From 9b40bfd3417e112527e22835af510c14b13d99a8 Mon Sep 17 00:00:00 2001
From: Nemo <me@captnemo.in>
Date: Sat, 12 Jan 2019 23:03:39 +0530
Subject: [PATCH] [k8s] S01E01 Control Plane: etcd
This brings up etcd using the terraform docker provider
to my Digital Ocean VPN Server. The listen address is set to the
VPN Address (10.8.0.1 = openvpn master server, also running on the
same server).
/mnt/disk is a Digital Ocean Volume attached to the instance.
---
kubernetes.tf | 9 +++++++++
variables.tf | 1 +
cloudflare/main.tf | 19 +++++++++++++++++++
media/airsonic.tf | 13 +++++++++++--
media/jackett.tf | 2 --
media/radarr.tf | 2 --
modules/container/main.tf | 3 ++-
modules/container/vars.tf | 6 ++++++
modules/etcd/main.tf | 48 ++++++++++++++++++++++++++++++++++++++++++++++++
modules/etcd/variables.tf | 15 +++++++++++++++
10 files changed, 110 insertions(+), 8 deletions(-)
diff --git a/kubernetes.tf b/kubernetes.tf
new file mode 100644
index 0000000..8ab7a7e 100644
--- /dev/null
+++ a/kubernetes.tf
@@ -1,0 +1,9 @@
+module "etcd" {
+ source = "modules/etcd"
+ host_ip = "${var.ips["dovpn"]}"
+ data_dir = "/mnt/xwing/etcd"
+
+ providers = {
+ docker = "docker.sydney"
+ }
+}
diff --git a/variables.tf b/variables.tf
index 1f50bdc..7a4dce8 100644
--- a/variables.tf
+++ a/variables.tf
@@ -27,6 +27,7 @@
default = {
eth0 = "192.168.1.111"
tun0 = "10.8.0.14"
+ dovpn = "10.8.0.1"
static = "139.59.48.222"
}
}
diff --git a/cloudflare/main.tf b/cloudflare/main.tf
index 40e71f6..dd3fb0a 100644
--- a/cloudflare/main.tf
+++ a/cloudflare/main.tf
@@ -64,6 +64,25 @@
ttl = 3600
}
+/**
+ * vpn.bb8.fun
+ * *.vpn.bb8.fun
+ */
+resource "cloudflare_record" "dovpn" {
+ domain = "${var.domain}"
+ name = "dovpn"
+ value = "${var.ips["dovpn"]}"
+ type = "A"
+}
+
+resource "cloudflare_record" "dovpn_wildcard" {
+ domain = "${var.domain}"
+ name = "*.dovpn.${var.domain}"
+ value = "${cloudflare_record.dovpn.hostname}"
+ type = "CNAME"
+ ttl = 3600
+}
+
########################
## Mailgun Mailing Lists
########################
diff --git a/media/airsonic.tf b/media/airsonic.tf
index 74986bf..695e5a0 100644
--- a/media/airsonic.tf
+++ a/media/airsonic.tf
@@ -1,10 +1,10 @@
module "airsonic" {
source = "../modules/container"
image = "linuxserver/airsonic:latest"
name = "airsonic"
resource {
- memory = "256"
+ memory = "1024"
}
web {
@@ -13,14 +13,17 @@
expose = true
}
- user = "lounge:audio"
-
env = [
"PUID=1004",
"PGID=1003",
"TZ=Asia/Kolkata",
"JAVA_OPTS=-Xmx512m -Dserver.use-forward-headers=true -Dserver.context-path=/",
]
+
+ devices = [{
+ host_path = "/dev/snd"
+ container_path = "/dev/snd"
+ }]
# files = [
# "/usr/lib/jvm/java-1.8-openjdk/jre/lib/airsonic.properties",
@@ -49,6 +52,10 @@
{
host_path = "/mnt/xwing/config/airsonic/podcasts"
container_path = "/podcasts"
+ },
+ {
+ host_path = "/mnt/xwing/config/airsonic/jre"
+ container_path = "/usr/lib/jvm/java-1.8-openjdk/jre/lib/"
},
]
}
diff --git a/media/jackett.tf b/media/jackett.tf
index e036c62..3b54030 100644
--- a/media/jackett.tf
+++ a/media/jackett.tf
@@ -9,8 +9,6 @@
host = "jackett.${var.domain}"
}
- networks = ["${docker_network.media.id}", "${var.traefik-network-id}"]
-
volumes = [{
host_path = "/mnt/xwing/config/jackett"
container_path = "/config"
diff --git a/media/radarr.tf b/media/radarr.tf
index d656a10..06ef78f 100644
--- a/media/radarr.tf
+++ a/media/radarr.tf
@@ -14,8 +14,6 @@
memory_swap = 1024
}
- networks = ["${docker_network.media.id}", "${var.traefik-network-id}"]
-
volumes = [
{
host_path = "/mnt/xwing/config/radarr"
diff --git a/modules/container/main.tf b/modules/container/main.tf
index 2c9d59c..248bb55 100644
--- a/modules/container/main.tf
+++ a/modules/container/main.tf
@@ -1,9 +1,9 @@
data "docker_registry_image" "image" {
name = "${var.image}"
}
resource "docker_image" "image" {
- name = "${data.docker_registry_image.image.name}"
+ name = "${var.image}"
pull_triggers = ["${data.docker_registry_image.image.sha256_digest}"]
}
@@ -31,6 +31,7 @@
memory_swap = "${local.resource["memory_swap"]}"
volumes = ["${var.volumes}"]
+ devices = ["${var.devices}"]
# Look at this monstrosity
# And then https://github.com/hashicorp/terraform/issues/12453#issuecomment-365569618
diff --git a/modules/container/vars.tf b/modules/container/vars.tf
index 0540ab0..b77fda6 100644
--- a/modules/container/vars.tf
+++ a/modules/container/vars.tf
@@ -88,3 +88,9 @@
type = "list"
default = []
}
+
+variable "devices" {
+ description = "volumes"
+ type = "list"
+ default = []
+}
diff --git a/modules/etcd/main.tf b/modules/etcd/main.tf
new file mode 100644
index 0000000..fb22601 100644
--- /dev/null
+++ a/modules/etcd/main.tf
@@ -1,0 +1,48 @@
+module "container" {
+ source = "../container"
+ image = "captn3m0/etcd:v3.3.11"
+ name = "etcd"
+
+ web = {
+ expose = false
+ host = ""
+ }
+
+ networks = []
+
+ volumes = [
+ {
+ host_path = "/usr/share/ca-certificates/"
+ container_path = "/etc/ssl/certs"
+ },
+ {
+ host_path = "${var.data_dir}"
+ container_path = "/etcd-data"
+ },
+ ]
+
+ ports = [
+ {
+ internal = 2379
+ external = 2379
+ ip = "${var.host_ip}"
+ },
+ {
+ internal = 2380
+ external = 2380
+ ip = "${var.host_ip}"
+ },
+ ]
+
+ command = [
+ "/usr/local/bin/etcd",
+ "--data-dir=/etcd-data",
+ "--name=${var.node_name}",
+ "--advertise-client-urls=http://${var.host_ip}:2379",
+ "--initial-advertise-peer-urls=http://${var.host_ip}:2380",
+ "--initial-cluster=${var.node_name}=http://${var.host_ip}:2380",
+ ]
+
+ # "--listen-client-urls=http://0.0.0.0:2379",
+ # "--listen-peer-urls=http://0.0.0.0:2380",
+}
diff --git a/modules/etcd/variables.tf b/modules/etcd/variables.tf
new file mode 100644
index 0000000..dbaef83 100644
--- /dev/null
+++ a/modules/etcd/variables.tf
@@ -1,0 +1,15 @@
+variable "host_ip" {
+ description = "Host IP Address to bind etcd to"
+ type = "string"
+ default = "0.0.0.0"
+}
+
+variable "data_dir" {
+ description = "Directory on host to mount to /etcd-data"
+ type = "string"
+}
+
+variable "node_name" {
+ description = "name of the etcd node"
+ default = "master"
+}
--
rgit 0.1.5