mirror of
https://github.com/puppetmaster/typhoon.git
synced 2024-12-27 08:49:33 +01:00
812a1adb49
* Kubelets can use a lower-privilege TLS client certificate with Org system:nodes and a binding to the system:node ClusterRole * Admin kubeconfig's continue to belong to Org system:masters to provide cluster-admin (available in assets/auth/kubeconfig or as a Terraform output kubeconfig-admin) * Remove bare-metal output variable kubeconfig
22 lines
718 B
HCL
22 lines
718 B
HCL
module "workers" {
|
|
source = "workers"
|
|
name = "${var.cluster_name}"
|
|
cluster_name = "${var.cluster_name}"
|
|
|
|
# GCE
|
|
region = "${var.region}"
|
|
network = "${google_compute_network.network.name}"
|
|
count = "${var.worker_count}"
|
|
machine_type = "${var.worker_type}"
|
|
os_image = "${var.os_image}"
|
|
disk_size = "${var.disk_size}"
|
|
preemptible = "${var.worker_preemptible}"
|
|
|
|
# configuration
|
|
kubeconfig = "${module.bootkube.kubeconfig-kubelet}"
|
|
ssh_authorized_key = "${var.ssh_authorized_key}"
|
|
service_cidr = "${var.service_cidr}"
|
|
cluster_domain_suffix = "${var.cluster_domain_suffix}"
|
|
clc_snippets = "${var.worker_clc_snippets}"
|
|
}
|