update terraform, fix deprecated values add default_tags, fix ansible inventory (#1821)

2017-10-18 13:44:32 +03:00 · 2017-10-18 13:44:32 +03:00 · 7ef1e1ef9d
commit 7ef1e1ef9d
parent 20d80311f0
12 changed files with 90 additions and 56 deletions
--- a/.gitignore
+++ b/.gitignore
@ -10,6 +10,7 @@ temp
 *.bak
 *.tfstate
 *.tfstate.backup
 contrib/terraform/aws/credentials.tfvars
 **/*.sw[pon]
 /ssh-bastion.conf
 **/*.sw[pon]
--- a/contrib/terraform/aws/create-infrastructure.tf
+++ b/contrib/terraform/aws/create-infrastructure.tf
@ -19,9 +19,9 @@ module "aws-vpc" {
  aws_cluster_name = "${var.aws_cluster_name}"
  aws_vpc_cidr_block = "${var.aws_vpc_cidr_block}"
  aws_avail_zones="${var.aws_avail_zones}"
  aws_cidr_subnets_private="${var.aws_cidr_subnets_private}"
  aws_cidr_subnets_public="${var.aws_cidr_subnets_public}"
  default_tags="${var.default_tags}"
 }
@ -35,6 +35,7 @@ module "aws-elb" {
  aws_subnet_ids_public="${module.aws-vpc.aws_subnet_ids_public}"
  aws_elb_api_port = "${var.aws_elb_api_port}"
  k8s_secure_api_port = "${var.k8s_secure_api_port}"
  default_tags="${var.default_tags}"
 }
@ -61,11 +62,11 @@ resource "aws_instance" "bastion-server" {
    key_name = "${var.AWS_SSH_KEY_NAME}"
-    tags {
+    tags = "${merge(var.default_tags, map(
-        Name = "kubernetes-${var.aws_cluster_name}-bastion-${count.index}"
+      "Name", "kubernetes-${var.aws_cluster_name}-bastion-${count.index}",
-        Cluster = "${var.aws_cluster_name}"
+      "Cluster", "${var.aws_cluster_name}",
-        Role = "bastion-${var.aws_cluster_name}-${count.index}"
+      "Role", "bastion-${var.aws_cluster_name}-${count.index}"
-    }
+    ))}"
 }
@ -92,11 +93,11 @@ resource "aws_instance" "k8s-master" {
    key_name = "${var.AWS_SSH_KEY_NAME}"
-    tags {
+    tags = "${merge(var.default_tags, map(
-        Name = "kubernetes-${var.aws_cluster_name}-master${count.index}"
+      "Name", "kubernetes-${var.aws_cluster_name}-master${count.index}",
-        Cluster = "${var.aws_cluster_name}"
+      "Cluster", "${var.aws_cluster_name}",
-        Role = "master"
+      "Role", "master"
-    }
+    ))}"
 }
 resource "aws_elb_attachment" "attach_master_nodes" {
@ -121,12 +122,11 @@ resource "aws_instance" "k8s-etcd" {
    key_name = "${var.AWS_SSH_KEY_NAME}"
-
+    tags = "${merge(var.default_tags, map(
-    tags {
+      "Name", "kubernetes-${var.aws_cluster_name}-etcd${count.index}",
-        Name = "kubernetes-${var.aws_cluster_name}-etcd${count.index}"
+      "Cluster", "${var.aws_cluster_name}",
-        Cluster = "${var.aws_cluster_name}"
+      "Role", "etcd"
-        Role = "etcd"
+    ))}"
    }
 }
@ -146,11 +146,11 @@ resource "aws_instance" "k8s-worker" {
    key_name = "${var.AWS_SSH_KEY_NAME}"
-    tags {
+    tags = "${merge(var.default_tags, map(
-        Name = "kubernetes-${var.aws_cluster_name}-worker${count.index}"
+      "Name", "kubernetes-${var.aws_cluster_name}-worker${count.index}",
-        Cluster = "${var.aws_cluster_name}"
+      "Cluster", "${var.aws_cluster_name}",
-        Role = "worker"
+      "Role", "worker"
-    }
+    ))}"
 }
@ -164,10 +164,10 @@ data "template_file" "inventory" {
    template = "${file("${path.module}/templates/inventory.tpl")}"
    vars {
-        public_ip_address_bastion = "${join("\n",formatlist("bastion ansible_ssh_host=%s" , aws_instance.bastion-server.*.public_ip))}"
+        public_ip_address_bastion = "${join("\n",formatlist("bastion ansible_host=%s" , aws_instance.bastion-server.*.public_ip))}"
-        connection_strings_master = "${join("\n",formatlist("%s ansible_ssh_host=%s",aws_instance.k8s-master.*.tags.Name, aws_instance.k8s-master.*.private_ip))}"
+        connection_strings_master = "${join("\n",formatlist("%s ansible_host=%s",aws_instance.k8s-master.*.tags.Name, aws_instance.k8s-master.*.private_ip))}"
-        connection_strings_node = "${join("\n", formatlist("%s ansible_ssh_host=%s", aws_instance.k8s-worker.*.tags.Name, aws_instance.k8s-worker.*.private_ip))}"
+        connection_strings_node = "${join("\n", formatlist("%s ansible_host=%s", aws_instance.k8s-worker.*.tags.Name, aws_instance.k8s-worker.*.private_ip))}"
-        connection_strings_etcd = "${join("\n",formatlist("%s ansible_ssh_host=%s", aws_instance.k8s-etcd.*.tags.Name, aws_instance.k8s-etcd.*.private_ip))}"
+        connection_strings_etcd = "${join("\n",formatlist("%s ansible_host=%s", aws_instance.k8s-etcd.*.tags.Name, aws_instance.k8s-etcd.*.private_ip))}"
        list_master = "${join("\n",aws_instance.k8s-master.*.tags.Name)}"
        list_node = "${join("\n",aws_instance.k8s-worker.*.tags.Name)}"
        list_etcd = "${join("\n",aws_instance.k8s-etcd.*.tags.Name)}"
--- a/contrib/terraform/aws/modules/elb/main.tf
+++ b/contrib/terraform/aws/modules/elb/main.tf
@ -2,9 +2,9 @@ resource "aws_security_group" "aws-elb" {
    name = "kubernetes-${var.aws_cluster_name}-securitygroup-elb"
    vpc_id = "${var.aws_vpc_id}"
-    tags {
+    tags = "${merge(var.default_tags, map(
-        Name = "kubernetes-${var.aws_cluster_name}-securitygroup-elb"
+      "Name", "kubernetes-${var.aws_cluster_name}-securitygroup-elb"
-    }
+    ))}"
 }
@ -52,7 +52,7 @@ resource "aws_elb" "aws-elb-api" {
  connection_draining = true
  connection_draining_timeout = 400
-  tags {
+  tags = "${merge(var.default_tags, map(
-    Name = "kubernetes-${var.aws_cluster_name}-elb-api"
+    "Name", "kubernetes-${var.aws_cluster_name}-elb-api"
-  }
+  ))}"
 }
--- a/contrib/terraform/aws/modules/elb/variables.tf
+++ b/contrib/terraform/aws/modules/elb/variables.tf
@ -26,3 +26,8 @@ variable "aws_subnet_ids_public" {
    description = "IDs of Public Subnets"
    type = "list"
 }
 variable "default_tags" {
    description = "Tags for all resources"
    type = "map"
 }
--- a/contrib/terraform/aws/modules/iam/main.tf
+++ b/contrib/terraform/aws/modules/iam/main.tf
@ -129,10 +129,10 @@ EOF
 resource "aws_iam_instance_profile" "kube-master" {
    name = "kube_${var.aws_cluster_name}_master_profile"
-    roles = ["${aws_iam_role.kube-master.name}"]
+    role = "${aws_iam_role.kube-master.name}"
 }
 resource "aws_iam_instance_profile" "kube-worker" {
    name = "kube_${var.aws_cluster_name}_node_profile"
-    roles = ["${aws_iam_role.kube-worker.name}"]
+    role = "${aws_iam_role.kube-worker.name}"
 }
--- a/contrib/terraform/aws/modules/vpc/main.tf
+++ b/contrib/terraform/aws/modules/vpc/main.tf
@ -6,9 +6,9 @@ resource "aws_vpc" "cluster-vpc" {
    enable_dns_support = true
    enable_dns_hostnames = true
-    tags {
+    tags = "${merge(var.default_tags, map(
-        Name = "kubernetes-${var.aws_cluster_name}-vpc"
+      "Name", "kubernetes-${var.aws_cluster_name}-vpc"
-    }
+    ))}"
 }
@ -18,13 +18,13 @@ resource "aws_eip" "cluster-nat-eip" {
 }
 resource "aws_internet_gateway" "cluster-vpc-internetgw" {
  vpc_id = "${aws_vpc.cluster-vpc.id}"
-  tags {
+
-      Name = "kubernetes-${var.aws_cluster_name}-internetgw"
+  tags = "${merge(var.default_tags, map(
-  }
+    "Name", "kubernetes-${var.aws_cluster_name}-internetgw"
  ))}"
 }
 resource "aws_subnet" "cluster-vpc-subnets-public" {
@ -33,9 +33,9 @@ resource "aws_subnet" "cluster-vpc-subnets-public" {
    availability_zone = "${element(var.aws_avail_zones, count.index)}"
    cidr_block = "${element(var.aws_cidr_subnets_public, count.index)}"
-    tags {
+    tags = "${merge(var.default_tags, map(
-        Name = "kubernetes-${var.aws_cluster_name}-${element(var.aws_avail_zones, count.index)}-public"
+      "Name", "kubernetes-${var.aws_cluster_name}-${element(var.aws_avail_zones, count.index)}-public"
-    }
+    ))}"
 }
 resource "aws_nat_gateway" "cluster-nat-gateway" {
@ -51,9 +51,9 @@ resource "aws_subnet" "cluster-vpc-subnets-private" {
    availability_zone = "${element(var.aws_avail_zones, count.index)}"
    cidr_block = "${element(var.aws_cidr_subnets_private, count.index)}"
-    tags {
+    tags = "${merge(var.default_tags, map(
-        Name = "kubernetes-${var.aws_cluster_name}-${element(var.aws_avail_zones, count.index)}-private"
+      "Name", "kubernetes-${var.aws_cluster_name}-${element(var.aws_avail_zones, count.index)}-private"
-    }
+    ))}"
 }
 #Routing in VPC
@ -66,9 +66,10 @@ resource "aws_route_table" "kubernetes-public" {
        cidr_block = "0.0.0.0/0"
        gateway_id = "${aws_internet_gateway.cluster-vpc-internetgw.id}"
    }
-    tags {
+
-        Name = "kubernetes-${var.aws_cluster_name}-routetable-public"
+    tags = "${merge(var.default_tags, map(
-    }
+      "Name", "kubernetes-${var.aws_cluster_name}-routetable-public"
    ))}"
 }
 resource "aws_route_table" "kubernetes-private" {
@ -78,9 +79,11 @@ resource "aws_route_table" "kubernetes-private" {
        cidr_block = "0.0.0.0/0"
        nat_gateway_id = "${element(aws_nat_gateway.cluster-nat-gateway.*.id, count.index)}"
    }
-    tags {
+
-        Name = "kubernetes-${var.aws_cluster_name}-routetable-private-${count.index}"
+    tags = "${merge(var.default_tags, map(
-    }
+      "Name", "kubernetes-${var.aws_cluster_name}-routetable-private-${count.index}"
    ))}"
 }
 resource "aws_route_table_association" "kubernetes-public" {
@ -104,9 +107,9 @@ resource "aws_security_group" "kubernetes" {
    name = "kubernetes-${var.aws_cluster_name}-securitygroup"
    vpc_id = "${aws_vpc.cluster-vpc.id}"
-    tags {
+    tags = "${merge(var.default_tags, map(
-        Name = "kubernetes-${var.aws_cluster_name}-securitygroup"
+      "Name", "kubernetes-${var.aws_cluster_name}-securitygroup"
-    }
+    ))}"
 }
 resource "aws_security_group_rule" "allow-all-ingress" {
--- a/contrib/terraform/aws/modules/vpc/outputs.tf
+++ b/contrib/terraform/aws/modules/vpc/outputs.tf
@ -14,3 +14,8 @@ output "aws_security_group" {
    value = ["${aws_security_group.kubernetes.*.id}"]
 }
 output "default_tags" {
    value = "${default_tags}"
 }
--- a/contrib/terraform/aws/modules/vpc/variables.tf
+++ b/contrib/terraform/aws/modules/vpc/variables.tf
@ -22,3 +22,8 @@ variable "aws_cidr_subnets_public" {
  description = "CIDR Blocks for public subnets in Availability zones"
  type    = "list"
 }
 variable "default_tags" {
  description = "Default tags for all resources"
  type = "map"
 }
--- a/contrib/terraform/aws/output.tf
+++ b/contrib/terraform/aws/output.tf
@ -22,3 +22,7 @@ output "aws_elb_api_fqdn" {
 output "inventory" {
    value = "${data.template_file.inventory.rendered}"
 }
 output "default_tags" {
    value = "${default_tags}"
 }
--- a/contrib/terraform/aws/templates/inventory.tpl
+++ b/contrib/terraform/aws/templates/inventory.tpl
@ -1,3 +1,4 @@
 [all]
 ${connection_strings_master}
 ${connection_strings_node}
 ${connection_strings_etcd}
--- a/contrib/terraform/aws/terraform.tfvars
+++ b/contrib/terraform/aws/terraform.tfvars
@ -30,3 +30,8 @@ aws_cluster_ami = "ami-db56b9a3"
 aws_elb_api_port = 6443
 k8s_secure_api_port = 6443
 kube_insecure_apiserver_address = "0.0.0.0"
 default_tags = {
 #  Env = "devtest"
 #  Product = "kubernetes"
 }
--- a/contrib/terraform/aws/variables.tf
+++ b/contrib/terraform/aws/variables.tf
@ -99,3 +99,8 @@ variable "k8s_secure_api_port" {
 variable "loadbalancer_apiserver_address" {
    description= "Bind Address for ELB of K8s API Server"
 }
 variable "default_tags" {
  description = "Default tags for all resources"
  type = "map"
 }