init

.gitignore

@@ -0,0 +1 @@
+.idea

CHANGELOG.MD

@@ -0,0 +1 @@
+

README.MD

@@ -0,0 +1,65 @@
+<!-- BEGIN_TF_DOCS -->
+## Requirements
+
+| Name | Version |
+|------|---------|
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 0.14 |
+| <a name="requirement_k8s"></a> [k8s](#requirement\_k8s) | 0.9.1 |
+| <a name="requirement_kubernetes"></a> [kubernetes](#requirement\_kubernetes) | 2.11.0 |
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| <a name="provider_k8s"></a> [k8s](#provider\_k8s) | 0.9.1 |
+| <a name="provider_kubernetes"></a> [kubernetes](#provider\_kubernetes) | 2.11.0 |
+
+## Modules
+
+No modules.
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [k8s_manifest.grafana-addon](https://registry.terraform.io/providers/banzaicloud/k8s/0.9.1/docs/resources/manifest) | resource |
+| [k8s_manifest.grafana-cm-addon](https://registry.terraform.io/providers/banzaicloud/k8s/0.9.1/docs/resources/manifest) | resource |
+| [k8s_manifest.istio_deployment](https://registry.terraform.io/providers/banzaicloud/k8s/0.9.1/docs/resources/manifest) | resource |
+| [k8s_manifest.jaeger-addon](https://registry.terraform.io/providers/banzaicloud/k8s/0.9.1/docs/resources/manifest) | resource |
+| [k8s_manifest.kiali-addon](https://registry.terraform.io/providers/banzaicloud/k8s/0.9.1/docs/resources/manifest) | resource |
+| [k8s_manifest.kiali-crds-addon](https://registry.terraform.io/providers/banzaicloud/k8s/0.9.1/docs/resources/manifest) | resource |
+| [k8s_manifest.operator_crd](https://registry.terraform.io/providers/banzaicloud/k8s/0.9.1/docs/resources/manifest) | resource |
+| [k8s_manifest.prometheus-addon](https://registry.terraform.io/providers/banzaicloud/k8s/0.9.1/docs/resources/manifest) | resource |
+| [kubernetes_cluster_role.istio_operator](https://registry.terraform.io/providers/hashicorp/kubernetes/2.11.0/docs/resources/cluster_role) | resource |
+| [kubernetes_cluster_role_binding.istio_operator](https://registry.terraform.io/providers/hashicorp/kubernetes/2.11.0/docs/resources/cluster_role_binding) | resource |
+| [kubernetes_deployment.istio_operator](https://registry.terraform.io/providers/hashicorp/kubernetes/2.11.0/docs/resources/deployment) | resource |
+| [kubernetes_namespace.istio_namespace](https://registry.terraform.io/providers/hashicorp/kubernetes/2.11.0/docs/resources/namespace) | resource |
+| [kubernetes_namespace.istio_operator](https://registry.terraform.io/providers/hashicorp/kubernetes/2.11.0/docs/resources/namespace) | resource |
+| [kubernetes_service.istio_operator](https://registry.terraform.io/providers/hashicorp/kubernetes/2.11.0/docs/resources/service) | resource |
+| [kubernetes_service_account.istio_operator](https://registry.terraform.io/providers/hashicorp/kubernetes/2.11.0/docs/resources/service_account) | resource |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_create_istio_namespace"></a> [create\_istio\_namespace](#input\_create\_istio\_namespace) | Whether or not the targeted namespace for istio components should be deployed | `bool` | `true` | no |
+| <a name="input_create_istio_operator_namespace"></a> [create\_istio\_operator\_namespace](#input\_create\_istio\_operator\_namespace) | Whether or not the targeted namespace for istio operator should be deployed | `bool` | `true` | no |
+| <a name="input_grafana_subpath"></a> [grafana\_subpath](#input\_grafana\_subpath) | Subpath for Grafana endpoint, useful if is behind a Virtual Service | `string` | `""` | no |
+| <a name="input_ingress_gateway_annotations"></a> [ingress\_gateway\_annotations](#input\_ingress\_gateway\_annotations) | Map of annotation for the istio ingress gateway | `map(string)` | `{}` | no |
+| <a name="input_ingress_gateway_ip"></a> [ingress\_gateway\_ip](#input\_ingress\_gateway\_ip) | Ingress gateway IP, if you want to fix it | `string` | `""` | no |
+| <a name="input_ingress_gateway_selector"></a> [ingress\_gateway\_selector](#input\_ingress\_gateway\_selector) | Istio ingress gateway selector suffix | `string` | `"ingressgateway"` | no |
+| <a name="input_ingress_gateway_source_ranges"></a> [ingress\_gateway\_source\_ranges](#input\_ingress\_gateway\_source\_ranges) | Ingress gateway allowed source ranges | `string` | `""` | no |
+| <a name="input_istio_namespace"></a> [istio\_namespace](#input\_istio\_namespace) | Namespace where istio components will be deployed | `string` | `"istio-system"` | no |
+| <a name="input_istio_operator_namespace"></a> [istio\_operator\_namespace](#input\_istio\_operator\_namespace) | Namespace where the istio operator will be deployed | `string` | `"istio-operator"` | no |
+| <a name="input_istio_version"></a> [istio\_version](#input\_istio\_version) | Version of istio that will be deployed | `string` | `"1.13.4"` | no |
+| <a name="input_kiali_path"></a> [kiali\_path](#input\_kiali\_path) | Path for Kiali endpoint, useful if is behind a Virtual Service | `string` | `""` | no |
+| <a name="input_module_depends_on"></a> [module\_depends\_on](#input\_module\_depends\_on) | n/a | `any` | `null` | no |
+| <a name="input_prometheus_path"></a> [prometheus\_path](#input\_prometheus\_path) | Path for prometheus endpoint, useful if is behind a Virtual Service | `string` | `""` | no |
+| <a name="input_tracing_path"></a> [tracing\_path](#input\_tracing\_path) | Path for Jaeger endpoint, useful if is behind a Virtual Service | `string` | `"/jaeger"` | no |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| <a name="output_wait_for_provisioned"></a> [wait\_for\_provisioned](#output\_wait\_for\_provisioned) | n/a |
+<!-- END_TF_DOCS -->

addons.tf

@@ -0,0 +1,62 @@
+locals {
+  grafana_cm_manifests = split("\n---\n",
+  templatefile(
+  "${path.module}/kubernetes/addons/grafana-configmap.yaml", {
+    root_url: "%{ if var.grafana_subpath != "" }root_url = %(protocol)s://%(domain)s:%(http_port)s${var.grafana_subpath}%{ endif }",
+    serve_from_sub_path: "%{ if var.grafana_subpath != "" }serve_from_sub_path = true%{ endif }",
+  }))
+
+  grafana_manifests = split("\n---\n", file("${path.module}/kubernetes/addons/grafana.yaml"))
+  jaeger_manifests = split("\n---\n", templatefile("${path.module}/kubernetes/addons/jaeger.yaml", {
+    tracing_path:    var.tracing_path,
+  }))
+  prometheus_manifests = split("\n---\n", templatefile("${path.module}/kubernetes/addons/prometheus.yaml", {
+    istio_namespace: var.istio_namespace,
+    prometheus_path: var.prometheus_path,
+  }))
+
+  kiali_manifests = split("\n---\n", templatefile("${path.module}/kubernetes/addons/kiali.yaml", {
+    istio_namespace: var.istio_namespace,
+    grafana_path:    var.grafana_subpath,
+    kiali_path:      var.kiali_path,
+    prometheus_path: var.prometheus_path,
+    tracing_path:    var.tracing_path,
+  }
+  ))
+  kiali_crds_manifests = split("\n---\n", file("${path.module}/kubernetes/addons/kiali-crds.yaml"))
+}
+
+resource "k8s_manifest" "prometheus-addon" {
+  count      = length(local.prometheus_manifests)
+  content    = local.prometheus_manifests[count.index]
+}
+
+resource "k8s_manifest" "jaeger-addon" {
+  count      = length(local.jaeger_manifests)
+  content    = local.jaeger_manifests[count.index]
+  depends_on = [k8s_manifest.prometheus-addon]
+}
+
+resource "k8s_manifest" "grafana-cm-addon" {
+  count      = length(local.grafana_cm_manifests)
+  content    = local.grafana_cm_manifests[count.index]
+  depends_on = [k8s_manifest.jaeger-addon]
+}
+
+resource "k8s_manifest" "grafana-addon" {
+  count      = length(local.grafana_manifests)
+  content    = local.grafana_manifests[count.index]
+    depends_on = [k8s_manifest.grafana-cm-addon]
+}
+
+resource "k8s_manifest" "kiali-crds-addon" {
+  count      = length(local.kiali_crds_manifests)
+  content    = local.kiali_crds_manifests[count.index]
+  depends_on = [k8s_manifest.grafana-addon]
+}
+
+resource "k8s_manifest" "kiali-addon" {
+  count      = length(local.kiali_manifests)
+  content    = local.kiali_manifests[count.index]
+  depends_on = [k8s_manifest.kiali-crds-addon]
+}

kubernetes/addons/grafana-configmap.yaml

@@ -0,0 +1,59 @@
+---
+# Source: grafana/templates/configmap.yaml
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: grafana
+  namespace: istio-system
+  labels:
+    helm.sh/chart: grafana-5.8.10
+    app.kubernetes.io/name: grafana
+    app.kubernetes.io/instance: grafana
+    app.kubernetes.io/version: "7.2.1"
+    app.kubernetes.io/managed-by: Helm
+data:
+  grafana.ini: |
+    [server]
+    ${root_url}
+    ${serve_from_sub_path}
+    [analytics]
+    check_for_updates = true
+    [grafana_net]
+    url = https://grafana.net
+    [log]
+    mode = console
+    [paths]
+    data = /var/lib/grafana/data
+    logs = /var/log/grafana
+    plugins = /var/lib/grafana/plugins
+    provisioning = /etc/grafana/provisioning
+
+  datasources.yaml: |
+    apiVersion: 1
+    datasources:
+    - access: proxy
+      editable: true
+      isDefault: true
+      jsonData:
+        timeInterval: 5s
+      name: Prometheus
+      orgId: 1
+      type: prometheus
+      url: http://prometheus:9090
+  dashboardproviders.yaml: |
+    apiVersion: 1
+    providers:
+    - disableDeletion: false
+      folder: istio
+      name: istio
+      options:
+        path: /var/lib/grafana/dashboards/istio
+      orgId: 1
+      type: file
+    - disableDeletion: false
+      folder: istio
+      name: istio-services
+      options:
+        path: /var/lib/grafana/dashboards/istio-services
+      orgId: 1
+      type: file

kubernetes/addons/jaeger.yaml

@@ -0,0 +1,109 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: jaeger
+  namespace: istio-system
+  labels:
+    app: jaeger
+spec:
+  selector:
+    matchLabels:
+      app: jaeger
+  template:
+    metadata:
+      labels:
+        app: jaeger
+      annotations:
+        sidecar.istio.io/inject: "false"
+        prometheus.io/scrape: "true"
+        prometheus.io/port: "14269"
+    spec:
+      containers:
+        - name: jaeger
+          image: "docker.io/jaegertracing/all-in-one:1.20"
+          env:
+            - name: BADGER_EPHEMERAL
+              value: "false"
+            - name: SPAN_STORAGE_TYPE
+              value: "badger"
+            - name: BADGER_DIRECTORY_VALUE
+              value: "/badger/data"
+            - name: BADGER_DIRECTORY_KEY
+              value: "/badger/key"
+            - name: COLLECTOR_ZIPKIN_HTTP_PORT
+              value: "9411"
+            - name: MEMORY_MAX_TRACES
+              value: "50000"
+            - name: QUERY_BASE_PATH
+              value: ${tracing_path}
+          livenessProbe:
+            httpGet:
+              path: /
+              port: 14269
+          readinessProbe:
+            httpGet:
+              path: /
+              port: 14269
+          volumeMounts:
+            - name: data
+              mountPath: /badger
+          resources:
+            requests:
+              cpu: 10m
+      volumes:
+        - name: data
+          emptyDir: {}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: tracing
+  namespace: istio-system
+  labels:
+    app: jaeger
+spec:
+  type: ClusterIP
+  ports:
+    - name: http-query
+      port: 80
+      protocol: TCP
+      targetPort: 16686
+  selector:
+    app: jaeger
+---
+# Jaeger implements the Zipkin API. To support swapping out the tracing backend, we use a Service named Zipkin.
+apiVersion: v1
+kind: Service
+metadata:
+  labels:
+    name: zipkin
+  name: zipkin
+  namespace: istio-system
+spec:
+  ports:
+    - port: 9411
+      targetPort: 9411
+      name: http-query
+  selector:
+    app: jaeger
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: jaeger-collector
+  namespace: istio-system
+  labels:
+    app: jaeger
+spec:
+  type: ClusterIP
+  ports:
+    - name: jaeger-collector-http
+      port: 14268
+      targetPort: 14268
+      protocol: TCP
+    - name: jaeger-collector-grpc
+      port: 14250
+      targetPort: 14250
+      protocol: TCP
+  selector:
+    app: jaeger

kubernetes/addons/kiali-crds.yaml

@@ -0,0 +1,24 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: monitoringdashboards.monitoring.kiali.io
+  labels:
+    app: kiali
+spec:
+  group: monitoring.kiali.io
+  names:
+    kind: MonitoringDashboard
+    listKind: MonitoringDashboardList
+    plural: monitoringdashboards
+    singular: monitoringdashboard
+  scope: Namespaced
+  versions:
+    - name: v1alpha1
+      served: true
+      storage: true
+      schema:
+        openAPIV3Schema:
+          type: object
+          x-kubernetes-preserve-unknown-fields: true
+...