[k8s] S01E01 Control Plane: etcd
This brings up etcd using the terraform docker provider to my Digital Ocean VPN Server. The listen address is set to the VPN Address (10.8.0.1 = openvpn master server, also running on the same server). /mnt/disk is a Digital Ocean Volume attached to the instance.
This commit is contained in:
parent
6eceb1d6c9
commit
9b40bfd341
|
@ -64,6 +64,25 @@ resource "cloudflare_record" "vpn_wildcard" {
|
||||||
ttl = 3600
|
ttl = 3600
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* vpn.bb8.fun
|
||||||
|
* *.vpn.bb8.fun
|
||||||
|
*/
|
||||||
|
resource "cloudflare_record" "dovpn" {
|
||||||
|
domain = "${var.domain}"
|
||||||
|
name = "dovpn"
|
||||||
|
value = "${var.ips["dovpn"]}"
|
||||||
|
type = "A"
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "cloudflare_record" "dovpn_wildcard" {
|
||||||
|
domain = "${var.domain}"
|
||||||
|
name = "*.dovpn.${var.domain}"
|
||||||
|
value = "${cloudflare_record.dovpn.hostname}"
|
||||||
|
type = "CNAME"
|
||||||
|
ttl = 3600
|
||||||
|
}
|
||||||
|
|
||||||
########################
|
########################
|
||||||
## Mailgun Mailing Lists
|
## Mailgun Mailing Lists
|
||||||
########################
|
########################
|
||||||
|
|
|
@ -0,0 +1,9 @@
|
||||||
|
module "etcd" {
|
||||||
|
source = "modules/etcd"
|
||||||
|
host_ip = "${var.ips["dovpn"]}"
|
||||||
|
data_dir = "/mnt/xwing/etcd"
|
||||||
|
|
||||||
|
providers = {
|
||||||
|
docker = "docker.sydney"
|
||||||
|
}
|
||||||
|
}
|
|
@ -4,7 +4,7 @@ module "airsonic" {
|
||||||
name = "airsonic"
|
name = "airsonic"
|
||||||
|
|
||||||
resource {
|
resource {
|
||||||
memory = "256"
|
memory = "1024"
|
||||||
}
|
}
|
||||||
|
|
||||||
web {
|
web {
|
||||||
|
@ -13,8 +13,6 @@ module "airsonic" {
|
||||||
expose = true
|
expose = true
|
||||||
}
|
}
|
||||||
|
|
||||||
user = "lounge:audio"
|
|
||||||
|
|
||||||
env = [
|
env = [
|
||||||
"PUID=1004",
|
"PUID=1004",
|
||||||
"PGID=1003",
|
"PGID=1003",
|
||||||
|
@ -22,6 +20,11 @@ module "airsonic" {
|
||||||
"JAVA_OPTS=-Xmx512m -Dserver.use-forward-headers=true -Dserver.context-path=/",
|
"JAVA_OPTS=-Xmx512m -Dserver.use-forward-headers=true -Dserver.context-path=/",
|
||||||
]
|
]
|
||||||
|
|
||||||
|
devices = [{
|
||||||
|
host_path = "/dev/snd"
|
||||||
|
container_path = "/dev/snd"
|
||||||
|
}]
|
||||||
|
|
||||||
# files = [
|
# files = [
|
||||||
# "/usr/lib/jvm/java-1.8-openjdk/jre/lib/airsonic.properties",
|
# "/usr/lib/jvm/java-1.8-openjdk/jre/lib/airsonic.properties",
|
||||||
# "/usr/lib/jvm/java-1.8-openjdk/jre/lib/sound.properties",
|
# "/usr/lib/jvm/java-1.8-openjdk/jre/lib/sound.properties",
|
||||||
|
@ -50,6 +53,10 @@ module "airsonic" {
|
||||||
host_path = "/mnt/xwing/config/airsonic/podcasts"
|
host_path = "/mnt/xwing/config/airsonic/podcasts"
|
||||||
container_path = "/podcasts"
|
container_path = "/podcasts"
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
host_path = "/mnt/xwing/config/airsonic/jre"
|
||||||
|
container_path = "/usr/lib/jvm/java-1.8-openjdk/jre/lib/"
|
||||||
|
},
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -9,8 +9,6 @@ module "jackett" {
|
||||||
host = "jackett.${var.domain}"
|
host = "jackett.${var.domain}"
|
||||||
}
|
}
|
||||||
|
|
||||||
networks = ["${docker_network.media.id}", "${var.traefik-network-id}"]
|
|
||||||
|
|
||||||
volumes = [{
|
volumes = [{
|
||||||
host_path = "/mnt/xwing/config/jackett"
|
host_path = "/mnt/xwing/config/jackett"
|
||||||
container_path = "/config"
|
container_path = "/config"
|
||||||
|
|
|
@ -14,8 +14,6 @@ module "radarr" {
|
||||||
memory_swap = 1024
|
memory_swap = 1024
|
||||||
}
|
}
|
||||||
|
|
||||||
networks = ["${docker_network.media.id}", "${var.traefik-network-id}"]
|
|
||||||
|
|
||||||
volumes = [
|
volumes = [
|
||||||
{
|
{
|
||||||
host_path = "/mnt/xwing/config/radarr"
|
host_path = "/mnt/xwing/config/radarr"
|
||||||
|
|
|
@ -3,7 +3,7 @@ data "docker_registry_image" "image" {
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "docker_image" "image" {
|
resource "docker_image" "image" {
|
||||||
name = "${data.docker_registry_image.image.name}"
|
name = "${var.image}"
|
||||||
pull_triggers = ["${data.docker_registry_image.image.sha256_digest}"]
|
pull_triggers = ["${data.docker_registry_image.image.sha256_digest}"]
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -31,6 +31,7 @@ resource "docker_container" "container" {
|
||||||
memory_swap = "${local.resource["memory_swap"]}"
|
memory_swap = "${local.resource["memory_swap"]}"
|
||||||
|
|
||||||
volumes = ["${var.volumes}"]
|
volumes = ["${var.volumes}"]
|
||||||
|
devices = ["${var.devices}"]
|
||||||
|
|
||||||
# Look at this monstrosity
|
# Look at this monstrosity
|
||||||
# And then https://github.com/hashicorp/terraform/issues/12453#issuecomment-365569618
|
# And then https://github.com/hashicorp/terraform/issues/12453#issuecomment-365569618
|
||||||
|
|
|
@ -88,3 +88,9 @@ variable "volumes" {
|
||||||
type = "list"
|
type = "list"
|
||||||
default = []
|
default = []
|
||||||
}
|
}
|
||||||
|
|
||||||
|
variable "devices" {
|
||||||
|
description = "volumes"
|
||||||
|
type = "list"
|
||||||
|
default = []
|
||||||
|
}
|
||||||
|
|
|
@ -0,0 +1,48 @@
|
||||||
|
module "container" {
|
||||||
|
source = "../container"
|
||||||
|
image = "captn3m0/etcd:v3.3.11"
|
||||||
|
name = "etcd"
|
||||||
|
|
||||||
|
web = {
|
||||||
|
expose = false
|
||||||
|
host = ""
|
||||||
|
}
|
||||||
|
|
||||||
|
networks = []
|
||||||
|
|
||||||
|
volumes = [
|
||||||
|
{
|
||||||
|
host_path = "/usr/share/ca-certificates/"
|
||||||
|
container_path = "/etc/ssl/certs"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
host_path = "${var.data_dir}"
|
||||||
|
container_path = "/etcd-data"
|
||||||
|
},
|
||||||
|
]
|
||||||
|
|
||||||
|
ports = [
|
||||||
|
{
|
||||||
|
internal = 2379
|
||||||
|
external = 2379
|
||||||
|
ip = "${var.host_ip}"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
internal = 2380
|
||||||
|
external = 2380
|
||||||
|
ip = "${var.host_ip}"
|
||||||
|
},
|
||||||
|
]
|
||||||
|
|
||||||
|
command = [
|
||||||
|
"/usr/local/bin/etcd",
|
||||||
|
"--data-dir=/etcd-data",
|
||||||
|
"--name=${var.node_name}",
|
||||||
|
"--advertise-client-urls=http://${var.host_ip}:2379",
|
||||||
|
"--initial-advertise-peer-urls=http://${var.host_ip}:2380",
|
||||||
|
"--initial-cluster=${var.node_name}=http://${var.host_ip}:2380",
|
||||||
|
]
|
||||||
|
|
||||||
|
# "--listen-client-urls=http://0.0.0.0:2379",
|
||||||
|
# "--listen-peer-urls=http://0.0.0.0:2380",
|
||||||
|
}
|
|
@ -0,0 +1,15 @@
|
||||||
|
variable "host_ip" {
|
||||||
|
description = "Host IP Address to bind etcd to"
|
||||||
|
type = "string"
|
||||||
|
default = "0.0.0.0"
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "data_dir" {
|
||||||
|
description = "Directory on host to mount to /etcd-data"
|
||||||
|
type = "string"
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "node_name" {
|
||||||
|
description = "name of the etcd node"
|
||||||
|
default = "master"
|
||||||
|
}
|
|
@ -27,6 +27,7 @@ variable "ips" {
|
||||||
default = {
|
default = {
|
||||||
eth0 = "192.168.1.111"
|
eth0 = "192.168.1.111"
|
||||||
tun0 = "10.8.0.14"
|
tun0 = "10.8.0.14"
|
||||||
|
dovpn = "10.8.0.1"
|
||||||
static = "139.59.48.222"
|
static = "139.59.48.222"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue