mirror of
https://github.com/puppetmaster/typhoon.git
synced 2024-12-26 05:19:32 +01:00
cbef202eec
* Kubernetes v1.22.0 disabled kube-controller-manager insecure port, which was used internally for Prometheus metrics scraping * Configure Prometheus to discover and scrape endpoints for kube-scheduler and kube-controller-manager via the authenticated https ports, via bearer token * Change firewall ports to allow Prometheus (on worker nodes) to scrape kube-scheduler and kube-controller-manager targets that run on controller(s) with hostNetwork * Disable the insecure port on kube-scheduler
21 lines
773 B
HCL
21 lines
773 B
HCL
# Kubernetes assets (kubeconfig, manifests)
|
|
module "bootstrap" {
|
|
source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=b5f5d843ec9babcd2eeea98b8edcef972a5c178d"
|
|
|
|
cluster_name = var.cluster_name
|
|
api_servers = [format("%s.%s", var.cluster_name, var.dns_zone)]
|
|
etcd_servers = google_dns_record_set.etcds.*.name
|
|
networking = var.networking
|
|
network_mtu = 1440
|
|
pod_cidr = var.pod_cidr
|
|
service_cidr = var.service_cidr
|
|
cluster_domain_suffix = var.cluster_domain_suffix
|
|
enable_reporting = var.enable_reporting
|
|
enable_aggregation = var.enable_aggregation
|
|
daemonset_tolerations = var.daemonset_tolerations
|
|
|
|
// temporary
|
|
external_apiserver_port = 443
|
|
}
|
|
|