Adds etcd secrets to bootkube-start
This commit is contained in:
parent
0956877ac7
commit
6586244fa8
|
@ -124,10 +124,10 @@ resource "cloudflare_record" "mailgun-mxb" {
|
||||||
priority = 20
|
priority = 20
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "cloudflare_record" "k8s-talk" {
|
resource "cloudflare_record" "k8s" {
|
||||||
domain = "${var.domain}"
|
domain = "${var.domain}"
|
||||||
name = "k8s"
|
name = "k8s"
|
||||||
value = "lightsaber.captnemo.in"
|
value = "10.8.0.1"
|
||||||
type = "CNAME"
|
type = "A"
|
||||||
ttl = 3600
|
ttl = 3600
|
||||||
}
|
}
|
||||||
|
|
|
@ -70,7 +70,7 @@ module "bootkube" {
|
||||||
source = "git::https://github.com/poseidon/terraform-render-bootkube.git?ref=bcbdddd8d07c99ab88b2e9ebfb662de4c104de0a"
|
source = "git::https://github.com/poseidon/terraform-render-bootkube.git?ref=bcbdddd8d07c99ab88b2e9ebfb662de4c104de0a"
|
||||||
|
|
||||||
cluster_name = "k8s.bb8.fun"
|
cluster_name = "k8s.bb8.fun"
|
||||||
api_servers = ["10.8.0.1", "k8s.bb8.fun"]
|
api_servers = ["k8s.bb8.fun"]
|
||||||
cluster_domain_suffix = "k8s.bb8.fun"
|
cluster_domain_suffix = "k8s.bb8.fun"
|
||||||
etcd_servers = ["etcd.bb8.fun"]
|
etcd_servers = ["etcd.bb8.fun"]
|
||||||
asset_dir = "./k8s"
|
asset_dir = "./k8s"
|
||||||
|
|
|
@ -3,8 +3,8 @@ resource "docker_container" "bootkube" {
|
||||||
name = "bootkube"
|
name = "bootkube"
|
||||||
|
|
||||||
volumes {
|
volumes {
|
||||||
container_path = "/etc/kubernetes/manifests"
|
container_path = "/etc/kubernetes"
|
||||||
host_path = "/etc/kubernetes/manifests"
|
host_path = "/etc/kubernetes"
|
||||||
}
|
}
|
||||||
|
|
||||||
# bootstrap manifests
|
# bootstrap manifests
|
||||||
|
@ -21,6 +21,20 @@ resource "docker_container" "bootkube" {
|
||||||
content = "${file("${var.asset-dir}/bootstrap-manifests/bootstrap-scheduler.yaml")}"
|
content = "${file("${var.asset-dir}/bootstrap-manifests/bootstrap-scheduler.yaml")}"
|
||||||
file = "/home/.bootkube/bootstrap-manifests/bootstrap-scheduler.yaml"
|
file = "/home/.bootkube/bootstrap-manifests/bootstrap-scheduler.yaml"
|
||||||
}
|
}
|
||||||
|
# etcd secrets
|
||||||
|
#
|
||||||
|
upload {
|
||||||
|
file = "/home/.bootkube/tls/etcd-client-ca.crt"
|
||||||
|
content = "${file("${var.asset-dir}/tls/etcd-client-ca.crt")}"
|
||||||
|
}
|
||||||
|
upload {
|
||||||
|
file = "/home/.bootkube/tls/etcd-client.crt"
|
||||||
|
content = "${file("${var.asset-dir}/tls/etcd-client.crt")}"
|
||||||
|
}
|
||||||
|
upload {
|
||||||
|
file = "/home/.bootkube/tls/etcd-client.key"
|
||||||
|
content = "${file("${var.asset-dir}/tls/etcd-client.key")}"
|
||||||
|
}
|
||||||
# Cluster Networking
|
# Cluster Networking
|
||||||
upload {
|
upload {
|
||||||
content = "${file("${var.asset-dir}/manifests-networking/cluster-role-binding.yaml")}"
|
content = "${file("${var.asset-dir}/manifests-networking/cluster-role-binding.yaml")}"
|
||||||
|
|
|
@ -84,8 +84,12 @@ resource "docker_container" "kubelet" {
|
||||||
// Deviates from kubelet-wrapper
|
// Deviates from kubelet-wrapper
|
||||||
|
|
||||||
volumes {
|
volumes {
|
||||||
container_path = "/var/lib/cni"
|
container_path = "/opt/cni/bin"
|
||||||
host_path = "/var/lib/cni"
|
host_path = "/opt/cni/bin"
|
||||||
|
}
|
||||||
|
volumes {
|
||||||
|
container_path = "/etc/cni/net.d"
|
||||||
|
host_path = "/etc/cni/net.d"
|
||||||
}
|
}
|
||||||
#
|
#
|
||||||
# "There is no war within the container. Here we are safe. Here we are free."
|
# "There is no war within the container. Here we are safe. Here we are free."
|
||||||
|
|
Loading…
Reference in New Issue