[k8s] S01E01 Control Plane: etcd
This brings up etcd using the terraform docker provider to my Digital Ocean VPN Server. The listen address is set to the VPN Address (10.8.0.1 = openvpn master server, also running on the same server). /mnt/disk is a Digital Ocean Volume attached to the instance.
This commit is contained in:
parent
6eceb1d6c9
commit
9b40bfd341
|
@ -64,6 +64,25 @@ resource "cloudflare_record" "vpn_wildcard" {
|
|||
ttl = 3600
|
||||
}
|
||||
|
||||
/**
|
||||
* vpn.bb8.fun
|
||||
* *.vpn.bb8.fun
|
||||
*/
|
||||
resource "cloudflare_record" "dovpn" {
|
||||
domain = "${var.domain}"
|
||||
name = "dovpn"
|
||||
value = "${var.ips["dovpn"]}"
|
||||
type = "A"
|
||||
}
|
||||
|
||||
resource "cloudflare_record" "dovpn_wildcard" {
|
||||
domain = "${var.domain}"
|
||||
name = "*.dovpn.${var.domain}"
|
||||
value = "${cloudflare_record.dovpn.hostname}"
|
||||
type = "CNAME"
|
||||
ttl = 3600
|
||||
}
|
||||
|
||||
########################
|
||||
## Mailgun Mailing Lists
|
||||
########################
|
||||
|
|
|
@ -0,0 +1,9 @@
|
|||
module "etcd" {
|
||||
source = "modules/etcd"
|
||||
host_ip = "${var.ips["dovpn"]}"
|
||||
data_dir = "/mnt/xwing/etcd"
|
||||
|
||||
providers = {
|
||||
docker = "docker.sydney"
|
||||
}
|
||||
}
|
|
@ -4,7 +4,7 @@ module "airsonic" {
|
|||
name = "airsonic"
|
||||
|
||||
resource {
|
||||
memory = "256"
|
||||
memory = "1024"
|
||||
}
|
||||
|
||||
web {
|
||||
|
@ -13,8 +13,6 @@ module "airsonic" {
|
|||
expose = true
|
||||
}
|
||||
|
||||
user = "lounge:audio"
|
||||
|
||||
env = [
|
||||
"PUID=1004",
|
||||
"PGID=1003",
|
||||
|
@ -22,6 +20,11 @@ module "airsonic" {
|
|||
"JAVA_OPTS=-Xmx512m -Dserver.use-forward-headers=true -Dserver.context-path=/",
|
||||
]
|
||||
|
||||
devices = [{
|
||||
host_path = "/dev/snd"
|
||||
container_path = "/dev/snd"
|
||||
}]
|
||||
|
||||
# files = [
|
||||
# "/usr/lib/jvm/java-1.8-openjdk/jre/lib/airsonic.properties",
|
||||
# "/usr/lib/jvm/java-1.8-openjdk/jre/lib/sound.properties",
|
||||
|
@ -50,6 +53,10 @@ module "airsonic" {
|
|||
host_path = "/mnt/xwing/config/airsonic/podcasts"
|
||||
container_path = "/podcasts"
|
||||
},
|
||||
{
|
||||
host_path = "/mnt/xwing/config/airsonic/jre"
|
||||
container_path = "/usr/lib/jvm/java-1.8-openjdk/jre/lib/"
|
||||
},
|
||||
]
|
||||
}
|
||||
|
||||
|
|
|
@ -9,8 +9,6 @@ module "jackett" {
|
|||
host = "jackett.${var.domain}"
|
||||
}
|
||||
|
||||
networks = ["${docker_network.media.id}", "${var.traefik-network-id}"]
|
||||
|
||||
volumes = [{
|
||||
host_path = "/mnt/xwing/config/jackett"
|
||||
container_path = "/config"
|
||||
|
|
|
@ -14,8 +14,6 @@ module "radarr" {
|
|||
memory_swap = 1024
|
||||
}
|
||||
|
||||
networks = ["${docker_network.media.id}", "${var.traefik-network-id}"]
|
||||
|
||||
volumes = [
|
||||
{
|
||||
host_path = "/mnt/xwing/config/radarr"
|
||||
|
|
|
@ -3,7 +3,7 @@ data "docker_registry_image" "image" {
|
|||
}
|
||||
|
||||
resource "docker_image" "image" {
|
||||
name = "${data.docker_registry_image.image.name}"
|
||||
name = "${var.image}"
|
||||
pull_triggers = ["${data.docker_registry_image.image.sha256_digest}"]
|
||||
}
|
||||
|
||||
|
@ -31,6 +31,7 @@ resource "docker_container" "container" {
|
|||
memory_swap = "${local.resource["memory_swap"]}"
|
||||
|
||||
volumes = ["${var.volumes}"]
|
||||
devices = ["${var.devices}"]
|
||||
|
||||
# Look at this monstrosity
|
||||
# And then https://github.com/hashicorp/terraform/issues/12453#issuecomment-365569618
|
||||
|
|
|
@ -88,3 +88,9 @@ variable "volumes" {
|
|||
type = "list"
|
||||
default = []
|
||||
}
|
||||
|
||||
variable "devices" {
|
||||
description = "volumes"
|
||||
type = "list"
|
||||
default = []
|
||||
}
|
||||
|
|
|
@ -0,0 +1,48 @@
|
|||
module "container" {
|
||||
source = "../container"
|
||||
image = "captn3m0/etcd:v3.3.11"
|
||||
name = "etcd"
|
||||
|
||||
web = {
|
||||
expose = false
|
||||
host = ""
|
||||
}
|
||||
|
||||
networks = []
|
||||
|
||||
volumes = [
|
||||
{
|
||||
host_path = "/usr/share/ca-certificates/"
|
||||
container_path = "/etc/ssl/certs"
|
||||
},
|
||||
{
|
||||
host_path = "${var.data_dir}"
|
||||
container_path = "/etcd-data"
|
||||
},
|
||||
]
|
||||
|
||||
ports = [
|
||||
{
|
||||
internal = 2379
|
||||
external = 2379
|
||||
ip = "${var.host_ip}"
|
||||
},
|
||||
{
|
||||
internal = 2380
|
||||
external = 2380
|
||||
ip = "${var.host_ip}"
|
||||
},
|
||||
]
|
||||
|
||||
command = [
|
||||
"/usr/local/bin/etcd",
|
||||
"--data-dir=/etcd-data",
|
||||
"--name=${var.node_name}",
|
||||
"--advertise-client-urls=http://${var.host_ip}:2379",
|
||||
"--initial-advertise-peer-urls=http://${var.host_ip}:2380",
|
||||
"--initial-cluster=${var.node_name}=http://${var.host_ip}:2380",
|
||||
]
|
||||
|
||||
# "--listen-client-urls=http://0.0.0.0:2379",
|
||||
# "--listen-peer-urls=http://0.0.0.0:2380",
|
||||
}
|
|
@ -0,0 +1,15 @@
|
|||
variable "host_ip" {
|
||||
description = "Host IP Address to bind etcd to"
|
||||
type = "string"
|
||||
default = "0.0.0.0"
|
||||
}
|
||||
|
||||
variable "data_dir" {
|
||||
description = "Directory on host to mount to /etcd-data"
|
||||
type = "string"
|
||||
}
|
||||
|
||||
variable "node_name" {
|
||||
description = "name of the etcd node"
|
||||
default = "master"
|
||||
}
|
|
@ -27,6 +27,7 @@ variable "ips" {
|
|||
default = {
|
||||
eth0 = "192.168.1.111"
|
||||
tun0 = "10.8.0.14"
|
||||
dovpn = "10.8.0.1"
|
||||
static = "139.59.48.222"
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue