aboutsummaryrefslogtreecommitdiffstats
path: root/openlab/modules/kubernetes
diff options
context:
space:
mode:
Diffstat (limited to 'openlab/modules/kubernetes')
-rw-r--r--openlab/modules/kubernetes/kubernetes/main.tf48
-rw-r--r--openlab/modules/kubernetes/kubernetes/variables.tf5
-rw-r--r--openlab/modules/kubernetes/rancher/data.tf15
-rw-r--r--openlab/modules/kubernetes/rancher/main.tf55
-rw-r--r--openlab/modules/kubernetes/rancher/output.tf7
-rw-r--r--openlab/modules/kubernetes/rancher/variables.tf17
6 files changed, 147 insertions, 0 deletions
diff --git a/openlab/modules/kubernetes/kubernetes/main.tf b/openlab/modules/kubernetes/kubernetes/main.tf
new file mode 100644
index 0000000..eccbcd4
--- /dev/null
+++ b/openlab/modules/kubernetes/kubernetes/main.tf
@@ -0,0 +1,48 @@
+provider "helm" {
+ version = "~> 0.10.0"
+ init_helm_home = true
+ install_tiller = true
+ service_account = var.service_account
+ namespace = var.namespace
+ tiller_image = "gcr.io/kubernetes-helm/tiller:v2.16.6"
+
+ kubernetes {
+ config_path = "${var.kubernetes_home}/kube_config_cluster.yaml"
+ }
+}
+
+provider "kubernetes" {
+ version = ">= 1.10"
+ load_config_file = true
+}
+
+resource "kubernetes_service_account" "tiller" {
+ automount_service_account_token = true
+
+ metadata {
+ name = var.service_account
+ namespace = var.namespace
+ }
+}
+
+resource "kubernetes_cluster_role_binding" "tiller" {
+ metadata {
+ name = "tiller"
+ }
+
+ role_ref {
+ api_group = "rbac.authorization.k8s.io"
+ kind = "ClusterRole"
+ name = "cluster-admin"
+ }
+
+ subject {
+ kind = "ServiceAccount"
+ name = kubernetes_service_account.tiller.metadata.0.name
+ namespace = kubernetes_service_account.tiller.metadata.0.namespace
+ }
+
+ provisioner "local-exec" {
+ command = "helm init --service-account ${var.service_account};kubectl -n ${var.namespace} rollout status deployment/tiller-deploy"
+ }
+}
diff --git a/openlab/modules/kubernetes/kubernetes/variables.tf b/openlab/modules/kubernetes/kubernetes/variables.tf
new file mode 100644
index 0000000..6e26b85
--- /dev/null
+++ b/openlab/modules/kubernetes/kubernetes/variables.tf
@@ -0,0 +1,5 @@
+variable "kubernetes_home" {}
+
+variable "service_account" {}
+
+variable "namespace" {} \ No newline at end of file
diff --git a/openlab/modules/kubernetes/rancher/data.tf b/openlab/modules/kubernetes/rancher/data.tf
new file mode 100644
index 0000000..fa38a55
--- /dev/null
+++ b/openlab/modules/kubernetes/rancher/data.tf
@@ -0,0 +1,15 @@
+data "terraform_remote_state" "control_plane_floating_ips" {
+ backend = var.backend
+ config = {
+ bucket = var.backend_state
+ prefix = "${var.region}/${var.environment}/compute/control/terraform.tfstate"
+ }
+}
+
+data "terraform_remote_state" "worker_node_floating_ips" {
+ backend = var.backend
+ config = {
+ bucket = var.backend_state
+ prefix = "${var.region}/${var.environment}/compute/worker/terraform.tfstate"
+ }
+}
diff --git a/openlab/modules/kubernetes/rancher/main.tf b/openlab/modules/kubernetes/rancher/main.tf
new file mode 100644
index 0000000..b787f0b
--- /dev/null
+++ b/openlab/modules/kubernetes/rancher/main.tf
@@ -0,0 +1,55 @@
+# If your terraform version is < 0.13-beta, manual installation is needed.
+# https://github.com/rancher/terraform-provider-rke
+provider "rke" {}
+
+locals {
+ control_node = [for ip in (flatten(data.terraform_remote_state.control_plane_floating_ips.outputs.floating_ips)): {
+ address = ip
+ role = "control"
+ }]
+ worker_node = [for ip in (flatten(data.terraform_remote_state.worker_node_floating_ips.outputs.floating_ips)): {
+ address = ip
+ role = "worker"
+ }]
+
+ all_node = concat(local.control_node, local.worker_node)
+}
+
+resource "rke_cluster" "cluster" {
+ kubernetes_version = var.kubernetes_version
+ cluster_name = var.kubernetes_cluster_name
+
+ dynamic nodes {
+
+ for_each = local.all_node
+
+ content {
+ address = nodes.value.address
+ user = var.kubernetes_user
+ role = (nodes.value.role == "control") ? [ "controlplane", "etcd" ] : ["worker"]
+ }
+ }
+
+ # You have to have private key on your machine excuting terraform
+ # An Openstack keypair is generated and stored within the remote state at
+ # "${var.region}/${var.environment}/keypair/terraform.tfstate"
+ ssh_key_path = var.ssh_private_key_path
+
+ disable_port_check = false
+
+ depends_on = [null_resource.wait-for-docker]
+}
+
+resource "local_file" "kube_cluster_yaml" {
+ filename = "${var.kubernetes_home}/kube_config_cluster.yaml"
+ sensitive_content = rke_cluster.cluster.kube_config_yaml
+}
+
+resource "null_resource" "wait-for-docker" {
+ provisioner "local-exec" {
+ # wait untill VM's bootstrapping's done
+ # If your VMs for Computing node have finished bootstrapping already,
+ # you may not need this waiting time
+ command = "sleep 120"
+ }
+}
diff --git a/openlab/modules/kubernetes/rancher/output.tf b/openlab/modules/kubernetes/rancher/output.tf
new file mode 100644
index 0000000..aa25e43
--- /dev/null
+++ b/openlab/modules/kubernetes/rancher/output.tf
@@ -0,0 +1,7 @@
+output "ips" {
+ value = local.all_node
+}
+
+output "kube_config_file" {
+ value = local_file.kube_cluster_yaml.filename
+} \ No newline at end of file
diff --git a/openlab/modules/kubernetes/rancher/variables.tf b/openlab/modules/kubernetes/rancher/variables.tf
new file mode 100644
index 0000000..8d63243
--- /dev/null
+++ b/openlab/modules/kubernetes/rancher/variables.tf
@@ -0,0 +1,17 @@
+variable "backend" {}
+
+variable "backend_state" {}
+
+variable "region" {}
+
+variable "environment" {}
+
+variable "ssh_private_key_path" {}
+
+variable "kubernetes_user" {}
+
+variable "kubernetes_version" {}
+
+variable "kubernetes_cluster_name" {}
+
+variable "kubernetes_home" {}