Skip to content
This repository has been archived by the owner on Mar 20, 2023. It is now read-only.

cilium/openshift-terraform-upi

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

OpenShift UPI Terraform module for Cilium

Warning This repository has been deprecated. It is being actively maintained by Isovalent now.

This module deploys OpenShift using the official CloudFomation examples for AWS & GCP.

The aim it to delploy CloudFomation & Deployment Manager templates from the OpenShift installer repo, without having to fork them and without manually translating them to Terraform.

This modules largely relies on aws_cloudformation_stack & google_deployment_manager_deployment, with additional resources managed by Terraform directly (e.g. AWS VPC Endpoint for S3, ingress rules for Cilium ports, GCP DNS zone).

The openshift-install binary is downlaoded at runtime (based on openshift_version and openshift_distro parameters, it is used for generating Ignition conigs and manifests.

Cilium manifests are sourced from Cilium OLM repo.

For up-to-date list of input parameters see variables.tf in each variant.

Cannonical outputs cluster_name and cluster_kubeconfig are exported by each variant.

Usage

This module can be used as any other Terraform module.

However, there are a few convenient scripts provided for certain use-cases.

  • dev-scripts directory contains simple shell wrappers (more below)
  • tfc-scripts directory contains shell wrappers for use with Isovalent internal Terraform controller

Using dev-scripts/create-cluster.sh

This script simplifies the setup of module parameters, it runs terraform apply, waits for cluster to become ready and extracts kubeconfig file.

Note: you probably want use latest OpenShift patch release version, to do that you can visit the following links:

Basic usage:

export AWS_DEFAULT_REGION=<...> AWS_ACCESS_KEY_ID=<...> AWS_SECRET_ACCESS_KEY=<...>
./dev-scripts/create-cluster.sh ilya-test-1 aws ocp 4.6.18 1.10.3

Setting custom Helm values for images and enabling KPR:

cat > custom-params-1.tf <<EOF
cilium_olm_rev = "master"

without_kube_proxy = true

custom_cilium_config_values = {
  image = {
    repository = "quay.io/cilium/cilium-ci"
    tag = "d42f456cde20"
    digest = "sha256:c027fdfdc9272490ae5c03b063af27e0546be5724ea1998913d0a4f58eff7970"
  }
  operator = {
    image = {
      repository = "quay.io/cilium/operator-generic-ci"
      tag = "b5285a179808"
      genericDigest = "sha256:20b94bc8c4c098834f145bd761f0c9e5d62d3b536f59d116637edc4c0e6a8427"
    }
  }
}
EOF
./dev-scripts/create-cluster.sh ilya-test-2-kpr aws ocp 4.6.18 1.10.3 custom-params-1.tf

Using GCP instead of AWS:

export GCP_PROJECT=<...> GCP_REGION=<...> GOOGLE_CREDENTIALS=service_account.json
./dev-scripts/create-cluster.sh ilya-test-3-gcp gcp ocp 4.6.18 1.10.3

Using dev-scripts/delete-cluster.sh

This script simply deletes the cluster and all local state files associated with it.

./dev-scripts/create-cluster.sh ilya-test-1 aws

About

No description, website, or topics provided.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published