103 wiersze
2.6 KiB
HCL
103 wiersze
2.6 KiB
HCL
terraform {
|
|
required_version = "~> 0.12"
|
|
}
|
|
|
|
provider "digitalocean" {
|
|
version = "~> 1.7"
|
|
}
|
|
|
|
provider "kubernetes" {
|
|
version = "~> 1.9"
|
|
|
|
host = "${digitalocean_kubernetes_cluster.this.endpoint}"
|
|
|
|
client_certificate = base64decode(digitalocean_kubernetes_cluster.this.kube_config.0.client_certificate)
|
|
client_key = base64decode(digitalocean_kubernetes_cluster.this.kube_config.0.client_key)
|
|
cluster_ca_certificate = base64decode(digitalocean_kubernetes_cluster.this.kube_config.0.cluster_ca_certificate)
|
|
}
|
|
|
|
provider "helm" {
|
|
version = "~> 0.10"
|
|
|
|
kubernetes {
|
|
host = "${digitalocean_kubernetes_cluster.this.endpoint}"
|
|
|
|
client_certificate = base64decode(digitalocean_kubernetes_cluster.this.kube_config.0.client_certificate)
|
|
client_key = base64decode(digitalocean_kubernetes_cluster.this.kube_config.0.client_key)
|
|
cluster_ca_certificate = base64decode(digitalocean_kubernetes_cluster.this.kube_config.0.cluster_ca_certificate)
|
|
}
|
|
}
|
|
|
|
resource "digitalocean_ssh_key" "collin_doering" {
|
|
name = "yubikey"
|
|
public_key = "${file("/home/collin/.ssh/id_rsa.pub")}"
|
|
}
|
|
|
|
resource "digitalocean_kubernetes_cluster" "this" {
|
|
name = var.name
|
|
region = var.region
|
|
version = var.k8s_version
|
|
tags = var.tags
|
|
|
|
node_pool {
|
|
name = "default-pool"
|
|
size = var.node_size
|
|
node_count = var.node_count
|
|
tags = var.node_tags
|
|
}
|
|
}
|
|
|
|
resource "kubernetes_service_account" "admin_user" {
|
|
metadata {
|
|
name = var.admin_user_name
|
|
namespace = "kube-system"
|
|
}
|
|
}
|
|
|
|
resource "kubernetes_cluster_role_binding" "admin_user" {
|
|
metadata {
|
|
name = var.admin_user_name
|
|
}
|
|
role_ref {
|
|
kind = "ClusterRole"
|
|
name = "cluster-admin"
|
|
api_group = "rbac.authorization.k8s.io"
|
|
}
|
|
subject {
|
|
kind = "ServiceAccount"
|
|
name = var.admin_user_name
|
|
namespace = "kube-system"
|
|
}
|
|
}
|
|
|
|
resource "helm_release" "kubernetes_dashboard" {
|
|
name = "kubernetes-dashboard"
|
|
chart = "stable/kubernetes-dashboard"
|
|
namespace = "kube-system"
|
|
}
|
|
|
|
data "helm_repository" "istio" {
|
|
name = "istio.io"
|
|
url = "https://storage.googleapis.com/istio-release/releases/1.2.5/charts/"
|
|
}
|
|
|
|
resource "helm_release" "istio_init" {
|
|
name = "istio-init"
|
|
repository = data.helm_repository.istio.metadata.0.name
|
|
chart = "istio.io/istio-init"
|
|
namespace = "istio-system"
|
|
|
|
provisioner "local-exec" {
|
|
command = "sleep 3m"
|
|
}
|
|
}
|
|
|
|
resource "helm_release" "istio" {
|
|
name = "istio"
|
|
repository = data.helm_repository.istio.metadata.0.name
|
|
chart = "istio.io/istio"
|
|
namespace = "istio-system"
|
|
|
|
depends_on = [helm_release.istio_init]
|
|
}
|