An opinionated Terraform module that can be used to install and manage Tetragon on top of a Kubernetes cluster.
module "tetragon" {
source = "git::ssh://git@github.com/isovalent/terraform-k8s-tetragon.git?ref=<release-tag>"
# Wait until Cilium CNI is done.
depends_on = [
module.cilium
]
tetragon_helm_release_name = "tetragon"
tetragon_helm_values_file_path = var.tetragon_helm_values_file_path
tetragon_helm_version = var.tetragon_helm_version
tetragon_helm_chart = var.tetragon_helm_chart
tetragon_namespace = var.tetragon_namespace
path_to_kubeconfig_file = module.kubeadm_cluster.path_to_kubeconfig_file
tetragon_helm_values_override_file_path = var.tetragon_helm_values_override_file_path
post_tetragon_install_script = file("${path.module}/scripts/post-tetragon-install-script.sh")
extra_provisioner_environment_variables = local.extra_provisioner_environment_variables
}
Name | Version |
---|---|
terraform | >= 1.5.0 |
null | >= 3.1.1 |
Name | Version |
---|---|
null | >= 3.1.1 |
No modules.
Name | Type |
---|---|
null_resource.provisioner | resource |
null_resource.tp_deployer | resource |
Name | Description | Type | Default | Required |
---|---|---|---|---|
extra_provisioner_environment_variables | A map of extra environment variables to include when executing the provisioning script. | map(string) |
{} |
no |
extra_tp_deployer_environment_variables | A map of extra environment variables to include when executing the TracingPolicy deployment script. | map(string) |
{} |
no |
path_to_kubeconfig_file | The path to the kubeconfig file to use. | string |
n/a | yes |
post_tetragon_install_script | A script to be run right after installing Tetragon. | string |
"" |
no |
pre_tetragon_install_script | A script to be run right before installing Tetragon. | string |
"" |
no |
tetragon_helm_chart | The name of the Helm chart to use to install Tetragon. It is assumed that the Helm repository containing this chart has been added beforehand (e.g. using 'helm repo add'). | string |
"tetragon/tetragon" |
no |
tetragon_helm_extra_args | Extra arguments to be passed to the 'helm upgrade --install' command that installs Tetragon. | string |
"" |
no |
tetragon_helm_release_name | The name of the Helm release to use for tetragon. | string |
"tetragon" |
no |
tetragon_helm_values_file_path | The path to the file containing the values to use when installing Tetragon. | string |
n/a | yes |
tetragon_helm_values_override_file_path | The path to the file containing the values to use when installing Tetragon. These values will override the ones in 'tetragon_helm_values_file_path'. | string |
"" |
no |
tetragon_helm_version | The version of the Tetragon Helm chart to install. | string |
n/a | yes |
tetragon_namespace | The namespace in which to install Tetragon. | string |
"kube-system" |
no |
tetragon_tracingpolicy_directory | Path to the directory where TracingPolicy files are stored which should automatically be applied. The directory can contain one or multiple valid TracingPoliciy YAML files. | string |
"" |
no |
wait_for_tetragon_crds | Whether to wait for the Tetragon CRDs to be created before proceeding with the post-install script. | bool |
true |
no |
No outputs.