attempted k8s resources as tf files, not worth the trouble
This commit is contained in:
parent
43dbb951fe
commit
5b83607fe0
@ -19,18 +19,18 @@ resource "local_sensitive_file" "kubeconfig" {
|
||||
file_permission = "0600"
|
||||
}
|
||||
|
||||
resource "vultr_block_storage" "ssd0" {
|
||||
label = "cluster00-ssd0"
|
||||
size_gb = 10
|
||||
region = "ewr"
|
||||
block_type = "high_perf"
|
||||
attached_to_instance = vultr_kubernetes.k8s.node_pools[0].nodes[0].id
|
||||
live = true
|
||||
depends_on = [
|
||||
vultr_kubernetes.k8s
|
||||
]
|
||||
}
|
||||
# resource "vultr_block_storage" "ssd0" {
|
||||
# label = "cluster00-ssd0"
|
||||
# size_gb = 10
|
||||
# region = "ewr"
|
||||
# block_type = "high_perf"
|
||||
# attached_to_instance = vultr_kubernetes.k8s.node_pools[0].nodes[0].id
|
||||
# live = true
|
||||
# depends_on = [
|
||||
# vultr_kubernetes.k8s
|
||||
# ]
|
||||
# }
|
||||
|
||||
output "ssd0_mount" {
|
||||
value = vultr_block_storage.ssd0.mount_id
|
||||
}
|
||||
# output "ssd0_mount" {
|
||||
# value = vultr_block_storage.ssd0.mount_id
|
||||
# }
|
10
terraform/vultr/config_maps.tf
Normal file
10
terraform/vultr/config_maps.tf
Normal file
@ -0,0 +1,10 @@
|
||||
resource "kubernetes_config_map" "keyoxide-env" {
|
||||
metadata {
|
||||
name = "keyoxide-env"
|
||||
namespace = "default"
|
||||
}
|
||||
|
||||
data = {
|
||||
DOMAIN = "key.balsillie.net"
|
||||
}
|
||||
}
|
53
terraform/vultr/deployments.tf
Normal file
53
terraform/vultr/deployments.tf
Normal file
@ -0,0 +1,53 @@
|
||||
resource "kubernetes_deployment" "keyoxide" {
|
||||
depends_on = [
|
||||
kubernetes_config_map.keyoxide-env
|
||||
]
|
||||
metadata {
|
||||
name = "keyoxide"
|
||||
namespace = "default"
|
||||
}
|
||||
|
||||
spec {
|
||||
replicas = 1
|
||||
|
||||
selector {
|
||||
match_labels = {
|
||||
app = "keyoxide"
|
||||
}
|
||||
}
|
||||
|
||||
template {
|
||||
metadata {
|
||||
labels = {
|
||||
app = "keyoxide"
|
||||
}
|
||||
}
|
||||
|
||||
spec {
|
||||
container {
|
||||
name = "keyoxide"
|
||||
image = "codeberg.org/keyoxide/keyoxide-web"
|
||||
image_pull_policy = "Always"
|
||||
|
||||
resources {
|
||||
requests = {
|
||||
cpu = "100m"
|
||||
memory = "50Mi"
|
||||
}
|
||||
limits = {
|
||||
cpu = "500m"
|
||||
memory = "128Mi"
|
||||
}
|
||||
}
|
||||
|
||||
env_from {
|
||||
config_map_ref {
|
||||
name = "keyoxide-env"
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
@ -9,6 +9,10 @@ terraform {
|
||||
source = "vultr/vultr"
|
||||
version = ">= 2.19.0"
|
||||
}
|
||||
kubernetes = {
|
||||
source = "hashicorp/kubernetes"
|
||||
version = ">= 2.29.0"
|
||||
}
|
||||
}
|
||||
backend "local" {
|
||||
path = "/home/michael/Nextcloud/Backups/tfstate/vultr.tfstate"
|
||||
@ -29,3 +33,11 @@ provider "vultr" {
|
||||
rate_limit = 100
|
||||
retry_limit = 3
|
||||
}
|
||||
|
||||
provider "kubernetes" {
|
||||
# # host = vultr_kubernetes.k8s.endpoint
|
||||
# # client_certificate = vultr_kubernetes.k8s.client_certificate
|
||||
# # client_key = vultr_kubernetes.k8s.client_key
|
||||
# # cluster_ca_certificate = vultr_kubernetes.k8s.cluster_ca_certificate
|
||||
config_path = pathexpand("~/.kube/vultr")
|
||||
}
|
||||
|
15
terraform/vultr/pvcs.tf
Normal file
15
terraform/vultr/pvcs.tf
Normal file
@ -0,0 +1,15 @@
|
||||
resource "kubernetes_persistent_volume_claim" "ssd" {
|
||||
metadata {
|
||||
name = "ssd"
|
||||
namespace = "default"
|
||||
}
|
||||
spec {
|
||||
access_modes = ["ReadWriteOnce"]
|
||||
resources {
|
||||
requests = {
|
||||
storage = "10Gi"
|
||||
}
|
||||
}
|
||||
storage_class_name = "vultr-block-storage"
|
||||
}
|
||||
}
|
29
terraform/vultr/services.tf
Normal file
29
terraform/vultr/services.tf
Normal file
@ -0,0 +1,29 @@
|
||||
resource "kubernetes_service" "keyoxide" {
|
||||
metadata {
|
||||
name = "keyoxide"
|
||||
namespace = "default"
|
||||
labels = {
|
||||
svc = "keyoxide"
|
||||
}
|
||||
}
|
||||
|
||||
spec {
|
||||
selector = {
|
||||
app = "keyoxide"
|
||||
}
|
||||
|
||||
ip_family_policy = "SingleStack"
|
||||
ip_families = ["IPv4"]
|
||||
|
||||
type = "ClusterIP"
|
||||
cluster_ip = "None"
|
||||
# external_traffic_policy = "Local"
|
||||
|
||||
port {
|
||||
name = "http"
|
||||
port = 3000
|
||||
target_port = 3000
|
||||
protocol = "TCP"
|
||||
}
|
||||
}
|
||||
}
|
18
todo/vultr.todo
Normal file
18
todo/vultr.todo
Normal file
@ -0,0 +1,18 @@
|
||||
revert to using ansible for k8s manifest installs
|
||||
- Employ Ansible as a provider in TF?
|
||||
install nginx-ingress-controller
|
||||
edit the nginx-ingress-controller service
|
||||
- change the service type to ClusterIP
|
||||
- Change external and internal traffic policy
|
||||
- Add external IPs
|
||||
Install the operator lifecycle manager
|
||||
- Scrape current version from GH releases
|
||||
- Download the OLM install script
|
||||
- Run with current version
|
||||
|
||||
Install operators:
|
||||
- Cert manager
|
||||
- CNPG
|
||||
- Keycloak
|
||||
|
||||
Create cluster cert issuers
|
Loading…
Reference in New Issue
Block a user