From 789c9c5d3fc7a53784827cca6e716e4d034eb8b2 Mon Sep 17 00:00:00 2001
From: Nemo <me@captnemo.in>
Date: Sun, 13 Jan 2019 01:22:04 +0530
Subject: [PATCH] [k8s] S01E03 Control Plane: bootkube-start

---
 kubernetes.tf            | 11 +++++++++++
 modules/bootkube/main.tf | 37 ++++++++++++++++++++++++++++++++++---
 2 files changed, 45 insertions(+), 3 deletions(-)

diff --git a/kubernetes.tf b/kubernetes.tf
index ad5972b..7abb2f1 100644
--- a/kubernetes.tf
+++ b/kubernetes.tf
@@ -23,3 +23,14 @@ module "bootkube-render" {
     docker = "docker.sydney"
   }
 }
+
+module "bootkube-start" {
+  source   = "modules/bootkube"
+  mode     = "start"
+  host_ip  = "${var.ips["dovpn"]}"
+  k8s_host = "k8s.${var.root-domain}"
+
+  providers = {
+    docker = "docker.sydney"
+  }
+}
diff --git a/modules/bootkube/main.tf b/modules/bootkube/main.tf
index d4ac1a7..5fb147d 100644
--- a/modules/bootkube/main.tf
+++ b/modules/bootkube/main.tf
@@ -1,4 +1,5 @@
-resource "docker_container" "bootkube" {
+resource "docker_container" "render" {
+  count = "${var.mode == "render" ? 1 : 0}"
   image = "${docker_image.image.latest}"
   name  = "bootkube-render"
 
@@ -9,13 +10,43 @@ resource "docker_container" "bootkube" {
 
   command = [
     "bootkube",
-    "${var.mode}",
+    "render",
     "--asset-dir=/home/.bootkube",
     "--api-servers=https://kubernetes.default:${var.host_port},https://${var.k8s_host},https://${var.host_ip}:${var.host_port}",
     "--pod-cidr=${var.pod_cidr}",
   ]
 
-  # "--service-cidr=${var.service_cidr}",
+  network_mode    = "host"
+  restart         = "on-failure"
+  max_retry_count = 5
+}
+
+resource "docker_container" "start" {
+  count = "${var.mode == "start" ? 1 : 0}"
+  image = "${docker_image.image.latest}"
+  name  = "bootkube-${var.mode}"
+
+  volumes {
+    container_path = "/home/.bootkube"
+    volume_name    = "${var.asset_dir_volume_name}"
+    read_only      = true
+  }
+
+  volumes {
+    container_path = "/etc/kubernetes/manifests"
+    host_path      = "/etc/kubernetes/manifests"
+  }
+
+  # "There is no war within the container. Here we are safe. Here we are free."
+  # - Docker Li agent brainwashing Nemo
+  command = [
+    "bootkube",
+    "start",
+    "--asset-dir=/home/.bootkube",
+    "--pod-manifest-path=/etc/kubernetes/manifests",
+  ]
+
+  network_mode    = "host"
   restart         = "on-failure"
   max_retry_count = 5
 }