Add Container Linux Config snippets feature

* Introduce the ability to support Container Linux Config
"snippets" for controllers and workers on cloud platforms.
This allows end-users to customize hosts by providing Container
Linux configs that are additively merged into the base configs
defined by Typhoon. Config snippets are validated, merged, and
show any errors during `terraform plan`
* Example uses include adding systemd units, network configs,
mounts, files, raid arrays, or other disk provisioning features
provided by Container Linux Configs (using Ignition low-level)
* Requires terraform-provider-ct v0.2.1 plugin
This commit is contained in:
Dalton Hubble 2018-02-20 08:36:21 -08:00
parent 88aa9a46e5
commit f3730b2bfa
14 changed files with 83 additions and 19 deletions

View File

@ -78,4 +78,5 @@ data "ct_config" "controller_ign" {
count = "${var.controller_count}" count = "${var.controller_count}"
content = "${element(data.template_file.controller_config.*.rendered, count.index)}" content = "${element(data.template_file.controller_config.*.rendered, count.index)}"
pretty_print = false pretty_print = false
snippets = ["${var.controller_clc_snippets}"]
} }

View File

@ -60,6 +60,18 @@ variable "worker_type" {
description = "Worker EC2 instance type" description = "Worker EC2 instance type"
} }
variable "controller_clc_snippets" {
type = "list"
description = "Controller Container Linux Config snippets"
default = []
}
variable "worker_clc_snippets" {
type = "list"
description = "Worker Container Linux Config snippets"
default = []
}
# bootkube assets # bootkube assets
variable "asset_dir" { variable "asset_dir" {

View File

@ -16,4 +16,5 @@ module "workers" {
ssh_authorized_key = "${var.ssh_authorized_key}" ssh_authorized_key = "${var.ssh_authorized_key}"
service_cidr = "${var.service_cidr}" service_cidr = "${var.service_cidr}"
cluster_domain_suffix = "${var.cluster_domain_suffix}" cluster_domain_suffix = "${var.cluster_domain_suffix}"
clc_snippets = "${var.worker_clc_snippets}"
} }

View File

@ -71,3 +71,9 @@ variable "cluster_domain_suffix" {
type = "string" type = "string"
default = "cluster.local" default = "cluster.local"
} }
variable "clc_snippets" {
type = "list"
description = "Container Linux Config snippets"
default = []
}

View File

@ -71,4 +71,5 @@ data "template_file" "worker_config" {
data "ct_config" "worker_ign" { data "ct_config" "worker_ign" {
content = "${data.template_file.worker_config.rendered}" content = "${data.template_file.worker_config.rendered}"
pretty_print = false pretty_print = false
snippets = ["${var.clc_snippets}"]
} }

View File

@ -90,4 +90,6 @@ data "ct_config" "controller_ign" {
count = "${var.controller_count}" count = "${var.controller_count}"
content = "${element(data.template_file.controller_config.*.rendered, count.index)}" content = "${element(data.template_file.controller_config.*.rendered, count.index)}"
pretty_print = false pretty_print = false
snippets = ["${var.controller_clc_snippets}"]
} }

View File

@ -48,6 +48,18 @@ variable "ssh_fingerprints" {
description = "SSH public key fingerprints. (e.g. see `ssh-add -l -E md5`)" description = "SSH public key fingerprints. (e.g. see `ssh-add -l -E md5`)"
} }
variable "controller_clc_snippets" {
type = "list"
description = "Controller Container Linux Config snippets"
default = []
}
variable "worker_clc_snippets" {
type = "list"
description = "Worker Container Linux Config snippets"
default = []
}
# bootkube assets # bootkube assets
variable "asset_dir" { variable "asset_dir" {

View File

@ -51,4 +51,5 @@ data "template_file" "worker_config" {
data "ct_config" "worker_ign" { data "ct_config" "worker_ign" {
content = "${data.template_file.worker_config.rendered}" content = "${data.template_file.worker_config.rendered}"
pretty_print = false pretty_print = false
snippets = ["${var.worker_clc_snippets}"]
} }

View File

@ -17,6 +17,7 @@ module "controllers" {
ssh_authorized_key = "${var.ssh_authorized_key}" ssh_authorized_key = "${var.ssh_authorized_key}"
service_cidr = "${var.service_cidr}" service_cidr = "${var.service_cidr}"
cluster_domain_suffix = "${var.cluster_domain_suffix}" cluster_domain_suffix = "${var.cluster_domain_suffix}"
clc_snippets = "${var.controller_clc_snippets}"
} }
module "workers" { module "workers" {
@ -37,4 +38,5 @@ module "workers" {
ssh_authorized_key = "${var.ssh_authorized_key}" ssh_authorized_key = "${var.ssh_authorized_key}"
service_cidr = "${var.service_cidr}" service_cidr = "${var.service_cidr}"
cluster_domain_suffix = "${var.cluster_domain_suffix}" cluster_domain_suffix = "${var.cluster_domain_suffix}"
clc_snippets = "${var.worker_clc_snippets}"
} }

View File

@ -87,4 +87,5 @@ data "ct_config" "controller_ign" {
count = "${var.count}" count = "${var.count}"
content = "${element(data.template_file.controller_config.*.rendered, count.index)}" content = "${element(data.template_file.controller_config.*.rendered, count.index)}"
pretty_print = false pretty_print = false
snippets = ["${var.clc_snippets}"]
} }

View File

@ -3,9 +3,9 @@ variable "cluster_name" {
description = "Unique cluster name" description = "Unique cluster name"
} }
variable "ssh_authorized_key" { variable "region" {
type = "string" type = "string"
description = "SSH public key for logging in as user 'core'" description = "Google Cloud region (e.g. us-central1, see `gcloud compute regions list`)."
} }
variable "network" { variable "network" {
@ -30,11 +30,6 @@ variable "count" {
description = "Number of controller compute instances the instance group should manage" description = "Number of controller compute instances the instance group should manage"
} }
variable "region" {
type = "string"
description = "Google Cloud region (e.g. us-central1, see `gcloud compute regions list`)."
}
variable "machine_type" { variable "machine_type" {
type = "string" type = "string"
description = "Machine type for compute instances (e.g. gcloud compute machine-types list)" description = "Machine type for compute instances (e.g. gcloud compute machine-types list)"
@ -51,12 +46,22 @@ variable "disk_size" {
description = "The size of the disk in gigabytes." description = "The size of the disk in gigabytes."
} }
// configuration # configuration
variable "networking" { variable "networking" {
description = "Choice of networking provider (flannel or calico)" description = "Choice of networking provider (flannel or calico)"
type = "string" type = "string"
default = "flannel" default = "calico"
}
variable "kubeconfig" {
type = "string"
description = "Generated Kubelet kubeconfig"
}
variable "ssh_authorized_key" {
type = "string"
description = "SSH public key for logging in as user 'core'"
} }
variable "service_cidr" { variable "service_cidr" {
@ -75,7 +80,8 @@ variable "cluster_domain_suffix" {
default = "cluster.local" default = "cluster.local"
} }
variable "kubeconfig" { variable "clc_snippets" {
type = "string" type = "list"
description = "Generated Kubelet kubeconfig" description = "Container Linux Config snippets"
default = []
} }

View File

@ -52,6 +52,18 @@ variable "worker_preemptible" {
description = "If enabled, Compute Engine will terminate workers randomly within 24 hours" description = "If enabled, Compute Engine will terminate workers randomly within 24 hours"
} }
variable "controller_clc_snippets" {
type = "list"
description = "Controller Container Linux Config snippets"
default = []
}
variable "worker_clc_snippets" {
type = "list"
description = "Worker Container Linux Config snippets"
default = []
}
# bootkube assets # bootkube assets
variable "asset_dir" { variable "asset_dir" {

View File

@ -59,7 +59,7 @@ variable "kubeconfig" {
variable "ssh_authorized_key" { variable "ssh_authorized_key" {
type = "string" type = "string"
description = "SSH public key for logging in as user 'core'" description = "SSH public key for user 'core'"
} }
variable "service_cidr" { variable "service_cidr" {
@ -78,16 +78,22 @@ variable "cluster_domain_suffix" {
default = "cluster.local" default = "cluster.local"
} }
variable "clc_snippets" {
type = "list"
description = "Container Linux Config snippets"
default = []
}
# unofficial, undocumented, unsupported, temporary # unofficial, undocumented, unsupported, temporary
variable "accelerator_type" { variable "accelerator_type" {
type = "string" type = "string"
default = "" default = ""
description = "Google Compute Engine accelerator type (e.g. nvidia-tesla-k80, see gcloud compute accelerator-types list)" description = "Google Compute Engine accelerator type (e.g. nvidia-tesla-k80, see gcloud compute accelerator-types list)"
} }
variable "accelerator_count" { variable "accelerator_count" {
type = "string" type = "string"
default = "0" default = "0"
description = "Number of compute engine accelerators" description = "Number of compute engine accelerators"
} }

View File

@ -32,6 +32,7 @@ data "template_file" "worker_config" {
data "ct_config" "worker_ign" { data "ct_config" "worker_ign" {
content = "${data.template_file.worker_config.rendered}" content = "${data.template_file.worker_config.rendered}"
pretty_print = false pretty_print = false
snippets = ["${var.clc_snippets}"]
} }
resource "google_compute_instance_template" "worker" { resource "google_compute_instance_template" "worker" {
@ -63,11 +64,11 @@ resource "google_compute_instance_template" "worker" {
} }
can_ip_forward = true can_ip_forward = true
tags = ["worker", "${var.cluster_name}-worker", "${var.name}-worker"] tags = ["worker", "${var.cluster_name}-worker", "${var.name}-worker"]
guest_accelerator { guest_accelerator {
count = "${var.accelerator_count}" count = "${var.accelerator_count}"
type = "${var.accelerator_type}" type = "${var.accelerator_type}"
} }
lifecycle { lifecycle {