From 66b2e316ef588cfde9c9662bfc1de57a0e4f494d Mon Sep 17 00:00:00 2001 From: Trygve Laugstøl Date: Tue, 30 Jul 2019 22:51:20 +0200 Subject: o Nodes doesn't need public IPs. --- terraform/ansible/.gitignore | 2 ++ terraform/ansible/inventory | 17 +++++++++++------ terraform/ansible/roles/k3s/templates/k3s.service.j2 | 6 ++---- terraform/node.tf | 15 ++++----------- 4 files changed, 19 insertions(+), 21 deletions(-) create mode 100644 terraform/ansible/.gitignore diff --git a/terraform/ansible/.gitignore b/terraform/ansible/.gitignore new file mode 100644 index 0000000..bcf2118 --- /dev/null +++ b/terraform/ansible/.gitignore @@ -0,0 +1,2 @@ +.retry +env diff --git a/terraform/ansible/inventory b/terraform/ansible/inventory index 880397a..f3d4239 100755 --- a/terraform/ansible/inventory +++ b/terraform/ansible/inventory @@ -3,21 +3,26 @@ read -r -d '' script <<'EOF' to_entries|map({(.key|tostring):.value.value})|add as $input | -$input.k8s_node_names|to_entries|map({(.value):{ - ansible_host:$input.k8s_node_public_ips[.key], - private_ip:$input.k8s_node_private_ips[.key]} - }) as $nodes | - { ansible_host:$input.k8s_master_ip.public_ip, private_ip:$input.k8s_master_ip.private_ip, } as $master | +$input.k8s_node_names|to_entries|map({(.value):{ + ansible_host:$input.k8s_node_private_ips[.key], + private_ip:$input.k8s_node_private_ips[.key], + }) as $nodes | + {_meta:{ hostvars:([{"k8s-master": $master}]+$nodes|add)}, all:(["k8s-master"] + ($input.k8s_node_names)), k8s:(["k8s-master"] + ($input.k8s_node_names)), - "k8s-nodes":$input.k8s_node_names, + "k8s-nodes":{ + "hosts": $input.k8s_node_names, + "vars": { + "ansible_ssh_common_args": (["-J ", $input.k8s_master_ip.public_ip]|add) + } + } } EOF diff --git a/terraform/ansible/roles/k3s/templates/k3s.service.j2 b/terraform/ansible/roles/k3s/templates/k3s.service.j2 index 5c0c559..7ef391f 100644 --- a/terraform/ansible/roles/k3s/templates/k3s.service.j2 +++ b/terraform/ansible/roles/k3s/templates/k3s.service.j2 @@ -5,14 +5,12 @@ After=network.target {% if k3s_role == 'master' %} ExecStartPre=-/sbin/modprobe br_netfilter ExecStartPre=-/sbin/modprobe overlay -ExecStart=/usr/local/bin/k3s server \ - --node-ip {{ ansible_host }} +ExecStart=/usr/local/bin/k3s server {% else %} # TODO: this should use private_ip ExecStart=/usr/local/bin/k3s agent \ - --server https://{{ hostvars['k8s-master']['ansible_host'] }}:6443 \ --token {{ hostvars['k8s-master']['node_token'] }} \ - --node-ip {{ ansible_host }} + --server https://{{ hostvars['k8s-master']['private_ip'] }}:6443 {% endif %} KillMode=process Delegate=yes diff --git a/terraform/node.tf b/terraform/node.tf index eeb3fc6..802882b 100644 --- a/terraform/node.tf +++ b/terraform/node.tf @@ -1,12 +1,7 @@ -resource "scaleway_ip" "k8s_node_ips" { - count = "${var.node_count}" -} - resource "scaleway_server" "k8s_node" { name = "k8s-node${count.index}" - image = "${data.scaleway_image.debian.id}" - type = "${var.k8s_master_server_type}" - public_ip = "${element(scaleway_ip.k8s_node_ips.*.ip, count.index)}" + image = data.scaleway_image.debian.id + type = var.k8s_master_server_type count = var.node_count @@ -18,16 +13,14 @@ resource "scaleway_server" "k8s_node" { scaleway_ssh_key.trygvis_akili, scaleway_ssh_key.trygvis_conflatorio, ] + + state = "stopped" } output "k8s_node_names" { value = scaleway_server.k8s_node.*.name } -output "k8s_node_public_ips" { - value = scaleway_server.k8s_node.*.public_ip -} - output "k8s_node_private_ips" { value = scaleway_server.k8s_node.*.private_ip } -- cgit v1.2.3