mirror of
https://github.com/optim-enterprises-bv/terraform-talos.git
synced 2025-11-02 11:18:35 +00:00
Auto update secrets
This commit is contained in:
Serge Logvinov
@@ -0,0 +1,11 @@
|
|||||||
|
[Global]
|
||||||
|
auth-url=${auth}v3/
|
||||||
|
tenant-id=${project_id}
|
||||||
|
domain-id=${project_domain_id}
|
||||||
|
region=${region}
|
||||||
|
username=${username}
|
||||||
|
password=${password}
|
||||||
|
[Networking]
|
||||||
|
public-network-name=${network_public_name}
|
||||||
|
[Metadata]
|
||||||
|
search-order=metadataService
|
||||||
@@ -166,9 +166,6 @@ spec:
|
|||||||
env:
|
env:
|
||||||
- name: CLUSTER_NAME
|
- name: CLUSTER_NAME
|
||||||
value: kubernetes
|
value: kubernetes
|
||||||
envFrom:
|
|
||||||
- secretRef:
|
|
||||||
name: openstack-cloud-controller-manager
|
|
||||||
volumeMounts:
|
volumeMounts:
|
||||||
- mountPath: /etc/config
|
- mountPath: /etc/config
|
||||||
name: cloud-config
|
name: cloud-config
|
||||||
@@ -178,5 +175,5 @@ spec:
|
|||||||
cpu: 100m
|
cpu: 100m
|
||||||
volumes:
|
volumes:
|
||||||
- name: cloud-config
|
- name: cloud-config
|
||||||
configMap:
|
secret:
|
||||||
name: openstack-cloud-controller-manager
|
secretName: openstack-cloud-controller-manager
|
||||||
|
|||||||
@@ -24,34 +24,18 @@ module "controlplane" {
|
|||||||
project_id = local.project_id
|
project_id = local.project_id
|
||||||
project_domain_id = local.project_domain_id
|
project_domain_id = local.project_domain_id
|
||||||
network_public_name = local.network_external[each.key].name
|
network_public_name = local.network_external[each.key].name
|
||||||
|
|
||||||
|
occm = templatefile("${path.module}/deployments/openstack-cloud-controller-manager.conf.tpl", {
|
||||||
|
username = var.ccm_username
|
||||||
|
password = var.ccm_password
|
||||||
|
region = each.key
|
||||||
|
auth = local.openstack_auth_url
|
||||||
|
project_id = local.project_id
|
||||||
|
project_domain_id = local.project_domain_id
|
||||||
|
network_public_name = local.network_external[each.key].name
|
||||||
|
})
|
||||||
})
|
})
|
||||||
|
|
||||||
network_internal = local.network_public[each.key]
|
network_internal = local.network_public[each.key]
|
||||||
network_external = local.network_external[each.key]
|
network_external = local.network_external[each.key]
|
||||||
}
|
}
|
||||||
|
|
||||||
# resource "local_file" "controlplane" {
|
|
||||||
# for_each = { for idx, name in local.regions : name => idx }
|
|
||||||
|
|
||||||
# content = templatefile("${path.module}/templates/controlplane.yaml",
|
|
||||||
# merge(var.kubernetes, {
|
|
||||||
# name = "controlplane-${lower(each.key)}-${each.value + 1}"
|
|
||||||
# type = "controlplane"
|
|
||||||
|
|
||||||
# ipv4_local = [for k in openstack_networking_port_v2.controlplane[each.key].all_fixed_ips : k if length(regexall("[0-9]+.[0-9.]+", k)) > 0][0]
|
|
||||||
# ipv4_local_vip = openstack_networking_port_v2.vip[each.key].fixed_ip[0].ip_address
|
|
||||||
# ipv4_local_mtu = local.network_public[each.key].mtu
|
|
||||||
# ipv4_local_gw = local.network_public[each.key].gateway
|
|
||||||
# ipv4_local_network = local.network[each.key].cidr
|
|
||||||
|
|
||||||
# lbv4 = local.lbv4
|
|
||||||
# ipv4 = [for k in openstack_networking_port_v2.controlplane_public[each.key].all_fixed_ips : k if length(regexall("[0-9]+.[0-9.]+", k)) > 0][0]
|
|
||||||
# ipv6 = [for k in openstack_networking_port_v2.controlplane_public[each.key].all_fixed_ips : k if length(regexall("[0-9a-z]+:[0-9a-z:]+", k)) > 0][0]
|
|
||||||
# ipv6_gw = data.openstack_networking_subnet_v2.controlplane_public[each.key].gateway_ip
|
|
||||||
|
|
||||||
# nodeSubnets = local.network_public[each.key].cidr
|
|
||||||
# })
|
|
||||||
# )
|
|
||||||
# filename = "_cfgs/controlplane-${lower(each.key)}-${each.value + 1}.yaml"
|
|
||||||
# file_permission = "0600"
|
|
||||||
# }
|
|
||||||
|
|||||||
@@ -74,19 +74,13 @@ cluster:
|
|||||||
- name: openstack-cloud-controller-config
|
- name: openstack-cloud-controller-config
|
||||||
contents: |-
|
contents: |-
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: ConfigMap
|
kind: Secret
|
||||||
|
type: Opaque
|
||||||
metadata:
|
metadata:
|
||||||
name: openstack-cloud-controller-manager
|
name: openstack-cloud-controller-manager
|
||||||
namespace: kube-system
|
namespace: kube-system
|
||||||
data:
|
data:
|
||||||
cloud.conf: |
|
cloud.conf: ${base64encode(occm)}
|
||||||
[Global]
|
|
||||||
region=${region}
|
|
||||||
auth-url=${auth}v3/
|
|
||||||
tenant-id=${project_id}
|
|
||||||
domain-id=${project_domain_id}
|
|
||||||
[Networking]
|
|
||||||
public-network-name=${network_public_name}
|
|
||||||
externalCloudProvider:
|
externalCloudProvider:
|
||||||
enabled: true
|
enabled: true
|
||||||
manifests:
|
manifests:
|
||||||
|
|||||||
@@ -16,6 +16,14 @@ locals {
|
|||||||
network_subnets = { for zone in local.regions : zone => [local.network_public[zone].cidr, local.network_private[zone].cidr] }
|
network_subnets = { for zone in local.regions : zone => [local.network_public[zone].cidr, local.network_private[zone].cidr] }
|
||||||
}
|
}
|
||||||
|
|
||||||
|
variable "ccm_username" {
|
||||||
|
default = ""
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "ccm_password" {
|
||||||
|
default = ""
|
||||||
|
}
|
||||||
|
|
||||||
variable "kubernetes" {
|
variable "kubernetes" {
|
||||||
type = map(string)
|
type = map(string)
|
||||||
default = {
|
default = {
|
||||||
|
|||||||
Reference in New Issue
Block a user