diff --git a/.drone.yaml b/.drone.yaml
index b375dab..60599a2 100644
--- a/.drone.yaml
+++ b/.drone.yaml
@@ -64,8 +64,8 @@ steps:
- apk add --no-cache terraform
- cp hack/backend.tf examples/terraform/${TYPE}/backend.tf
- terraform -chdir=examples/terraform/${TYPE} init -backend-config="resource_group_name=General" -backend-config="storage_account_name=$${AZURE_STORAGE_ACCOUNT}" -backend-config="container_name=${BUCKET_PATH}" -backend-config="key=${TYPE}-terraform.tfstate"
- # lets remove the talosconfig/kubeconfig data source so destroy is not blocked
- - terraform -chdir=examples/terraform/${TYPE} state rm data.talos_client_configuration.this data.talos_cluster_kubeconfig.this
+ # lets attempt to remove the talosconfig/kubeconfig data source so destroy is not blocked
+ - terraform -chdir=examples/terraform/${TYPE} state rm data.talos_client_configuration.this data.talos_cluster_kubeconfig.this || true
- terraform -chdir=examples/terraform/${TYPE} apply -destroy -auto-approve
when:
event:
diff --git a/examples/terraform/aws/README.md b/examples/terraform/aws/README.md
index 6796eb6..9f207b8 100644
--- a/examples/terraform/aws/README.md
+++ b/examples/terraform/aws/README.md
@@ -23,7 +23,6 @@
| [kubernetes\_api\_sg](#module\_kubernetes\_api\_sg) | terraform-aws-modules/security-group/aws//modules/https-443 | ~> 4.0 |
| [talos\_control\_plane\_nodes](#module\_talos\_control\_plane\_nodes) | terraform-aws-modules/ec2-instance/aws | ~> 4.0 |
| [talos\_worker\_group](#module\_talos\_worker\_group) | terraform-aws-modules/ec2-instance/aws | ~> 4.0 |
-| [talos\_worker\_nodes](#module\_talos\_worker\_nodes) | terraform-aws-modules/ec2-instance/aws | ~> 4.0 |
| [vpc](#module\_vpc) | terraform-aws-modules/vpc/aws | ~> 3.0 |
## Resources
@@ -34,7 +33,6 @@
| [aws_iam_policy.worker_ccm_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
| [talos_machine_bootstrap.this](https://registry.terraform.io/providers/siderolabs/talos/0.3.1/docs/resources/machine_bootstrap) | resource |
| [talos_machine_configuration_apply.controlplane](https://registry.terraform.io/providers/siderolabs/talos/0.3.1/docs/resources/machine_configuration_apply) | resource |
-| [talos_machine_configuration_apply.worker](https://registry.terraform.io/providers/siderolabs/talos/0.3.1/docs/resources/machine_configuration_apply) | resource |
| [talos_machine_configuration_apply.worker_group](https://registry.terraform.io/providers/siderolabs/talos/0.3.1/docs/resources/machine_configuration_apply) | resource |
| [talos_machine_secrets.this](https://registry.terraform.io/providers/siderolabs/talos/0.3.1/docs/resources/machine_secrets) | resource |
| [aws_ami.talos](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ami) | data source |
@@ -42,29 +40,22 @@
| [talos_client_configuration.this](https://registry.terraform.io/providers/siderolabs/talos/0.3.1/docs/data-sources/client_configuration) | data source |
| [talos_cluster_kubeconfig.this](https://registry.terraform.io/providers/siderolabs/talos/0.3.1/docs/data-sources/cluster_kubeconfig) | data source |
| [talos_machine_configuration.controlplane](https://registry.terraform.io/providers/siderolabs/talos/0.3.1/docs/data-sources/machine_configuration) | data source |
-| [talos_machine_configuration.worker](https://registry.terraform.io/providers/siderolabs/talos/0.3.1/docs/data-sources/machine_configuration) | data source |
| [talos_machine_configuration.worker_group](https://registry.terraform.io/providers/siderolabs/talos/0.3.1/docs/data-sources/machine_configuration) | data source |
## Inputs
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
-| [ami\_id](#input\_ami\_id) | AMI ID to use for talos nodes, if not set the latest talos release ami id will be looked up | `string` | `""` | no |
| [ccm](#input\_ccm) | Whether to deploy aws cloud controller manager | `bool` | `false` | no |
| [cluster\_name](#input\_cluster\_name) | Name of cluster | `string` | `"talos-aws-example"` | no |
| [config\_patch\_files](#input\_config\_patch\_files) | Path to talos config path files that applies to all nodes | `list(string)` | `[]` | no |
-| [config\_patch\_files\_control\_plane](#input\_config\_patch\_files\_control\_plane) | Path to talos config path files that applies to all control plane nodes | `list(string)` | `[]` | no |
-| [config\_patch\_files\_worker](#input\_config\_patch\_files\_worker) | Path to talos config path files that applies to all worker nodes | `list(string)` | `[]` | no |
+| [control\_plane](#input\_control\_plane) | Info for control plane that will be created | object({
instance_type = optional(string, "c5.large")
ami_id = optional(string, null)
num_instances = optional(number, 3)
config_patch_files = optional(list(string), [])
tags = optional(map(string), {})
}) | `{}` | no |
| [extra\_tags](#input\_extra\_tags) | Extra tags to add to the cluster cloud resources | `map(string)` | `{}` | no |
-| [instance\_type\_control\_plane](#input\_instance\_type\_control\_plane) | Instance type to use for the control plane nodes | `string` | `"c5.large"` | no |
-| [instance\_type\_worker](#input\_instance\_type\_worker) | Instance type to use for the worker nodes | `string` | `"c5.large"` | no |
| [kubernetes\_api\_allowed\_cidr](#input\_kubernetes\_api\_allowed\_cidr) | The CIDR from which to allow to access the Kubernetes API | `string` | `"0.0.0.0/0"` | no |
| [kubernetes\_version](#input\_kubernetes\_version) | Kubernetes version to use for the cluster, if not set the k8s version shipped with the talos sdk version will be used | `string` | `null` | no |
-| [num\_control\_planes](#input\_num\_control\_planes) | Number of control plane nodes to create | `number` | `3` | no |
-| [num\_workers](#input\_num\_workers) | Number of worker nodes to create | `number` | `1` | no |
| [talos\_api\_allowed\_cidr](#input\_talos\_api\_allowed\_cidr) | The CIDR from which to allow to access the Talos API | `string` | `"0.0.0.0/0"` | no |
| [vpc\_cidr](#input\_vpc\_cidr) | The IPv4 CIDR block for the VPC. | `string` | `"172.16.0.0/16"` | no |
-| [worker\_groups](#input\_worker\_groups) | List of node worker node groups to create | list(object({
name = string
instance_type = string
ami_id = optional(string, null)
num_instances = optional(number, 1)
kubernetes_version = optional(string, null)
config_patch_files = optional(list(string), [])
tags = optional(map(string), {})
})) | `[]` | no |
+| [worker\_groups](#input\_worker\_groups) | List of node worker node groups to create | list(object({
name = string
instance_type = optional(string, "c5.large")
ami_id = optional(string, null)
num_instances = optional(number, 1)
config_patch_files = optional(list(string), [])
tags = optional(map(string), {})
})) | `[]` | no |
## Outputs
diff --git a/examples/terraform/aws/main.tf b/examples/terraform/aws/main.tf
index 6738126..f91b848 100644
--- a/examples/terraform/aws/main.tf
+++ b/examples/terraform/aws/main.tf
@@ -30,15 +30,9 @@ locals {
for path in var.config_patch_files : file(path)
]
- config_patches_controlplane = concat(
- [for path in var.config_patch_files_control_plane : file(path)],
- var.ccm ? [yamlencode(local.ccm_patch_cp)] : [],
- )
+ config_patches_controlplane = var.ccm ? [yamlencode(local.ccm_patch_cp)] : []
- config_patches_worker = concat(
- [for path in var.config_patch_files_worker : file(path)],
- var.ccm ? [yamlencode(local.ccm_patch_worker)] : [],
- )
+ config_patches_worker = var.ccm ? [yamlencode(local.ccm_patch_worker)] : []
cluster_required_tags = {
"kubernetes.io/cluster/${var.cluster_name}" = "owned"
@@ -141,7 +135,7 @@ module "elb_k8s_elb" {
timeout = 5
}
- number_of_instances = var.num_control_planes
+ number_of_instances = var.control_plane.num_instances
instances = module.talos_control_plane_nodes.*.id
}
@@ -261,12 +255,12 @@ module "talos_control_plane_nodes" {
source = "terraform-aws-modules/ec2-instance/aws"
version = "~> 4.0"
- count = var.num_control_planes
+ count = var.control_plane.num_instances
name = "${var.cluster_name}-control-plane-${count.index}"
- ami = var.ami_id == "" ? data.aws_ami.talos.id : var.ami_id
+ ami = var.control_plane.ami_id == null ? data.aws_ami.talos.id : var.control_plane.ami_id
monitoring = true
- instance_type = var.instance_type_control_plane
+ instance_type = var.control_plane.instance_type
subnet_id = element(module.vpc.public_subnets, count.index)
iam_role_use_name_prefix = false
create_iam_instance_profile = var.ccm ? true : false
@@ -284,33 +278,6 @@ module "talos_control_plane_nodes" {
]
}
-module "talos_worker_nodes" {
- source = "terraform-aws-modules/ec2-instance/aws"
- version = "~> 4.0"
-
- count = var.num_workers
-
- name = "${var.cluster_name}-worker-${count.index}"
- ami = var.ami_id == "" ? data.aws_ami.talos.id : var.ami_id
- monitoring = true
- instance_type = var.instance_type_worker
- subnet_id = element(module.vpc.public_subnets, count.index)
- iam_role_use_name_prefix = false
- create_iam_instance_profile = var.ccm ? true : false
- iam_role_policies = var.ccm ? {
- "${var.cluster_name}-worker-ccm-policy" : aws_iam_policy.worker_ccm_policy[0].arn,
- } : {}
- tags = merge(var.extra_tags, local.cluster_required_tags)
-
- vpc_security_group_ids = [module.cluster_sg.security_group_id]
-
- root_block_device = [
- {
- volume_size = 100
- }
- ]
-}
-
module "talos_worker_group" {
source = "terraform-aws-modules/ec2-instance/aws"
version = "~> 4.0"
@@ -318,7 +285,7 @@ module "talos_worker_group" {
for_each = merge([for info in var.worker_groups : { for index in range(0, info.num_instances) : "${info.name}.${index}" => info }]...)
name = "${var.cluster_name}-worker-group-${each.value.name}-${trimprefix(each.key, "${each.value.name}.")}"
- ami = each.value.ami_id == null ? (var.ami_id == "" ? data.aws_ami.talos.id : var.ami_id) : each.value.ami_id
+ ami = each.value.ami_id == null ? data.aws_ami.talos.id : each.value.ami_id
monitoring = true
instance_type = each.value.instance_type
subnet_id = element(module.vpc.public_subnets, tonumber(trimprefix(each.key, "${each.value.name}.")))
@@ -352,21 +319,7 @@ data "talos_machine_configuration" "controlplane" {
local.config_patches_common,
local.config_patches_controlplane,
[yamlencode(local.common_machine_config_patch)],
- )
-}
-
-data "talos_machine_configuration" "worker" {
- cluster_name = var.cluster_name
- cluster_endpoint = "https://${module.elb_k8s_elb.elb_dns_name}"
- machine_type = "worker"
- machine_secrets = talos_machine_secrets.this.machine_secrets
- kubernetes_version = var.kubernetes_version
- docs = false
- examples = false
- config_patches = concat(
- local.config_patches_common,
- local.config_patches_worker,
- [yamlencode(local.common_machine_config_patch)]
+ [for path in var.control_plane.config_patch_files : file(path)]
)
}
@@ -377,7 +330,7 @@ data "talos_machine_configuration" "worker_group" {
cluster_endpoint = "https://${module.elb_k8s_elb.elb_dns_name}"
machine_type = "worker"
machine_secrets = talos_machine_secrets.this.machine_secrets
- kubernetes_version = each.value.kubernetes_version == null ? var.kubernetes_version : each.value.kubernetes_version
+ kubernetes_version = var.kubernetes_version
docs = false
examples = false
config_patches = concat(
@@ -389,7 +342,7 @@ data "talos_machine_configuration" "worker_group" {
}
resource "talos_machine_configuration_apply" "controlplane" {
- count = var.num_control_planes
+ count = var.control_plane.num_instances
client_configuration = talos_machine_secrets.this.client_configuration
machine_configuration_input = data.talos_machine_configuration.controlplane.machine_configuration
@@ -397,15 +350,6 @@ resource "talos_machine_configuration_apply" "controlplane" {
node = module.talos_control_plane_nodes[count.index].private_ip
}
-resource "talos_machine_configuration_apply" "worker" {
- count = var.num_workers
-
- client_configuration = talos_machine_secrets.this.client_configuration
- machine_configuration_input = data.talos_machine_configuration.worker.machine_configuration
- endpoint = module.talos_worker_nodes[count.index].public_ip
- node = module.talos_worker_nodes[count.index].private_ip
-}
-
resource "talos_machine_configuration_apply" "worker_group" {
for_each = merge([for info in var.worker_groups : { for index in range(0, info.num_instances) : "${info.name}.${index}" => info }]...)
@@ -430,7 +374,6 @@ data "talos_client_configuration" "this" {
nodes = flatten(
[
module.talos_control_plane_nodes.*.private_ip,
- module.talos_worker_nodes.*.private_ip,
[for node in module.talos_worker_group : node.private_ip],
]
)
diff --git a/examples/terraform/aws/variables.tf b/examples/terraform/aws/variables.tf
index b524d64..965276e 100644
--- a/examples/terraform/aws/variables.tf
+++ b/examples/terraform/aws/variables.tf
@@ -4,40 +4,6 @@ variable "cluster_name" {
default = "talos-aws-example"
}
-variable "num_control_planes" {
- description = "Number of control plane nodes to create"
- type = number
- default = 3
-}
-
-variable "num_workers" {
- description = "Number of worker nodes to create"
- type = number
- default = 1
-}
-
-variable "ami_id" {
- description = "AMI ID to use for talos nodes, if not set the latest talos release ami id will be looked up"
- type = string
- default = ""
- validation {
- condition = length(var.ami_id) > 0 ? (length(var.ami_id) > 4 && substr(var.ami_id, 0, 4) == "ami-") : true
- error_message = "The image_id value must be a valid AMI id, starting with \"ami-\"."
- }
-}
-
-variable "instance_type_control_plane" {
- description = "Instance type to use for the control plane nodes"
- type = string
- default = "c5.large"
-}
-
-variable "instance_type_worker" {
- description = "Instance type to use for the worker nodes"
- type = string
- default = "c5.large"
-}
-
variable "ccm" {
description = "Whether to deploy aws cloud controller manager"
type = bool
@@ -50,17 +16,45 @@ variable "kubernetes_version" {
default = null
}
+variable "control_plane" {
+ description = "Info for control plane that will be created"
+ type = object({
+ instance_type = optional(string, "c5.large")
+ ami_id = optional(string, null)
+ num_instances = optional(number, 3)
+ config_patch_files = optional(list(string), [])
+ tags = optional(map(string), {})
+ })
+
+ validation {
+ condition = var.control_plane.ami_id != null ? (length(var.control_plane.ami_id) > 4 && substr(var.control_plane.ami_id, 0, 4) == "ami-") : true
+ error_message = "The ami_id value must be a valid AMI id, starting with \"ami-\"."
+ }
+
+ default = {}
+}
+
variable "worker_groups" {
description = "List of node worker node groups to create"
type = list(object({
name = string
- instance_type = string
+ instance_type = optional(string, "c5.large")
ami_id = optional(string, null)
num_instances = optional(number, 1)
- kubernetes_version = optional(string, null)
config_patch_files = optional(list(string), [])
tags = optional(map(string), {})
}))
+
+ validation {
+ condition = (
+ alltrue([
+ for wg in var.worker_groups : (
+ wg.ami_id != null ? (length(wg.ami_id) > 4 && substr(wg.ami_id, 0, 4) == "ami-") : true
+ )
+ ])
+ )
+ error_message = "The ami_id value must be a valid AMI id, starting with \"ami-\"."
+ }
default = []
}
@@ -93,15 +87,3 @@ variable "config_patch_files" {
type = list(string)
default = []
}
-
-variable "config_patch_files_control_plane" {
- description = "Path to talos config path files that applies to all control plane nodes"
- type = list(string)
- default = []
-}
-
-variable "config_patch_files_worker" {
- description = "Path to talos config path files that applies to all worker nodes"
- type = list(string)
- default = []
-}