mirror of https://github.com/kubernetes/kops.git
Refactoring phases to work in sequence properly
This commit is contained in:
chrislovecnm
parent
ceafc684f2
commit
dc338c4829
|
|
@ -35,7 +35,8 @@ const LoadBalancerDefaultIdleTimeout = 5 * time.Minute
|
||||||
// APILoadBalancerBuilder builds a LoadBalancer for accessing the API
|
// APILoadBalancerBuilder builds a LoadBalancer for accessing the API
|
||||||
type APILoadBalancerBuilder struct {
|
type APILoadBalancerBuilder struct {
|
||||||
*AWSModelContext
|
*AWSModelContext
|
||||||
Lifecycle *fi.Lifecycle
|
Lifecycle *fi.Lifecycle
|
||||||
|
SecurityLifecycle *fi.Lifecycle
|
||||||
}
|
}
|
||||||
|
|
||||||
var _ fi.ModelBuilder = &APILoadBalancerBuilder{}
|
var _ fi.ModelBuilder = &APILoadBalancerBuilder{}
|
||||||
|
|
@ -144,7 +145,7 @@ func (b *APILoadBalancerBuilder) Build(c *fi.ModelBuilderContext) error {
|
||||||
{
|
{
|
||||||
t := &awstasks.SecurityGroup{
|
t := &awstasks.SecurityGroup{
|
||||||
Name: s(b.ELBSecurityGroupName("api")),
|
Name: s(b.ELBSecurityGroupName("api")),
|
||||||
Lifecycle: b.Lifecycle,
|
Lifecycle: b.SecurityLifecycle,
|
||||||
|
|
||||||
VPC: b.LinkToVPC(),
|
VPC: b.LinkToVPC(),
|
||||||
Description: s("Security group for api ELB"),
|
Description: s("Security group for api ELB"),
|
||||||
|
|
@ -157,7 +158,7 @@ func (b *APILoadBalancerBuilder) Build(c *fi.ModelBuilderContext) error {
|
||||||
{
|
{
|
||||||
t := &awstasks.SecurityGroupRule{
|
t := &awstasks.SecurityGroupRule{
|
||||||
Name: s("api-elb-egress"),
|
Name: s("api-elb-egress"),
|
||||||
Lifecycle: b.Lifecycle,
|
Lifecycle: b.SecurityLifecycle,
|
||||||
|
|
||||||
SecurityGroup: b.LinkToELBSecurityGroup("api"),
|
SecurityGroup: b.LinkToELBSecurityGroup("api"),
|
||||||
Egress: fi.Bool(true),
|
Egress: fi.Bool(true),
|
||||||
|
|
@ -171,7 +172,7 @@ func (b *APILoadBalancerBuilder) Build(c *fi.ModelBuilderContext) error {
|
||||||
for _, cidr := range b.Cluster.Spec.KubernetesAPIAccess {
|
for _, cidr := range b.Cluster.Spec.KubernetesAPIAccess {
|
||||||
t := &awstasks.SecurityGroupRule{
|
t := &awstasks.SecurityGroupRule{
|
||||||
Name: s("https-api-elb-" + cidr),
|
Name: s("https-api-elb-" + cidr),
|
||||||
Lifecycle: b.Lifecycle,
|
Lifecycle: b.SecurityLifecycle,
|
||||||
|
|
||||||
SecurityGroup: b.LinkToELBSecurityGroup("api"),
|
SecurityGroup: b.LinkToELBSecurityGroup("api"),
|
||||||
CIDR: s(cidr),
|
CIDR: s(cidr),
|
||||||
|
|
@ -187,7 +188,7 @@ func (b *APILoadBalancerBuilder) Build(c *fi.ModelBuilderContext) error {
|
||||||
{
|
{
|
||||||
t := &awstasks.SecurityGroupRule{
|
t := &awstasks.SecurityGroupRule{
|
||||||
Name: s("https-elb-to-master"),
|
Name: s("https-elb-to-master"),
|
||||||
Lifecycle: b.Lifecycle,
|
Lifecycle: b.SecurityLifecycle,
|
||||||
|
|
||||||
SecurityGroup: b.LinkToSecurityGroup(kops.InstanceGroupRoleMaster),
|
SecurityGroup: b.LinkToSecurityGroup(kops.InstanceGroupRoleMaster),
|
||||||
SourceGroup: b.LinkToELBSecurityGroup("api"),
|
SourceGroup: b.LinkToELBSecurityGroup("api"),
|
||||||
|
|
|
||||||
|
|
@ -35,7 +35,8 @@ const BastionELBDefaultIdleTimeout = 5 * time.Minute
|
||||||
|
|
||||||
type BastionModelBuilder struct {
|
type BastionModelBuilder struct {
|
||||||
*KopsModelContext
|
*KopsModelContext
|
||||||
Lifecycle *fi.Lifecycle
|
Lifecycle *fi.Lifecycle
|
||||||
|
SecurityLifecycle *fi.Lifecycle
|
||||||
}
|
}
|
||||||
|
|
||||||
var _ fi.ModelBuilder = &BastionModelBuilder{}
|
var _ fi.ModelBuilder = &BastionModelBuilder{}
|
||||||
|
|
@ -56,7 +57,7 @@ func (b *BastionModelBuilder) Build(c *fi.ModelBuilderContext) error {
|
||||||
{
|
{
|
||||||
t := &awstasks.SecurityGroup{
|
t := &awstasks.SecurityGroup{
|
||||||
Name: s(b.SecurityGroupName(kops.InstanceGroupRoleBastion)),
|
Name: s(b.SecurityGroupName(kops.InstanceGroupRoleBastion)),
|
||||||
Lifecycle: b.Lifecycle,
|
Lifecycle: b.SecurityLifecycle,
|
||||||
|
|
||||||
VPC: b.LinkToVPC(),
|
VPC: b.LinkToVPC(),
|
||||||
Description: s("Security group for bastion"),
|
Description: s("Security group for bastion"),
|
||||||
|
|
@ -69,7 +70,7 @@ func (b *BastionModelBuilder) Build(c *fi.ModelBuilderContext) error {
|
||||||
{
|
{
|
||||||
t := &awstasks.SecurityGroupRule{
|
t := &awstasks.SecurityGroupRule{
|
||||||
Name: s("bastion-egress"),
|
Name: s("bastion-egress"),
|
||||||
Lifecycle: b.Lifecycle,
|
Lifecycle: b.SecurityLifecycle,
|
||||||
|
|
||||||
SecurityGroup: b.LinkToSecurityGroup(kops.InstanceGroupRoleBastion),
|
SecurityGroup: b.LinkToSecurityGroup(kops.InstanceGroupRoleBastion),
|
||||||
Egress: fi.Bool(true),
|
Egress: fi.Bool(true),
|
||||||
|
|
@ -83,7 +84,7 @@ func (b *BastionModelBuilder) Build(c *fi.ModelBuilderContext) error {
|
||||||
{
|
{
|
||||||
t := &awstasks.SecurityGroupRule{
|
t := &awstasks.SecurityGroupRule{
|
||||||
Name: s("ssh-elb-to-bastion"),
|
Name: s("ssh-elb-to-bastion"),
|
||||||
Lifecycle: b.Lifecycle,
|
Lifecycle: b.SecurityLifecycle,
|
||||||
|
|
||||||
SecurityGroup: b.LinkToSecurityGroup(kops.InstanceGroupRoleBastion),
|
SecurityGroup: b.LinkToSecurityGroup(kops.InstanceGroupRoleBastion),
|
||||||
SourceGroup: b.LinkToELBSecurityGroup(BastionELBSecurityGroupPrefix),
|
SourceGroup: b.LinkToELBSecurityGroup(BastionELBSecurityGroupPrefix),
|
||||||
|
|
@ -98,7 +99,7 @@ func (b *BastionModelBuilder) Build(c *fi.ModelBuilderContext) error {
|
||||||
{
|
{
|
||||||
t := &awstasks.SecurityGroupRule{
|
t := &awstasks.SecurityGroupRule{
|
||||||
Name: s("bastion-to-master-ssh"),
|
Name: s("bastion-to-master-ssh"),
|
||||||
Lifecycle: b.Lifecycle,
|
Lifecycle: b.SecurityLifecycle,
|
||||||
|
|
||||||
SecurityGroup: b.LinkToSecurityGroup(kops.InstanceGroupRoleMaster),
|
SecurityGroup: b.LinkToSecurityGroup(kops.InstanceGroupRoleMaster),
|
||||||
SourceGroup: b.LinkToSecurityGroup(kops.InstanceGroupRoleBastion),
|
SourceGroup: b.LinkToSecurityGroup(kops.InstanceGroupRoleBastion),
|
||||||
|
|
@ -113,7 +114,7 @@ func (b *BastionModelBuilder) Build(c *fi.ModelBuilderContext) error {
|
||||||
{
|
{
|
||||||
t := &awstasks.SecurityGroupRule{
|
t := &awstasks.SecurityGroupRule{
|
||||||
Name: s("bastion-to-node-ssh"),
|
Name: s("bastion-to-node-ssh"),
|
||||||
Lifecycle: b.Lifecycle,
|
Lifecycle: b.SecurityLifecycle,
|
||||||
|
|
||||||
SecurityGroup: b.LinkToSecurityGroup(kops.InstanceGroupRoleNode),
|
SecurityGroup: b.LinkToSecurityGroup(kops.InstanceGroupRoleNode),
|
||||||
SourceGroup: b.LinkToSecurityGroup(kops.InstanceGroupRoleBastion),
|
SourceGroup: b.LinkToSecurityGroup(kops.InstanceGroupRoleBastion),
|
||||||
|
|
@ -128,7 +129,7 @@ func (b *BastionModelBuilder) Build(c *fi.ModelBuilderContext) error {
|
||||||
{
|
{
|
||||||
t := &awstasks.SecurityGroup{
|
t := &awstasks.SecurityGroup{
|
||||||
Name: s(b.ELBSecurityGroupName(BastionELBSecurityGroupPrefix)),
|
Name: s(b.ELBSecurityGroupName(BastionELBSecurityGroupPrefix)),
|
||||||
Lifecycle: b.Lifecycle,
|
Lifecycle: b.SecurityLifecycle,
|
||||||
|
|
||||||
VPC: b.LinkToVPC(),
|
VPC: b.LinkToVPC(),
|
||||||
Description: s("Security group for bastion ELB"),
|
Description: s("Security group for bastion ELB"),
|
||||||
|
|
@ -141,7 +142,7 @@ func (b *BastionModelBuilder) Build(c *fi.ModelBuilderContext) error {
|
||||||
{
|
{
|
||||||
t := &awstasks.SecurityGroupRule{
|
t := &awstasks.SecurityGroupRule{
|
||||||
Name: s("bastion-elb-egress"),
|
Name: s("bastion-elb-egress"),
|
||||||
Lifecycle: b.Lifecycle,
|
Lifecycle: b.SecurityLifecycle,
|
||||||
|
|
||||||
SecurityGroup: b.LinkToELBSecurityGroup(BastionELBSecurityGroupPrefix),
|
SecurityGroup: b.LinkToELBSecurityGroup(BastionELBSecurityGroupPrefix),
|
||||||
Egress: fi.Bool(true),
|
Egress: fi.Bool(true),
|
||||||
|
|
@ -155,7 +156,7 @@ func (b *BastionModelBuilder) Build(c *fi.ModelBuilderContext) error {
|
||||||
for _, sshAccess := range b.Cluster.Spec.SSHAccess {
|
for _, sshAccess := range b.Cluster.Spec.SSHAccess {
|
||||||
t := &awstasks.SecurityGroupRule{
|
t := &awstasks.SecurityGroupRule{
|
||||||
Name: s("ssh-external-to-bastion-elb-" + sshAccess),
|
Name: s("ssh-external-to-bastion-elb-" + sshAccess),
|
||||||
Lifecycle: b.Lifecycle,
|
Lifecycle: b.SecurityLifecycle,
|
||||||
|
|
||||||
SecurityGroup: b.LinkToELBSecurityGroup(BastionELBSecurityGroupPrefix),
|
SecurityGroup: b.LinkToELBSecurityGroup(BastionELBSecurityGroupPrefix),
|
||||||
Protocol: s("tcp"),
|
Protocol: s("tcp"),
|
||||||
|
|
|
||||||
|
|
@ -1,235 +0,0 @@
|
||||||
output "bastion_security_group_ids" {
|
|
||||||
value = ["${aws_security_group.bastion-privateweave-example-com.id}"]
|
|
||||||
}
|
|
||||||
|
|
||||||
output "cluster_name" {
|
|
||||||
value = "privateweave.example.com"
|
|
||||||
}
|
|
||||||
|
|
||||||
output "master_security_group_ids" {
|
|
||||||
value = ["${aws_security_group.masters-privateweave-example-com.id}"]
|
|
||||||
}
|
|
||||||
|
|
||||||
output "node_security_group_ids" {
|
|
||||||
value = ["${aws_security_group.nodes-privateweave-example-com.id}"]
|
|
||||||
}
|
|
||||||
|
|
||||||
output "region" {
|
|
||||||
value = "us-test-1"
|
|
||||||
}
|
|
||||||
|
|
||||||
provider "aws" {
|
|
||||||
region = "us-test-1"
|
|
||||||
}
|
|
||||||
|
|
||||||
resource "aws_security_group" "api-elb-privateweave-example-com" {
|
|
||||||
name = "api-elb.privateweave.example.com"
|
|
||||||
vpc_id = "${aws_vpc.privateweave-example-com.id}"
|
|
||||||
description = "Security group for api ELB"
|
|
||||||
|
|
||||||
tags = {
|
|
||||||
KubernetesCluster = "privateweave.example.com"
|
|
||||||
Name = "api-elb.privateweave.example.com"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
resource "aws_security_group" "bastion-elb-privateweave-example-com" {
|
|
||||||
name = "bastion-elb.privateweave.example.com"
|
|
||||||
vpc_id = "${aws_vpc.privateweave-example-com.id}"
|
|
||||||
description = "Security group for bastion ELB"
|
|
||||||
|
|
||||||
tags = {
|
|
||||||
KubernetesCluster = "privateweave.example.com"
|
|
||||||
Name = "bastion-elb.privateweave.example.com"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
resource "aws_security_group" "bastion-privateweave-example-com" {
|
|
||||||
name = "bastion.privateweave.example.com"
|
|
||||||
vpc_id = "${aws_vpc.privateweave-example-com.id}"
|
|
||||||
description = "Security group for bastion"
|
|
||||||
|
|
||||||
tags = {
|
|
||||||
KubernetesCluster = "privateweave.example.com"
|
|
||||||
Name = "bastion.privateweave.example.com"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
resource "aws_security_group" "masters-privateweave-example-com" {
|
|
||||||
name = "masters.privateweave.example.com"
|
|
||||||
vpc_id = "${aws_vpc.privateweave-example-com.id}"
|
|
||||||
description = "Security group for masters"
|
|
||||||
|
|
||||||
tags = {
|
|
||||||
KubernetesCluster = "privateweave.example.com"
|
|
||||||
Name = "masters.privateweave.example.com"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
resource "aws_security_group" "nodes-privateweave-example-com" {
|
|
||||||
name = "nodes.privateweave.example.com"
|
|
||||||
vpc_id = "${aws_vpc.privateweave-example-com.id}"
|
|
||||||
description = "Security group for nodes"
|
|
||||||
|
|
||||||
tags = {
|
|
||||||
KubernetesCluster = "privateweave.example.com"
|
|
||||||
Name = "nodes.privateweave.example.com"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
resource "aws_security_group_rule" "all-master-to-master" {
|
|
||||||
type = "ingress"
|
|
||||||
security_group_id = "${aws_security_group.masters-privateweave-example-com.id}"
|
|
||||||
source_security_group_id = "${aws_security_group.masters-privateweave-example-com.id}"
|
|
||||||
from_port = 0
|
|
||||||
to_port = 0
|
|
||||||
protocol = "-1"
|
|
||||||
}
|
|
||||||
|
|
||||||
resource "aws_security_group_rule" "all-master-to-node" {
|
|
||||||
type = "ingress"
|
|
||||||
security_group_id = "${aws_security_group.nodes-privateweave-example-com.id}"
|
|
||||||
source_security_group_id = "${aws_security_group.masters-privateweave-example-com.id}"
|
|
||||||
from_port = 0
|
|
||||||
to_port = 0
|
|
||||||
protocol = "-1"
|
|
||||||
}
|
|
||||||
|
|
||||||
resource "aws_security_group_rule" "all-node-to-node" {
|
|
||||||
type = "ingress"
|
|
||||||
security_group_id = "${aws_security_group.nodes-privateweave-example-com.id}"
|
|
||||||
source_security_group_id = "${aws_security_group.nodes-privateweave-example-com.id}"
|
|
||||||
from_port = 0
|
|
||||||
to_port = 0
|
|
||||||
protocol = "-1"
|
|
||||||
}
|
|
||||||
|
|
||||||
resource "aws_security_group_rule" "api-elb-egress" {
|
|
||||||
type = "egress"
|
|
||||||
security_group_id = "${aws_security_group.api-elb-privateweave-example-com.id}"
|
|
||||||
from_port = 0
|
|
||||||
to_port = 0
|
|
||||||
protocol = "-1"
|
|
||||||
cidr_blocks = ["0.0.0.0/0"]
|
|
||||||
}
|
|
||||||
|
|
||||||
resource "aws_security_group_rule" "bastion-egress" {
|
|
||||||
type = "egress"
|
|
||||||
security_group_id = "${aws_security_group.bastion-privateweave-example-com.id}"
|
|
||||||
from_port = 0
|
|
||||||
to_port = 0
|
|
||||||
protocol = "-1"
|
|
||||||
cidr_blocks = ["0.0.0.0/0"]
|
|
||||||
}
|
|
||||||
|
|
||||||
resource "aws_security_group_rule" "bastion-elb-egress" {
|
|
||||||
type = "egress"
|
|
||||||
security_group_id = "${aws_security_group.bastion-elb-privateweave-example-com.id}"
|
|
||||||
from_port = 0
|
|
||||||
to_port = 0
|
|
||||||
protocol = "-1"
|
|
||||||
cidr_blocks = ["0.0.0.0/0"]
|
|
||||||
}
|
|
||||||
|
|
||||||
resource "aws_security_group_rule" "bastion-to-master-ssh" {
|
|
||||||
type = "ingress"
|
|
||||||
security_group_id = "${aws_security_group.masters-privateweave-example-com.id}"
|
|
||||||
source_security_group_id = "${aws_security_group.bastion-privateweave-example-com.id}"
|
|
||||||
from_port = 22
|
|
||||||
to_port = 22
|
|
||||||
protocol = "tcp"
|
|
||||||
}
|
|
||||||
|
|
||||||
resource "aws_security_group_rule" "bastion-to-node-ssh" {
|
|
||||||
type = "ingress"
|
|
||||||
security_group_id = "${aws_security_group.nodes-privateweave-example-com.id}"
|
|
||||||
source_security_group_id = "${aws_security_group.bastion-privateweave-example-com.id}"
|
|
||||||
from_port = 22
|
|
||||||
to_port = 22
|
|
||||||
protocol = "tcp"
|
|
||||||
}
|
|
||||||
|
|
||||||
resource "aws_security_group_rule" "https-api-elb-0-0-0-0--0" {
|
|
||||||
type = "ingress"
|
|
||||||
security_group_id = "${aws_security_group.api-elb-privateweave-example-com.id}"
|
|
||||||
from_port = 443
|
|
||||||
to_port = 443
|
|
||||||
protocol = "tcp"
|
|
||||||
cidr_blocks = ["0.0.0.0/0"]
|
|
||||||
}
|
|
||||||
|
|
||||||
resource "aws_security_group_rule" "https-elb-to-master" {
|
|
||||||
type = "ingress"
|
|
||||||
security_group_id = "${aws_security_group.masters-privateweave-example-com.id}"
|
|
||||||
source_security_group_id = "${aws_security_group.api-elb-privateweave-example-com.id}"
|
|
||||||
from_port = 443
|
|
||||||
to_port = 443
|
|
||||||
protocol = "tcp"
|
|
||||||
}
|
|
||||||
|
|
||||||
resource "aws_security_group_rule" "master-egress" {
|
|
||||||
type = "egress"
|
|
||||||
security_group_id = "${aws_security_group.masters-privateweave-example-com.id}"
|
|
||||||
from_port = 0
|
|
||||||
to_port = 0
|
|
||||||
protocol = "-1"
|
|
||||||
cidr_blocks = ["0.0.0.0/0"]
|
|
||||||
}
|
|
||||||
|
|
||||||
resource "aws_security_group_rule" "node-egress" {
|
|
||||||
type = "egress"
|
|
||||||
security_group_id = "${aws_security_group.nodes-privateweave-example-com.id}"
|
|
||||||
from_port = 0
|
|
||||||
to_port = 0
|
|
||||||
protocol = "-1"
|
|
||||||
cidr_blocks = ["0.0.0.0/0"]
|
|
||||||
}
|
|
||||||
|
|
||||||
resource "aws_security_group_rule" "node-to-master-tcp-1-4000" {
|
|
||||||
type = "ingress"
|
|
||||||
security_group_id = "${aws_security_group.masters-privateweave-example-com.id}"
|
|
||||||
source_security_group_id = "${aws_security_group.nodes-privateweave-example-com.id}"
|
|
||||||
from_port = 1
|
|
||||||
to_port = 4000
|
|
||||||
protocol = "tcp"
|
|
||||||
}
|
|
||||||
|
|
||||||
resource "aws_security_group_rule" "node-to-master-tcp-4003-65535" {
|
|
||||||
type = "ingress"
|
|
||||||
security_group_id = "${aws_security_group.masters-privateweave-example-com.id}"
|
|
||||||
source_security_group_id = "${aws_security_group.nodes-privateweave-example-com.id}"
|
|
||||||
from_port = 4003
|
|
||||||
to_port = 65535
|
|
||||||
protocol = "tcp"
|
|
||||||
}
|
|
||||||
|
|
||||||
resource "aws_security_group_rule" "node-to-master-udp-1-65535" {
|
|
||||||
type = "ingress"
|
|
||||||
security_group_id = "${aws_security_group.masters-privateweave-example-com.id}"
|
|
||||||
source_security_group_id = "${aws_security_group.nodes-privateweave-example-com.id}"
|
|
||||||
from_port = 1
|
|
||||||
to_port = 65535
|
|
||||||
protocol = "udp"
|
|
||||||
}
|
|
||||||
|
|
||||||
resource "aws_security_group_rule" "ssh-elb-to-bastion" {
|
|
||||||
type = "ingress"
|
|
||||||
security_group_id = "${aws_security_group.bastion-privateweave-example-com.id}"
|
|
||||||
source_security_group_id = "${aws_security_group.bastion-elb-privateweave-example-com.id}"
|
|
||||||
from_port = 22
|
|
||||||
to_port = 22
|
|
||||||
protocol = "tcp"
|
|
||||||
}
|
|
||||||
|
|
||||||
resource "aws_security_group_rule" "ssh-external-to-bastion-elb-0-0-0-0--0" {
|
|
||||||
type = "ingress"
|
|
||||||
security_group_id = "${aws_security_group.bastion-elb-privateweave-example-com.id}"
|
|
||||||
from_port = 22
|
|
||||||
to_port = 22
|
|
||||||
protocol = "tcp"
|
|
||||||
cidr_blocks = ["0.0.0.0/0"]
|
|
||||||
}
|
|
||||||
|
|
||||||
terraform = {
|
|
||||||
required_version = ">= 0.9.3"
|
|
||||||
}
|
|
||||||
|
|
@ -535,11 +535,11 @@ func (c *ApplyClusterCmd) Run() error {
|
||||||
|
|
||||||
l.Builders = append(l.Builders,
|
l.Builders = append(l.Builders,
|
||||||
&model.MasterVolumeBuilder{KopsModelContext: modelContext, Lifecycle: clusterLifecycle},
|
&model.MasterVolumeBuilder{KopsModelContext: modelContext, Lifecycle: clusterLifecycle},
|
||||||
&awsmodel.APILoadBalancerBuilder{AWSModelContext: awsModelContext, Lifecycle: networkLifecycle},
|
&awsmodel.APILoadBalancerBuilder{AWSModelContext: awsModelContext, Lifecycle: clusterLifecycle, SecurityLifecycle: securityLifecycle},
|
||||||
&model.BastionModelBuilder{KopsModelContext: modelContext, Lifecycle: networkLifecycle},
|
&model.BastionModelBuilder{KopsModelContext: modelContext, Lifecycle: clusterLifecycle, SecurityLifecycle: securityLifecycle},
|
||||||
&model.DNSModelBuilder{KopsModelContext: modelContext, Lifecycle: networkLifecycle},
|
&model.DNSModelBuilder{KopsModelContext: modelContext, Lifecycle: clusterLifecycle},
|
||||||
&model.ExternalAccessModelBuilder{KopsModelContext: modelContext, Lifecycle: clusterLifecycle},
|
&model.ExternalAccessModelBuilder{KopsModelContext: modelContext, Lifecycle: securityLifecycle},
|
||||||
&model.FirewallModelBuilder{KopsModelContext: modelContext, Lifecycle: clusterLifecycle},
|
&model.FirewallModelBuilder{KopsModelContext: modelContext, Lifecycle: securityLifecycle},
|
||||||
&model.SSHKeyModelBuilder{KopsModelContext: modelContext, Lifecycle: securityLifecycle},
|
&model.SSHKeyModelBuilder{KopsModelContext: modelContext, Lifecycle: securityLifecycle},
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
@ -563,9 +563,9 @@ func (c *ApplyClusterCmd) Run() error {
|
||||||
l.Builders = append(l.Builders,
|
l.Builders = append(l.Builders,
|
||||||
&model.MasterVolumeBuilder{KopsModelContext: modelContext, Lifecycle: clusterLifecycle},
|
&model.MasterVolumeBuilder{KopsModelContext: modelContext, Lifecycle: clusterLifecycle},
|
||||||
|
|
||||||
&gcemodel.APILoadBalancerBuilder{GCEModelContext: gceModelContext, Lifecycle: networkLifecycle},
|
&gcemodel.APILoadBalancerBuilder{GCEModelContext: gceModelContext, Lifecycle: securityLifecycle},
|
||||||
&gcemodel.ExternalAccessModelBuilder{GCEModelContext: gceModelContext, Lifecycle: networkLifecycle},
|
&gcemodel.ExternalAccessModelBuilder{GCEModelContext: gceModelContext, Lifecycle: securityLifecycle},
|
||||||
&gcemodel.FirewallModelBuilder{GCEModelContext: gceModelContext, Lifecycle: networkLifecycle},
|
&gcemodel.FirewallModelBuilder{GCEModelContext: gceModelContext, Lifecycle: securityLifecycle},
|
||||||
&gcemodel.NetworkModelBuilder{GCEModelContext: gceModelContext, Lifecycle: networkLifecycle},
|
&gcemodel.NetworkModelBuilder{GCEModelContext: gceModelContext, Lifecycle: networkLifecycle},
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue