mirror of
https://github.com/puppetmaster/typhoon.git
synced 2024-12-27 22:39:32 +01:00
be29f52039
* Add an `enable_aggregation` variable to enable the kube-apiserver aggregation layer for adding extension apiservers to clusters * Aggregation is **disabled** by default. Typhoon recommends you not enable aggregation. Consider whether less invasive ways to achieve your goals are possible and whether those goals are well-founded * Enabling aggregation and extension apiservers increases the attack surface of a cluster and makes extensions a part of the control plane. Admins must scrutinize and trust any extension apiserver used. * Passing a v1.14 CNCF conformance test requires aggregation be enabled. Having an option for aggregation keeps compliance, but retains the stricter security posture on default clusters
41 lines
960 B
HCL
41 lines
960 B
HCL
output "kubeconfig-admin" {
|
|
value = "${module.bootkube.kubeconfig-admin}"
|
|
}
|
|
|
|
output "controllers_dns" {
|
|
value = "${digitalocean_record.controllers.0.fqdn}"
|
|
}
|
|
|
|
output "workers_dns" {
|
|
# Multiple A and AAAA records with the same FQDN
|
|
value = "${digitalocean_record.workers-record-a.0.fqdn}"
|
|
}
|
|
|
|
output "controllers_ipv4" {
|
|
value = ["${digitalocean_droplet.controllers.*.ipv4_address}"]
|
|
}
|
|
|
|
output "controllers_ipv6" {
|
|
value = ["${digitalocean_droplet.controllers.*.ipv6_address}"]
|
|
}
|
|
|
|
output "workers_ipv4" {
|
|
value = ["${digitalocean_droplet.workers.*.ipv4_address}"]
|
|
}
|
|
|
|
output "workers_ipv6" {
|
|
value = ["${digitalocean_droplet.workers.*.ipv6_address}"]
|
|
}
|
|
|
|
# Outputs for custom firewalls
|
|
|
|
output "controller_tag" {
|
|
description = "Tag applied to controller droplets"
|
|
value = "${digitalocean_tag.controllers.name}"
|
|
}
|
|
|
|
output "worker_tag" {
|
|
description = "Tag applied to worker droplets"
|
|
value = "${digitalocean_tag.workers.name}"
|
|
}
|