-
-
Notifications
You must be signed in to change notification settings - Fork 0
/
k3slb.tf
141 lines (118 loc) · 6.11 KB
/
k3slb.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
resource "oci_network_load_balancer_network_load_balancer" "k3s_public_lb" {
compartment_id = var.compartment_ocid
display_name = var.public_load_balancer_name
subnet_id = oci_core_subnet.oci_core_subnet11.id
network_security_group_ids = [oci_core_network_security_group.public_lb_nsg.id]
is_private = false
is_preserve_source_destination = false
freeform_tags = {
"provisioner" = "terraform"
"environment" = "${var.environment}"
"${var.unique_tag_key}" = "${var.unique_tag_value}"
}
}
# HTTP
resource "oci_network_load_balancer_listener" "k3s_http_listener" {
default_backend_set_name = oci_network_load_balancer_backend_set.k3s_http_backend_set.name
name = "k3s_http_listener"
network_load_balancer_id = oci_network_load_balancer_network_load_balancer.k3s_public_lb.id
port = var.http_lb_port
protocol = "TCP"
}
resource "oci_network_load_balancer_backend_set" "k3s_http_backend_set" {
health_checker {
protocol = "TCP"
port = var.http_lb_port
}
name = "k3s_http_backend"
network_load_balancer_id = oci_network_load_balancer_network_load_balancer.k3s_public_lb.id
policy = "FIVE_TUPLE"
is_preserve_source = true
}
resource "oci_network_load_balancer_backend" "k3s_http_backend" {
depends_on = [
oci_core_instance_pool.k3s_workers,
]
count = var.k3s_worker_pool_size
backend_set_name = oci_network_load_balancer_backend_set.k3s_http_backend_set.name
network_load_balancer_id = oci_network_load_balancer_network_load_balancer.k3s_public_lb.id
name = format("%s:%s", data.oci_core_instance_pool_instances.k3s_workers_instances.instances[count.index].id, var.http_lb_port)
port = var.http_lb_port
target_id = data.oci_core_instance_pool_instances.k3s_workers_instances.instances[count.index].id
}
resource "oci_network_load_balancer_backend" "k3s_http_backend_extra_node" {
count = var.k3s_extra_worker_node ? 1 : 0
backend_set_name = oci_network_load_balancer_backend_set.k3s_http_backend_set.name
network_load_balancer_id = oci_network_load_balancer_network_load_balancer.k3s_public_lb.id
name = format("%s:%s", oci_core_instance.k3s_extra_worker_node[count.index].id, var.http_lb_port)
port = var.http_lb_port
target_id = oci_core_instance.k3s_extra_worker_node[count.index].id
}
# HTTPS
resource "oci_network_load_balancer_listener" "k3s_https_listener" {
default_backend_set_name = oci_network_load_balancer_backend_set.k3s_https_backend_set.name
name = "k3s_https_listener"
network_load_balancer_id = oci_network_load_balancer_network_load_balancer.k3s_public_lb.id
port = var.https_lb_port
protocol = "TCP"
}
resource "oci_network_load_balancer_backend_set" "k3s_https_backend_set" {
health_checker {
protocol = "TCP"
port = var.https_lb_port
}
name = "k3s_https_backend"
network_load_balancer_id = oci_network_load_balancer_network_load_balancer.k3s_public_lb.id
policy = "FIVE_TUPLE"
is_preserve_source = true
}
resource "oci_network_load_balancer_backend" "k3s_https_backend" {
depends_on = [
oci_core_instance_pool.k3s_workers,
]
count = var.k3s_worker_pool_size
backend_set_name = oci_network_load_balancer_backend_set.k3s_https_backend_set.name
network_load_balancer_id = oci_network_load_balancer_network_load_balancer.k3s_public_lb.id
name = format("%s:%s", data.oci_core_instance_pool_instances.k3s_workers_instances.instances[count.index].id, var.https_lb_port)
port = var.https_lb_port
target_id = data.oci_core_instance_pool_instances.k3s_workers_instances.instances[count.index].id
}
resource "oci_network_load_balancer_backend" "k3s_https_backend_extra_node" {
count = var.k3s_extra_worker_node ? 1 : 0
backend_set_name = oci_network_load_balancer_backend_set.k3s_https_backend_set.name
network_load_balancer_id = oci_network_load_balancer_network_load_balancer.k3s_public_lb.id
name = format("%s:%s", oci_core_instance.k3s_extra_worker_node[count.index].id, var.https_lb_port)
port = var.https_lb_port
target_id = oci_core_instance.k3s_extra_worker_node[count.index].id
}
## kube-api
resource "oci_network_load_balancer_listener" "k3s_kubeapi_listener" {
count = var.expose_kubeapi ? 1 : 0
default_backend_set_name = oci_network_load_balancer_backend_set.k3s_kubeapi_backend_set[count.index].name
name = "k3s_kubeapi_listener"
network_load_balancer_id = oci_network_load_balancer_network_load_balancer.k3s_public_lb.id
port = var.kube_api_port
protocol = "TCP"
}
resource "oci_network_load_balancer_backend_set" "k3s_kubeapi_backend_set" {
count = var.expose_kubeapi ? 1 : 0
health_checker {
protocol = "TCP"
port = var.kube_api_port
}
name = "k3s_kubeapi_backend"
network_load_balancer_id = oci_network_load_balancer_network_load_balancer.k3s_public_lb.id
policy = "FIVE_TUPLE"
is_preserve_source = true
}
resource "oci_network_load_balancer_backend" "k3s_kubeapi_backend" {
depends_on = [
oci_core_instance_pool.k3s_servers,
]
count = var.expose_kubeapi ? var.k3s_server_pool_size : 0
backend_set_name = oci_network_load_balancer_backend_set.k3s_kubeapi_backend_set[0].name
network_load_balancer_id = oci_network_load_balancer_network_load_balancer.k3s_public_lb.id
name = format("%s:%s", data.oci_core_instance_pool_instances.k3s_servers_instances.instances[count.index].id, var.kube_api_port)
port = var.kube_api_port
target_id = data.oci_core_instance_pool_instances.k3s_servers_instances.instances[count.index].id
}