kops/tests/integration/update_cluster/minimal_hetzner/kubernetes.tf

326 lines
12 KiB
HCL

locals {
cluster_name = "minimal.example.com"
region = "eu-central"
}
output "cluster_name" {
value = "minimal.example.com"
}
output "region" {
value = "eu-central"
}
provider "hcloud" {
}
provider "aws" {
alias = "files"
region = "us-test-1"
}
resource "aws_s3_object" "cluster-completed-spec" {
bucket = "testingBucket"
content = file("${path.module}/data/aws_s3_object_cluster-completed.spec_content")
key = "tests/minimal.example.com/cluster-completed.spec"
provider = aws.files
server_side_encryption = "AES256"
}
resource "aws_s3_object" "etcd-cluster-spec-events" {
bucket = "testingBucket"
content = file("${path.module}/data/aws_s3_object_etcd-cluster-spec-events_content")
key = "tests/minimal.example.com/backups/etcd/events/control/etcd-cluster-spec"
provider = aws.files
server_side_encryption = "AES256"
}
resource "aws_s3_object" "etcd-cluster-spec-main" {
bucket = "testingBucket"
content = file("${path.module}/data/aws_s3_object_etcd-cluster-spec-main_content")
key = "tests/minimal.example.com/backups/etcd/main/control/etcd-cluster-spec"
provider = aws.files
server_side_encryption = "AES256"
}
resource "aws_s3_object" "kops-version-txt" {
bucket = "testingBucket"
content = file("${path.module}/data/aws_s3_object_kops-version.txt_content")
key = "tests/minimal.example.com/kops-version.txt"
provider = aws.files
server_side_encryption = "AES256"
}
resource "aws_s3_object" "manifests-etcdmanager-events-master-fsn1" {
bucket = "testingBucket"
content = file("${path.module}/data/aws_s3_object_manifests-etcdmanager-events-master-fsn1_content")
key = "tests/minimal.example.com/manifests/etcd/events-master-fsn1.yaml"
provider = aws.files
server_side_encryption = "AES256"
}
resource "aws_s3_object" "manifests-etcdmanager-main-master-fsn1" {
bucket = "testingBucket"
content = file("${path.module}/data/aws_s3_object_manifests-etcdmanager-main-master-fsn1_content")
key = "tests/minimal.example.com/manifests/etcd/main-master-fsn1.yaml"
provider = aws.files
server_side_encryption = "AES256"
}
resource "aws_s3_object" "manifests-static-kube-apiserver-healthcheck" {
bucket = "testingBucket"
content = file("${path.module}/data/aws_s3_object_manifests-static-kube-apiserver-healthcheck_content")
key = "tests/minimal.example.com/manifests/static/kube-apiserver-healthcheck.yaml"
provider = aws.files
server_side_encryption = "AES256"
}
resource "aws_s3_object" "minimal-example-com-addons-bootstrap" {
bucket = "testingBucket"
content = file("${path.module}/data/aws_s3_object_minimal.example.com-addons-bootstrap_content")
key = "tests/minimal.example.com/addons/bootstrap-channel.yaml"
provider = aws.files
server_side_encryption = "AES256"
}
resource "aws_s3_object" "minimal-example-com-addons-coredns-addons-k8s-io-k8s-1-12" {
bucket = "testingBucket"
content = file("${path.module}/data/aws_s3_object_minimal.example.com-addons-coredns.addons.k8s.io-k8s-1.12_content")
key = "tests/minimal.example.com/addons/coredns.addons.k8s.io/k8s-1.12.yaml"
provider = aws.files
server_side_encryption = "AES256"
}
resource "aws_s3_object" "minimal-example-com-addons-hcloud-cloud-controller-addons-k8s-io-k8s-1-22" {
bucket = "testingBucket"
content = file("${path.module}/data/aws_s3_object_minimal.example.com-addons-hcloud-cloud-controller.addons.k8s.io-k8s-1.22_content")
key = "tests/minimal.example.com/addons/hcloud-cloud-controller.addons.k8s.io/k8s-1.22.yaml"
provider = aws.files
server_side_encryption = "AES256"
}
resource "aws_s3_object" "minimal-example-com-addons-hcloud-csi-driver-addons-k8s-io-k8s-1-22" {
bucket = "testingBucket"
content = file("${path.module}/data/aws_s3_object_minimal.example.com-addons-hcloud-csi-driver.addons.k8s.io-k8s-1.22_content")
key = "tests/minimal.example.com/addons/hcloud-csi-driver.addons.k8s.io/k8s-1.22.yaml"
provider = aws.files
server_side_encryption = "AES256"
}
resource "aws_s3_object" "minimal-example-com-addons-kops-controller-addons-k8s-io-k8s-1-16" {
bucket = "testingBucket"
content = file("${path.module}/data/aws_s3_object_minimal.example.com-addons-kops-controller.addons.k8s.io-k8s-1.16_content")
key = "tests/minimal.example.com/addons/kops-controller.addons.k8s.io/k8s-1.16.yaml"
provider = aws.files
server_side_encryption = "AES256"
}
resource "aws_s3_object" "minimal-example-com-addons-kubelet-api-rbac-addons-k8s-io-k8s-1-9" {
bucket = "testingBucket"
content = file("${path.module}/data/aws_s3_object_minimal.example.com-addons-kubelet-api.rbac.addons.k8s.io-k8s-1.9_content")
key = "tests/minimal.example.com/addons/kubelet-api.rbac.addons.k8s.io/k8s-1.9.yaml"
provider = aws.files
server_side_encryption = "AES256"
}
resource "aws_s3_object" "minimal-example-com-addons-limit-range-addons-k8s-io" {
bucket = "testingBucket"
content = file("${path.module}/data/aws_s3_object_minimal.example.com-addons-limit-range.addons.k8s.io_content")
key = "tests/minimal.example.com/addons/limit-range.addons.k8s.io/v1.5.0.yaml"
provider = aws.files
server_side_encryption = "AES256"
}
resource "aws_s3_object" "nodeupconfig-master-fsn1" {
bucket = "testingBucket"
content = file("${path.module}/data/aws_s3_object_nodeupconfig-master-fsn1_content")
key = "tests/minimal.example.com/igconfig/control-plane/master-fsn1/nodeupconfig.yaml"
provider = aws.files
server_side_encryption = "AES256"
}
resource "aws_s3_object" "nodeupconfig-nodes-fsn1" {
bucket = "testingBucket"
content = file("${path.module}/data/aws_s3_object_nodeupconfig-nodes-fsn1_content")
key = "tests/minimal.example.com/igconfig/node/nodes-fsn1/nodeupconfig.yaml"
provider = aws.files
server_side_encryption = "AES256"
}
resource "hcloud_firewall" "control-plane-minimal-example-com" {
apply_to {
label_selector = "kops.k8s.io/cluster=minimal.example.com,kops.k8s.io/instance-role=ControlPlane"
}
labels = {
"kops.k8s.io/cluster" = "minimal.example.com"
"kops.k8s.io/firewall-role" = "control-plane"
}
name = "control-plane.minimal.example.com"
rule {
direction = "in"
port = "22"
protocol = "tcp"
source_ips = ["0.0.0.0/0", "::/0"]
}
}
resource "hcloud_firewall" "nodes-minimal-example-com" {
apply_to {
label_selector = "kops.k8s.io/cluster=minimal.example.com,kops.k8s.io/instance-role=Node"
}
labels = {
"kops.k8s.io/cluster" = "minimal.example.com"
"kops.k8s.io/firewall-role" = "nodes"
}
name = "nodes.minimal.example.com"
rule {
direction = "in"
port = "22"
protocol = "tcp"
source_ips = ["0.0.0.0/0", "::/0"]
}
}
resource "hcloud_load_balancer" "api-minimal-example-com" {
labels = {
"kops.k8s.io/cluster" = "minimal.example.com"
}
load_balancer_type = "lb11"
location = "fsn1"
name = "api.minimal.example.com"
}
resource "hcloud_load_balancer_network" "api-minimal-example-com" {
load_balancer_id = hcloud_load_balancer.api-minimal-example-com.id
network_id = hcloud_network.minimal-example-com.id
}
resource "hcloud_load_balancer_service" "api-minimal-example-com-tcp-3988" {
destination_port = 3988
listen_port = 3988
load_balancer_id = hcloud_load_balancer.api-minimal-example-com.id
protocol = "tcp"
}
resource "hcloud_load_balancer_service" "api-minimal-example-com-tcp-443" {
destination_port = 443
listen_port = 443
load_balancer_id = hcloud_load_balancer.api-minimal-example-com.id
protocol = "tcp"
}
resource "hcloud_load_balancer_target" "api-minimal-example-com" {
label_selector = "kops.k8s.io/cluster=minimal.example.com,kops.k8s.io/instance-role=ControlPlane"
load_balancer_id = hcloud_load_balancer.api-minimal-example-com.id
type = "label_selector"
use_private_ip = true
}
resource "hcloud_network" "minimal-example-com" {
ip_range = "10.0.0.0/16"
labels = {
"kops.k8s.io/cluster" = "minimal.example.com"
}
name = "minimal.example.com"
}
resource "hcloud_network_subnet" "minimal-example-com-10-0-0-0--16" {
ip_range = "10.0.0.0/16"
network_id = hcloud_network.minimal-example-com.id
network_zone = "eu-central"
type = "cloud"
}
resource "hcloud_server" "master-fsn1" {
count = 1
image = "ubuntu-20.04"
labels = {
"kops.k8s.io/cluster" = "minimal.example.com"
"kops.k8s.io/instance-group" = "master-fsn1"
"kops.k8s.io/instance-role" = "ControlPlane"
"node-label.kops.k8s.io.kops.k8s.io/kops-controller-pki" = ""
"node-label.kops.k8s.io.node-role.kubernetes.io/control-plane" = ""
"node-label.kops.k8s.io.node.kubernetes.io/exclude-from-external-load-balancers" = ""
}
location = "fsn1"
name = "master-fsn1-${count.index}"
network {
network_id = hcloud_network.minimal-example-com.id
}
public_net {
ipv4_enabled = true
ipv6_enabled = false
}
server_type = "cx22"
ssh_keys = [hcloud_ssh_key.minimal-example-com-c4_a6_ed_9a_a8_89_b9_e2_c3_9c_d6_63_eb_9c_71_57.id]
user_data = filebase64("${path.module}/data/hcloud_server_master-fsn1_user_data")
}
resource "hcloud_server" "nodes-fsn1" {
count = 1
image = "ubuntu-20.04"
labels = {
"kops.k8s.io/cluster" = "minimal.example.com"
"kops.k8s.io/instance-group" = "nodes-fsn1"
"kops.k8s.io/instance-role" = "Node"
"node-label.kops.k8s.io.node-role.kubernetes.io/node" = ""
}
location = "fsn1"
name = "nodes-fsn1-${count.index}"
network {
network_id = hcloud_network.minimal-example-com.id
}
public_net {
ipv4_enabled = true
ipv6_enabled = false
}
server_type = "cx22"
ssh_keys = [hcloud_ssh_key.minimal-example-com-c4_a6_ed_9a_a8_89_b9_e2_c3_9c_d6_63_eb_9c_71_57.id]
user_data = filebase64("${path.module}/data/hcloud_server_nodes-fsn1_user_data")
}
resource "hcloud_ssh_key" "minimal-example-com-c4_a6_ed_9a_a8_89_b9_e2_c3_9c_d6_63_eb_9c_71_57" {
labels = {
"kops.k8s.io/cluster" = "minimal.example.com"
}
name = "minimal.example.com-c4:a6:ed:9a:a8:89:b9:e2:c3:9c:d6:63:eb:9c:71:57"
public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQCtWu40XQo8dczLsCq0OWV+hxm9uV3WxeH9Kgh4sMzQxNtoU1pvW0XdjpkBesRKGoolfWeCLXWxpyQb1IaiMkKoz7MdhQ/6UKjMjP66aFWWp3pwD0uj0HuJ7tq4gKHKRYGTaZIRWpzUiANBrjugVgA+Sd7E/mYwc/DMXkIyRZbvhQ=="
}
resource "hcloud_volume" "etcd-1-etcd-events-minimal-example-com" {
labels = {
"kops.k8s.io/cluster" = "minimal.example.com"
"kops.k8s.io/instance-group" = "master-fsn1"
"kops.k8s.io/volume-role" = "events"
}
location = "fsn1"
name = "etcd-1.etcd-events.minimal.example.com"
size = 20
}
resource "hcloud_volume" "etcd-1-etcd-main-minimal-example-com" {
labels = {
"kops.k8s.io/cluster" = "minimal.example.com"
"kops.k8s.io/instance-group" = "master-fsn1"
"kops.k8s.io/volume-role" = "main"
}
location = "fsn1"
name = "etcd-1.etcd-main.minimal.example.com"
size = 20
}
terraform {
required_version = ">= 0.15.0"
required_providers {
aws = {
"configuration_aliases" = [aws.files]
"source" = "hashicorp/aws"
"version" = ">= 5.0.0"
}
hcloud = {
"source" = "hetznercloud/hcloud"
"version" = ">= 1.35.1"
}
}
}