-
Notifications
You must be signed in to change notification settings - Fork 8
/
00-locals.tf
97 lines (88 loc) · 2.3 KB
/
00-locals.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
data "aws_ami" "talos" {
owners = ["540036508848"] # Sidero Labs
most_recent = true
name_regex = "^talos-${var.talos_version}-.*-${var.cluster_architecture}$"
filter {
name = "architecture"
values = [local.instance_architecture]
}
}
resource "random_string" "workspace_id" {
length = 6
min_numeric = 1
special = false
upper = false
}
locals {
instance_architecture = var.cluster_architecture == "amd64" ? "x86_64" : var.cluster_architecture
path_to_workspace_dir = "${abspath(path.root)}/.terraform/.workspace-${random_string.workspace_id.id}"
path_to_kubeconfig_file = "${local.path_to_workspace_dir}/kubeconfig"
path_to_talosconfig_file = "${local.path_to_workspace_dir}/talosconfig"
common_config_patch = {
cluster = {
id = var.cluster_id,
clusterName = var.cluster_name,
apiServer = {
certSANs = [
module.elb_k8s_elb.elb_dns_name
]
},
controllerManager = {
extraArgs = {
allocate-node-cidrs = var.allocate_node_cidrs
}
},
network = {
cni = {
name = "none"
},
podSubnets = [
var.pod_cidr
],
serviceSubnets = [
var.service_cidr
]
},
extraManifests = [
"https://raw.githubusercontent.com/isovalent/terraform-aws-talos/main/standalone-install.yaml",
"https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml"
],
allowSchedulingOnControlPlanes = var.allow_workload_on_cp_nodes
},
machine = {
kubelet = {
registerWithFQDN = true
},
certSANs = [
module.elb_k8s_elb.elb_dns_name
],
kubelet = {
extraArgs = {
rotate-server-certificates = true
}
}
}
}
# Used to configure Cilium Kube-Proxy replacement
config_cilium_patch = {
cluster = {
proxy = {
disabled = var.disable_kube_proxy
}
},
machine = {
features = {
kubePrism = {
enabled = true,
port = 7445
}
}
}
}
config_patches_common = [
for path in var.config_patch_files : file(path)
]
cluster_required_tags = {
"kubernetes.io/cluster/${var.cluster_name}" = "owned"
}
}