Add cloud-config file

From 000-add-cloud-config-file.patch
rcbops · Aug 7, 2017 · 076b01b · 076b01b
1 parent 9d421fb
commit 076b01b
Show file tree

Hide file tree

Showing 4 changed files with 111 additions and 0 deletions.
diff --git a/modules/openstack/nodes/ignition.tf b/modules/openstack/nodes/ignition.tf
@@ -8,6 +8,8 @@ data "ignition_config" "node" {
   files = [
     "${data.ignition_file.kubeconfig.id}",
     "${data.ignition_file.kubelet-env.id}",
+    "${data.ignition_file.cloud-ca.id}",
+    "${data.ignition_file.cloud-config.id}",
     "${data.ignition_file.max-user-watches.id}",
     "${data.ignition_file.resolv_conf.id}",
     "${data.ignition_file.hostname.*.id[count.index]}",
@@ -127,3 +129,37 @@ data "ignition_systemd_unit" "tectonic" {
   enable  = "${var.tectonic_service_disabled == 0 ? true : false}"
   content = "${var.tectonic_service}"
 }
+
+data "ignition_file" "cloud-ca" {
+  filesystem = "root"
+  path       = "/etc/kubernetes/cloud/cloud-ca.pem"
+  mode       = 0644
+
+  content {
+    content = "${var.cloud_ca_pem_data}"
+  }
+}
+
+data "ignition_file" "cloud-config" {
+  filesystem = "root"
+  path       = "/etc/kubernetes/cloud/config"
+  mode       = 0644
+
+  content {
+    content = <<EOF
+[Global]
+auth-url="${var.auth_url}"
+user-id="${var.user_id}"
+password="${var.password}"
+region="${var.region}"
+ca-file=${var.cloud_ca_pem_data != "" ? "/etc/kubernetes/cloud/cloud-ca.pem" : ""}
+[LoadBalancer]
+subnet-id=${var.loadbalancer_subnet_id}
+floating-network-id=${var.floating_ip_network_id}
+create-monitor=yes
+monitor-delay=15s
+monitor-timeout=2s
+monitor-max-retries=2
+EOF
+  }
+}
diff --git a/modules/openstack/nodes/variables.tf b/modules/openstack/nodes/variables.tf
@@ -70,3 +70,32 @@ variable "tectonic_service_disabled" {
   description = "Specifies whether the tectonic installer systemd unit will be disabled. If true, no tectonic assets will be deployed"
   default     = false
 }
+
+variable "loadbalancer_subnet_id" {
+  type = "string"
+}
+
+variable "floating_ip_network_id" {
+  type = "string"
+  default = ""
+}
+
+variable "user_id" {
+  type = "string"
+}
+
+variable "auth_url" {
+  type = "string"
+}
+
+variable "password" {
+  type = "string"
+}
+
+variable "region" {
+  type = "string"
+}
+
+variable "cloud_ca_pem_data" {
+  type = "string"
+}
diff --git a/platforms/openstack/neutron/main.tf b/platforms/openstack/neutron/main.tf
@@ -142,6 +142,13 @@ EOF
   kubelet_cni_bin_dir          = "${var.tectonic_calico_network_policy ? "/var/lib/cni/bin" : "" }"
   tectonic_experimental        = "${var.tectonic_experimental}"
   tectonic_service_disabled    = "${var.tectonic_vanilla_k8s}"
+  auth_url                     = "${var.tectonic_openstack_auth_url}"
+  password                     = "${var.tectonic_openstack_password}"
+  user_id                      = "${var.tectonic_openstack_user_id}"
+  region                       = "${var.tectonic_openstack_region}"
+  loadbalancer_subnet_id       = "${openstack_networking_subnet_v2.subnet.id}"
+  cloud_ca_pem_data            = "${file(var.tectonic_openstack_ca_pem_file != "" ? pathexpand(var.tectonic_openstack_ca_pem_file) : "/dev/null")}"
+  floating_ip_network_id       = "${var.tectonic_openstack_external_gateway_id}"
 }
 
 module "worker_nodes" {
@@ -167,6 +174,13 @@ EOF
   node_taints                  = ""
   kubelet_cni_bin_dir          = "${var.tectonic_calico_network_policy ? "/var/lib/cni/bin" : "" }"
   tectonic_service_disabled    = "${var.tectonic_vanilla_k8s}"
+  auth_url                     = "${var.tectonic_openstack_auth_url}"
+  password                     = "${var.tectonic_openstack_password}"
+  user_id                      = "${var.tectonic_openstack_user_id}"
+  region                       = "${var.tectonic_openstack_region}"
+  loadbalancer_subnet_id       = "${openstack_networking_subnet_v2.subnet.id}"
+  cloud_ca_pem_data            = "${file(var.tectonic_openstack_ca_pem_file != "" ? pathexpand(var.tectonic_openstack_ca_pem_file) : "/dev/null")}"
+  floating_ip_network_id       = "${var.tectonic_openstack_external_gateway_id}"
 }
 
 module "secrets" {

diff --git a/platforms/openstack/neutron/variables.tf b/platforms/openstack/neutron/variables.tf
@@ -134,3 +134,35 @@ variable "tectonic_openstack_dns_nameservers" {
 The DNS servers assigned to the generated OpenStack subnet resource.
 EOF
 }
+
+variable "tectonic_openstack_user_id" {
+  type = "string"
+  description = <<EOF
+The user id (not name) that Kubernetes will use when managing OpenStack resources.
+EOF
+}
+variable "tectonic_openstack_password" {
+  type = "string"
+  description = <<EOF
+The password that Kubernetes will use when managing OpenStack resources.
+EOF
+}
+variable "tectonic_openstack_region" {
+  type = "string"
+  description = <<EOF
+The region that Kubernetes will use when managing OpenStack resources.
+EOF
+}
+variable "tectonic_openstack_auth_url" {
+  type = "string"
+  description = <<EOF
+The keystone URL that Kubernetes will use when managing OpenStack resources.
+EOF
+}
+variable "tectonic_openstack_ca_pem_file" {
+  type = "string"
+  default = ""
+  description = <<EOF
+An optional file containing the CA for Kubernetes to use when connecting to the OpenStack endpoints
+EOF
+}