Simplify CLC kubeconfig templating on AWS and GCP
* Template terraform-render-bootkube's multi-line kubeconfig output using the right indentation * Add `kubeconfig` variable to google-cloud controllers and workers Terraform submodules * Remove `kubeconfig_*` variables from google-cloud controllers and workers Terraform submodules
This commit is contained in:
parent
a44cf0edbd
commit
486fdb6968
|
@ -25,6 +25,8 @@ Notable changes between versions.
|
||||||
#### Google Cloud
|
#### Google Cloud
|
||||||
|
|
||||||
* Add kubelet `--volume-plugin-dir` flag to allow flexvolume plugins ([#142](https://github.com/poseidon/typhoon/pull/142))
|
* Add kubelet `--volume-plugin-dir` flag to allow flexvolume plugins ([#142](https://github.com/poseidon/typhoon/pull/142))
|
||||||
|
* Add `kubeconfig` variable to `controllers` and `workers` submodules ([#147](https://github.com/poseidon/typhoon/pull/147))
|
||||||
|
* Remove `kubeconfig_*` variables from `controllers` and `workers` submodules ([#147](https://github.com/poseidon/typhoon/pull/147))
|
||||||
|
|
||||||
#### Addons
|
#### Addons
|
||||||
|
|
||||||
|
|
|
@ -109,22 +109,7 @@ storage:
|
||||||
mode: 0644
|
mode: 0644
|
||||||
contents:
|
contents:
|
||||||
inline: |
|
inline: |
|
||||||
apiVersion: v1
|
${kubeconfig}
|
||||||
kind: Config
|
|
||||||
clusters:
|
|
||||||
- name: local
|
|
||||||
cluster:
|
|
||||||
server: ${kubeconfig_server}
|
|
||||||
certificate-authority-data: ${kubeconfig_ca_cert}
|
|
||||||
users:
|
|
||||||
- name: kubelet
|
|
||||||
user:
|
|
||||||
client-certificate-data: ${kubeconfig_kubelet_cert}
|
|
||||||
client-key-data: ${kubeconfig_kubelet_key}
|
|
||||||
contexts:
|
|
||||||
- context:
|
|
||||||
cluster: local
|
|
||||||
user: kubelet
|
|
||||||
- path: /etc/kubernetes/kubelet.env
|
- path: /etc/kubernetes/kubelet.env
|
||||||
filesystem: root
|
filesystem: root
|
||||||
mode: 0644
|
mode: 0644
|
||||||
|
|
|
@ -83,22 +83,7 @@ storage:
|
||||||
mode: 0644
|
mode: 0644
|
||||||
contents:
|
contents:
|
||||||
inline: |
|
inline: |
|
||||||
apiVersion: v1
|
${kubeconfig}
|
||||||
kind: Config
|
|
||||||
clusters:
|
|
||||||
- name: local
|
|
||||||
cluster:
|
|
||||||
server: ${kubeconfig_server}
|
|
||||||
certificate-authority-data: ${kubeconfig_ca_cert}
|
|
||||||
users:
|
|
||||||
- name: kubelet
|
|
||||||
user:
|
|
||||||
client-certificate-data: ${kubeconfig_kubelet_cert}
|
|
||||||
client-key-data: ${kubeconfig_kubelet_key}
|
|
||||||
contexts:
|
|
||||||
- context:
|
|
||||||
cluster: local
|
|
||||||
user: kubelet
|
|
||||||
- path: /etc/kubernetes/kubelet.env
|
- path: /etc/kubernetes/kubelet.env
|
||||||
filesystem: root
|
filesystem: root
|
||||||
mode: 0644
|
mode: 0644
|
||||||
|
|
|
@ -56,13 +56,10 @@ data "template_file" "controller_config" {
|
||||||
# etcd0=https://cluster-etcd0.example.com,etcd1=https://cluster-etcd1.example.com,...
|
# etcd0=https://cluster-etcd0.example.com,etcd1=https://cluster-etcd1.example.com,...
|
||||||
etcd_initial_cluster = "${join(",", formatlist("%s=https://%s:2380", null_resource.repeat.*.triggers.name, null_resource.repeat.*.triggers.domain))}"
|
etcd_initial_cluster = "${join(",", formatlist("%s=https://%s:2380", null_resource.repeat.*.triggers.name, null_resource.repeat.*.triggers.domain))}"
|
||||||
|
|
||||||
k8s_dns_service_ip = "${cidrhost(var.service_cidr, 10)}"
|
k8s_dns_service_ip = "${cidrhost(var.service_cidr, 10)}"
|
||||||
ssh_authorized_key = "${var.ssh_authorized_key}"
|
ssh_authorized_key = "${var.ssh_authorized_key}"
|
||||||
cluster_domain_suffix = "${var.cluster_domain_suffix}"
|
cluster_domain_suffix = "${var.cluster_domain_suffix}"
|
||||||
kubeconfig_ca_cert = "${module.bootkube.ca_cert}"
|
kubeconfig = "${indent(10, module.bootkube.kubeconfig)}"
|
||||||
kubeconfig_kubelet_cert = "${module.bootkube.kubelet_cert}"
|
|
||||||
kubeconfig_kubelet_key = "${module.bootkube.kubelet_key}"
|
|
||||||
kubeconfig_server = "${module.bootkube.server}"
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -61,14 +61,11 @@ data "template_file" "worker_config" {
|
||||||
template = "${file("${path.module}/cl/worker.yaml.tmpl")}"
|
template = "${file("${path.module}/cl/worker.yaml.tmpl")}"
|
||||||
|
|
||||||
vars = {
|
vars = {
|
||||||
k8s_dns_service_ip = "${cidrhost(var.service_cidr, 10)}"
|
k8s_dns_service_ip = "${cidrhost(var.service_cidr, 10)}"
|
||||||
k8s_etcd_service_ip = "${cidrhost(var.service_cidr, 15)}"
|
k8s_etcd_service_ip = "${cidrhost(var.service_cidr, 15)}"
|
||||||
ssh_authorized_key = "${var.ssh_authorized_key}"
|
ssh_authorized_key = "${var.ssh_authorized_key}"
|
||||||
cluster_domain_suffix = "${var.cluster_domain_suffix}"
|
cluster_domain_suffix = "${var.cluster_domain_suffix}"
|
||||||
kubeconfig_ca_cert = "${module.bootkube.ca_cert}"
|
kubeconfig = "${indent(10, module.bootkube.kubeconfig)}"
|
||||||
kubeconfig_kubelet_cert = "${module.bootkube.kubelet_cert}"
|
|
||||||
kubeconfig_kubelet_key = "${module.bootkube.kubelet_key}"
|
|
||||||
kubeconfig_server = "${module.bootkube.server}"
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -13,13 +13,10 @@ module "controllers" {
|
||||||
os_image = "${var.os_image}"
|
os_image = "${var.os_image}"
|
||||||
|
|
||||||
# configuration
|
# configuration
|
||||||
networking = "${var.networking}"
|
networking = "${var.networking}"
|
||||||
service_cidr = "${var.service_cidr}"
|
service_cidr = "${var.service_cidr}"
|
||||||
cluster_domain_suffix = "${var.cluster_domain_suffix}"
|
cluster_domain_suffix = "${var.cluster_domain_suffix}"
|
||||||
kubeconfig_ca_cert = "${module.bootkube.ca_cert}"
|
kubeconfig = "${module.bootkube.kubeconfig}"
|
||||||
kubeconfig_kubelet_cert = "${module.bootkube.kubelet_cert}"
|
|
||||||
kubeconfig_kubelet_key = "${module.bootkube.kubelet_key}"
|
|
||||||
kubeconfig_server = "${module.bootkube.server}"
|
|
||||||
}
|
}
|
||||||
|
|
||||||
module "workers" {
|
module "workers" {
|
||||||
|
@ -36,10 +33,7 @@ module "workers" {
|
||||||
preemptible = "${var.worker_preemptible}"
|
preemptible = "${var.worker_preemptible}"
|
||||||
|
|
||||||
# configuration
|
# configuration
|
||||||
service_cidr = "${var.service_cidr}"
|
service_cidr = "${var.service_cidr}"
|
||||||
cluster_domain_suffix = "${var.cluster_domain_suffix}"
|
cluster_domain_suffix = "${var.cluster_domain_suffix}"
|
||||||
kubeconfig_ca_cert = "${module.bootkube.ca_cert}"
|
kubeconfig = "${module.bootkube.kubeconfig}"
|
||||||
kubeconfig_kubelet_cert = "${module.bootkube.kubelet_cert}"
|
|
||||||
kubeconfig_kubelet_key = "${module.bootkube.kubelet_key}"
|
|
||||||
kubeconfig_server = "${module.bootkube.server}"
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -110,22 +110,7 @@ storage:
|
||||||
mode: 0644
|
mode: 0644
|
||||||
contents:
|
contents:
|
||||||
inline: |
|
inline: |
|
||||||
apiVersion: v1
|
${kubeconfig}
|
||||||
kind: Config
|
|
||||||
clusters:
|
|
||||||
- name: local
|
|
||||||
cluster:
|
|
||||||
server: ${kubeconfig_server}
|
|
||||||
certificate-authority-data: ${kubeconfig_ca_cert}
|
|
||||||
users:
|
|
||||||
- name: kubelet
|
|
||||||
user:
|
|
||||||
client-certificate-data: ${kubeconfig_kubelet_cert}
|
|
||||||
client-key-data: ${kubeconfig_kubelet_key}
|
|
||||||
contexts:
|
|
||||||
- context:
|
|
||||||
cluster: local
|
|
||||||
user: kubelet
|
|
||||||
- path: /etc/kubernetes/kubelet.env
|
- path: /etc/kubernetes/kubelet.env
|
||||||
filesystem: root
|
filesystem: root
|
||||||
mode: 0644
|
mode: 0644
|
||||||
|
|
|
@ -65,13 +65,10 @@ data "template_file" "controller_config" {
|
||||||
# etcd0=https://cluster-etcd0.example.com,etcd1=https://cluster-etcd1.example.com,...
|
# etcd0=https://cluster-etcd0.example.com,etcd1=https://cluster-etcd1.example.com,...
|
||||||
etcd_initial_cluster = "${join(",", formatlist("%s=https://%s:2380", null_resource.repeat.*.triggers.name, null_resource.repeat.*.triggers.domain))}"
|
etcd_initial_cluster = "${join(",", formatlist("%s=https://%s:2380", null_resource.repeat.*.triggers.name, null_resource.repeat.*.triggers.domain))}"
|
||||||
|
|
||||||
k8s_dns_service_ip = "${cidrhost(var.service_cidr, 10)}"
|
k8s_dns_service_ip = "${cidrhost(var.service_cidr, 10)}"
|
||||||
cluster_domain_suffix = "${var.cluster_domain_suffix}"
|
cluster_domain_suffix = "${var.cluster_domain_suffix}"
|
||||||
ssh_authorized_key = "${var.ssh_authorized_key}"
|
ssh_authorized_key = "${var.ssh_authorized_key}"
|
||||||
kubeconfig_ca_cert = "${var.kubeconfig_ca_cert}"
|
kubeconfig = "${indent(10, var.kubeconfig)}"
|
||||||
kubeconfig_kubelet_cert = "${var.kubeconfig_kubelet_cert}"
|
|
||||||
kubeconfig_kubelet_key = "${var.kubeconfig_kubelet_key}"
|
|
||||||
kubeconfig_server = "${var.kubeconfig_server}"
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -75,24 +75,7 @@ variable "cluster_domain_suffix" {
|
||||||
default = "cluster.local"
|
default = "cluster.local"
|
||||||
}
|
}
|
||||||
|
|
||||||
// kubeconfig
|
variable "kubeconfig" {
|
||||||
|
|
||||||
variable "kubeconfig_ca_cert" {
|
|
||||||
type = "string"
|
type = "string"
|
||||||
description = "Generated kubeconfig CA certificate"
|
description = "Generated Kubelet kubeconfig"
|
||||||
}
|
|
||||||
|
|
||||||
variable "kubeconfig_kubelet_cert" {
|
|
||||||
type = "string"
|
|
||||||
description = "Generated kubeconfig kubelet certificate"
|
|
||||||
}
|
|
||||||
|
|
||||||
variable "kubeconfig_kubelet_key" {
|
|
||||||
type = "string"
|
|
||||||
description = "Generated kubeconfig kubelet private key"
|
|
||||||
}
|
|
||||||
|
|
||||||
variable "kubeconfig_server" {
|
|
||||||
type = "string"
|
|
||||||
description = "Generated kubeconfig server"
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -84,22 +84,7 @@ storage:
|
||||||
mode: 0644
|
mode: 0644
|
||||||
contents:
|
contents:
|
||||||
inline: |
|
inline: |
|
||||||
apiVersion: v1
|
${kubeconfig}
|
||||||
kind: Config
|
|
||||||
clusters:
|
|
||||||
- name: local
|
|
||||||
cluster:
|
|
||||||
server: ${kubeconfig_server}
|
|
||||||
certificate-authority-data: ${kubeconfig_ca_cert}
|
|
||||||
users:
|
|
||||||
- name: kubelet
|
|
||||||
user:
|
|
||||||
client-certificate-data: ${kubeconfig_kubelet_cert}
|
|
||||||
client-key-data: ${kubeconfig_kubelet_key}
|
|
||||||
contexts:
|
|
||||||
- context:
|
|
||||||
cluster: local
|
|
||||||
user: kubelet
|
|
||||||
- path: /etc/kubernetes/kubelet.env
|
- path: /etc/kubernetes/kubelet.env
|
||||||
filesystem: root
|
filesystem: root
|
||||||
mode: 0644
|
mode: 0644
|
||||||
|
|
|
@ -65,24 +65,7 @@ variable "cluster_domain_suffix" {
|
||||||
default = "cluster.local"
|
default = "cluster.local"
|
||||||
}
|
}
|
||||||
|
|
||||||
# kubeconfig
|
variable "kubeconfig" {
|
||||||
|
|
||||||
variable "kubeconfig_ca_cert" {
|
|
||||||
type = "string"
|
type = "string"
|
||||||
description = "Generated kubeconfig CA certificate"
|
description = "Generated Kubelet kubeconfig"
|
||||||
}
|
|
||||||
|
|
||||||
variable "kubeconfig_kubelet_cert" {
|
|
||||||
type = "string"
|
|
||||||
description = "Generated kubeconfig kubelet certificate"
|
|
||||||
}
|
|
||||||
|
|
||||||
variable "kubeconfig_kubelet_key" {
|
|
||||||
type = "string"
|
|
||||||
description = "Generated kubeconfig kubelet private key"
|
|
||||||
}
|
|
||||||
|
|
||||||
variable "kubeconfig_server" {
|
|
||||||
type = "string"
|
|
||||||
description = "Generated kubeconfig server"
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -22,14 +22,11 @@ data "template_file" "worker_config" {
|
||||||
template = "${file("${path.module}/cl/worker.yaml.tmpl")}"
|
template = "${file("${path.module}/cl/worker.yaml.tmpl")}"
|
||||||
|
|
||||||
vars = {
|
vars = {
|
||||||
k8s_dns_service_ip = "${cidrhost(var.service_cidr, 10)}"
|
k8s_dns_service_ip = "${cidrhost(var.service_cidr, 10)}"
|
||||||
k8s_etcd_service_ip = "${cidrhost(var.service_cidr, 15)}"
|
k8s_etcd_service_ip = "${cidrhost(var.service_cidr, 15)}"
|
||||||
cluster_domain_suffix = "${var.cluster_domain_suffix}"
|
cluster_domain_suffix = "${var.cluster_domain_suffix}"
|
||||||
ssh_authorized_key = "${var.ssh_authorized_key}"
|
ssh_authorized_key = "${var.ssh_authorized_key}"
|
||||||
kubeconfig_ca_cert = "${var.kubeconfig_ca_cert}"
|
kubeconfig = "${indent(10, var.kubeconfig)}"
|
||||||
kubeconfig_kubelet_cert = "${var.kubeconfig_kubelet_cert}"
|
|
||||||
kubeconfig_kubelet_key = "${var.kubeconfig_kubelet_key}"
|
|
||||||
kubeconfig_server = "${var.kubeconfig_server}"
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue