diff --git a/examples/terraform/bootkube-install/cluster.tf b/examples/terraform/bootkube-install/cluster.tf index a43c8951..69be3ab9 100644 --- a/examples/terraform/bootkube-install/cluster.tf +++ b/examples/terraform/bootkube-install/cluster.tf @@ -2,10 +2,10 @@ module "cluster" { source = "../modules/bootkube" - matchbox_http_endpoint = "${var.matchbox_http_endpoint}" - ssh_authorized_key = "${var.ssh_authorized_key}" + matchbox_http_endpoint = "${var.matchbox_http_endpoint}" + ssh_authorized_key = "${var.ssh_authorized_key}" - cluster_name = "${var.cluster_name}" + cluster_name = "${var.cluster_name}" container_linux_channel = "${var.container_linux_channel}" container_linux_version = "${var.container_linux_version}" @@ -13,12 +13,12 @@ module "cluster" { controller_names = "${var.controller_names}" controller_macs = "${var.controller_macs}" controller_domains = "${var.controller_domains}" - worker_names = "${var.worker_names}" - worker_macs = "${var.worker_macs}" - worker_domains = "${var.worker_domains}" + worker_names = "${var.worker_names}" + worker_macs = "${var.worker_macs}" + worker_domains = "${var.worker_domains}" # bootkube assets - k8s_domain_name = "${var.k8s_domain_name}" - asset_dir = "${var.asset_dir}" + k8s_domain_name = "${var.k8s_domain_name}" + asset_dir = "${var.asset_dir}" experimental_self_hosted_etcd = "${var.experimental_self_hosted_etcd}" } diff --git a/examples/terraform/bootkube-install/provider.tf b/examples/terraform/bootkube-install/provider.tf index 06ae93b7..01ab1d93 100644 --- a/examples/terraform/bootkube-install/provider.tf +++ b/examples/terraform/bootkube-install/provider.tf @@ -1,7 +1,7 @@ // Configure the matchbox provider provider "matchbox" { - endpoint = "${var.matchbox_rpc_endpoint}" + endpoint = "${var.matchbox_rpc_endpoint}" client_cert = "${file("~/.matchbox/client.crt")}" - client_key = "${file("~/.matchbox/client.key")}" - ca = "${file("~/.matchbox/ca.crt")}" + client_key = "${file("~/.matchbox/client.key")}" + ca = "${file("~/.matchbox/ca.crt")}" } diff --git a/examples/terraform/bootkube-install/variables.tf b/examples/terraform/bootkube-install/variables.tf index 9e40b344..cd767e99 100644 --- a/examples/terraform/bootkube-install/variables.tf +++ b/examples/terraform/bootkube-install/variables.tf @@ -1,10 +1,10 @@ variable "matchbox_http_endpoint" { - type = "string" + type = "string" description = "Matchbox HTTP read-only endpoint (e.g. http://matchbox.example.com:8080)" } variable "matchbox_rpc_endpoint" { - type = "string" + type = "string" description = "Matchbox gRPC API endpoint, without the protocol (e.g. matchbox.example.com:8081)" } @@ -19,12 +19,12 @@ variable "container_linux_version" { } variable "cluster_name" { - type = "string" + type = "string" description = "Cluster name" } variable "ssh_authorized_key" { - type = "string" + type = "string" description = "SSH public key to set as an authorized_key on machines" } @@ -92,12 +92,12 @@ variable "k8s_dns_service_ip" { } variable "k8s_etcd_service_ip" { - type = "string" - default = "10.3.0.15" + type = "string" + default = "10.3.0.15" description = "Kubernetes service IP for self-hosted etcd, if enabled (must be within service_cidr)" } variable "experimental_self_hosted_etcd" { - default = "false" + default = "false" description = "Create self-hosted etcd cluster as pods on Kubernetes, instead of on-hosts" } diff --git a/examples/terraform/etcd3-install/etcd3.tf b/examples/terraform/etcd3-install/etcd3.tf index 6b0aae09..c903fcd3 100644 --- a/examples/terraform/etcd3-install/etcd3.tf +++ b/examples/terraform/etcd3-install/etcd3.tf @@ -1,69 +1,75 @@ // Create popular profiles (convenience module) module "profiles" { - source = "../modules/profiles" - matchbox_http_endpoint = "${var.matchbox_http_endpoint}" + source = "../modules/profiles" + matchbox_http_endpoint = "${var.matchbox_http_endpoint}" container_linux_version = "1298.7.0" container_linux_channel = "stable" } // Install Container Linux to disk before provisioning resource "matchbox_group" "default" { - name = "default" + name = "default" profile = "${module.profiles.cached-container-linux-install}" + // No selector, matches all nodes metadata { container_linux_channel = "stable" container_linux_version = "1298.7.0" - ignition_endpoint = "${var.matchbox_http_endpoint}/ignition" - baseurl = "${var.matchbox_http_endpoint}/assets/coreos" - ssh_authorized_key = "${var.ssh_authorized_key}" + ignition_endpoint = "${var.matchbox_http_endpoint}/ignition" + baseurl = "${var.matchbox_http_endpoint}/assets/coreos" + ssh_authorized_key = "${var.ssh_authorized_key}" } } // Create matcher groups for 3 machines resource "matchbox_group" "node1" { - name = "node1" + name = "node1" profile = "${module.profiles.etcd3}" + selector { mac = "52:54:00:a1:9c:ae" - os = "installed" + os = "installed" } + metadata { - domain_name = "node1.example.com" - etcd_name = "node1" + domain_name = "node1.example.com" + etcd_name = "node1" etcd_initial_cluster = "node1=http://node1.example.com:2380,node2=http://node2.example.com:2380,node3=http://node3.example.com:2380" - ssh_authorized_key = "${var.ssh_authorized_key}" + ssh_authorized_key = "${var.ssh_authorized_key}" } } resource "matchbox_group" "node2" { - name = "node2" + name = "node2" profile = "${module.profiles.etcd3}" + selector { mac = "52:54:00:b2:2f:86" - os = "installed" + os = "installed" } + metadata { - domain_name = "node2.example.com" - etcd_name = "node2" + domain_name = "node2.example.com" + etcd_name = "node2" etcd_initial_cluster = "node1=http://node1.example.com:2380,node2=http://node2.example.com:2380,node3=http://node3.example.com:2380" - ssh_authorized_key = "${var.ssh_authorized_key}" + ssh_authorized_key = "${var.ssh_authorized_key}" } } resource "matchbox_group" "node3" { - name = "node3" + name = "node3" profile = "${module.profiles.etcd3}" + selector { mac = "52:54:00:c3:61:77" - os = "installed" + os = "installed" } + metadata { - domain_name = "node3.example.com" - etcd_name = "node3" + domain_name = "node3.example.com" + etcd_name = "node3" etcd_initial_cluster = "node1=http://node1.example.com:2380,node2=http://node2.example.com:2380,node3=http://node3.example.com:2380" - ssh_authorized_key = "${var.ssh_authorized_key}" + ssh_authorized_key = "${var.ssh_authorized_key}" } } - diff --git a/examples/terraform/etcd3-install/provider.tf b/examples/terraform/etcd3-install/provider.tf index 06ae93b7..01ab1d93 100644 --- a/examples/terraform/etcd3-install/provider.tf +++ b/examples/terraform/etcd3-install/provider.tf @@ -1,7 +1,7 @@ // Configure the matchbox provider provider "matchbox" { - endpoint = "${var.matchbox_rpc_endpoint}" + endpoint = "${var.matchbox_rpc_endpoint}" client_cert = "${file("~/.matchbox/client.crt")}" - client_key = "${file("~/.matchbox/client.key")}" - ca = "${file("~/.matchbox/ca.crt")}" + client_key = "${file("~/.matchbox/client.key")}" + ca = "${file("~/.matchbox/ca.crt")}" } diff --git a/examples/terraform/etcd3-install/variables.tf b/examples/terraform/etcd3-install/variables.tf index c17de18e..6fbf17be 100644 --- a/examples/terraform/etcd3-install/variables.tf +++ b/examples/terraform/etcd3-install/variables.tf @@ -1,14 +1,14 @@ variable "matchbox_http_endpoint" { - type = "string" + type = "string" description = "Matchbox HTTP read-only endpoint (e.g. http://matchbox.example.com:8080)" } variable "matchbox_rpc_endpoint" { - type = "string" + type = "string" description = "Matchbox gRPC API endpoint, without the protocol (e.g. matchbox.example.com:8081)" } variable "ssh_authorized_key" { - type = "string" + type = "string" description = "SSH public key to set as an authorized_key on machines" } diff --git a/examples/terraform/modules/bootkube/bootkube.tf b/examples/terraform/modules/bootkube/bootkube.tf index 522921fc..bb394a81 100644 --- a/examples/terraform/modules/bootkube/bootkube.tf +++ b/examples/terraform/modules/bootkube/bootkube.tf @@ -2,14 +2,14 @@ module "bootkube" { source = "git::https://github.com/dghubble/bootkube-terraform.git?ref=bf57fb4de14638db481897b1c9228e974c2db90a" - cluster_name = "${var.cluster_name}" - api_servers = ["${var.k8s_domain_name}"] - etcd_servers = ["http://127.0.0.1:2379"] - asset_dir = "${var.asset_dir}" - pod_cidr = "${var.pod_cidr}" - service_cidr = "${var.service_cidr}" - kube_apiserver_service_ip = "${var.k8s_apiserver_service_ip}" - kube_dns_service_ip = "${var.k8s_dns_service_ip}" - kube_etcd_service_ip = "${var.k8s_etcd_service_ip}" + cluster_name = "${var.cluster_name}" + api_servers = ["${var.k8s_domain_name}"] + etcd_servers = ["http://127.0.0.1:2379"] + asset_dir = "${var.asset_dir}" + pod_cidr = "${var.pod_cidr}" + service_cidr = "${var.service_cidr}" + kube_apiserver_service_ip = "${var.k8s_apiserver_service_ip}" + kube_dns_service_ip = "${var.k8s_dns_service_ip}" + kube_etcd_service_ip = "${var.k8s_etcd_service_ip}" experimental_self_hosted_etcd = "${var.experimental_self_hosted_etcd}" } diff --git a/examples/terraform/modules/bootkube/groups.tf b/examples/terraform/modules/bootkube/groups.tf index 59b07466..0261a974 100644 --- a/examples/terraform/modules/bootkube/groups.tf +++ b/examples/terraform/modules/bootkube/groups.tf @@ -10,11 +10,11 @@ resource "matchbox_group" "container-linux-install" { } metadata { - container_linux_channel = "${var.container_linux_channel}" - container_linux_version = "${var.container_linux_version}" - ignition_endpoint = "${var.matchbox_http_endpoint}/ignition" - baseurl = "${var.matchbox_http_endpoint}/assets/coreos" - ssh_authorized_key = "${var.ssh_authorized_key}" + container_linux_channel = "${var.container_linux_channel}" + container_linux_version = "${var.container_linux_version}" + ignition_endpoint = "${var.matchbox_http_endpoint}/ignition" + baseurl = "${var.matchbox_http_endpoint}/assets/coreos" + ssh_authorized_key = "${var.ssh_authorized_key}" } } @@ -32,9 +32,9 @@ resource "matchbox_group" "controller" { domain_name = "${element(var.controller_domains, count.index)}" etcd_name = "${element(var.controller_names, count.index)}" etcd_initial_cluster = "${join(",", formatlist("%s=http://%s:2380", var.controller_names, var.controller_domains))}" - etcd_on_host = "${var.experimental_self_hosted_etcd ? "false" : "true"}" + etcd_on_host = "${var.experimental_self_hosted_etcd ? "false" : "true"}" k8s_dns_service_ip = "${var.k8s_dns_service_ip}" - k8s_etcd_service_ip = "${var.k8s_etcd_service_ip}" + k8s_etcd_service_ip = "${var.k8s_etcd_service_ip}" ssh_authorized_key = "${var.ssh_authorized_key}" } } @@ -50,11 +50,11 @@ resource "matchbox_group" "worker" { } metadata { - domain_name = "${element(var.worker_domains, count.index)}" - etcd_endpoints = "${join(",", formatlist("%s:2379", var.controller_domains))}" - etcd_on_host = "${var.experimental_self_hosted_etcd ? "false" : "true"}" - k8s_dns_service_ip = "${var.k8s_dns_service_ip}" + domain_name = "${element(var.worker_domains, count.index)}" + etcd_endpoints = "${join(",", formatlist("%s:2379", var.controller_domains))}" + etcd_on_host = "${var.experimental_self_hosted_etcd ? "false" : "true"}" + k8s_dns_service_ip = "${var.k8s_dns_service_ip}" k8s_etcd_service_ip = "${var.k8s_etcd_service_ip}" - ssh_authorized_key = "${var.ssh_authorized_key}" + ssh_authorized_key = "${var.ssh_authorized_key}" } } diff --git a/examples/terraform/modules/bootkube/profiles.tf b/examples/terraform/modules/bootkube/profiles.tf index cad91c6f..a950b74e 100644 --- a/examples/terraform/modules/bootkube/profiles.tf +++ b/examples/terraform/modules/bootkube/profiles.tf @@ -1,7 +1,7 @@ // Create common profiles module "profiles" { - source = "../profiles" - matchbox_http_endpoint = "${var.matchbox_http_endpoint}" - container_linux_version = "${var.container_linux_version}" + source = "../profiles" + matchbox_http_endpoint = "${var.matchbox_http_endpoint}" + container_linux_version = "${var.container_linux_version}" container_linux_channel = "${var.container_linux_channel}" } diff --git a/examples/terraform/modules/bootkube/variables.tf b/examples/terraform/modules/bootkube/variables.tf index b7d9abaa..c4e65bbf 100644 --- a/examples/terraform/modules/bootkube/variables.tf +++ b/examples/terraform/modules/bootkube/variables.tf @@ -14,12 +14,12 @@ variable "container_linux_version" { } variable "cluster_name" { - type = "string" + type = "string" description = "Cluster name" } variable "ssh_authorized_key" { - type = "string" + type = "string" description = "SSH public key to set as an authorized_key on machines" } @@ -87,12 +87,12 @@ variable "k8s_dns_service_ip" { } variable "k8s_etcd_service_ip" { - type = "string" - default = "10.3.0.15" + type = "string" + default = "10.3.0.15" description = "Kubernetes service IP for self-hosted etcd, if enabled (must be within service_cidr)" } variable "experimental_self_hosted_etcd" { - default = "false" + default = "false" description = "Create self-hosted etcd cluster as pods on Kubernetes, instead of on-hosts" } diff --git a/examples/terraform/modules/profiles/profiles.tf b/examples/terraform/modules/profiles/profiles.tf index c323cc35..0795ca84 100644 --- a/examples/terraform/modules/profiles/profiles.tf +++ b/examples/terraform/modules/profiles/profiles.tf @@ -22,6 +22,7 @@ resource "matchbox_profile" "container-linux-install" { resource "matchbox_profile" "cached-container-linux-install" { name = "cached-container-linux-install" kernel = "/assets/coreos/${var.container_linux_version}/coreos_production_pxe.vmlinuz" + initrd = [ "/assets/coreos/${var.container_linux_version}/coreos_production_pxe_image.cpio.gz", ] @@ -38,24 +39,24 @@ resource "matchbox_profile" "cached-container-linux-install" { // etcd3 profile resource "matchbox_profile" "etcd3" { - name = "etcd3" + name = "etcd3" container_linux_config = "${file("${path.module}/cl/etcd3.yaml.tmpl")}" } // etcd3 Gateway profile resource "matchbox_profile" "etcd3-gateway" { - name = "etcd3-gateway" + name = "etcd3-gateway" container_linux_config = "${file("${path.module}/cl/etcd3-gateway.yaml.tmpl")}" } // Self-hosted Kubernetes (bootkube) Controller profile resource "matchbox_profile" "bootkube-controller" { - name = "bootkube-controller" + name = "bootkube-controller" container_linux_config = "${file("${path.module}/cl/bootkube-controller.yaml.tmpl")}" } // Self-hosted Kubernetes (bootkube) Worker profile resource "matchbox_profile" "bootkube-worker" { - name = "bootkube-worker" + name = "bootkube-worker" container_linux_config = "${file("${path.module}/cl/bootkube-worker.yaml.tmpl")}" } diff --git a/examples/terraform/modules/profiles/variables.tf b/examples/terraform/modules/profiles/variables.tf index c01489e4..450cf8bd 100644 --- a/examples/terraform/modules/profiles/variables.tf +++ b/examples/terraform/modules/profiles/variables.tf @@ -1,5 +1,5 @@ variable "matchbox_http_endpoint" { - type = "string" + type = "string" description = "Matchbox HTTP read-only endpoint (e.g. http://matchbox.example.com:8080)" } diff --git a/examples/terraform/simple-install/groups.tf b/examples/terraform/simple-install/groups.tf index a2a7a70d..fab94012 100644 --- a/examples/terraform/simple-install/groups.tf +++ b/examples/terraform/simple-install/groups.tf @@ -1,21 +1,24 @@ // Default matcher group for machines resource "matchbox_group" "default" { - name = "default" + name = "default" profile = "${matchbox_profile.coreos-install.name}" + # no selector means all machines can be matched metadata { - ignition_endpoint = "${var.matchbox_http_endpoint}/ignition" + ignition_endpoint = "${var.matchbox_http_endpoint}/ignition" ssh_authorized_key = "${var.ssh_authorized_key}" } } // Match machines which have CoreOS installed resource "matchbox_group" "node1" { - name = "node1" + name = "node1" profile = "${matchbox_profile.simple.name}" + selector { os = "installed" } + metadata { ssh_authorized_key = "${var.ssh_authorized_key}" } diff --git a/examples/terraform/simple-install/profiles.tf b/examples/terraform/simple-install/profiles.tf index 45e027f0..76f7a0f9 100644 --- a/examples/terraform/simple-install/profiles.tf +++ b/examples/terraform/simple-install/profiles.tf @@ -1,21 +1,24 @@ // Create a CoreOS-install profile resource "matchbox_profile" "coreos-install" { - name = "coreos-install" + name = "coreos-install" kernel = "http://stable.release.core-os.net/amd64-usr/current/coreos_production_pxe.vmlinuz" + initrd = [ - "http://stable.release.core-os.net/amd64-usr/current/coreos_production_pxe_image.cpio.gz" + "http://stable.release.core-os.net/amd64-usr/current/coreos_production_pxe_image.cpio.gz", ] + args = [ "coreos.config.url=${var.matchbox_http_endpoint}/ignition?uuid=$${uuid}&mac=$${mac:hexhyp}", "coreos.first_boot=yes", "console=tty0", "console=ttyS0", ] + container_linux_config = "${file("./cl/coreos-install.yaml.tmpl")}" } // Create a simple profile which just sets an SSH authorized_key resource "matchbox_profile" "simple" { - name = "simple" + name = "simple" container_linux_config = "${file("./cl/simple.yaml.tmpl")}" } diff --git a/examples/terraform/simple-install/provider.tf b/examples/terraform/simple-install/provider.tf index 06ae93b7..01ab1d93 100644 --- a/examples/terraform/simple-install/provider.tf +++ b/examples/terraform/simple-install/provider.tf @@ -1,7 +1,7 @@ // Configure the matchbox provider provider "matchbox" { - endpoint = "${var.matchbox_rpc_endpoint}" + endpoint = "${var.matchbox_rpc_endpoint}" client_cert = "${file("~/.matchbox/client.crt")}" - client_key = "${file("~/.matchbox/client.key")}" - ca = "${file("~/.matchbox/ca.crt")}" + client_key = "${file("~/.matchbox/client.key")}" + ca = "${file("~/.matchbox/ca.crt")}" } diff --git a/examples/terraform/simple-install/variables.tf b/examples/terraform/simple-install/variables.tf index c17de18e..6fbf17be 100644 --- a/examples/terraform/simple-install/variables.tf +++ b/examples/terraform/simple-install/variables.tf @@ -1,14 +1,14 @@ variable "matchbox_http_endpoint" { - type = "string" + type = "string" description = "Matchbox HTTP read-only endpoint (e.g. http://matchbox.example.com:8080)" } variable "matchbox_rpc_endpoint" { - type = "string" + type = "string" description = "Matchbox gRPC API endpoint, without the protocol (e.g. matchbox.example.com:8081)" } variable "ssh_authorized_key" { - type = "string" + type = "string" description = "SSH public key to set as an authorized_key on machines" }