Skip to content

Instantly share code, notes, and snippets.

resource "aws_vpc" "kubernetes" {
cidr_block = "10.43.0.0/16"
enable_dns_hostnames = true
}
resource "aws_subnet" "kubernetes" {
vpc_id = "${aws_vpc.kubernetes.id}"
cidr_block = "10.43.0.0/16"
availability_zone = "eu-west-1a"
}
resource "aws_internet_gateway" "gw" {
vpc_id = "${aws_vpc.kubernetes.id}"
}
resource "aws_route_table" "kubernetes" {
vpc_id = "${aws_vpc.kubernetes.id}"
route {
cidr_block = "0.0.0.0/0"
gateway_id = "${aws_internet_gateway.gw.id}"
}
resource "aws_instance" "worker" {
count = 3
...
tags {
Owner = "Lorenzo"
Name = "worker-${count.index}"
ansibleFilter = "Kubernetes01"
ansibleNodeType = "worker"
ansibleNodeName = "worker${count.index}"
}
resource "aws_elb" "kubernetes_api" {
name = "kube-api"
instances = ["${aws_instance.controller.*.id}"]
subnets = ["${aws_subnet.kubernetes.id}"]
cross_zone_load_balancing = false
security_groups = ["${aws_security_group.kubernetes_api.id}"]
listener {
lb_port = 6443
[ec2]
instance_filters = tag:ansibleFilter=Kubernetes01
regions = eu-west-1
destination_variable = ip_address
vpc_destination_variable = ip_address
hostname_variable = tag_ansibleNodeName
@nicusX
nicusX / k8snthw-groups
Last active August 11, 2016 10:34
Ansible groups
[tag_ansibleNodeType_etcd]
[tag_ansibleNodeType_worker]
[tag_ansibleNodeType_controller]
[etcd:children]
tag_ansibleNodeType_etcd
[worker:children]
tag_ansibleNodeType_worker
[defaults]
...
inventory = ./hosts/
...
- name: Create etcd config dir
file: path=/etc/etcd state=directory
become: true
- name: Copy certificates
copy:
src: "{{ playbook_dir }}/../cert/{{ item }}"
dest: "/etc/etcd/"
become: true
with_items:
# Expects `kubernetes_api_endpoint` as `--extra-vars "kubernetes_api_endpoint=xxxx"`
- hosts: 127.0.0.1
connection: local
tasks:
- name: Set kubectl endpoint
shell: "kubectl config set-cluster {{ cluster_name }} --certificate-authority={{ playbook_dir }}/../cert/ca.pem --embed-certs=true --server=https://{{ kubernetes_api_endpoint }}:6443"
- name: Set kubectl credentials
shell: "kubectl config set-credentials {{ user }} --token {{ token }}"
- hosts: all
gather_facts: false
tasks:
- name: Install Python
raw: "apt-get -y -q install python"
become: true