rancher install ok
This commit is contained in:
parent
ebe1a279fc
commit
725eb334a9
26
init.tf
26
init.tf
@ -88,9 +88,11 @@ resource "null_resource" "kustomization" {
|
|||||||
"https://raw.githubusercontent.com/rancher/system-upgrade-controller/master/manifests/system-upgrade-controller.yaml",
|
"https://raw.githubusercontent.com/rancher/system-upgrade-controller/master/manifests/system-upgrade-controller.yaml",
|
||||||
],
|
],
|
||||||
var.disable_hetzner_csi ? [] : ["https://raw.githubusercontent.com/hetznercloud/csi-driver/${local.csi_version}/deploy/kubernetes/hcloud-csi.yml"],
|
var.disable_hetzner_csi ? [] : ["https://raw.githubusercontent.com/hetznercloud/csi-driver/${local.csi_version}/deploy/kubernetes/hcloud-csi.yml"],
|
||||||
var.enable_longhorn ? ["longhorn.yaml"] : [],
|
|
||||||
local.is_single_node_cluster ? [] : var.traefik_enabled ? ["traefik_config.yaml"] : [],
|
local.is_single_node_cluster ? [] : var.traefik_enabled ? ["traefik_config.yaml"] : [],
|
||||||
var.cni_plugin == "calico" ? ["https://projectcalico.docs.tigera.io/manifests/calico.yaml"] : []
|
var.cni_plugin == "calico" ? ["https://projectcalico.docs.tigera.io/manifests/calico.yaml"] : [],
|
||||||
|
var.enable_longhorn ? ["longhorn.yaml"] : [],
|
||||||
|
var.enable_cert_manager || var.enable_rancher ? ["cert-manager.yaml"] : [],
|
||||||
|
var.enable_rancher ? ["rancher.yaml"] : [],
|
||||||
),
|
),
|
||||||
patchesStrategicMerge = concat(
|
patchesStrategicMerge = concat(
|
||||||
[
|
[
|
||||||
@ -160,6 +162,26 @@ resource "null_resource" "kustomization" {
|
|||||||
destination = "/var/post_install/longhorn.yaml"
|
destination = "/var/post_install/longhorn.yaml"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# Upload the cert-manager config
|
||||||
|
provisioner "file" {
|
||||||
|
content = templatefile(
|
||||||
|
"${path.module}/templates/cert-manager.yaml.tpl",
|
||||||
|
{})
|
||||||
|
destination = "/var/post_install/cert-manager.yaml"
|
||||||
|
}
|
||||||
|
|
||||||
|
# Upload the rancher config
|
||||||
|
provisioner "file" {
|
||||||
|
content = templatefile(
|
||||||
|
"${path.module}/templates/rancher.yaml.tpl",
|
||||||
|
{
|
||||||
|
rancher_install_channel = var.rancher_install_channel
|
||||||
|
rancher_hostname = var.rancher_hostname
|
||||||
|
number_control_plane_nodes = length(local.control_plane_nodes)
|
||||||
|
})
|
||||||
|
destination = "/var/post_install/rancher.yaml"
|
||||||
|
}
|
||||||
|
|
||||||
# Deploy secrets, logging is automatically disabled due to sensitive variables
|
# Deploy secrets, logging is automatically disabled due to sensitive variables
|
||||||
provisioner "remote-exec" {
|
provisioner "remote-exec" {
|
||||||
inline = [
|
inline = [
|
||||||
|
17
templates/cert-manager.yaml.tpl
Normal file
17
templates/cert-manager.yaml.tpl
Normal file
@ -0,0 +1,17 @@
|
|||||||
|
---
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Namespace
|
||||||
|
metadata:
|
||||||
|
name: cert-manager
|
||||||
|
---
|
||||||
|
apiVersion: helm.cattle.io/v1
|
||||||
|
kind: HelmChart
|
||||||
|
metadata:
|
||||||
|
name: cert-manager
|
||||||
|
namespace: kube-system
|
||||||
|
spec:
|
||||||
|
chart: cert-manager
|
||||||
|
repo: https://charts.jetstack.io
|
||||||
|
targetNamespace: cert-manager
|
||||||
|
valuesContent: |-
|
||||||
|
installCRDs: true
|
21
templates/rancher.yaml.tpl
Normal file
21
templates/rancher.yaml.tpl
Normal file
@ -0,0 +1,21 @@
|
|||||||
|
---
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Namespace
|
||||||
|
metadata:
|
||||||
|
name: cattle-system
|
||||||
|
---
|
||||||
|
apiVersion: helm.cattle.io/v1
|
||||||
|
kind: HelmChart
|
||||||
|
metadata:
|
||||||
|
name: rancher
|
||||||
|
namespace: kube-system
|
||||||
|
spec:
|
||||||
|
chart: rancher
|
||||||
|
repo: https://releases.rancher.com/server-charts/${rancher_install_channel}
|
||||||
|
targetNamespace: cattle-system
|
||||||
|
valuesContent: |-
|
||||||
|
ingress:
|
||||||
|
tls:
|
||||||
|
source: rancher
|
||||||
|
hostname: ${rancher_hostname}
|
||||||
|
replicas: ${number_control_plane_nodes}
|
@ -183,3 +183,23 @@ load_balancer_location = "fsn1"
|
|||||||
# If you want to disable the automatic use of placement group "spread". See https://docs.hetzner.com/cloud/placement-groups/overview/
|
# If you want to disable the automatic use of placement group "spread". See https://docs.hetzner.com/cloud/placement-groups/overview/
|
||||||
# That may be useful if you need to deploy more than 500 nodes! The default is "false".
|
# That may be useful if you need to deploy more than 500 nodes! The default is "false".
|
||||||
# placement_group_disable = true
|
# placement_group_disable = true
|
||||||
|
|
||||||
|
# You can enable cert-manager (installed by Helm behind the scenes) with the following flag, the default is "false".
|
||||||
|
# enable_cert_manager = true
|
||||||
|
|
||||||
|
# You can enable rancher (installed by Helm behind the scenes) with the following flag, the default is "false".
|
||||||
|
# When rancher is enabled, it automatically installs cert-manager too, and it uses rancher's own certificates.
|
||||||
|
# As for the number of replicas, it is set to the numbe of control plane nodes.
|
||||||
|
# You can customized all of the above by creating and applying a HelmChartConfig to pass the helm chart values of your choice.
|
||||||
|
# See https://rancher.com/docs/k3s/latest/en/helm/
|
||||||
|
# and https://rancher.com/docs/rancher/v2.6/en/installation/install-rancher-on-k8s/chart-options/
|
||||||
|
# enable_rancher = true
|
||||||
|
|
||||||
|
# When rancher is deployed, by default is uses the "stable" channel. But this can be customized.
|
||||||
|
# The allowed values are "stable", "latest", and "alpha".
|
||||||
|
# rancher_install_channel = "latest"
|
||||||
|
|
||||||
|
# Set your rancher hostname, the default is "rancher.example.com".
|
||||||
|
# It is a required value when using rancher, but up to you to point the DNS to it or not.
|
||||||
|
# You can also not point the DNS, and just port-forward locally via kubectl to get access to the dashboard.
|
||||||
|
# rancher_hostname = "rancher.xyz.dev"
|
31
variables.tf
31
variables.tf
@ -107,7 +107,7 @@ variable "initial_k3s_channel" {
|
|||||||
description = "Allows you to specify an initial k3s channel"
|
description = "Allows you to specify an initial k3s channel"
|
||||||
|
|
||||||
validation {
|
validation {
|
||||||
condition = contains(["stable", "latest", "testing", "v1.16", "v1.17", "v1.18", "v1.19", "v1.20", "v1.21", "v1.22", "v1.23"], var.initial_k3s_channel)
|
condition = contains(["stable", "latest", "testing", "v1.16", "v1.17", "v1.18", "v1.19", "v1.20", "v1.21", "v1.22", "v1.23", "v1.24"], var.initial_k3s_channel)
|
||||||
error_message = "The initial k3s channel must be one of stable, latest or testing."
|
error_message = "The initial k3s channel must be one of stable, latest or testing."
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -175,3 +175,32 @@ variable "disable_hetzner_csi" {
|
|||||||
default = false
|
default = false
|
||||||
description = "Disable hetzner csi driver"
|
description = "Disable hetzner csi driver"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
variable "enable_cert_manager" {
|
||||||
|
type = bool
|
||||||
|
default = false
|
||||||
|
description = "Enable cert manager"
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "enable_rancher" {
|
||||||
|
type = bool
|
||||||
|
default = false
|
||||||
|
description = "Enable rancher"
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "rancher_install_channel" {
|
||||||
|
type = string
|
||||||
|
default = "stable"
|
||||||
|
description = "Rancher install channel"
|
||||||
|
|
||||||
|
validation {
|
||||||
|
condition = contains(["stable", "latest", "alpha"], var.rancher_install_channel)
|
||||||
|
error_message = "The allowed values for the rancher install channel are stable, latest, or alpha."
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "rancher_hostname" {
|
||||||
|
type = string
|
||||||
|
default = "rancher.example.com"
|
||||||
|
description = "Enable rancher"
|
||||||
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user