[k8s] S01E03 Control Plane: bootkube-start

This commit is contained in:
Nemo 2019-01-13 01:22:04 +05:30
parent 86c0613d28
commit 789c9c5d3f
2 changed files with 45 additions and 3 deletions

View File

@ -23,3 +23,14 @@ module "bootkube-render" {
docker = "docker.sydney"
}
}
module "bootkube-start" {
source = "modules/bootkube"
mode = "start"
host_ip = "${var.ips["dovpn"]}"
k8s_host = "k8s.${var.root-domain}"
providers = {
docker = "docker.sydney"
}
}

View File

@ -1,4 +1,5 @@
resource "docker_container" "bootkube" {
resource "docker_container" "render" {
count = "${var.mode == "render" ? 1 : 0}"
image = "${docker_image.image.latest}"
name = "bootkube-render"
@ -9,13 +10,43 @@ resource "docker_container" "bootkube" {
command = [
"bootkube",
"${var.mode}",
"render",
"--asset-dir=/home/.bootkube",
"--api-servers=https://kubernetes.default:${var.host_port},https://${var.k8s_host},https://${var.host_ip}:${var.host_port}",
"--pod-cidr=${var.pod_cidr}",
]
# "--service-cidr=${var.service_cidr}",
network_mode = "host"
restart = "on-failure"
max_retry_count = 5
}
resource "docker_container" "start" {
count = "${var.mode == "start" ? 1 : 0}"
image = "${docker_image.image.latest}"
name = "bootkube-${var.mode}"
volumes {
container_path = "/home/.bootkube"
volume_name = "${var.asset_dir_volume_name}"
read_only = true
}
volumes {
container_path = "/etc/kubernetes/manifests"
host_path = "/etc/kubernetes/manifests"
}
# "There is no war within the container. Here we are safe. Here we are free."
# - Docker Li agent brainwashing Nemo
command = [
"bootkube",
"start",
"--asset-dir=/home/.bootkube",
"--pod-manifest-path=/etc/kubernetes/manifests",
]
network_mode = "host"
restart = "on-failure"
max_retry_count = 5
}