mirror of
https://github.com/outbackdingo/terraform-render-bootstrap.git
synced 2026-01-27 10:20:45 +00:00
af36c53936
* Accept experimental CNI `networking` mode "cilium" * Run Cilium v1.8.0 with overlay vxlan tunnels and a minimal set of features. We're interested in: * IPAM: Divide pod_cidr into /24 subnets per node * CNI networking pod-to-pod, pod-to-external * BPF masquerade * NetworkPolicy as defined by Kubernetes (no L7) * Continue using kube-proxy with Cilium probe mode * Firewall changes: * Require UDP 8472 for vxlan (Linux kernel default) between nodes * Optional ICMP echo(8) between nodes for host reachability (health) * Optional TCP 4240 between nodes for host reachability (health)
terraform-render-bootstrap
terraform-render-bootstrap is a Terraform module that renders TLS certificates, static pods, and manifests for bootstrapping a Kubernetes cluster.
Audience
terraform-render-bootstrap is a low-level component of the Typhoon Kubernetes distribution. Use Typhoon modules to create and manage Kubernetes clusters across supported platforms. Use the bootstrap module if you'd like to customize a Kubernetes control plane or build your own distribution.
Usage
Use the module to declare bootstrap assets. Check variables.tf for options and terraform.tfvars.example for examples.
module "bootstrap" {
source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=SHA"
cluster_name = "example"
api_servers = ["node1.example.com"]
etcd_servers = ["node1.example.com"]
}
Generate the assets.
terraform init
terraform plan
terraform apply
Find bootstrap assets rendered to the asset_dir path. That's it.