-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathcni.tf
55 lines (53 loc) · 1.55 KB
/
cni.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
resource "local_file" "cni-bridge-conf" {
count = var.worker_count
filename = "${path.root}/cni/worker-${count.index}_10-bridge.conf"
file_permission = "0660"
content = <<-EOF
{
"cniVersion": "0.4.0",
"name": "bridge",
"type": "bridge",
"bridge": "cnio0",
"isGateway": true,
"ipMasq": true,
"ipam": {
"type": "host-local",
"ranges": [
[{"subnet": "10.200.${count.index}.0/24"}]
],
"routes": [{"dst": "0.0.0.0/0"}]
}
}
EOF
}
resource "shell_script" "cni-bin" {
lifecycle_commands {
create = <<-EOF
mkdir -p bin/cni
wget -q --https-only --timestamping "https://github.com/containernetworking/plugins/releases/download/v0.9.1/cni-plugins-linux-amd64-v0.9.1.tgz" -O cni.tgz
tar -xvf cni.tgz -C bin/cni
rm -f cni.tgz
EOF
read = <<-EOF
echo "{\"md5\": \"$(md5sum bin/cni/*|base64)\"}"
EOF
delete = "rm -rf bin/cni"
}
}
resource "shell_script" "cni-playbook" {
lifecycle_commands {
create = <<-EOF
ANSIBLE_CONFIG=ansible.cfg ansible-playbook cni/playbook.yaml
EOF
update = <<-EOF
ANSIBLE_CONFIG=ansible.cfg ansible-playbook cni/playbook.yaml
EOF
read = <<-EOF
echo "{\"file\": \"$(cat cni/playbook.yaml|base64)\",
\"check\": \"$(ANSIBLE_CONFIG=ansible.cfg ansible-playbook --check cni/playbook.yaml|base64)\"
}"
EOF
delete = ""
}
depends_on = [shell_script.workers-playbook, shell_script.cni-bin, local_file.cni-bridge-conf]
}