Commit Graph

49 Commits (2c132dccba3426fe67de0f2038f530d0995eba0e)

Author SHA1 Message Date
Cristian Calin e6976a54e1
add pre-commit hook to facilitate local testing (#9158)
* add pre-commit hook configuration

* add tmp.md to .gitignore

* describe the use of pre-commit hook in CONTRIBUTING.md

* fix docs/integration.md errors identified by markdownlint

* fix docs/<file>.md errors identified by markdownlint

* docs/azure-csi.md
* docs/azure.md
* docs/bootstrap-os.md
* docs/calico.md
* docs/debian.md
* docs/fcos.md
* docs/vagrant.md
* docs/gcp-lb.md
* docs/kubernetes-apps/registry.md
* docs/setting-up-your-first-cluster.md
* docs/vagrant.md
* docs/vars.md

* fix contrib/<file>.md errors identified by markdownlint
2022-08-24 06:54:03 -07:00
SOPHAL HONG 3d4baea01c
Add tag to AWS VPC subnets for automatic subnet discovery by load balancers or ingress controllers (#8705) 2022-04-12 10:05:23 -07:00
SOPHAL HONG 6d683c98a3
[Terraform-AWS] Replace CLB with NLB (#8578) 2022-02-24 23:53:54 -08:00
SOPHAL HONG a6a79883b7
Fix: Error when creating subnets more than AZ (#8516) 2022-02-14 13:12:30 -08:00
Ray Terrill 1edb7d771f
Modify connection_strings_etcd to only return etcd nodes (#7966)
Modify connection_strings_etcd to only return etcd nodes - not master nodes - since this results in duplicate hosts in the generated Ansible inventory and is unnecessary.
2021-09-15 00:58:40 -07:00
Samuel bfebcfa2c5
fix(misc): contrib/terraform/aws (#7818)
* fix(misc): terraform/aws

- handles deployment with a single availability zone
- handles deployment with more than two availability zone
- handles etcd collocation with control-plane nodes (`aws_etcd_num=0`)
- allows to set a bastion instances count (`aws_bastion_num`)
- allows to set bastion/etcd/control-plane/workers rootfs volume size
- removes variables from terraform.tfvars that were not re-used
- adds .terraform.lock.hcl to .gitignore
- changes/updates base image from ubuntu-18.03 to debian-10

tested by a few coworkers of mine, and myself: thanks for the outstanding
work, on both those terraform samples and kubespray playbooks.
I did not test ubuntu deployments, I could still swap from buster to
focal. LMK.

* fix(gitlab-ci)

AFAIU, terraform.tfvars indentation should be fixed for / no diff
returned running `terraform fmt -check -diff`

https://gitlab.com/kargo-ci/kubernetes-sigs-kubespray/-/jobs/1445622114
2021-07-23 02:43:16 -07:00
tkob b1b407a0b4
Replace map in Terraform scripts with tomap (#7576) (#7578)
* Replace map in Terraform scripts with tomap (#7576)

* Fix Terraform linter warnings (#7576)
2021-05-12 07:34:17 -07:00
Cristian Calin 360aff4a57
Rename ansible groups to use _ instead of - (#7552)
* rename ansible groups to use _ instead of -

k8s-cluster -> k8s_cluster
k8s-node -> k8s_node
calico-rr -> calico_rr
no-floating -> no_floating

Note: kube-node,k8s-cluster groups in upgrade CI
      need clean-up after v2.16 is tagged

* ensure old groups are mapped to the new ones
2021-04-29 05:20:50 -07:00
Kenichi Omichi 486b223e01
Replace kube-master with kube_control_plane (#7256)
This replaces kube-master with kube_control_plane because of [1]:

  The Kubernetes project is moving away from wording that is
  considered offensive. A new working group WG Naming was created
  to track this work, and the word "master" was declared as offensive.
  A proposal was formalized for replacing the word "master" with
  "control plane". This means it should be removed from source code,
  documentation, and user-facing configuration from Kubernetes and
  its sub-projects.

NOTE: The reason why this changes it to kube_control_plane not
      kube-control-plane is for valid group names on ansible.

[1]: https://github.com/kubernetes/enhancements/blob/master/keps/sig-cluster-lifecycle/kubeadm/2067-rename-master-label-taint/README.md#motivation
2021-03-23 17:26:05 -07:00
Kenichi Omichi dc86b2063a
Fix markdown failures on contrib/terraform (#7082)
This fixes markdown failures on contrib/terraform.
2020-12-25 12:10:27 -08:00
Cristian Klein fd3ebc13f7
Fix terraform0.13 errors (#7077)
* [terraform/aws] Fix Terraform >=0.13 warnings

Terraform >=0.13 gives the following warning:

```
Warning: Interpolation-only expressions are deprecated
```

The fix was tested as follows:
```
rm -rf .terraform && terraform0.12.26 init && terraform0.12.26 validate
rm -rf .terraform && terraform0.13.5 init && terraform0.13.5 validate
rm -rf .terraform && terraform0.14.3 init && terraform0.14.3 validate
```
which gave no errors nor warnings.

* [terraform/openstack] Fixes for Terraform >=0.13

Terraform >=0.13 gives the following error:
```
Error: Failed to install providers
Could not find required providers, but found possible alternatives:
  hashicorp/openstack -> terraform-provider-openstack/openstack
```

This patch fixes these errors.

This fix was tested as follows:
```
rm -rf .terraform && terraform0.12.26 init && terraform0.12.26 validate
rm -rf .terraform && terraform0.13.5 init && terraform0.13.5 validate
rm -rf .terraform && terraform0.14.3 init && terraform0.14.3 validate
```
which gave no errors nor warnings for Terraform 0.13.5 and Terraform
0.14.3. Unfortunately, 0.12.x gives a harmless warning, but
with 0.14.3 out the door, I guess we need to move on.

* [terraform/packet] Fixes for Terraform >=0.13

This fix was tested as follows:
```
export PACKET_AUTH_TOKEN=blah-blah
rm -rf .terraform && terraform0.12.26 init && terraform0.12.26 validate
rm -rf .terraform && terraform0.13.5 init && terraform0.13.5 validate
rm -rf .terraform && terraform0.14.3 init && terraform0.14.3 validate
```

Errors are gone, but warnings still remain. It is impossible to please
all three versions of Terraform.

* Add tests for Terraform >=0.13
2020-12-23 05:08:26 -08:00
David Medinets 102fb94524
Notes About Server In admin.conf (#6854)
* Add note about changing private IP in admin.conf.

When I run kubespray, a load balancer is created which should be used instead of the ip of the controller node.

* Procedure to find load balancer and update admin.conf

When I run kubespray, a load balancer is used instead of the private ip of the controller.
2020-10-28 18:30:59 -07:00
David Medinets 1805e95b69
Change health check from TCP to HTTPS (#6487)
I kept seeing `TLS handshake error from 10.250.250.158:63770: EOF` from two IP addresses that correlate to my ELB. Changing the health check from TCP to HTTPS stopped the errors from being generated.
2020-09-22 00:56:47 -07:00
Barry Melbourne 058438a25d
Remove support for CoreOS Container Linux (#6576) 2020-08-28 02:28:53 -07:00
Florian Ruynat 764a851189
Terraform quoted references are now deprecated (#6203) 2020-06-05 00:05:43 -07:00
Pierre Gaxatte a8822e24b0
Fix terraform formatting (#5823) 2020-03-27 05:46:24 -07:00
Quan Hoang f6b66839bd
Use 'private_dns' as hostname in inventory file (#5463) 2020-02-17 00:59:28 -08:00
bfraz f0f8379e1b Update aws tf (#5435)
* update aws tf to function as expected

* update tf version

* update syntax for tf v0.12

* update tf version in readme

* update per tf for v0.12
2019-12-12 03:42:33 -08:00
Maxime Guyot b1fbead531 Update to TF v0.12.12 (#5267) 2019-12-04 07:20:58 -08:00
Maxime Guyot e865c50574 Fix terraform fmt on contrib/terraform/aws (#4484) 2019-04-10 04:32:14 -07:00
Maxime Guyot 80f31818df Add terraform validate for contrib/terraform/aws (#4438) 2019-04-10 02:14:14 -07:00
Andreas Holmsten 01cf11b961 Run terraform fmt and add step to CI (#4405)
* Run terraform fmt

* Add terraform fmt to .terraform-validate CI step

* Add tf-validate-aws CI step

* Revert "Add tf-validate-aws CI step"

This reverts commit e007225fac.
2019-04-08 02:22:24 -07:00
Ye Ben d8b357ce49
fix typo doesnt -> doesn't
fix typos in line 114 and 116: doesnt -> doesn't
2018-10-31 21:27:58 +08:00
Julien Senon fac8aaa44e Update template for bastion (#3523)
Update template to have bastion section
2018-10-15 09:42:22 +02:00
Giacomo Longo 3f786542d3 Automatically infer bootstrap_os (#3498)
* Automatically infer bootstrap_os

* Rename bootstrap os to os_family
2018-10-10 23:32:10 -07:00
唐超 ca6c5e2a6a
terraform.tfvars.example is not correct, remove. 2018-09-05 17:41:34 +08:00
Antoine Legrand b490231f59
Merge pull request #2025 from kubernetes-incubator/terraform-aws-inventory
contrib/terraform/aws: Make path to generated inventory configurable
2018-08-17 15:55:38 +02:00
Rong Zhang 4d7426ec95 Fix terraform env Not effective (#2966)
Add TF_VAR_ to terraform env
2018-07-05 12:20:02 +03:00
Giri Kuncoro 3a1f6810b7 Remove loadbalancer_apiserver binding on readme 2018-05-08 14:55:52 +05:30
Giri Kuncoro 0fb017b9c1 Rename ansible user env vars 2018-05-02 14:07:54 +07:00
brant 739f6c78ad remove [calico-rr] 2018-03-02 15:41:04 +08:00
brant 40d72d1865 added [calico-rr] 2018-03-02 13:48:11 +08:00
Ronald Rivera 88f9e25f76 Updated with correct syntax to access default_tags variable. 2018-01-07 15:39:58 +00:00
Jan Jungnickel 8766b36144 Make path to generated inventory configurable 2017-12-04 16:41:35 +01:00
Jan Jungnickel b3745f2614 contrib/terraform/aws: Tag instances and remove loadbalancer ip (#2023)
* Properly tag instances and subnets with `kubernetes.io/cluster/$cluster_name`

This is required by kubernetes to support multiple clusters in a single vpc/az

* Get rid of loadbalancer_apiserver_address as it is no longer needed
2017-12-04 14:31:46 +00:00
Jean-Marie F ca8a9c600a Terraform - Remove the need for region specific reference data (#1962)
* Dynamically retrieve aws_bastion_ami latest reference by querying AWS rather than hard coded

* Dynamically retrieve the list of availability_zones instead of needing to have them hard coded

* Limit availability zones to first 2, using slice extrapolation function

* Replace the need for hardcoded variable "aws_cluster_ami" by the data provided by Terraform

* Move ami choosing to vars, so people don't need to edit create infrastructure if they want another vendor image (as suggested by @atoms)

* Make name of the data block agnostic of distribution, given there are more than one distribution supported

* Add documentation about other distros being supported and what to change in which location to make these changes
2017-11-30 15:27:52 +00:00
Aivars Sterns e6c88db0a0 change how terraform generates apiserver variables (#1922) 2017-11-02 12:26:11 +00:00
Aivars Sterns 84cf6fbe83 change ssh_args/bastion configuration (#1883) 2017-10-27 12:18:39 +01:00
Aivars Sterns 7ef1e1ef9d update terraform, fix deprecated values add default_tags, fix ansible inventory (#1821) 2017-10-18 11:44:32 +01:00
Tennis Smith a47aaae078 Add bastion host definitions (#1621)
* Add comment line and documentation for bastion host usage

* Take out unneeded sudo parm

* Remove blank lines

* revert changes

* take out disabling of strict host checking
2017-09-07 23:26:52 +03:00
Tennis Smith 35d48cc88c Point apiserver address to 0.0.0.0 (#1617)
* Point apiserver address to 0.0.0.0
Added loadbalancer api server address
* Update documentation
2017-09-05 18:41:47 +03:00
Yorgos Saslis 82eedbd622 Update ansible inventory file when template changes (#1612)
This trigger ensures the inventory file is kept up-to-date. Otherwise, if the file exists and you've made changes to your terraform-managed infra without having deleted the file, it would never get updated. 

For example, consider the case where you've destroyed and re-applied the terraform resources, none of the IPs would get updated, so ansible would be trying to connect to the old ones.
2017-09-05 14:10:53 +03:00
Spencer Smith 8203383c03 rename almost all mentions of kargo 2017-06-16 13:25:46 -04:00
Vincent Schwarzer c48ffa24be Fixes for AWS Terraform Deployment and Updated Readme 2017-04-12 15:15:54 +02:00
Vincent Schwarzer 952ab03d2a Fixes for AWS Terraform Deployment 2017-03-20 12:08:17 +01:00
Vincent Schwarzer 3c6b1480b8 Rewrote AWS Terraform for Kargo
Rewrote AWS Terraform deployment for AWS Kargo. It supports now
multiple Availability Zones, AWS Loadbalancer for Kubernetes API,
Bastion Host, ...

For more information see README
2017-03-06 12:52:02 +01:00
Dan Bode cb84b93930 Decouple etcd/k8s-cluster roles in ec2 terraform
Currently, the terraform script in contrib
adds etcd role as a child of k8s-cluster in
its generated inventory file.

This is problematic when the etcd role is
deployed on separate nodes from the k8s master
and nodes. In this case, this leads to failures
of the k8s node since the PKI certs required for
that role have not been propogated.
2016-11-21 10:44:13 -08:00
Bill Young 1556d1c63e
Add IAM profiles for Kubernetes nodes 2016-06-15 12:58:44 -04:00
Spencer Smith 26aeebb372 base functionality to create aws resources 2016-06-07 12:45:25 -07:00