-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathmain.tf
142 lines (123 loc) · 4.41 KB
/
main.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
data "openstack_identity_auth_scope_v3" "scope" {
name = "auth_scope"
}
module "rancher-network" {
source = "./modules/network"
cluster_name = var.cluster_name
external_network_id = var.external_network_id
}
module "controllers-loadbalancer" {
source = "./modules/loadbalancer"
num_nodes = length(module.rke-controllers.instances)
network_id = module.rancher-network.network_id
subnet_id = module.rancher-network.subnet_id
floating_ip_pool = var.floating_ip_pool
node_ip_addresses = module.rke-controllers.private_ips
security_group_id = [openstack_compute_secgroup_v2.rke.id]
}
module "workers-loadbalancer" {
source = "./modules/loadbalancer"
num_nodes = length(module.rke-workers.instances)
network_id = module.rancher-network.network_id
subnet_id = module.rancher-network.subnet_id
floating_ip_pool = var.floating_ip_pool
node_ip_addresses = module.rke-workers.private_ips
security_group_id = [openstack_compute_secgroup_v2.rke.id]
}
module "rke-controllers" {
source = "./modules/nodes"
num = var.num_controllers
cluster_name = var.cluster_name
image_name = var.image_name
flavor_name = var.controllers_flavor_name
key_pair = var.key_pair
user_name = var.username
user_data = file("user-data.conf")
security_groups = ["rke"]
network_id = module.rancher-network.network_id
associate_public_ip_address = true
floating_ip_pool = var.floating_ip_pool
tags = var.controllers_tags
}
module "rke-workers" {
source = "./modules/nodes"
num = var.num_workers
cluster_name = var.cluster_name
image_name = var.image_name
flavor_name = var.workers_flavor_name
key_pair = var.key_pair
user_name = var.username
user_data = file("user-data.conf")
security_groups = ["rke"]
network_id = module.rancher-network.network_id
associate_public_ip_address = true
floating_ip_pool = var.floating_ip_pool
tags = var.workers_tags
}
resource rke_cluster "rke-cluster" {
ssh_agent_auth = true
kubernetes_version = var.kubernetes_version
# Controllers
dynamic nodes {
for_each = module.rke-controllers.instances
content {
address = module.rke-controllers.public_ips[nodes.key]
internal_address = module.rke-controllers.private_ips[nodes.key]
hostname_override = module.rke-controllers.name[nodes.key]
user = var.username
role = module.rke-controllers.tags[nodes.key]
}
}
# Workers
dynamic nodes {
for_each = module.rke-workers.instances
content {
address = module.rke-workers.public_ips[nodes.key]
internal_address = module.rke-workers.private_ips[nodes.key]
hostname_override = module.rke-workers.name[nodes.key]
user = var.username
role = module.rke-workers.tags[nodes.key]
}
}
authentication {
strategy = "x509"
sans = [
module.controllers-loadbalancer.public_ip,
"${module.controllers-loadbalancer.public_ip}.dnsify.me",
]
}
bastion_host {
address = module.rke-controllers.public_ips[0]
ssh_agent_auth = true
user = "ubuntu"
}
services {
kubelet {
extra_args = {
cloud-provider = "external"
}
}
}
cloud_provider {
name = "openstack"
openstack_cloud_provider {
global {
username = data.openstack_identity_auth_scope_v3.scope.user_name
password = var.os_password
auth_url = var.os_auth_url
tenant_id = data.openstack_identity_auth_scope_v3.scope.project_id
domain_id = data.openstack_identity_auth_scope_v3.scope.project_domain_id
}
load_balancer {
use_octavia = true
subnet_id = module.rancher-network.subnet_id
floating_network_id = var.external_network_id
}
}
}
depends_on = [module.rke-controllers, module.rke-workers]
}
resource "local_file" "kube_cluster_yaml" {
filename = "${path.root}/kube_config_cluster.yml"
content = rke_cluster.rke-cluster.kube_config_yaml
}