e70bc92bb0
Squashed commits: [f9355ea
] Swap order in which we reload docker/socket [2ca6819
] Reload docker.socket after installing flannel on coreos Workaround for #569 [9f976e5
] Vagrantfile: setup proxy inside virtual machines In corporate networks, it is good to pre-configure proxy variables. [9d7142f
] Vagrantfile: use Ubuntu 16.04 LTS Use recent supported version of Ubuntu for local development setup with Vagrant. [50f77cc
] Add CI test layouts * Drop Wily from test matrix * Replace the Wily cases dropped with extra cases to test separate roles deployment Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com> [03e162b
] Update OWNERS [c7b00ca
] Use tar+register instead of copy/slurp for distributing tokens and certs Related bug: https://github.com/ansible/ansible/issues/15405 Uses tar and register because synchronize module cannot sudo on the remote side correctly and copy is too slow. This patch dramatically cuts down the number of tasks to process for cert synchronization. [2778ac6
] Add new var skip_dnsmasq_k8s If skip_dnsmasq is set, it will still not set up dnsmasq k8s pod. This enables independent setup of resolvconf section before kubelet is up.
138 lines
4.5 KiB
HCL
138 lines
4.5 KiB
HCL
resource "openstack_networking_floatingip_v2" "k8s_master" {
|
|
count = "${var.number_of_k8s_masters}"
|
|
pool = "${var.floatingip_pool}"
|
|
}
|
|
|
|
resource "openstack_networking_floatingip_v2" "k8s_node" {
|
|
count = "${var.number_of_k8s_nodes}"
|
|
pool = "${var.floatingip_pool}"
|
|
}
|
|
|
|
|
|
resource "openstack_compute_keypair_v2" "k8s" {
|
|
name = "kubernetes-${var.cluster_name}"
|
|
public_key = "${file(var.public_key_path)}"
|
|
}
|
|
|
|
resource "openstack_compute_secgroup_v2" "k8s_master" {
|
|
name = "${var.cluster_name}-k8s-master"
|
|
description = "${var.cluster_name} - Kubernetes Master"
|
|
}
|
|
|
|
resource "openstack_compute_secgroup_v2" "k8s" {
|
|
name = "${var.cluster_name}-k8s"
|
|
description = "${var.cluster_name} - Kubernetes"
|
|
rule {
|
|
ip_protocol = "tcp"
|
|
from_port = "22"
|
|
to_port = "22"
|
|
cidr = "0.0.0.0/0"
|
|
}
|
|
rule {
|
|
ip_protocol = "icmp"
|
|
from_port = "-1"
|
|
to_port = "-1"
|
|
cidr = "0.0.0.0/0"
|
|
}
|
|
rule {
|
|
ip_protocol = "tcp"
|
|
from_port = "1"
|
|
to_port = "65535"
|
|
self = true
|
|
}
|
|
rule {
|
|
ip_protocol = "udp"
|
|
from_port = "1"
|
|
to_port = "65535"
|
|
self = true
|
|
}
|
|
rule {
|
|
ip_protocol = "icmp"
|
|
from_port = "-1"
|
|
to_port = "-1"
|
|
self = true
|
|
}
|
|
}
|
|
|
|
resource "openstack_compute_instance_v2" "k8s_master" {
|
|
name = "${var.cluster_name}-k8s-master-${count.index+1}"
|
|
count = "${var.number_of_k8s_masters}"
|
|
image_name = "${var.image}"
|
|
flavor_id = "${var.flavor_k8s_master}"
|
|
key_pair = "${openstack_compute_keypair_v2.k8s.name}"
|
|
network {
|
|
name = "${var.network_name}"
|
|
}
|
|
security_groups = [ "${openstack_compute_secgroup_v2.k8s_master.name}",
|
|
"${openstack_compute_secgroup_v2.k8s.name}" ]
|
|
floating_ip = "${element(openstack_networking_floatingip_v2.k8s_master.*.address, count.index)}"
|
|
metadata = {
|
|
ssh_user = "${var.ssh_user}"
|
|
kubespray_groups = "etcd,kube-master,kube-node,k8s-cluster"
|
|
}
|
|
|
|
}
|
|
|
|
|
|
resource "openstack_compute_instance_v2" "k8s_master_no_floating_ip" {
|
|
name = "${var.cluster_name}-k8s-master-nf-${count.index+1}"
|
|
count = "${var.number_of_k8s_masters_no_floating_ip}"
|
|
image_name = "${var.image}"
|
|
flavor_id = "${var.flavor_k8s_master}"
|
|
key_pair = "${openstack_compute_keypair_v2.k8s.name}"
|
|
network {
|
|
name = "${var.network_name}"
|
|
}
|
|
security_groups = [ "${openstack_compute_secgroup_v2.k8s_master.name}",
|
|
"${openstack_compute_secgroup_v2.k8s.name}" ]
|
|
metadata = {
|
|
ssh_user = "${var.ssh_user}"
|
|
kubespray_groups = "etcd,kube-master,kube-node,k8s-cluster"
|
|
}
|
|
provisioner "local-exec" {
|
|
command = "sed s/USER/${var.ssh_user}/ contrib/terraform/openstack/ansible_bastion_template.txt | sed s/BASTION_ADDRESS/${element(openstack_networking_floatingip_v2.k8s_master.*.address, 0)}/ > contrib/terraform/openstack/group_vars/k8s-cluster.yml"
|
|
}
|
|
}
|
|
|
|
resource "openstack_compute_instance_v2" "k8s_node" {
|
|
name = "${var.cluster_name}-k8s-node-${count.index+1}"
|
|
count = "${var.number_of_k8s_nodes}"
|
|
image_name = "${var.image}"
|
|
flavor_id = "${var.flavor_k8s_node}"
|
|
key_pair = "${openstack_compute_keypair_v2.k8s.name}"
|
|
network {
|
|
name = "${var.network_name}"
|
|
}
|
|
security_groups = ["${openstack_compute_secgroup_v2.k8s.name}" ]
|
|
floating_ip = "${element(openstack_networking_floatingip_v2.k8s_node.*.address, count.index)}"
|
|
metadata = {
|
|
ssh_user = "${var.ssh_user}"
|
|
kubespray_groups = "kube-node,k8s-cluster"
|
|
}
|
|
}
|
|
|
|
resource "openstack_compute_instance_v2" "k8s_node_no_floating_ip" {
|
|
name = "${var.cluster_name}-k8s-node-nf-${count.index+1}"
|
|
count = "${var.number_of_k8s_nodes_no_floating_ip}"
|
|
image_name = "${var.image}"
|
|
flavor_id = "${var.flavor_k8s_node}"
|
|
key_pair = "${openstack_compute_keypair_v2.k8s.name}"
|
|
network {
|
|
name = "${var.network_name}"
|
|
}
|
|
security_groups = ["${openstack_compute_secgroup_v2.k8s.name}" ]
|
|
metadata = {
|
|
ssh_user = "${var.ssh_user}"
|
|
kubespray_groups = "kube-node,k8s-cluster"
|
|
}
|
|
provisioner "local-exec" {
|
|
command = "sed s/USER/${var.ssh_user}/ contrib/terraform/openstack/ansible_bastion_template.txt | sed s/BASTION_ADDRESS/${element(openstack_networking_floatingip_v2.k8s_master.*.address, 0)}/ > contrib/terraform/openstack/group_vars/k8s-cluster.yml"
|
|
}
|
|
}
|
|
|
|
|
|
|
|
|
|
#output "msg" {
|
|
# value = "Your hosts are ready to go!\nYour ssh hosts are: ${join(", ", openstack_networking_floatingip_v2.k8s_master.*.address )}"
|
|
#}
|