nicolas
/
openshift-4-installation
mirror of https://github.com/nmasse-itix/openshift-4-installation.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

move clusters in a .clusters subfolder

main
Nicolas Massé 5 years ago
parent
c1e4b9c321
commit
06b7a0e943
6 changed files with 70 additions and 71 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 1
      .gitignore
  2. 2
      bootstrap.tf
  3. 124
      clusterctl
  4. 2
      master.tf
  5. 10
      post-install.tf
  6. 2
      worker.tf

1
.gitignore
View File

@ -7,3 +7,4 @@ terraform.tfvars
install-config.yaml install-config.yaml
.lego .lego
local.env local.env
.clusters

2
bootstrap.tf
View File

@ -9,7 +9,7 @@ resource "libvirt_volume" "bootstrap_disk" {
resource "libvirt_ignition" "bootstrap_ignition" { resource "libvirt_ignition" "bootstrap_ignition" {
name = "${var.cluster_name}-bootstrap-ignition" name = "${var.cluster_name}-bootstrap-ignition"
content = file("${path.module}/${var.cluster_name}/bootstrap.ign") content = file("${path.module}/.clusters/${var.cluster_name}/bootstrap.ign")
} }
locals { locals {

124
clusterctl
View File

@ -6,22 +6,20 @@ trap "exit" INT
function init () { function init () {
local cluster_name="${1:-}" local cluster_name="${1:-}"
if [ -d "$cluster_name" ]; then if [ -d ".clusters/$cluster_name" ]; then
echo "Cluster '$cluster_name' already initialized !" echo "Cluster '$cluster_name' already initialized !"
exit 1 exit 1
fi fi
cluster_name="$1" mkdir -p ".clusters/$cluster_name"
sed "s/__CLUSTER_NAME__/$cluster_name/" install-config.yaml > ".clusters/$cluster_name/install-config.yaml"
mkdir -p "$cluster_name" sed "s/__CLUSTER_NAME__/$cluster_name/" terraform.tfvars > ".clusters/$cluster_name/terraform.tfvars"
sed "s/__CLUSTER_NAME__/$cluster_name/" install-config.yaml > "$cluster_name/install-config.yaml"
sed "s/__CLUSTER_NAME__/$cluster_name/" terraform.tfvars > "$cluster_name/terraform.tfvars"
echo "Cluster $cluster_name initialized successfully!" echo "Cluster $cluster_name initialized successfully!"
echo echo
echo "Review and adjust the following files to your needs:" echo "Review and adjust the following files to your needs:"
echo "- $cluster_name/install-config.yaml" echo "- .clusters/$cluster_name/install-config.yaml"
echo "- $cluster_name/terraform.tfvars" echo "- .clusters/$cluster_name/terraform.tfvars"
echo echo
exit 0 exit 0
} }
@ -29,13 +27,13 @@ function init () {
function destroy () { function destroy () {
local cluster_name="${1:-}" local cluster_name="${1:-}"
if [ ! -d "$cluster_name" ]; then if [ ! -d ".clusters/$cluster_name" ]; then
echo "Cluster '$cluster_name' does not exist!" echo "Cluster '$cluster_name' does not exist!"
exit 1 exit 1
fi fi
terraform destroy -var-file="$cluster_name/terraform.tfvars" -state="$cluster_name/terraform.tfstate" terraform destroy -var-file=".clusters/$cluster_name/terraform.tfvars" -state=".clusters/$cluster_name/terraform.tfstate"
sed -i.bak 's/^\s*bootstrap_nodes\s*=\s*.*$/bootstrap_nodes = 1/' "$cluster_name/terraform.tfvars" sed -i.bak 's/^\s*bootstrap_nodes\s*=\s*.*$/bootstrap_nodes = 1/' ".clusters/$cluster_name/terraform.tfvars"
} }
function apply () { function apply () {
@ -47,25 +45,25 @@ function apply () {
fi fi
# Make a backup since the openshift-install command will consume it # Make a backup since the openshift-install command will consume it
if [ -f "$cluster_name/install-config.yaml" ]; then if [ -f ".clusters/$cluster_name/install-config.yaml" ]; then
cp "$cluster_name/install-config.yaml" "$cluster_name/install-config.yaml.bak" cp ".clusters/$cluster_name/install-config.yaml" ".clusters/$cluster_name/install-config.yaml.bak"
fi fi
# Include the cluster dir in the path for disconnected installations # Include the cluster dir in the path for disconnected installations
export PATH="$PWD/$cluster_name:$PATH" export PATH="$PWD/.clusters/$cluster_name:$PATH"
openshift-install version openshift-install version
# Create installation files # Create installation files
openshift-install create manifests --dir="$cluster_name" openshift-install create manifests --dir=".clusters/$cluster_name"
openshift-install create ignition-configs --dir="$cluster_name" openshift-install create ignition-configs --dir=".clusters/$cluster_name"
# Provision the infrastructure and wait for bootstrap to complete # Provision the infrastructure and wait for bootstrap to complete
terraform apply -var-file="$cluster_name/terraform.tfvars" -state="$cluster_name/terraform.tfstate" -auto-approve terraform apply -var-file=".clusters/$cluster_name/terraform.tfvars" -state=".clusters/$cluster_name/terraform.tfstate" -auto-approve
openshift-install --dir="$cluster_name" wait-for bootstrap-complete --log-level=info openshift-install --dir=".clusters/$cluster_name" wait-for bootstrap-complete --log-level=info
# Destroy the bootstrap node # Destroy the bootstrap node
sed -i.bak 's/^\s*bootstrap_nodes\s*=\s*.*$/bootstrap_nodes = 0/' "$cluster_name/terraform.tfvars" sed -i.bak 's/^\s*bootstrap_nodes\s*=\s*.*$/bootstrap_nodes = 0/' ".clusters/$cluster_name/terraform.tfvars"
terraform apply -var-file="$cluster_name/terraform.tfvars" -state="$cluster_name/terraform.tfstate" -auto-approve terraform apply -var-file=".clusters/$cluster_name/terraform.tfvars" -state=".clusters/$cluster_name/terraform.tfstate" -auto-approve
# Auto-approve all pending CSRs # Auto-approve all pending CSRs
for i in {0..240}; do for i in {0..240}; do
@ -74,64 +72,64 @@ function apply () {
done & done &
# Wait for the installation to complete # Wait for the installation to complete
openshift-install --dir="$cluster_name" wait-for install-complete openshift-install --dir=".clusters/$cluster_name" wait-for install-complete
} }
function ping () { function ping () {
local cluster_name="${1:-}" local cluster_name="${1:-}"
if [ ! -d "$cluster_name" ]; then if [ ! -d ".clusters/$cluster_name" ]; then
echo "Cluster '$cluster_name' does not exist!" echo "Cluster '$cluster_name' does not exist!"
exit 1 exit 1
fi fi
oc --insecure-skip-tls-verify --kubeconfig="$cluster_name/auth/kubeconfig" whoami oc --insecure-skip-tls-verify --kubeconfig=".clusters/$cluster_name/auth/kubeconfig" whoami
} }
function approve_csr () { function approve_csr () {
local cluster_name="${1:-}" local cluster_name="${1:-}"
if [ ! -d "$cluster_name" ]; then if [ ! -d ".clusters/$cluster_name" ]; then
echo "Cluster '$cluster_name' does not exist!" echo "Cluster '$cluster_name' does not exist!"
exit 1 exit 1
fi fi
oc --insecure-skip-tls-verify --kubeconfig="$cluster_name/auth/kubeconfig" get csr --no-headers \ oc --insecure-skip-tls-verify --kubeconfig=".clusters/$cluster_name/auth/kubeconfig" get csr --no-headers \
| awk '/Pending/ {print $1}' \ | awk '/Pending/ {print $1}' \
| xargs --no-run-if-empty oc --insecure-skip-tls-verify --kubeconfig="$cluster_name/auth/kubeconfig" adm certificate approve | xargs --no-run-if-empty oc --insecure-skip-tls-verify --kubeconfig=".clusters/$cluster_name/auth/kubeconfig" adm certificate approve
} }
function start () { function start () {
local cluster_name="${1:-}" local cluster_name="${1:-}"
if [ ! -d "$cluster_name" ]; then if [ ! -d ".clusters/$cluster_name" ]; then
echo "Cluster '$cluster_name' does not exist!" echo "Cluster '$cluster_name' does not exist!"
exit 1 exit 1
fi fi
ansible-playbook -i "$cluster_name/inventory" ansible/start.yaml ansible-playbook -i ".clusters/$cluster_name/inventory" ansible/start.yaml
} }
function stop () { function stop () {
local cluster_name="${1:-}" local cluster_name="${1:-}"
if [ ! -d "$cluster_name" ]; then if [ ! -d ".clusters/$cluster_name" ]; then
echo "Cluster '$cluster_name' does not exist!" echo "Cluster '$cluster_name' does not exist!"
exit 1 exit 1
fi fi
ansible-playbook -i "$cluster_name/inventory" ansible/stop.yaml ansible-playbook -i ".clusters/$cluster_name/inventory" ansible/stop.yaml
} }
function post_install_nfs () { function post_install_nfs () {
local cluster_name="${1:-}" local cluster_name="${1:-}"
oc apply --insecure-skip-tls-verify --kubeconfig="$cluster_name/auth/kubeconfig" -f "$cluster_name/registry-pv.yaml" oc apply --insecure-skip-tls-verify --kubeconfig=".clusters/$cluster_name/auth/kubeconfig" -f ".clusters/$cluster_name/registry-pv.yaml"
oc patch --insecure-skip-tls-verify --kubeconfig="$cluster_name/auth/kubeconfig" configs.imageregistry.operator.openshift.io cluster --type=json --patch-file=/dev/fd/0 <<EOF oc patch --insecure-skip-tls-verify --kubeconfig=".clusters/$cluster_name/auth/kubeconfig" configs.imageregistry.operator.openshift.io cluster --type=json --patch-file=/dev/fd/0 <<EOF
[{"op": "remove", "path": "/spec/storage" },{"op": "add", "path": "/spec/storage", "value": {"pvc":{"claim": "registry-storage"}}}] [{"op": "remove", "path": "/spec/storage" },{"op": "add", "path": "/spec/storage", "value": {"pvc":{"claim": "registry-storage"}}}]
EOF EOF
oc apply --insecure-skip-tls-verify --kubeconfig="$cluster_name/auth/kubeconfig" -f "$cluster_name/nfs-provisioner.yaml" oc apply --insecure-skip-tls-verify --kubeconfig=".clusters/$cluster_name/auth/kubeconfig" -f ".clusters/$cluster_name/nfs-provisioner.yaml"
oc patch --insecure-skip-tls-verify --kubeconfig="$cluster_name/auth/kubeconfig" configs.imageregistry.operator.openshift.io cluster --type merge --patch-file=/dev/fd/0 <<EOF oc patch --insecure-skip-tls-verify --kubeconfig=".clusters/$cluster_name/auth/kubeconfig" configs.imageregistry.operator.openshift.io cluster --type merge --patch-file=/dev/fd/0 <<EOF
{"spec":{"managementState": "Managed"}} {"spec":{"managementState": "Managed"}}
EOF EOF
} }
@ -139,20 +137,20 @@ EOF
function post_install_le () { function post_install_le () {
local cluster_name="${1:-}" local cluster_name="${1:-}"
cert_dn="$(openssl x509 -noout -subject -in "$cluster_name/cluster.crt")" cert_dn="$(openssl x509 -noout -subject -in ".clusters/$cluster_name/cluster.crt")"
cert_cn="${cert_dn#subject=CN = }" cert_cn="${cert_dn#subject=CN = }"
# Deploy certificate to ingress # Deploy certificate to ingress
oc --insecure-skip-tls-verify --kubeconfig="$cluster_name/auth/kubeconfig" create secret tls router-certs-$(date "+%Y-%m-%d") --cert="$cluster_name/cluster.crt" --key="$cluster_name/cluster.key" -n openshift-ingress --dry-run -o yaml > "$cluster_name/router-certs.yaml" oc --insecure-skip-tls-verify --kubeconfig=".clusters/$cluster_name/auth/kubeconfig" create secret tls router-certs-$(date "+%Y-%m-%d") --cert=".clusters/$cluster_name/cluster.crt" --key=".clusters/$cluster_name/cluster.key" -n openshift-ingress --dry-run -o yaml > ".clusters/$cluster_name/router-certs.yaml"
oc --insecure-skip-tls-verify --kubeconfig="$cluster_name/auth/kubeconfig" apply -f "$cluster_name/router-certs.yaml" -n openshift-ingress oc --insecure-skip-tls-verify --kubeconfig=".clusters/$cluster_name/auth/kubeconfig" apply -f ".clusters/$cluster_name/router-certs.yaml" -n openshift-ingress
oc --insecure-skip-tls-verify --kubeconfig="$cluster_name/auth/kubeconfig" patch ingresscontroller default -n openshift-ingress-operator --type=merge --patch-file=/dev/fd/0 <<EOF oc --insecure-skip-tls-verify --kubeconfig=".clusters/$cluster_name/auth/kubeconfig" patch ingresscontroller default -n openshift-ingress-operator --type=merge --patch-file=/dev/fd/0 <<EOF
{"spec": { "defaultCertificate": { "name": "router-certs-$(date "+%Y-%m-%d")" }}} {"spec": { "defaultCertificate": { "name": "router-certs-$(date "+%Y-%m-%d")" }}}
EOF EOF
# Deploy certificate to api # Deploy certificate to api
oc --insecure-skip-tls-verify --kubeconfig="$cluster_name/auth/kubeconfig" create secret tls api-certs-$(date "+%Y-%m-%d") --cert="$cluster_name/cluster.crt" --key="$cluster_name/cluster.key" -n openshift-config --dry-run -o yaml > "$cluster_name/api-certs.yaml" oc --insecure-skip-tls-verify --kubeconfig=".clusters/$cluster_name/auth/kubeconfig" create secret tls api-certs-$(date "+%Y-%m-%d") --cert=".clusters/$cluster_name/cluster.crt" --key=".clusters/$cluster_name/cluster.key" -n openshift-config --dry-run -o yaml > ".clusters/$cluster_name/api-certs.yaml"
oc --insecure-skip-tls-verify --kubeconfig="$cluster_name/auth/kubeconfig" apply -f "$cluster_name/api-certs.yaml" -n openshift-config oc --insecure-skip-tls-verify --kubeconfig=".clusters/$cluster_name/auth/kubeconfig" apply -f ".clusters/$cluster_name/api-certs.yaml" -n openshift-config
oc --insecure-skip-tls-verify --kubeconfig="$cluster_name/auth/kubeconfig" patch apiserver cluster --type=merge --patch-file=/dev/fd/0 <<EOF oc --insecure-skip-tls-verify --kubeconfig=".clusters/$cluster_name/auth/kubeconfig" patch apiserver cluster --type=merge --patch-file=/dev/fd/0 <<EOF
{"spec":{"servingCerts":{"namedCertificates":[{"names":["$cert_cn"],"servingCertificate":{"name": "api-certs-$(date "+%Y-%m-%d")"}}]}}} {"spec":{"servingCerts":{"namedCertificates":[{"names":["$cert_cn"],"servingCertificate":{"name": "api-certs-$(date "+%Y-%m-%d")"}}]}}}
EOF EOF
} }
@ -160,9 +158,9 @@ EOF
function post_install_sso () { function post_install_sso () {
local cluster_name="${1:-}" local cluster_name="${1:-}"
oc --insecure-skip-tls-verify --kubeconfig="$cluster_name/auth/kubeconfig" create secret generic redhat-sso-client-secret -n openshift-config --from-literal="clientSecret=$GOOGLE_CLIENT_SECRET" --dry-run -o yaml > "$cluster_name/sso-secret.yaml" oc --insecure-skip-tls-verify --kubeconfig=".clusters/$cluster_name/auth/kubeconfig" create secret generic redhat-sso-client-secret -n openshift-config --from-literal="clientSecret=$GOOGLE_CLIENT_SECRET" --dry-run -o yaml > ".clusters/$cluster_name/sso-secret.yaml"
oc --insecure-skip-tls-verify --kubeconfig="$cluster_name/auth/kubeconfig" apply -f "$cluster_name/sso-secret.yaml" oc --insecure-skip-tls-verify --kubeconfig=".clusters/$cluster_name/auth/kubeconfig" apply -f ".clusters/$cluster_name/sso-secret.yaml"
oc --insecure-skip-tls-verify --kubeconfig="$cluster_name/auth/kubeconfig" apply -f - <<EOF oc --insecure-skip-tls-verify --kubeconfig=".clusters/$cluster_name/auth/kubeconfig" apply -f - <<EOF
apiVersion: config.openshift.io/v1 apiVersion: config.openshift.io/v1
kind: OAuth kind: OAuth
metadata: metadata:
@ -178,14 +176,14 @@ spec:
name: RedHatSSO name: RedHatSSO
type: Google type: Google
EOF EOF
oc --insecure-skip-tls-verify --kubeconfig="$cluster_name/auth/kubeconfig" adm policy add-cluster-role-to-user cluster-admin "$OCP_ADMIN" oc --insecure-skip-tls-verify --kubeconfig=".clusters/$cluster_name/auth/kubeconfig" adm policy add-cluster-role-to-user cluster-admin "$OCP_ADMIN"
} }
function post_install () { function post_install () {
local cluster_name="${1:-}" local cluster_name="${1:-}"
shift shift
if [ ! -d "$cluster_name" ]; then if [ ! -d ".clusters/$cluster_name" ]; then
echo "Cluster '$cluster_name' does not exist!" echo "Cluster '$cluster_name' does not exist!"
exit 1 exit 1
fi fi
@ -200,7 +198,7 @@ function post_install () {
} }
function install_addon_acmhub () { function install_addon_acmhub () {
oc --insecure-skip-tls-verify --kubeconfig="$cluster_name/auth/kubeconfig" apply -f - <<EOF oc --insecure-skip-tls-verify --kubeconfig=".clusters/$cluster_name/auth/kubeconfig" apply -f - <<EOF
apiVersion: v1 apiVersion: v1
kind: Namespace kind: Namespace
metadata: metadata:
@ -209,7 +207,7 @@ spec:
finalizers: finalizers:
- kubernetes - kubernetes
EOF EOF
oc --insecure-skip-tls-verify --kubeconfig="$cluster_name/auth/kubeconfig" apply -f - <<EOF oc --insecure-skip-tls-verify --kubeconfig=".clusters/$cluster_name/auth/kubeconfig" apply -f - <<EOF
apiVersion: operators.coreos.com/v1 apiVersion: operators.coreos.com/v1
kind: OperatorGroup kind: OperatorGroup
metadata: metadata:
@ -219,7 +217,7 @@ spec:
targetNamespaces: targetNamespaces:
- open-cluster-management - open-cluster-management
EOF EOF
oc --insecure-skip-tls-verify --kubeconfig="$cluster_name/auth/kubeconfig" apply -f - <<EOF oc --insecure-skip-tls-verify --kubeconfig=".clusters/$cluster_name/auth/kubeconfig" apply -f - <<EOF
apiVersion: operators.coreos.com/v1alpha1 apiVersion: operators.coreos.com/v1alpha1
kind: Subscription kind: Subscription
metadata: metadata:
@ -232,11 +230,11 @@ spec:
installPlanApproval: Automatic installPlanApproval: Automatic
name: advanced-cluster-management name: advanced-cluster-management
EOF EOF
while ! oc --insecure-skip-tls-verify --kubeconfig="$cluster_name/auth/kubeconfig" -n open-cluster-management get mch --all-namespaces -o yaml &>/dev/null; do while ! oc --insecure-skip-tls-verify --kubeconfig=".clusters/$cluster_name/auth/kubeconfig" -n open-cluster-management get mch --all-namespaces -o yaml &>/dev/null; do
echo "Waiting for the MultiClusterHub CRD to appear..." echo "Waiting for the MultiClusterHub CRD to appear..."
sleep 5 sleep 5
done done
oc --insecure-skip-tls-verify --kubeconfig="$cluster_name/auth/kubeconfig" apply -f - <<EOF oc --insecure-skip-tls-verify --kubeconfig=".clusters/$cluster_name/auth/kubeconfig" apply -f - <<EOF
apiVersion: operator.open-cluster-management.io/v1 apiVersion: operator.open-cluster-management.io/v1
kind: MultiClusterHub kind: MultiClusterHub
metadata: metadata:
@ -244,9 +242,9 @@ metadata:
namespace: open-cluster-management namespace: open-cluster-management
EOF EOF
echo echo
echo "RH-ACM Current state is: $(oc --insecure-skip-tls-verify --kubeconfig="$cluster_name/auth/kubeconfig" get mch multiclusterhub -n open-cluster-management -o=jsonpath='{.status.phase}')" echo "RH-ACM Current state is: $(oc --insecure-skip-tls-verify --kubeconfig=".clusters/$cluster_name/auth/kubeconfig" get mch multiclusterhub -n open-cluster-management -o=jsonpath='{.status.phase}')"
echo echo
echo "RH-ACM Console: $(oc --insecure-skip-tls-verify --kubeconfig="$cluster_name/auth/kubeconfig" get route multicloud-console -n open-cluster-management -o jsonpath="https://{.spec.host}")" echo "RH-ACM Console: $(oc --insecure-skip-tls-verify --kubeconfig=".clusters/$cluster_name/auth/kubeconfig" get route multicloud-console -n open-cluster-management -o jsonpath="https://{.spec.host}")"
echo echo
} }
@ -254,7 +252,7 @@ function install_addon () {
local cluster_name="${1:-}" local cluster_name="${1:-}"
local addon="${2:-}" local addon="${2:-}"
if [ ! -d "$cluster_name" ]; then if [ ! -d ".clusters/$cluster_name" ]; then
echo "Cluster '$cluster_name' does not exist!" echo "Cluster '$cluster_name' does not exist!"
exit 1 exit 1
fi fi
@ -265,26 +263,26 @@ function install_addon () {
function shell () { function shell () {
local cluster_name="${1:-}" local cluster_name="${1:-}"
if [ ! -d "$cluster_name" ]; then if [ ! -d ".clusters/$cluster_name" ]; then
echo "Cluster '$cluster_name' does not exist!" echo "Cluster '$cluster_name' does not exist!"
exit 1 exit 1
fi fi
# Ansible # Ansible
export DEFAULT_HOST_LIST="$PWD/$cluster_name" export DEFAULT_HOST_LIST="$PWD/.clusters/$cluster_name"
# Terraform # Terraform
export TF_CLI_ARGS_plan="-var-file=$cluster_name/terraform.tfvars -state=$cluster_name/terraform.tfstate" export TF_CLI_ARGS_plan="-var-file=.clusters/$cluster_name/terraform.tfvars -state=.clusters/$cluster_name/terraform.tfstate"
export TF_CLI_ARGS_apply="-var-file=$cluster_name/terraform.tfvars -state=$cluster_name/terraform.tfstate" export TF_CLI_ARGS_apply="-var-file=.clusters/$cluster_name/terraform.tfvars -state=.clusters/$cluster_name/terraform.tfstate"
export TF_CLI_ARGS_destroy="-var-file=$cluster_name/terraform.tfvars -state=$cluster_name/terraform.tfstate" export TF_CLI_ARGS_destroy="-var-file=.clusters/$cluster_name/terraform.tfvars -state=.clusters/$cluster_name/terraform.tfstate"
export TF_CLI_ARGS_state_list="-state=$cluster_name/terraform.tfstate" export TF_CLI_ARGS_state_list="-state=.clusters/$cluster_name/terraform.tfstate"
export TF_CLI_ARGS_state_rm="-state=$cluster_name/terraform.tfstate" export TF_CLI_ARGS_state_rm="-state=.clusters/$cluster_name/terraform.tfstate"
# Include the cluster dir in the path for disconnected installations # Include the cluster dir in the path for disconnected installations
export PATH="$PWD/$cluster_name:$PATH" export PATH="$PWD/.clusters/$cluster_name:$PATH"
# OpenShift # OpenShift
export KUBECONFIG="$PWD/$cluster_name/auth/kubeconfig" export KUBECONFIG="$PWD/.clusters/$cluster_name/auth/kubeconfig"
export OC_BINARY="$(which oc)" export OC_BINARY="$(which oc)"
export KUBECTL_BINARY="$(which oc)" export KUBECTL_BINARY="$(which oc)"
export CLUSTER_NAME="$cluster_name" export CLUSTER_NAME="$cluster_name"

2
master.tf
View File

@ -9,7 +9,7 @@ resource "libvirt_volume" "master_disk" {
resource "libvirt_ignition" "master_ignition" { resource "libvirt_ignition" "master_ignition" {
name = "${var.cluster_name}-master-ignition" name = "${var.cluster_name}-master-ignition"
content = file("${path.module}/${var.cluster_name}/master.ign") content = file("${path.module}/.clusters/${var.cluster_name}/master.ign")
} }
locals { locals {

10
post-install.tf
View File

@ -1,29 +1,29 @@
resource "local_file" "registry_pv" { resource "local_file" "registry_pv" {
content = templatefile("${path.module}/templates/registry-pv.yaml", { nfs_server = local.storage_node.ip }) content = templatefile("${path.module}/templates/registry-pv.yaml", { nfs_server = local.storage_node.ip })
filename = "${var.cluster_name}/registry-pv.yaml" filename = ".clusters/${var.cluster_name}/registry-pv.yaml"
file_permission = "0644" file_permission = "0644"
} }
resource "local_file" "nfs_provisioner" { resource "local_file" "nfs_provisioner" {
content = templatefile("${path.module}/templates/nfs-provisioner.yaml", { nfs_server = local.storage_node.ip }) content = templatefile("${path.module}/templates/nfs-provisioner.yaml", { nfs_server = local.storage_node.ip })
filename = "${var.cluster_name}/nfs-provisioner.yaml" filename = ".clusters/${var.cluster_name}/nfs-provisioner.yaml"
file_permission = "0644" file_permission = "0644"
} }
resource "local_file" "ansible_inventory" { resource "local_file" "ansible_inventory" {
content = templatefile("${path.module}/templates/inventory", { nodes = local.all_nodes }) content = templatefile("${path.module}/templates/inventory", { nodes = local.all_nodes })
filename = "${var.cluster_name}/inventory" filename = ".clusters/${var.cluster_name}/inventory"
file_permission = "0644" file_permission = "0644"
} }
resource "local_file" "cluster_key" { resource "local_file" "cluster_key" {
content = acme_certificate.cluster_cert.private_key_pem content = acme_certificate.cluster_cert.private_key_pem
filename = "${var.cluster_name}/cluster.key" filename = ".clusters/${var.cluster_name}/cluster.key"
file_permission = "0600" file_permission = "0600"
} }
resource "local_file" "cluster_cert" { resource "local_file" "cluster_cert" {
content = "${acme_certificate.cluster_cert.certificate_pem}${acme_certificate.cluster_cert.issuer_pem}" content = "${acme_certificate.cluster_cert.certificate_pem}${acme_certificate.cluster_cert.issuer_pem}"
filename = "${var.cluster_name}/cluster.crt" filename = ".clusters/${var.cluster_name}/cluster.crt"
file_permission = "0644" file_permission = "0644"
} }

2
worker.tf
View File

@ -9,7 +9,7 @@ resource "libvirt_volume" "worker_disk" {
resource "libvirt_ignition" "worker_ignition" { resource "libvirt_ignition" "worker_ignition" {
name = "${var.cluster_name}-worker-ignition" name = "${var.cluster_name}-worker-ignition"
content = file("${path.module}/${var.cluster_name}/worker.ign") content = file("${path.module}/.clusters/${var.cluster_name}/worker.ign")
} }
locals { locals {

Write Preview
Loading…
Cancel
Save