144 lines
No EOL
3.4 KiB
HCL
144 lines
No EOL
3.4 KiB
HCL
resource "random_string" "random" {
|
|
length = 4
|
|
lower = true
|
|
upper = false
|
|
special = false
|
|
}
|
|
|
|
resource "stackit_ske_cluster" "default" {
|
|
project_id = var.stackit_project_id
|
|
name = "ske-${random_string.random.result}"
|
|
kubernetes_version_min = "1.31"
|
|
node_pools = [
|
|
{
|
|
name = "standard"
|
|
machine_type = "c1.4"
|
|
minimum = "1"
|
|
maximum = "3"
|
|
max_surge = "3"
|
|
availability_zones = ["eu01-1", "eu01-2", "eu01-3"]
|
|
os_version_min = "4152.2.1"
|
|
os_name = "flatcar"
|
|
volume_size = 32
|
|
volume_type = "storage_premium_perf6"
|
|
}
|
|
]
|
|
maintenance = {
|
|
enable_kubernetes_version_updates = true
|
|
enable_machine_image_version_updates = true
|
|
start = "01:00:00Z"
|
|
end = "02:00:00Z"
|
|
}
|
|
}
|
|
|
|
resource "stackit_ske_kubeconfig" "example" {
|
|
project_id = var.stackit_project_id
|
|
cluster_name = stackit_ske_cluster.default.name
|
|
refresh = true
|
|
}
|
|
|
|
resource "kubernetes_namespace" "rancher" {
|
|
metadata {
|
|
name = "rancher"
|
|
}
|
|
}
|
|
|
|
resource "kubernetes_namespace" "cert_manager" {
|
|
metadata {
|
|
name = "cert-manager"
|
|
}
|
|
}
|
|
|
|
resource "kubernetes_namespace" "nginx" {
|
|
metadata {
|
|
name = "nginx"
|
|
}
|
|
}
|
|
|
|
resource "helm_release" "cert_manager" {
|
|
name = "cert-manager"
|
|
namespace = kubernetes_namespace.cert_manager.metadata[0].name
|
|
repository = "https://charts.jetstack.io"
|
|
chart = "cert-manager"
|
|
version = "1.17.2"
|
|
|
|
values = [<<EOF
|
|
installCRDs: true
|
|
EOF
|
|
]
|
|
}
|
|
|
|
resource "stackit_public_ip" "public_ip" {
|
|
project_id = var.stackit_project_id
|
|
|
|
lifecycle {
|
|
ignore_changes = [network_interface_id]
|
|
}
|
|
}
|
|
|
|
resource "stackit_dns_zone" "rancher_zone" {
|
|
project_id = var.stackit_project_id
|
|
name = "rancher${random_string.random.result}"
|
|
dns_name = "rancher${random_string.random.result}.runs.onstackit.cloud"
|
|
type = "primary"
|
|
default_ttl = 60
|
|
contact_email = "hostmaster@stackit.cloud"
|
|
}
|
|
|
|
resource "stackit_dns_record_set" "a_record" {
|
|
project_id = var.stackit_project_id
|
|
zone_id = stackit_dns_zone.rancher_zone.zone_id
|
|
name = "ui"
|
|
type = "A"
|
|
ttl = 60
|
|
comment = "ui for rancher"
|
|
records = [stackit_public_ip.public_ip.ip]
|
|
}
|
|
|
|
resource "helm_release" "nginx_ingress" {
|
|
name = "nginx-ingress"
|
|
repository = "https://kubernetes.github.io/ingress-nginx"
|
|
chart = "ingress-nginx"
|
|
version = "4.12.2"
|
|
namespace = kubernetes_namespace.nginx.metadata[0].name
|
|
|
|
values = [
|
|
<<EOF
|
|
controller:
|
|
replicaCount: 1
|
|
service:
|
|
type: LoadBalancer
|
|
annotations:
|
|
lb.stackit.cloud/external-address: ${stackit_public_ip.public_ip.ip}
|
|
EOF
|
|
]
|
|
|
|
timeout = 600
|
|
}
|
|
|
|
resource "helm_release" "rancher" {
|
|
name = "rancher"
|
|
namespace = kubernetes_namespace.rancher.metadata[0].name
|
|
repository = "https://releases.rancher.com/server-charts/stable"
|
|
chart = "rancher"
|
|
version = "2.11.1"
|
|
|
|
values = [<<EOF
|
|
hostname: "${stackit_dns_record_set.a_record.name}.${stackit_dns_zone.rancher_zone.dns_name}"
|
|
ingress:
|
|
enabled: true
|
|
ingressClassName: "nginx"
|
|
|
|
tls:
|
|
source: rancher
|
|
secretName: tls-rancher-ingress
|
|
|
|
EOF
|
|
]
|
|
|
|
depends_on = [helm_release.cert_manager]
|
|
}
|
|
|
|
output "rancher" {
|
|
value = "${stackit_dns_record_set.a_record.name}.${stackit_dns_zone.rancher_zone.dns_name}"
|
|
} |