provide kube api configuration as a module output
Closed this issue · 3 comments
While the API may need to be publicly exposed first (depends on #9) users would benefit from the ability to treat this provider like a module that can be plugged into broader solutions.
This will require access to the Kubernetes API of the Anthos cluster:
module "anthos" {
source = "equinix/equinix-metal/anthos" # this repository, once registered
}
provider "kubernetes" {
// configure using module.anthos.some_output_variables
}
resource "kubernetes_service" "nginx" {
metadata {
name = "nginx-example"
}
spec {
selector = {
App = kubernetes_pod.nginx.metadata[0].labels.App
}
port {
port = 80
target_port = 80
}
type = "LoadBalancer"
}
}
output "lb_ip" {
value = kubernetes_service.nginx.load_balancer_ingress[0].ip
}
As the kubeconfig is only dropped onto the disk where bmctl
is run... This might be difficult. Terrafom has a hard time returning objects from a remote server as terraform resources.
We can look into hijacking local exec and doing some ssh magic using that. I know that'll be able to return the kubeconfig info in a useable way.
The following patch gets the kubeconfig copied locally, replacing 172.29.254.254
with the public IP of the first control plane node. However, the API is not listening or proxied to that address.
@c0dyhi11, any thoughts on how, where, or if the IP should be publicly exposed?
From 8ba3c55d78df1bcddef879fdad500068bbff3796 Mon Sep 17 00:00:00 2001
From: Marques Johansson <mjohansson@equinix.com>
Date: Sat, 28 Nov 2020 16:03:33 -0500
Subject: [PATCH] copy kubeconfig to a local file
Signed-off-by: Marques Johansson <mjohansson@equinix.com>
---
main.tf | 9 +++++++++
util/kubeconfig.sh | 13 +++++++++++++
2 files changed, 22 insertions(+)
create mode 100755 util/kubeconfig.sh
diff --git a/main.tf b/main.tf
index 2122921..dfce7dc 100644
--- a/main.tf
+++ b/main.tf
@@ -203,3 +203,12 @@ resource "null_resource" "deploy_anthos_cluster" {
]
}
}
+
+resource "null_resource" "local_kubectl" {
+ depends_on = [null_resource.deploy_anthos_cluster]
+
+ provisioner "local-exec" {
+ command = "${path.cwd}/${path.module}/util/kubeconfig.sh ${local.cluster_name} ${packet_device.control_plane.0.access_public_ipv4} ${cidrhost(var.private_subnet, -2)} ${local_file.cluster_private_key_pem.filename}"
+ on_failure = continue
+ }
+}
diff --git a/util/kubeconfig.sh b/util/kubeconfig.sh
new file mode 100755
index 0000000..9b31d46
--- /dev/null
+++ b/util/kubeconfig.sh
@@ -0,0 +1,13 @@
+#!/usr/bin/env bash
+set -e
+
+CLUSTER=$1
+PUBLIC_IP=$2
+API_IP=$3
+SSH_KEY=$4
+SOURCE="/root/baremetal/bmctl-workspace/$CLUSTER/$CLUSTER-kubeconfig"
+
+ssh -i ${SSH_KEY} -o BatchMode=yes -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null \
+ root@${PUBLIC_IP} \
+ cat $SOURCE | \
+ sed -e "s/${API_IP}/${PUBLIC_IP}/g" > ${CLUSTER}.conf
--
2.24.3 (Apple Git-128)