-
Notifications
You must be signed in to change notification settings - Fork 28
/
Copy pathdata.tf
114 lines (97 loc) · 4.05 KB
/
data.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
data "aws_iam_policy" "AmazonEC2ReadOnlyAccess" {
arn = "arn:aws:iam::aws:policy/AmazonEC2ReadOnlyAccess"
}
data "aws_iam_policy" "AmazonSSMManagedInstanceCore" {
arn = "arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore"
}
data "template_cloudinit_config" "k8s_server" {
gzip = true
base64_encode = true
part {
filename = "init.cfg"
content_type = "text/cloud-config"
content = templatefile("${path.module}/files/cloud-config-base.yaml", {})
}
part {
content_type = "text/x-shellscript"
content = templatefile("${path.module}/files/install_k8s_utils.sh", {
k8s_version = var.k8s_version
})
}
part {
content_type = "text/x-shellscript"
content = templatefile("${path.module}/files/install_k8s.sh", {
is_k8s_server = true,
k8s_version = var.k8s_version,
k8s_dns_domain = var.k8s_dns_domain,
k8s_pod_subnet = var.k8s_pod_subnet,
k8s_service_subnet = var.k8s_service_subnet,
kubeadm_ca_secret_name = local.kubeadm_ca_secret_name,
kubeadm_token_secret_name = local.kubeadm_token_secret_name,
kubeadm_cert_secret_name = local.kubeadm_cert_secret_name,
kubeconfig_secret_name = local.kubeconfig_secret_name,
kube_api_port = var.kube_api_port,
control_plane_url = aws_lb.k8s_server_lb.dns_name,
install_nginx_ingress = var.install_nginx_ingress,
nginx_ingress_release = var.nginx_ingress_release,
efs_persistent_storage = var.efs_persistent_storage,
efs_csi_driver_release = var.efs_csi_driver_release,
efs_filesystem_id = var.efs_persistent_storage ? aws_efs_file_system.k8s_persistent_storage[0].id : "",
install_certmanager = var.install_certmanager,
certmanager_release = var.certmanager_release,
install_node_termination_handler = var.install_node_termination_handler,
node_termination_handler_release = var.node_termination_handler_release,
certmanager_email_address = var.certmanager_email_address,
extlb_listener_http_port = var.extlb_listener_http_port,
extlb_listener_https_port = var.extlb_listener_https_port,
default_secret_placeholder = var.default_secret_placeholder,
expose_kubeapi = var.expose_kubeapi,
k8s_tls_san_public = local.k8s_tls_san_public
})
}
}
data "template_cloudinit_config" "k8s_worker" {
gzip = true
base64_encode = true
part {
filename = "init.cfg"
content_type = "text/cloud-config"
content = templatefile("${path.module}/files/cloud-config-base.yaml", {})
}
part {
content_type = "text/x-shellscript"
content = templatefile("${path.module}/files/install_k8s_utils.sh", {
k8s_version = var.k8s_version
})
}
part {
content_type = "text/x-shellscript"
content = templatefile("${path.module}/files/install_k8s_worker.sh", {
is_k8s_server = false,
kubeadm_ca_secret_name = local.kubeadm_ca_secret_name,
kubeadm_token_secret_name = local.kubeadm_token_secret_name,
kubeadm_cert_secret_name = local.kubeadm_cert_secret_name,
kube_api_port = var.kube_api_port,
control_plane_url = aws_lb.k8s_server_lb.dns_name,
default_secret_placeholder = var.default_secret_placeholder,
})
}
}
data "aws_instances" "k8s_servers" {
depends_on = [
aws_autoscaling_group.k8s_servers_asg,
]
instance_tags = {
for tag, value in merge(local.global_tags, { k8s-instance-type = "k8s-server" }) : tag => value
}
instance_state_names = ["running"]
}
data "aws_instances" "k8s_workers" {
depends_on = [
aws_autoscaling_group.k8s_workers_asg,
]
instance_tags = {
for tag, value in merge(local.global_tags, { k8s-instance-type = "k8s-worker" }) : tag => value
}
instance_state_names = ["running"]
}