Skip to content

Instantly share code, notes, and snippets.

@carolosf
Created October 15, 2020 17:58
Show Gist options
  • Save carolosf/29b83df7658ff560d7d74755a0579906 to your computer and use it in GitHub Desktop.
Save carolosf/29b83df7658ff560d7d74755a0579906 to your computer and use it in GitHub Desktop.
Install Rancher 2 server with helm using own tls certificate in terraform for airgapped installs
resource "kubernetes_namespace" "cattle-system" {
metadata {
name = "cattle-system"
}
}
resource "kubernetes_secret" "tls-ca-additional" {
metadata {
name = "tls-ca-additional"
namespace = kubernetes_namespace.cattle-system.metadata[0].name
}
data = {
"ca-additional.pem" = file("certs/ca.crt")
}
}
resource "kubernetes_secret" "tls-rancher" {
metadata {
name = "tls-rancher"
namespace = kubernetes_namespace.cattle-system.metadata[0].name
}
data = {
"tls.key" = file("certs/server.key")
"tls.crt" = file("certs/server.crt")
}
type = "kubernetes.io/tls"
}
resource "helm_release" "rancher" {
depends_on = [kubernetes_secret.tls-rancher, kubernetes_secret.tls-ca-additional]
repository = "https://releases.rancher.com/server-charts/latest"
chart = "rancher"
name = "rancher"
version = "v2.4.8"
namespace = kubernetes_namespace.cattle-system.metadata[0].name
create_namespace = false
set {
name = "hostname"
value = "localhost"
}
set {
name = "ingress.tls.source"
value = "secret"
}
set {
name = "useBundledSystemChart"
value = true
}
set {
name = "privateCa"
value = true
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment