Merge pull request #38 from garutilorenzo/istio

Initial commit, istio and install script refactoring
garutilorenzo · Jan 17, 2023 · ba4a649 · ba4a649
2 parents a9d5078 + 4eb469a
commit ba4a649
Show file tree

Hide file tree

Showing 6 changed files with 318 additions and 77 deletions.
diff --git a/README.md b/README.md
@@ -251,15 +251,15 @@ Once you have created the terraform.tfvars file edit the main.tf file (always in
 | `k3s_server_pool_size`  | `no`  | Number of k3s servers deployed. Default 1  |
 | `k3s_worker_pool_size`  | `no`  | Number of k3s workers deployed. Default 2  |
 | `k3s_extra_worker_node`  | `no`  | Boolean value, default true. Deploy the third worker nodes. The node will be deployed outside the worker instance pools. Using OCI always free account you can't create instance pools with more than two servers. This workaround solve this problem. |
-| `install_nginx_ingress`  | `no`  | Boolean value, install kubernetes nginx ingress controller instead of Traefik. Default: true. For more information see [Nginx ingress controller](#nginx-ingress-controller) |
-| `install_traefik2`  | `no`  | Boolean value, install [Traefik 2](https://traefik.io/) ingress controller instead of the [embedded k3s Traefik](https://docs.k3s.io/networking#traefik-ingress-controller). Default: false. |
+| `ingress_controller`  | `no`  | Define the ingress controller to use. Valid values are: [default](https://docs.k3s.io/networking#traefik-ingress-controller), [nginx](#nginx-ingress-controller), [traefik2](https://traefik.io/) or [istio](https://istio.io/latest/docs/tasks/traffic-management/ingress/kubernetes-ingress/) |
 | `disable_ingress`  | `no`  | Boolean value, disable all ingress controllers. Default: false |
 | `ingress_controller_http_nodeport`  | `no`  | NodePort where nginx ingress will listen for http traffic. Default 30080  |
 | `ingress_controller_https_nodeport`  | `no`  | NodePort where nginx ingress will listen for https traffic.  Default 30443 |
 | `install_longhorn`  | `no`  | Boolean value, install longhorn "Cloud native distributed block storage for Kubernetes". Default: true. To use longhorn set the *k3s_version* < v1.25.x [Ref.](https://github.com/longhorn/longhorn/issues/4003)  |
-| `longhorn_release`  | `no`  | Longhorn release. Default: v1.2.3  |
+| `longhorn_release`  | `no`  | Longhorn release. Default: v1.4.0  |
 | `install_certmanager`  | `no`  | Boolean value, install [cert manager](https://cert-manager.io/) "Cloud native certificate management". Default: true  |
-| `certmanager_release`  | `no`  | Cert manager release. Default: v1.8.2  |
+| `nginx_ingress_release`  | `no`  | Longhorn release. Default: v1.5.1  |
+| `certmanager_release`  | `no`  | Cert manager release. Default: v1.11.0  |
 | `certmanager_email_address`  | `no`  | Email address used for signing https certificates. Defaul: changeme@example.com  |
 | `install_argocd`  | `no`  | Boolean value, install [Argo CD](https://argo-cd.readthedocs.io/en/stable/) "a declarative, GitOps continuous delivery tool for Kubernetes.". Default: true  |
 | `argocd_release`  | `no`  | Argo CD release. Default: v2.4.11  |

diff --git a/data.tf b/data.tf
@@ -15,9 +15,9 @@ data "cloudinit_config" "k3s_server_tpl" {
       k3s_token                         = random_password.k3s_token.result,
       is_k3s_server                     = true,
       disable_ingress                   = var.disable_ingress,
-      install_traefik2                  = var.install_traefik2,
-      install_nginx_ingress             = var.install_nginx_ingress,
+      ingress_controller                = var.ingress_controller,
       nginx_ingress_release             = var.nginx_ingress_release,
+      istio_release                     = var.istio_release,
       install_certmanager               = var.install_certmanager,
       certmanager_release               = var.certmanager_release,
       certmanager_email_address         = var.certmanager_email_address,
@@ -53,8 +53,6 @@ data "cloudinit_config" "k3s_worker_tpl" {
       disable_ingress                   = var.disable_ingress,
       k3s_url                           = oci_load_balancer_load_balancer.k3s_load_balancer.ip_address_details[0].ip_address,
       http_lb_port                      = var.http_lb_port,
-      install_traefik2                  = var.install_traefik2,
-      install_nginx_ingress             = var.install_nginx_ingress,
       install_longhorn                  = var.install_longhorn,
       https_lb_port                     = var.https_lb_port,
       ingress_controller_http_nodeport  = var.ingress_controller_http_nodeport,

diff --git a/example/.terraform.lock.hcl b/example/.terraform.lock.hcl
diff --git a/files/k3s-install-agent.sh b/files/k3s-install-agent.sh
@@ -67,13 +67,6 @@ if [[ "$operating_system" == "ubuntu" ]]; then
   apt-get update
   apt-get install -y software-properties-common jq
   DEBIAN_FRONTEND=noninteractive apt-get upgrade -y
-  %{ if install_nginx_ingress }
-  install_oci_cli_ubuntu
-  %{ endif }
-
-  %{ if install_traefik2  }
-  install_oci_cli_ubuntu
-  %{ endif }
 
   %{ if ! disable_ingress }
   install_oci_cli_ubuntu
@@ -96,13 +89,6 @@ if [[ "$operating_system" == "oraclelinux" ]]; then
 
   dnf -y update
   dnf -y install jq curl
-  %{ if install_nginx_ingress }
-  install_oci_cli_oracle
-  %{ endif }
-
-  %{ if install_traefik2  }
-  install_oci_cli_oracle
-  %{ endif }
 
   %{ if ! disable_ingress }
   install_oci_cli_oracle
@@ -268,14 +254,6 @@ nginx -t
 systemctl restart nginx
 }
 
-%{ if install_nginx_ingress }
-proxy_protocol_stuff
-%{ endif }
-
-%{ if install_traefik2  }
-proxy_protocol_stuff
-%{ endif }
-
 %{ if ! disable_ingress }
 proxy_protocol_stuff
 %{ endif }