scottk/terraform-talos
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/terraform-talos.git synced 2025-11-01 18:58:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto update secrets

Browse Source
This commit is contained in:
Serge Logvinov
2022-05-12 17:31:20 +03:00
parent 509304651b
commit f3faad710c
5 changed files with 34 additions and 40 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
openstack/deployments/openstack-cloud-controller-manager.conf.tpl Normal file
View File

@@ -0,0 +1,11 @@
[Global]
auth-url=${auth}v3/
tenant-id=${project_id}
domain-id=${project_domain_id}
region=${region}
username=${username}
password=${password}
[Networking]
public-network-name=${network_public_name}
[Metadata]
search-order=metadataService

7
openstack/deployments/openstack-cloud-controller-manager.yaml
View File

@@ -166,9 +166,6 @@ spec:
env:
- name: CLUSTER_NAME
value: kubernetes
envFrom:
- secretRef:
name: openstack-cloud-controller-manager
volumeMounts:
- mountPath: /etc/config
name: cloud-config
@@ -178,5 +175,5 @@ spec:
cpu: 100m
volumes:
- name: cloud-config
configMap:
name: openstack-cloud-controller-manager
secret:
secretName: openstack-cloud-controller-manager

36
openstack/instances-master.tf
View File

@@ -24,34 +24,18 @@ module "controlplane" {
project_id = local.project_id
project_domain_id = local.project_domain_id
network_public_name = local.network_external[each.key].name
occm = templatefile("${path.module}/deployments/openstack-cloud-controller-manager.conf.tpl", {
username = var.ccm_username
password = var.ccm_password
region = each.key
auth = local.openstack_auth_url
project_id = local.project_id
project_domain_id = local.project_domain_id
network_public_name = local.network_external[each.key].name
})
})
network_internal = local.network_public[each.key]
network_external = local.network_external[each.key]
}
# resource "local_file" "controlplane" {
# for_each = { for idx, name in local.regions : name => idx }
# content = templatefile("${path.module}/templates/controlplane.yaml",
# merge(var.kubernetes, {
# name = "controlplane-${lower(each.key)}-${each.value + 1}"
# type = "controlplane"
# ipv4_local = [for k in openstack_networking_port_v2.controlplane[each.key].all_fixed_ips : k if length(regexall("[0-9]+.[0-9.]+", k)) > 0][0]
# ipv4_local_vip = openstack_networking_port_v2.vip[each.key].fixed_ip[0].ip_address
# ipv4_local_mtu = local.network_public[each.key].mtu
# ipv4_local_gw = local.network_public[each.key].gateway
# ipv4_local_network = local.network[each.key].cidr
# lbv4 = local.lbv4
# ipv4 = [for k in openstack_networking_port_v2.controlplane_public[each.key].all_fixed_ips : k if length(regexall("[0-9]+.[0-9.]+", k)) > 0][0]
# ipv6 = [for k in openstack_networking_port_v2.controlplane_public[each.key].all_fixed_ips : k if length(regexall("[0-9a-z]+:[0-9a-z:]+", k)) > 0][0]
# ipv6_gw = data.openstack_networking_subnet_v2.controlplane_public[each.key].gateway_ip
# nodeSubnets = local.network_public[each.key].cidr
# })
# )
# filename = "_cfgs/controlplane-${lower(each.key)}-${each.value + 1}.yaml"
# file_permission = "0600"
# }

12
openstack/templates/controlplane.yaml.tpl
View File

@@ -74,19 +74,13 @@ cluster:
- name: openstack-cloud-controller-config
contents: |-
apiVersion: v1
kind: ConfigMap
kind: Secret
type: Opaque
metadata:
name: openstack-cloud-controller-manager
namespace: kube-system
data:
cloud.conf: |
[Global]
region=${region}
auth-url=${auth}v3/
tenant-id=${project_id}
domain-id=${project_domain_id}
[Networking]
public-network-name=${network_public_name}
cloud.conf: ${base64encode(occm)}
externalCloudProvider:
enabled: true
manifests:

8
openstack/variables.tf
View File

@@ -16,6 +16,14 @@ locals {
network_subnets = { for zone in local.regions : zone => [local.network_public[zone].cidr, local.network_private[zone].cidr] }
}
variable "ccm_username" {
default = ""
}
variable "ccm_password" {
default = ""
}
variable "kubernetes" {
type = map(string)
default = {