diff --git a/aws/_modules/eks/ingress.tf b/aws/_modules/eks/ingress.tf index 540489e3..917a9aa5 100644 --- a/aws/_modules/eks/ingress.tf +++ b/aws/_modules/eks/ingress.tf @@ -1,70 +1,5 @@ -resource "kubernetes_service" "current" { - count = var.disable_default_ingress ? 0 : 1 - - provider = kubernetes.eks - - metadata { - name = "ingress-kbst-default" - namespace = "ingress-kbst-default" - } - - spec { - type = "LoadBalancer" - - selector = { - "kubestack.com/ingress-default" = "true" - } - - port { - name = "http" - port = 80 - target_port = "http" - } - - port { - name = "https" - port = 443 - target_port = "https" - } - } - - depends_on = [module.cluster_services] -} - resource "aws_route53_zone" "current" { count = var.disable_default_ingress ? 0 : 1 name = "${var.metadata_fqdn}." } - -data "aws_elb_hosted_zone_id" "current" { - count = var.disable_default_ingress ? 0 : 1 -} - -resource "aws_route53_record" "host" { - count = var.disable_default_ingress ? 0 : 1 - - zone_id = aws_route53_zone.current[0].zone_id - name = var.metadata_fqdn - type = "A" - - alias { - name = kubernetes_service.current[0].status[0].load_balancer[0].ingress[0].hostname - zone_id = data.aws_elb_hosted_zone_id.current[0].id - evaluate_target_health = true - } -} - -resource "aws_route53_record" "wildcard" { - count = var.disable_default_ingress ? 0 : 1 - - zone_id = aws_route53_zone.current[0].zone_id - name = "*.${var.metadata_fqdn}" - type = "A" - - alias { - name = kubernetes_service.current[0].status[0].load_balancer[0].ingress[0].hostname - zone_id = data.aws_elb_hosted_zone_id.current[0].id - evaluate_target_health = true - } -} diff --git a/aws/cluster-local/elb-dns/variables.tf b/aws/cluster-local/elb-dns/variables.tf new file mode 100644 index 00000000..e54b5fa5 --- /dev/null +++ b/aws/cluster-local/elb-dns/variables.tf @@ -0,0 +1,14 @@ +variable "ingress_service_name" { + type = string + description = "Metadata name of the ingress service." +} + +variable "ingress_service_namespace" { + type = string + description = "Metadata namespace of the ingress service." +} + +variable "metadata_fqdn" { + type = string + description = "Cluster module FQDN." +} diff --git a/aws/cluster-local/elb-dns/versions.tf b/aws/cluster-local/elb-dns/versions.tf new file mode 100644 index 00000000..b5087a9c --- /dev/null +++ b/aws/cluster-local/elb-dns/versions.tf @@ -0,0 +1,13 @@ +terraform { + required_providers { + aws = { + source = "hashicorp/aws" + } + + kubernetes = { + source = "hashicorp/kubernetes" + } + } + + required_version = ">= 0.13" +} diff --git a/aws/cluster/elb-dns/ingress.tf b/aws/cluster/elb-dns/ingress.tf new file mode 100644 index 00000000..3bf454e4 --- /dev/null +++ b/aws/cluster/elb-dns/ingress.tf @@ -0,0 +1,37 @@ +data "kubernetes_service" "current" { + metadata { + name = var.ingress_service_name + namespace = var.ingress_service_namespace + } +} + +data "aws_route53_zone" "current" { + name = "${var.metadata_fqdn}." +} + +data "aws_elb_hosted_zone_id" "current" { +} + +resource "aws_route53_record" "host" { + zone_id = data.aws_route53_zone.current.zone_id + name = var.metadata_fqdn + type = "A" + + alias { + name = data.kubernetes_service.current.status[0].load_balancer[0].ingress[0].hostname + zone_id = data.aws_elb_hosted_zone_id.current.id + evaluate_target_health = true + } +} + +resource "aws_route53_record" "wildcard" { + zone_id = data.aws_route53_zone.current.zone_id + name = "*.${var.metadata_fqdn}" + type = "A" + + alias { + name = data.kubernetes_service.current.status[0].load_balancer[0].ingress[0].hostname + zone_id = data.aws_elb_hosted_zone_id.current.id + evaluate_target_health = true + } +} diff --git a/aws/cluster/elb-dns/variables.tf b/aws/cluster/elb-dns/variables.tf new file mode 100644 index 00000000..e54b5fa5 --- /dev/null +++ b/aws/cluster/elb-dns/variables.tf @@ -0,0 +1,14 @@ +variable "ingress_service_name" { + type = string + description = "Metadata name of the ingress service." +} + +variable "ingress_service_namespace" { + type = string + description = "Metadata namespace of the ingress service." +} + +variable "metadata_fqdn" { + type = string + description = "Cluster module FQDN." +} diff --git a/aws/cluster/elb-dns/versions.tf b/aws/cluster/elb-dns/versions.tf new file mode 100644 index 00000000..b5087a9c --- /dev/null +++ b/aws/cluster/elb-dns/versions.tf @@ -0,0 +1,13 @@ +terraform { + required_providers { + aws = { + source = "hashicorp/aws" + } + + kubernetes = { + source = "hashicorp/kubernetes" + } + } + + required_version = ">= 0.13" +} diff --git a/azurerm/_modules/aks/ingress.tf b/azurerm/_modules/aks/ingress.tf index d50577ac..2400688f 100644 --- a/azurerm/_modules/aks/ingress.tf +++ b/azurerm/_modules/aks/ingress.tf @@ -12,40 +12,6 @@ resource "azurerm_public_ip" "current" { depends_on = [azurerm_kubernetes_cluster.current] } -resource "kubernetes_service" "current" { - count = var.disable_default_ingress ? 0 : 1 - - provider = kubernetes.aks - - metadata { - name = "ingress-kbst-default" - namespace = "ingress-kbst-default" - } - - spec { - type = "LoadBalancer" - load_balancer_ip = azurerm_public_ip.current[0].ip_address - - selector = { - "kubestack.com/ingress-default" = "true" - } - - port { - name = "http" - port = 80 - target_port = "http" - } - - port { - name = "https" - port = 443 - target_port = "https" - } - } - - depends_on = [module.cluster_services] -} - resource "azurerm_dns_zone" "current" { count = var.disable_default_ingress ? 0 : 1 diff --git a/azurerm/_modules/aks/outputs.tf b/azurerm/_modules/aks/outputs.tf index 12bc852b..affb9535 100644 --- a/azurerm/_modules/aks/outputs.tf +++ b/azurerm/_modules/aks/outputs.tf @@ -6,3 +6,7 @@ output "kubeconfig" { sensitive = true value = data.template_file.kubeconfig.rendered } + +output "default_ingress_ip" { + value = length(azurerm_public_ip.current) > 0 ? azurerm_public_ip.current[0].ip_address : null +} diff --git a/azurerm/_modules/aks/versions.tf b/azurerm/_modules/aks/versions.tf index eda7a450..03090116 100644 --- a/azurerm/_modules/aks/versions.tf +++ b/azurerm/_modules/aks/versions.tf @@ -19,12 +19,6 @@ terraform { version = ">= 2.0.0" } - kubernetes = { - # https://registry.terraform.io/providers/hashicorp/kubernetes/latest - source = "hashicorp/kubernetes" - version = ">= 2.0.2" - } - random = { # https://registry.terraform.io/providers/hashicorp/random/latest source = "hashicorp/random" diff --git a/azurerm/cluster-local/outputs.tf b/azurerm/cluster-local/outputs.tf index 6448bf4b..4b0efb9c 100644 --- a/azurerm/cluster-local/outputs.tf +++ b/azurerm/cluster-local/outputs.tf @@ -10,3 +10,10 @@ output "kubeconfig" { sensitive = true value = module.cluster.kubeconfig } + +output "default_ingress_ip" { + # the cluster module returns an IP as a string + # we YAML encode null for cluster-local to provide + # a unified output to consumers + value = yamlencode(null) +} diff --git a/azurerm/cluster/outputs.tf b/azurerm/cluster/outputs.tf index 42913b98..d0d3deda 100644 --- a/azurerm/cluster/outputs.tf +++ b/azurerm/cluster/outputs.tf @@ -14,3 +14,7 @@ output "kubeconfig" { sensitive = true value = module.cluster.kubeconfig } + +output "default_ingress_ip" { + value = module.cluster.default_ingress_ip +} diff --git a/google/_modules/gke/ingress.tf b/google/_modules/gke/ingress.tf index 66a0a5c8..f0c6f1fd 100644 --- a/google/_modules/gke/ingress.tf +++ b/google/_modules/gke/ingress.tf @@ -7,41 +7,6 @@ resource "google_compute_address" "current" { name = var.metadata_name } -resource "kubernetes_service" "current" { - count = var.disable_default_ingress ? 0 : 1 - - provider = kubernetes.gke - - metadata { - name = "ingress-kbst-default" - namespace = "ingress-kbst-default" - } - - spec { - type = "LoadBalancer" - load_balancer_ip = google_compute_address.current[0].address - - selector = { - "kubestack.com/ingress-default" = "true" - } - - port { - name = "http" - port = 80 - target_port = "http" - } - - port { - name = "https" - port = 443 - target_port = "https" - } - } - - # the cluster_services module creates the ingress-kbst-default namespace - depends_on = [module.cluster_services] -} - resource "google_dns_managed_zone" "current" { count = var.disable_default_ingress ? 0 : 1 diff --git a/google/_modules/gke/outputs.tf b/google/_modules/gke/outputs.tf index ec4b5089..8f81c101 100644 --- a/google/_modules/gke/outputs.tf +++ b/google/_modules/gke/outputs.tf @@ -1,3 +1,7 @@ output "kubeconfig" { value = data.template_file.kubeconfig.rendered } + +output "default_ingress_ip" { + value = length(google_compute_address.current) > 0 ? google_compute_address.current[0].address : null +} diff --git a/google/_modules/gke/versions.tf b/google/_modules/gke/versions.tf index 860329c4..f06b15a7 100644 --- a/google/_modules/gke/versions.tf +++ b/google/_modules/gke/versions.tf @@ -12,12 +12,6 @@ terraform { source = "hashicorp/google" version = ">= 3.55.0" } - - kubernetes = { - # https://registry.terraform.io/providers/hashicorp/kubernetes/latest - source = "hashicorp/kubernetes" - version = ">= 2.0.2" - } } required_version = ">= 0.13" diff --git a/google/cluster-local/outputs.tf b/google/cluster-local/outputs.tf index 424f37e9..cba3bd30 100644 --- a/google/cluster-local/outputs.tf +++ b/google/cluster-local/outputs.tf @@ -9,3 +9,10 @@ output "current_metadata" { output "kubeconfig" { value = module.cluster.kubeconfig } + +output "default_ingress_ip" { + # the cluster module returns an IP as a string + # we YAML encode null for cluster-local to provide + # a unified output to consumers + value = yamlencode(null) +} diff --git a/google/cluster/outputs.tf b/google/cluster/outputs.tf index 424f37e9..589e30b8 100644 --- a/google/cluster/outputs.tf +++ b/google/cluster/outputs.tf @@ -9,3 +9,7 @@ output "current_metadata" { output "kubeconfig" { value = module.cluster.kubeconfig } + +output "default_ingress_ip" { + value = module.cluster.default_ingress_ip +}