provider "kubernetes" {
config_path = "~/.kube/config"
}
provider "helm" {
kubernetes {
config_path = "~/.kube/config"
}
}
module "service_mesh" {
source = "../"
ha_enabled = true
cni_enabled = true
chart_timeout = 2000
ca_cert_expiration_hours = 8760 # 1 year
trust_anchor_validity_hours = 17520 # 2 years
issuer_validity_hours = 8760 # 1 year (must be shorter than the trusted anchor)
# optional value for linkerd config (in this case, override the default 'clockSkewAllowance' of 20s (for example purposes))
additional_yaml_config = yamlencode({ "identity" : { "issuer" : { "clockSkewAllowance" : "30s" } } })
extensions = ["viz"]
}| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| additional_yaml_config | used for additional customization of the linkerd helm chart values | string |
"" |
no |
| atomic | Whether the chart should be installed with the atomic flag | bool |
true |
no |
| ca_cert_expiration_hours | Number of hours added to installation time to calculate trust anchor certification expiration date | number |
8760 |
no |
| certificate_controlplane_duration | Number of hours for controlplane certification expiration | string |
"1440h0m0s" |
no |
| certificate_controlplane_renewbefore | Number of hours before the control plane certification expiration to request for certificate renewal | string |
"48h0m0s" |
no |
| certificate_webhook_duration | Number of hours for webhook certification expiration | string |
"1440h0m0s" |
no |
| certificate_webhook_renewbefore | Number of hours before the webhook certification expiration to request for certificate renewal | string |
"48h0m0s" |
no |
| chart_namespace | Namespace to install linkerd. | string |
"linkerd" |
no |
| chart_repository | Helm chart repository | string |
"https://helm.linkerd.io/stable" |
no |
| chart_timeout | The number of seconds to wait for the linkerd chart to be deployed. the default is 900 (15 minutes) | string |
"900" |
no |
| chart_version | Helm chart version | string |
"2.11.1" |
no |
| cni_enabled | Whether to enable the cni plugin. | bool |
true |
no |
| extensions | Linkerd extensions to install. | set(string) |
[ |
no |
| ha_enabled | Whether to enable high availability settings. | bool |
true |
no |
| issuer_validity_hours | Number of hours for which the issuer certification is valid (must be shorter than the trust anchor) | number |
8760 |
no |
| trust_anchor_validity_hours | Number of hours for which the trust anchor certification is valid | number |
17520 |
no |
No outputs.
1.Install Terraform.
2.Sign into your Azure Account
# Login with the Azure CLI/bash terminal/powershell by running
az login
# Verify access by running
az account show --output jsonc
# Confirm you are running required/pinned version of terraform
terraform versioncd examples/sandbox
terraform init
terraform plan -out sandbox-01.tfplan
terraform apply sandbox-01.tfplancd tests
go mod init 'tests'
go test -run TestSandboxExample -v -timeout 30mOr Using Make
make test