From 6586244fa87948723ab4c4345fcc0e0c7b7d2f2c Mon Sep 17 00:00:00 2001
From: Nemo <me@captnemo.in>
Date: Sun, 27 Jan 2019 18:56:12 +0530
Subject: [PATCH] Adds etcd secrets to bootkube-start

---
 kubernetes.tf            |  2 +-
 cloudflare/main.tf       |  6 +++---
 modules/bootkube/main.tf | 18 +++++++++++++++++-
 modules/kubelet/main.tf  |  8 +++++++-
 4 files changed, 26 insertions(+), 8 deletions(-)

diff --git a/kubernetes.tf b/kubernetes.tf
index 5c44a68..db86c00 100644
--- a/kubernetes.tf
+++ a/kubernetes.tf
@@ -70,7 +70,7 @@
   source = "git::https://github.com/poseidon/terraform-render-bootkube.git?ref=bcbdddd8d07c99ab88b2e9ebfb662de4c104de0a"
 
   cluster_name          = "k8s.bb8.fun"
-  api_servers           = ["10.8.0.1", "k8s.bb8.fun"]
+  api_servers           = ["k8s.bb8.fun"]
   cluster_domain_suffix = "k8s.bb8.fun"
   etcd_servers          = ["etcd.bb8.fun"]
   asset_dir             = "./k8s"
diff --git a/cloudflare/main.tf b/cloudflare/main.tf
index 32f3969..9fb6ab6 100644
--- a/cloudflare/main.tf
+++ a/cloudflare/main.tf
@@ -124,10 +124,10 @@
   priority = 20
 }
 
-resource "cloudflare_record" "k8s-talk" {
+resource "cloudflare_record" "k8s" {
   domain = "${var.domain}"
   name   = "k8s"
-  value  = "lightsaber.captnemo.in"
-  type   = "CNAME"
+  value  = "10.8.0.1"
+  type   = "A"
   ttl    = 3600
 }
diff --git a/modules/bootkube/main.tf b/modules/bootkube/main.tf
index 4e8896a..710506e 100644
--- a/modules/bootkube/main.tf
+++ a/modules/bootkube/main.tf
@@ -1,10 +1,10 @@
 resource "docker_container" "bootkube" {
   image = "${docker_image.image.latest}"
   name  = "bootkube"
 
   volumes {
-    container_path = "/etc/kubernetes/manifests"
-    host_path      = "/etc/kubernetes/manifests"
+    container_path = "/etc/kubernetes"
+    host_path      = "/etc/kubernetes"
   }
 
   # bootstrap manifests
@@ -20,6 +20,20 @@
   upload {
     content = "${file("${var.asset-dir}/bootstrap-manifests/bootstrap-scheduler.yaml")}"
     file    = "/home/.bootkube/bootstrap-manifests/bootstrap-scheduler.yaml"
+  }
+  # etcd secrets
+  #
+  upload {
+    file    = "/home/.bootkube/tls/etcd-client-ca.crt"
+    content = "${file("${var.asset-dir}/tls/etcd-client-ca.crt")}"
+  }
+  upload {
+    file    = "/home/.bootkube/tls/etcd-client.crt"
+    content = "${file("${var.asset-dir}/tls/etcd-client.crt")}"
+  }
+  upload {
+    file    = "/home/.bootkube/tls/etcd-client.key"
+    content = "${file("${var.asset-dir}/tls/etcd-client.key")}"
   }
   # Cluster Networking
   upload {
diff --git a/modules/kubelet/main.tf b/modules/kubelet/main.tf
index 06f9e96..b85ca93 100644
--- a/modules/kubelet/main.tf
+++ a/modules/kubelet/main.tf
@@ -84,8 +84,12 @@
   // Deviates from kubelet-wrapper
 
   volumes {
-    container_path = "/var/lib/cni"
-    host_path      = "/var/lib/cni"
+    container_path = "/opt/cni/bin"
+    host_path      = "/opt/cni/bin"
+  }
+  volumes {
+    container_path = "/etc/cni/net.d"
+    host_path      = "/etc/cni/net.d"
   }
   #
   # "There is no war within the container. Here we are safe. Here we are free."
--
rgit 0.1.5