From fedc681c588dcfee6e07395696cc7e0767ef52eb Mon Sep 17 00:00:00 2001 From: He Guimin Date: Tue, 3 Dec 2019 19:13:11 +0800 Subject: [PATCH] add kube config and other certificate path parameters --- CHANGELOG.md | 8 +++++++- README.md | 20 +++++++++++++++++++- main.tf | 5 +++++ variables.tf | 19 ++++++++++++++++++- 4 files changed, 49 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index b905ac8..cd3ba96 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,4 +1,10 @@ -## 1.2.0 (Unreleased) +## 1.3.0 (Unreleased) +## 1.2.0 (December 3, 2019) + +IMPROVEMENTS: + +- add kube config and other certificate path parameters [GH-6](https://github.com/terraform-alicloud-modules/terraform-alicloud-managed-kubernetes/pull/6) + ## 1.1.0 (December 3, 2019) BUG FIXES: diff --git a/README.md b/README.md index 5afa871..fcb1468 100644 --- a/README.md +++ b/README.md @@ -70,10 +70,24 @@ This moudle can set [sls project](https://www.terraform.io/docs/providers/aliclo ``` 1. Using existing sls project with `sls_project_name`: - ```hcl + ```hcl-terraform sls_project_name = "Your-sls-project-name" ``` +If you want to store kube config and other certificates after the cluster created, you can set the following parameters: + +1. Store kube config with `kube_config_path`: + ```hcl-terraform + kube_config_path = "/home/xxx/.kube/config" + ``` + +1. Store more certificates`: + ```hcl-terraform + client_cert_path = "/home/xxx/.kube/client-cert.pem" + client_key_path = "/home/xxx/.kube/client-key.pem" + cluster_ca_cert_path = "/home/xxx/.kube/cluster-ca-cert.pem" + ``` + ## Inputs | Name | Description | Type | Default | Required | @@ -102,6 +116,10 @@ This moudle can set [sls project](https://www.terraform.io/docs/providers/aliclo | cluster_network_type | Network type, valid options are `flannel` and `terway` | string | "flannel" | no | | new_sls_project | Create a new sls project for this module | bool | false | no | | sls_project_name | Specify a existing sls project for this module | string | "" | no | +| kube_config_path | The path of kube config, like ~/.kube/config | string | "" | no | +| client_cert_path | The path of client certificate, like ~/.kube/client-cert.pem | string | "" | no | +| client_key_path | The path of client key, like ~/.kube/client-key.pem | string | "" | no | +| cluster_ca_cert_path | The path of cluster ca certificate, like ~/.kube/cluster-ca-cert.pem | string | "" | no | ## Outputs diff --git a/main.tf b/main.tf index 15a2e8e..dd1cea7 100644 --- a/main.tf +++ b/main.tf @@ -33,5 +33,10 @@ resource "alicloud_cs_managed_kubernetes" "this" { type = "SLS" project = local.sls_project == "" ? null : local.sls_project } + kube_config = var.kube_config_path + client_cert = var.client_cert_path + client_key = var.client_key_path + cluster_ca_cert = var.cluster_ca_cert_path + depends_on = [alicloud_snat_entry.new] } \ No newline at end of file diff --git a/variables.tf b/variables.tf index 827f437..d8594ea 100644 --- a/variables.tf +++ b/variables.tf @@ -86,7 +86,7 @@ variable "worker_disk_size" { } variable "ecs_password" { - description = "The password of work nodes." + description = "The password of worker nodes." default = "Abc12345" } @@ -123,4 +123,21 @@ variable "new_sls_project" { variable "sls_project_name" { description = "Specify a existing sls project for this module." default = "" +} + +variable "kube_config_path" { + description = "The path of kube config, like ~/.kube/config" + default = "" +} +variable "client_cert_path" { + description = "The path of client certificate, like ~/.kube/client-cert.pem" + default = "" +} +variable "client_key_path" { + description = "The path of client key, like ~/.kube/client-key.pem" + default = "" +} +variable "cluster_ca_cert_path" { + description = "The path of cluster ca certificate, like ~/.kube/cluster-ca-cert.pem" + default = "" } \ No newline at end of file