From c6a5d0b608b41eb11c3a9ed84e43c2b94ed96c81 Mon Sep 17 00:00:00 2001 From: Magnus Andersson Date: Thu, 11 Jan 2024 16:17:50 +0100 Subject: [PATCH] Create kubernetes nodes and add ssh access security group. --- kube.tf | 22 +++++++++++++++++++++- securitygroups.tf | 4 ++++ 2 files changed, 25 insertions(+), 1 deletion(-) create mode 100644 securitygroups.tf diff --git a/kube.tf b/kube.tf index 0171fe4..e32093e 100644 --- a/kube.tf +++ b/kube.tf @@ -5,7 +5,7 @@ resource "openstack_networking_port_v2" "kubeport" { count = var.kubesize # size of cluster network_id = data.openstack_networking_network_v2.public.id # A list of security group ID - #security_group_ids = [resource.openstack_networking_secgroup_v2.sshaccess.id, data.openstack_networking_secgroup_v2.defaultsg.id, resource.openstack_networking_secgroup_v2.pgserver.id ] + security_group_ids = [ data.openstack_networking_secgroup_v2.sshfromjumphosts.id ] admin_state_up = "true" } @@ -17,3 +17,23 @@ resource "openstack_blockstorage_volume_v3" "kubevolume" { image_id = data.openstack_images_image_v2.ubuntu2204image.id enable_online_resize = true # Allow us to resize volume while attached. } + +# Create instances of kubernetes nodes +resource "openstack_compute_instance_v2" "kube" { + name = "kube${count.index}.matrix-test.sunet.se" + count = var.kubesize + flavor_id = data.openstack_compute_flavor_v2.b2c4r16.id + key_pair = data.openstack_compute_keypair_v2.manderssonpub.id + security_groups = ["ssh-from-jumphost"] + + network { + port = resource.openstack_networking_port_v2.kubeport[count.index].id + } + block_device { + uuid = resource.openstack_blockstorage_volume_v3.kubevolume[count.index].id + source_type = "volume" + destination_type = "volume" + } + +} + diff --git a/securitygroups.tf b/securitygroups.tf new file mode 100644 index 0000000..e6dc624 --- /dev/null +++ b/securitygroups.tf @@ -0,0 +1,4 @@ +# Datasource of sunet ssh-from-jumphost security group. +data "openstack_networking_secgroup_v2" "sshfromjumphosts" { + name = "ssh-from-jumphost" +}