diff --git a/terraform/inputs.tf b/terraform/inputs.tf index f6efff8..25bc0ed 100644 --- a/terraform/inputs.tf +++ b/terraform/inputs.tf @@ -1,36 +1,18 @@ locals { - region = "us-east-1" - availability_zone = "us-east-1a" - secondary_availability_zone = "us-east-1b" - - bastion_ami = "ami-0abac89b48b8cc3bb" // amazon/suse-sles-15-sp4-byos-v20220621-hvm-ssd-arm64 - - upstream_instance_type = "t3a.xlarge" - upstream_ami = "ami-0096528c9fcc1a6a9" // Ubuntu: us-east-1 jammy 22.04 LTS amd64 hvm:ebs-ssd 20221118 upstream_server_count = 3 upstream_agent_count = 0 - upstream_distro_version = "v1.4.3/rke_darwin-amd64 v1.24.10-rancher4-1" - # alternatives: - # upstream_distro_version = "v1.24.11+k3s1" - # upstream_distro_version = "v1.24.8+rke2r1" - rancher_chart = "https://releases.rancher.com/server-charts/latest/rancher-2.7.2.tgz" + upstream_distro_version = "v1.24.12+k3s1" upstream_san = "upstream.local.gd" - upstream_kubernetes_api_port = 6443 - rancher_port = 8443 + upstream_kubernetes_api_port = 6445 + + rancher_chart = "https://releases.rancher.com/server-charts/latest/rancher-2.7.2.tgz" + rancher_port = 8443 - downstream_instance_type = "t3a.xlarge" - downstream_ami = "ami-0096528c9fcc1a6a9" - // Ubuntu: us-east-1 jammy 22.04 LTS amd64 hvm:ebs-ssd 20221118 downstream_server_count = 1 - downstream_agent_count = 1 - downstream_distro_version = "v1.24.11+k3s1" - # alternatives: - # downstream_distro_version = "v1.24.8+rke2r1" - # downstream_distro_version = "v1.4.3/rke_darwin-amd64 v1.24.10-rancher4-1" + downstream_agent_count = 0 + downstream_distro_version = "v1.24.12+k3s1" downstream_san = "downstream.local.gd" - downstream_kubernetes_api_port = 6444 + downstream_kubernetes_api_port = 6446 - project_name = "moio" - ssh_private_key_path = "~/.ssh/id_ed25519" - ssh_public_key_path = "~/.ssh/id_ed25519.pub" + project_name = "moio" } diff --git a/terraform/main.tf b/terraform/main.tf index dc35ffa..047425b 100644 --- a/terraform/main.tf +++ b/terraform/main.tf @@ -1,21 +1,13 @@ terraform { required_version = "1.3.7" required_providers { - aws = { - source = "hashicorp/aws" - version = "4.31.0" - } - tls = { - source = "hashicorp/tls" - version = "4.0.3" - } helm = { source = "hashicorp/helm" version = "2.7.1" } - ssh = { - source = "loafoe/ssh" - version = "2.2.1" + docker = { + source = "kreuzwerker/docker" + version = "2.23.1" } k3d = { source = "moio/k3d" @@ -24,96 +16,48 @@ terraform { } } -provider "aws" { - region = local.region -} - -module "aws_shared" { - source = "./aws_shared" - project_name = local.project_name - ssh_public_key_path = local.ssh_public_key_path -} - -module "aws_network" { - source = "./aws_network" - region = local.region - availability_zone = local.availability_zone - secondary_availability_zone = local.secondary_availability_zone - project_name = local.project_name -} - -module "bastion" { - depends_on = [module.aws_network] - source = "./aws_host" - ami = local.bastion_ami - availability_zone = local.availability_zone - project_name = local.project_name - name = "bastion" - ssh_key_name = module.aws_shared.key_name - ssh_private_key_path = local.ssh_private_key_path - subnet_id = module.aws_network.public_subnet_id - vpc_security_group_id = module.aws_network.public_security_group_id +module "network" { + source = "./k3d_network" + project_name = local.project_name } module "upstream_cluster" { - source = "./aws_rke" - # alternatives: - # source = "./aws_k3s" - # source = "./aws_rke2" - ami = local.upstream_ami - instance_type = local.upstream_instance_type - availability_zone = local.availability_zone - project_name = local.project_name - name = "upstream" - server_count = local.upstream_server_count - agent_count = local.upstream_agent_count - ssh_key_name = module.aws_shared.key_name - ssh_private_key_path = local.ssh_private_key_path - ssh_bastion_host = module.bastion.public_name - subnet_id = module.aws_network.private_subnet_id - vpc_security_group_id = module.aws_network.private_security_group_id - kubernetes_api_port = local.upstream_kubernetes_api_port - additional_ssh_tunnels = [[local.rancher_port, 443]] - distro_version = local.upstream_distro_version - sans = [local.upstream_san] - # k3s only - # secondary_subnet_id = module.aws_network.secondary_private_subnet_id + source = "./k3d_k3s" + project_name = local.project_name + name = "upstream" + network_name = module.network.name + server_count = local.upstream_server_count + agent_count = local.upstream_agent_count + distro_version = local.upstream_distro_version + sans = [local.upstream_san] + kubernetes_api_port = local.upstream_kubernetes_api_port + additional_port_mappings = [[local.rancher_port, 443]] } provider "helm" { kubernetes { - config_path = "../config/upstream.yaml" + config_path = "~/.kube/config" + config_context = "k3d-${local.project_name}-upstream" } } module "rancher" { - depends_on = [module.upstream_cluster] - count = local.upstream_server_count > 0 ? 1 : 0 - source = "./rancher" - public_name = local.upstream_san - private_name = module.upstream_cluster.first_server_private_name - chart = local.rancher_chart + depends_on = [module.upstream_cluster] + count = local.upstream_server_count > 0 ? 1 : 0 + source = "./rancher" + public_name = local.upstream_san + private_name = module.upstream_cluster.first_server_private_name + chart = local.rancher_chart } module "downstream_cluster" { - source = "./aws_k3s" - # alternatives: - # source = "./aws_rke" - # source = "./aws_rke2" - ami = local.downstream_ami - instance_type = local.downstream_instance_type - availability_zone = local.availability_zone - project_name = local.project_name - name = "downstream" - server_count = local.downstream_server_count - agent_count = local.downstream_agent_count - ssh_key_name = module.aws_shared.key_name - ssh_private_key_path = local.ssh_private_key_path - ssh_bastion_host = module.bastion.public_name - subnet_id = module.aws_network.private_subnet_id - vpc_security_group_id = module.aws_network.private_security_group_id - kubernetes_api_port = local.downstream_kubernetes_api_port - distro_version = local.downstream_distro_version - sans = [local.downstream_san] - secondary_subnet_id = module.aws_network.secondary_private_subnet_id + source = "./k3d_k3s" + project_name = local.project_name + name = "downstream" + network_name = module.network.name + server_count = local.downstream_server_count + agent_count = local.downstream_agent_count + distro_version = local.downstream_distro_version + sans = [local.downstream_san] + kubernetes_api_port = local.downstream_kubernetes_api_port } diff --git a/terraform/outputs.tf b/terraform/outputs.tf index 70c62fa..a020561 100644 --- a/terraform/outputs.tf +++ b/terraform/outputs.tf @@ -7,11 +7,9 @@ output "bootstrap_password" { } output "upstream_cluster" { - value = { kubeconfig : pathexpand("../config/upstream.yaml"), context : "upstream.local.gd" } + value = { kubeconfig : pathexpand("~/.kube/config"), context : "k3d-${local.project_name}-upstream" } } output "downstream_clusters" { - value = [ - { name : "downstream", kubeconfig : pathexpand("../config/downstream.yaml"), context : "downstream.local.gd" } - ] + value = [{ name : "downstream", kubeconfig : pathexpand("~/.kube/config"), context : "k3d-${local.project_name}-downstream" }] }