POC setup and deployment of a kubernetes cluster for use as a personal compute platform
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

103 lines
2.6KB

  1. terraform {
  2. required_version = "~> 0.12"
  3. }
  4. provider "digitalocean" {
  5. version = "~> 1.7"
  6. }
  7. provider "kubernetes" {
  8. version = "~> 1.9"
  9. host = "${digitalocean_kubernetes_cluster.this.endpoint}"
  10. client_certificate = base64decode(digitalocean_kubernetes_cluster.this.kube_config.0.client_certificate)
  11. client_key = base64decode(digitalocean_kubernetes_cluster.this.kube_config.0.client_key)
  12. cluster_ca_certificate = base64decode(digitalocean_kubernetes_cluster.this.kube_config.0.cluster_ca_certificate)
  13. }
  14. provider "helm" {
  15. version = "~> 0.10"
  16. kubernetes {
  17. host = "${digitalocean_kubernetes_cluster.this.endpoint}"
  18. client_certificate = base64decode(digitalocean_kubernetes_cluster.this.kube_config.0.client_certificate)
  19. client_key = base64decode(digitalocean_kubernetes_cluster.this.kube_config.0.client_key)
  20. cluster_ca_certificate = base64decode(digitalocean_kubernetes_cluster.this.kube_config.0.cluster_ca_certificate)
  21. }
  22. }
  23. resource "digitalocean_ssh_key" "collin_doering" {
  24. name = "yubikey"
  25. public_key = "${file("/home/collin/.ssh/id_rsa.pub")}"
  26. }
  27. resource "digitalocean_kubernetes_cluster" "this" {
  28. name = var.name
  29. region = var.region
  30. version = var.k8s_version
  31. tags = var.tags
  32. node_pool {
  33. name = "default-pool"
  34. size = var.node_size
  35. node_count = var.node_count
  36. tags = var.node_tags
  37. }
  38. }
  39. resource "kubernetes_service_account" "admin_user" {
  40. metadata {
  41. name = var.admin_user_name
  42. namespace = "kube-system"
  43. }
  44. }
  45. resource "kubernetes_cluster_role_binding" "admin_user" {
  46. metadata {
  47. name = var.admin_user_name
  48. }
  49. role_ref {
  50. kind = "ClusterRole"
  51. name = "cluster-admin"
  52. api_group = "rbac.authorization.k8s.io"
  53. }
  54. subject {
  55. kind = "ServiceAccount"
  56. name = var.admin_user_name
  57. namespace = "kube-system"
  58. }
  59. }
  60. resource "helm_release" "kubernetes_dashboard" {
  61. name = "kubernetes-dashboard"
  62. chart = "stable/kubernetes-dashboard"
  63. namespace = "kube-system"
  64. }
  65. data "helm_repository" "istio" {
  66. name = "istio.io"
  67. url = "https://storage.googleapis.com/istio-release/releases/1.2.5/charts/"
  68. }
  69. resource "helm_release" "istio_init" {
  70. name = "istio-init"
  71. repository = data.helm_repository.istio.metadata.0.name
  72. chart = "istio.io/istio-init"
  73. namespace = "istio-system"
  74. provisioner "local-exec" {
  75. command = "sleep 3m"
  76. }
  77. }
  78. resource "helm_release" "istio" {
  79. name = "istio"
  80. repository = data.helm_repository.istio.metadata.0.name
  81. chart = "istio.io/istio"
  82. namespace = "istio-system"
  83. depends_on = [helm_release.istio_init]
  84. }