-
Notifications
You must be signed in to change notification settings - Fork 59
/
Copy pathworker.tf
134 lines (92 loc) · 3.4 KB
/
worker.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
resource "gzip_me" "ca" {
input = "${ var.ca }"
}
resource "gzip_me" "worker" {
input = "${ var.worker }"
}
resource "gzip_me" "worker_key" {
input = "${ var.worker_key }"
}
#resource "gzip_me" "cloud_config_file" {
# input = "${ var.cloud_config_file }"
#}
resource "gzip_me" "dns_conf" {
input = "${ var.dns_conf }"
}
resource "gzip_me" "dns_dhcp" {
input = "${ var.dns_dhcp }"
}
resource "gzip_me" "kubelet" {
count = "${ var.worker_node_count }"
input = "${ element(data.template_file.kubelet.*.rendered, count.index) }"
}
data "template_file" "kubelet" {
count = "${ var.worker_node_count }"
template = "${ file( "${ path.module }/kubelet" )}"
vars {
cluster_domain = "${ var.cluster_domain }"
cloud_provider = "${ var.cloud_provider }"
cloud_config = "${ var.cloud_config }"
# fqdn = "${ var.hostname_suffix }"
dns_service_ip = "${ var.dns_service_ip }"
non_masquerade_cidr = "${ var.non_masquerade_cidr }"
}
}
resource "gzip_me" "kubelet_kubeconfig" {
input = "${ data.template_file.kubelet_kubeconfig.rendered }"
}
data "template_file" "kubelet_kubeconfig" {
template = "${ file( "${ path.module }/kubeconfig" )}"
vars {
cluster = "certificate-authority: /etc/srv/kubernetes/pki/ca-certificates.crt \n server: https://${ var.internal_lb_ip }"
user = "kubelet"
name = "service-account-context"
user_authentication = "client-certificate: /etc/srv/kubernetes/pki/kubelet.crt \n client-key: /etc/srv/kubernetes/pki/kubelet.key"
}
}
resource "gzip_me" "proxy_kubeconfig" {
input = "${ data.template_file.proxy_kubeconfig.rendered }"
}
data "template_file" "proxy_kubeconfig" {
template = "${ file( "${ path.module }/kubeconfig" )}"
vars {
cluster = "certificate-authority: /etc/srv/kubernetes/pki/ca-certificates.crt \n server: https://${ var.internal_lb_ip }"
user = "kube-proxy"
name = "service-account-context"
user_authentication = "client-certificate: /etc/srv/kubernetes/pki/kubelet.crt \n client-key: /etc/srv/kubernetes/pki/kubelet.key"
}
}
resource "gzip_me" "kube_proxy" {
count = "${ var.worker_node_count}"
input = "${ element(data.template_file.kube-proxy.*.rendered, count.index) }"
}
data "template_file" "kube-proxy" {
count = "${ var.worker_node_count }"
template = "${ file( "${ path.module }/kube-proxy.yml" )}"
vars {
master_node = "${ var.internal_lb_ip }"
# fqdn = "${ var.hostname_suffix }"
pod_cidr = "${ var.pod_cidr }"
kube_proxy_image = "${ var.kube_proxy_image }"
kube_proxy_tag = "${ var.kube_proxy_tag }"
}
}
data "template_file" "worker" {
count = "${ var.worker_node_count }"
template = "${ file( "${ path.module }/worker.yml" )}"
vars {
#cloud_config_file = "${ gzip_me.cloud_config_file.output }"
cloud_config_file = "${ base64gzip(var.cloud_config_file) }"
ca = "${ gzip_me.ca.output }"
worker = "${ gzip_me.worker.output }"
worker_key = "${ gzip_me.worker_key.output }"
kubelet = "${ element(gzip_me.kubelet.*.output, count.index) }"
kubelet_kubeconfig = "${ gzip_me.kubelet_kubeconfig.output }"
kube_proxy = "${ element(gzip_me.kube_proxy.*.output, count.index) }"
proxy_kubeconfig = "${ gzip_me.proxy_kubeconfig.output }"
kubelet_artifact = "${ var.kubelet_artifact }"
cni_artifact = "${ var.cni_artifact }"
dns_conf = "${ gzip_me.dns_conf.output }"
dns_dhcp = "${ gzip_me.dns_dhcp.output }"
}
}