Create kubernetes nodes and add ssh access security group.

This commit is contained in:
Magnus Andersson 2024-01-11 16:17:50 +01:00
parent 28ecb1ba57
commit c6a5d0b608
Signed by: mandersson
GPG key ID: 19CB2C58E1F19B16
2 changed files with 25 additions and 1 deletions

22
kube.tf
View file

@ -5,7 +5,7 @@ resource "openstack_networking_port_v2" "kubeport" {
count = var.kubesize # size of cluster
network_id = data.openstack_networking_network_v2.public.id
# A list of security group ID
#security_group_ids = [resource.openstack_networking_secgroup_v2.sshaccess.id, data.openstack_networking_secgroup_v2.defaultsg.id, resource.openstack_networking_secgroup_v2.pgserver.id ]
security_group_ids = [ data.openstack_networking_secgroup_v2.sshfromjumphosts.id ]
admin_state_up = "true"
}
@ -17,3 +17,23 @@ resource "openstack_blockstorage_volume_v3" "kubevolume" {
image_id = data.openstack_images_image_v2.ubuntu2204image.id
enable_online_resize = true # Allow us to resize volume while attached.
}
# Create instances of kubernetes nodes
resource "openstack_compute_instance_v2" "kube" {
name = "kube${count.index}.matrix-test.sunet.se"
count = var.kubesize
flavor_id = data.openstack_compute_flavor_v2.b2c4r16.id
key_pair = data.openstack_compute_keypair_v2.manderssonpub.id
security_groups = ["ssh-from-jumphost"]
network {
port = resource.openstack_networking_port_v2.kubeport[count.index].id
}
block_device {
uuid = resource.openstack_blockstorage_volume_v3.kubevolume[count.index].id
source_type = "volume"
destination_type = "volume"
}
}

4
securitygroups.tf Normal file
View file

@ -0,0 +1,4 @@
# Datasource of sunet ssh-from-jumphost security group.
data "openstack_networking_secgroup_v2" "sshfromjumphosts" {
name = "ssh-from-jumphost"
}