "${cidrhost(var.service_cidr, 15)}" + cluster_domain_suffix = "${var.cluster_domain_suffix}" + ssh_authorized_key = "${var.ssh_authorized_key}" + kubeconfig = "${indent(10, var.kubeconfig)}" } }