viktor/infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

add mysql cluster [ci skip]

Browse source
This commit is contained in:
viktorbarzin 2021-05-03 14:59:17 +01:00
parent 661b49a7d3
commit cff72b036a
7 changed files with 153 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

3
main.tf
View file

@ -69,6 +69,9 @@ provider "helm" {
} }
} }
# provider "kubectl" { # provider "kubectl" {
# config_path = var.prod ? "" : "~/.kube/config"
# }
# provider "kubectl" {
# host = "kubernetes.viktorbarzin.lan" # host = "kubernetes.viktorbarzin.lan"
# cluster_ca_certificate = base64decode(var.eks_cluster_ca) # cluster_ca_certificate = base64decode(var.eks_cluster_ca)
# token = data.aws_eks_cluster_auth.main.token # token = data.aws_eks_cluster_auth.main.token

141
modules/kubernetes/dbaas/main.tf
View file

@ -1,5 +1,8 @@
# DB as a service. Installs MySQL operator # DB as a service. Installs MySQL operator
variable "tls_secret_name" {} variable "tls_secret_name" {}
variable "cluster_master_service" {
default = "mysql-cluster-mysql-master"
}
resource "kubernetes_namespace" "dbaas" { resource "kubernetes_namespace" "dbaas" {
metadata { metadata {
@ -72,10 +75,144 @@ resource "kubernetes_secret" "cluster-password" {
} }
type = "Opaque" type = "Opaque"
data = { data = {
"ROOT_PASSWORD" = "kek" "ROOT_PASSWORD" = "a2VrCg=="
} }
} }
# resource "kubernetes_manifest" "mysql-cluster" {
resource "kubernetes_ingress" "dbaas" {
metadata {
name = "orchestrator-ingress"
namespace = "dbaas"
annotations = {
"kubernetes.io/ingress.class" = "nginx"
"nginx.ingress.kubernetes.io/auth-tls-verify-client" = "on"
"nginx.ingress.kubernetes.io/auth-tls-secret" = "default/ca-secret"
}
}
spec {
tls {
hosts = ["db.viktorbarzin.me"]
secret_name = var.tls_secret_name
}
rule {
host = "db.viktorbarzin.me"
http {
path {
path = "/"
backend {
service_name = "mysql-mysql-operator"
service_port = "80"
}
}
}
}
}
}
# PHPMyAdmin instance
resource "kubernetes_deployment" "phpmyadmin" {
metadata {
name = "phpmyadmin"
namespace = "dbaas"
labels = {
"app" = "phpmyadmin"
}
}
spec {
replicas = "1"
selector {
match_labels = {
"app" = "phpmyadmin"
}
}
template {
metadata {
labels = {
"app" = "phpmyadmin"
}
}
spec {
container {
name = "phpmyadmin"
image = "phpmyadmin/phpmyadmin"
port {
container_port = 80
}
env {
name = "PMA_HOST"
value = var.cluster_master_service
}
env {
name = "PMA_PORT"
value = "3306"
}
env {
name = "MYSQL_ROOT_PASSWORD"
value_from {
secret_key_ref {
name = "cluster-secret"
key = "ROOT_PASSWORD"
}
}
}
}
}
}
}
}
resource "kubernetes_service" "phpmyadmin" {
metadata {
name = "phpmyadmin"
namespace = "dbaas"
}
spec {
selector = {
"app" = "phpmyadmin"
}
port {
name = "web"
port = 80
}
}
}
resource "kubernetes_ingress" "phpmyadmin" {
metadata {
name = "phpmyadmin-ingress"
namespace = "dbaas"
annotations = {
"kubernetes.io/ingress.class" = "nginx"
"nginx.ingress.kubernetes.io/auth-tls-verify-client" = "on"
"nginx.ingress.kubernetes.io/auth-tls-secret" = "default/ca-secret"
}
}
spec {
tls {
hosts = ["pma.viktorbarzin.me"]
secret_name = var.tls_secret_name
}
rule {
host = "pma.viktorbarzin.me"
http {
path {
path = "/"
backend {
service_name = "phpmyadmin"
service_port = "80"
}
}
}
}
}
}
# resource "kubectl_manifest" "mysql-cluster" {
# manifest = { # manifest = {
# apiVersion = "mysql.presslabs.org/v1alpha1" # apiVersion = "mysql.presslabs.org/v1alpha1"
# kind = "MysqlCluster" # kind = "MysqlCluster"

4
modules/kubernetes/dbaas/mysql_chart_values.yaml
View file

@ -3,11 +3,11 @@ orchestrator:
persistence: persistence:
enabled: false enabled: false
ingress: ingress:
enabled: true enable: false
hosts: hosts:
- host: db.viktorbarzin.me - host: db.viktorbarzin.me
paths: paths:
# - path: / - path: /
tls: tls:
- secretName: ${secretName} - secretName: ${secretName}
hosts: hosts:

8
modules/kubernetes/main.tf
View file

@ -49,10 +49,10 @@ module "bind" {
named_conf_options = var.bind_named_conf_options named_conf_options = var.bind_named_conf_options
} }
# module "dbaas" { module "dbaas" {
# source = "./dbaas" source = "./dbaas"
# tls_secret_name = var.tls_secret_name tls_secret_name = var.tls_secret_name
# } }
module "descheduler" { module "descheduler" {
source = "./descheduler" source = "./descheduler"

4
modules/kubernetes/versions.tf
View file

@ -3,6 +3,10 @@ terraform {
kubernetes = { kubernetes = {
source = "hashicorp/kubernetes" source = "hashicorp/kubernetes"
} }
# kubectl = {
# source = "gavinbunney/kubectl"
# version = ">= 1.10.0"
# }
} }
required_version = ">= 0.13" required_version = ">= 0.13"
} }

BIN
terraform.tfvars
View file

Binary file not shown.

2
versions.tf
View file

@ -5,7 +5,7 @@ terraform {
} }
# kubectl = { # kubectl = {
# source = "gavinbunney/kubectl" # source = "gavinbunney/kubectl"
# version = ">= 1.7.0" # version = ">= 1.10.0"
# } # }
} }
required_version = ">= 0.13" required_version = ">= 0.13"