mirror of
https://github.com/puppetmaster/typhoon.git
synced 2025-10-24 10:15:05 +02:00
Allow CoreDNS and kube-proxy to be optional components
* Allow for more minimal base cluster setups, that manage CoreDNS or kube-proxy as applications, with rolling updates, or deploy systems. Or in the case of kube-proxy, its becoming more common to not install it and instead use Cilium * Add a `components` pass-through variable to configure pre-installed components like kube-proxy and CoreDNS. These components can be disabled (individually or together) to allow for managing components with separate plan/apply processes or automations * terraform-render-bootstrap manifest assets are now structured as manifests/{coredns,kube-proxy,network} so adapt the controller layout scripts accordingly * This is similar to some changes in v1.29.2 that allowed for the container networking provider manifests to be skipped Related: https://github.com/poseidon/typhoon/pull/1419, https://github.com/poseidon/typhoon/pull/1421
This commit is contained in:
@@ -1,6 +1,6 @@
|
||||
# Kubernetes assets (kubeconfig, manifests)
|
||||
module "bootstrap" {
|
||||
source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=baf406f2616f9536af2e09d969c8b6a87dc3ed17"
|
||||
source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=990286021a37985dcf079d4615e1deaa15575e17"
|
||||
|
||||
cluster_name = var.cluster_name
|
||||
api_servers = [format("%s.%s", var.cluster_name, var.dns_zone)]
|
||||
@@ -13,5 +13,6 @@ module "bootstrap" {
|
||||
enable_reporting = var.enable_reporting
|
||||
enable_aggregation = var.enable_aggregation
|
||||
daemonset_tolerations = var.daemonset_tolerations
|
||||
components = var.components
|
||||
}
|
||||
|
||||
|
@@ -163,7 +163,7 @@ storage:
|
||||
contents:
|
||||
inline: |
|
||||
#!/bin/bash -e
|
||||
mkdir -p -- auth tls/etcd tls/k8s static-manifests manifests/coredns manifests-networking
|
||||
mkdir -p -- auth tls/{etcd,k8s} static-manifests manifests/{coredns,kube-proxy,network}
|
||||
awk '/#####/ {filename=$2; next} {print > filename}' assets
|
||||
mkdir -p /etc/ssl/etcd/etcd
|
||||
mkdir -p /etc/kubernetes/pki
|
||||
@@ -177,8 +177,7 @@ storage:
|
||||
mv static-manifests/* /etc/kubernetes/manifests/
|
||||
mkdir -p /opt/bootstrap/assets
|
||||
mv manifests /opt/bootstrap/assets/manifests
|
||||
mv manifests-networking/* /opt/bootstrap/assets/manifests/ 2>/dev/null || true
|
||||
rm -rf assets auth static-manifests tls manifests manifests-networking
|
||||
rm -rf assets auth static-manifests tls manifests
|
||||
chcon -R -u system_u -t container_file_t /etc/kubernetes/pki
|
||||
- path: /opt/bootstrap/apply
|
||||
mode: 0544
|
||||
|
@@ -182,3 +182,16 @@ variable "daemonset_tolerations" {
|
||||
description = "List of additional taint keys kube-system DaemonSets should tolerate (e.g. ['custom-role', 'gpu-role'])"
|
||||
default = []
|
||||
}
|
||||
|
||||
variable "components" {
|
||||
description = "Configure pre-installed cluster components"
|
||||
# Component configs are passed through to terraform-render-bootstrap,
|
||||
# which handles type enforcement and defines defaults
|
||||
# https://github.com/poseidon/terraform-render-bootstrap/blob/main/variables.tf#L95
|
||||
type = object({
|
||||
enable = optional(bool)
|
||||
coredns = optional(map(any))
|
||||
kube_proxy = optional(map(any))
|
||||
})
|
||||
default = null
|
||||
}
|
||||
|
Reference in New Issue
Block a user