Browse Source

-- added readme

-- commented not working code
sagnik-dev
Rick 5 months ago
parent
commit
51102e7f4c
No known key found for this signature in database GPG Key ID: 95CF60F2BBC75B7
  1. 11
      terraform/K3S/README.MD
  2. 176
      terraform/K3S/insecure.main.tf

11
terraform/K3S/README.MD

@ -0,0 +1,11 @@
## K3S using terraform and openstack
Using these scripts a K3S culster will be installed in the openstack cluster.
To change the values such as node count, DNS, PV size please use the tfvars file which is located in the same location.
- A wait time has been implimented as we were not able to set a time till the cluster comes up. we clould have also checked the file but in K3S as soon as the process in executed the file is created so we cant base it thus we have added a timer of 120s but depends on cluster load and netspeed
- Note of `num_worker_nodes` is set to `0` the master will become a single node K3S cluster. if its more than 0 then a taint will be applied into master so no pods can go there
- In the script we have allowed all inbound traffic which should not be done a sample code to allow specific ports are given there. Its always good idea to open only needed ports

176
terraform/K3S/insecure.main.tf

@ -388,96 +388,96 @@ resource "openstack_compute_volume_attach_v2" "k3s_worker_volume_attach" {
## Works till here
data "kubernetes_namespace" "existing" {
metadata {
name = "kube-system"
}
}
resource "kubernetes_namespace" "default" {
count = data.kubernetes_namespace.existing.id != null ? 0 : 1
depends_on = [null_resource.delay_workers]
metadata {
name = "kube-system"
}
}
resource "kubernetes_deployment" "traefik" {
metadata {
name = "traefik"
namespace = "kube-system"
labels = {
app = "traefik"
}
}
spec {
replicas = 1
selector {
match_labels = {
app = "traefik"
}
}
template {
metadata {
labels = {
app = "traefik"
}
}
spec {
container {
name = "traefik"
image = "traefik:v2.4"
args = ["--providers.kubernetescrd", "--entrypoints.web.Address=:80", "--entrypoints.websecure.Address=:443"]
port {
name = "web"
container_port = 80
}
port {
name = "websecure"
container_port = 443
}
}
}
}
}
}
resource "kubernetes_service" "traefik" {
metadata {
name = "traefik"
namespace = "kube-system"
labels = {
app = "traefik"
}
}
# data "kubernetes_namespace" "existing" {
# metadata {
# name = "kube-system"
# }
# }
spec {
selector = {
app = "traefik"
}
# resource "kubernetes_namespace" "default" {
# count = data.kubernetes_namespace.existing.id != null ? 0 : 1
# depends_on = [null_resource.delay_workers]
# metadata {
# name = "kube-system"
# }
# }
type = "LoadBalancer"
port {
name = "web"
port = 80
target_port = 80
}
# resource "kubernetes_deployment" "traefik" {
# metadata {
# name = "traefik"
# namespace = "kube-system"
# labels = {
# app = "traefik"
# }
# }
# spec {
# replicas = 1
# selector {
# match_labels = {
# app = "traefik"
# }
# }
# template {
# metadata {
# labels = {
# app = "traefik"
# }
# }
# spec {
# container {
# name = "traefik"
# image = "traefik:v2.4"
# args = ["--providers.kubernetescrd", "--entrypoints.web.Address=:80", "--entrypoints.websecure.Address=:443"]
# port {
# name = "web"
# container_port = 80
# }
# port {
# name = "websecure"
# container_port = 443
# }
# }
# }
# }
# }
# }
port {
name = "websecure"
port = 443
target_port = 443
}
}
}
# resource "kubernetes_service" "traefik" {
# metadata {
# name = "traefik"
# namespace = "kube-system"
# labels = {
# app = "traefik"
# }
# }
# spec {
# selector = {
# app = "traefik"
# }
# type = "LoadBalancer"
# port {
# name = "web"
# port = 80
# target_port = 80
# }
# port {
# name = "websecure"
# port = 443
# target_port = 443
# }
# }
# }
output "traefik_lb_ip" {
value = flatten([for s in kubernetes_service.traefik.status : [for i in s.load_balancer.ingress : i.ip]])
}
# output "traefik_lb_ip" {
# value = flatten([for s in kubernetes_service.traefik.status : [for i in s.load_balancer.ingress : i.ip]])
# }
Loading…
Cancel
Save