Skip to content
This repository was archived by the owner on Feb 5, 2020. It is now read-only.
This repository was archived by the owner on Feb 5, 2020. It is now read-only.

Running only master in public subnet #19

Open
Open
Running only master in public subnet#19
@rohit-zabbed

Description

@rohit-zabbed
rohit-zabbed
opened on Feb 25, 2018

Trying to customise the setup , to separate master and workers in different subnets(public & private),
need workers to communicate using nat gateway, with below tf script

provider "aws" {
  region = "${var.aws_region}"
}

resource "aws_eip" "nat" {
  count = 1
  vpc = true
}

resource "aws_default_security_group" "default" {
  vpc_id = "${module.vpc.vpc_id}"

  ingress {
    from_port = 8
    to_port = 0
    protocol = "icmp"
    cidr_blocks = [
      "0.0.0.0/0"]
  }
}

module "vpc" {
  source = "terraform-aws-modules/vpc/aws"
  name = "${var.tectonic_cluster_name}"
  cidr = "${var.vpc_cidr}"
  azs = [
    "us-west-1a"]
  public_subnets = [
    "10.10.11.0/24"]
  private_subnets = [
    "10.10.1.0/24"]
  database_subnets = [
    "10.10.21.0/24"]
  elasticache_subnets = [
    "10.10.31.0/24"]
  enable_nat_gateway = true
  single_nat_gateway = true
  reuse_nat_ips = true
  external_nat_ip_ids = [
    "${aws_eip.nat.*.id}"]
  enable_vpn_gateway = false
  create_database_subnet_group = true

  tags = "${var.tags}"

  private_subnet_tags = {
    "kubernetes.io/cluster/${var.tectonic_cluster_name}" = "shared"
    Owner = "rohit"
    Environment = "${var.tectonic_cluster_name}"
    Name = "${var.tectonic_cluster_name}"
  }

  database_subnet_tags = {
    Owner = "rohit"
    Environment = "${var.tectonic_cluster_name}"
    Name = "${var.tectonic_cluster_name}"
  }

  elasticache_subnet_tags = {
    Owner = "rohit"
    Environment = "${var.tectonic_cluster_name}"
    Name = "${var.tectonic_cluster_name}"
  }
}

module "kubernetes" {
  source = "coreos/kubernetes/aws"
  tectonic_aws_assets_s3_bucket_name = "tectonic-cf"

  tectonic_aws_region = "${var.aws_region}"
  tectonic_aws_ssh_key = "itops"
  tectonic_aws_vpc_cidr_block = "${var.vpc_cidr}"
  tectonic_aws_public_endpoints = true
  tectonic_base_domain = "${var.tectonic_base_domain}"
  tectonic_cluster_name = "${var.tectonic_cluster_name}"
  tectonic_container_linux_version = "latest"
  tectonic_license_path = "/Users/rverma/dev/tectonic/tectonic-license.txt"
  tectonic_pull_secret_path = "/Users/rverma/dev/tectonic/config.json"
  tectonic_networking = "flannel"
  tectonic_tls_validity_period = "26280"
  tectonic_vanilla_k8s = false
  tectonic_admin_email = "${var.tectonic_admin_email}"
  tectonic_admin_password = "${var.tectonic_admin_password}"

  tectonic_aws_external_vpc_id = "${module.vpc.vpc_id}"
  tectonic_aws_external_private_zone = "***"
  // tectonic_ca_cert = ""
  // tectonic_ca_key = ""
  // tectonic_ca_key_alg = "RSA"

  tectonic_etcd_count = "0"
  tectonic_aws_etcd_ec2_type = "${var.master_instance_type}"
  tectonic_aws_etcd_root_volume_iops = "100"
  tectonic_aws_etcd_root_volume_size = "30"
  tectonic_aws_etcd_root_volume_type = "gp2"

  tectonic_master_count = "1"
  tectonic_aws_master_ec2_type = "${var.master_instance_type}"
  tectonic_aws_external_master_subnet_ids = "${module.vpc.public_subnets}"
  tectonic_aws_master_root_volume_iops = "100"
  tectonic_aws_master_root_volume_size = "30"
  tectonic_aws_master_root_volume_type = "gp2"

  tectonic_worker_count = "${var.min_worker_count}"
  tectonic_aws_external_worker_subnet_ids = "${module.vpc.private_subnets}"
  tectonic_aws_worker_ec2_type = "${var.worker_instance_type}"
  tectonic_aws_worker_root_volume_iops = "100"
  tectonic_aws_worker_root_volume_size = "30"
  tectonic_aws_worker_root_volume_type = "gp2"
}

Getting warnings as

Warning: output "etcd_sg_id": must use splat syntax to access aws_security_group.etcd attribute "id", because it has "count" set; use aws_security_group.etcd.*.id to obtain a list of the attributes across all instances
Warning: output "aws_api_external_dns_name": must use splat syntax to access aws_elb.api_external attribute "dns_name", because it has "count" set; use aws_elb.api_external.*.dns_name to obtain a list of the attributes across all instances
Warning: output "aws_elb_api_external_zone_id": must use splat syntax to access aws_elb.api_external attribute "zone_id", because it has "count" set; use aws_elb.api_external.*.zone_id to obtain a list of the attributes across all instances
Warning: output "aws_api_internal_dns_name": must use splat syntax to access aws_elb.api_internal attribute "dns_name", because it has "count" set; use aws_elb.api_internal.*.dns_name to obtain a list of the attributes across all instances
Warning: output "aws_elb_api_internal_zone_id": must use splat syntax to access aws_elb.api_internal attribute "zone_id", because it has "count" set; use aws_elb.api_internal.*.zone_id to obtain a list of the attributes across all instances

And Exceptions as

module.kubernetes.module.vpc.data.aws_subnet.external_worker: data.aws_subnet.external_worker: value of 'count' cannot be computed
module.kubernetes.module.vpc.data.aws_subnet.external_master: data.aws_subnet.external_master: value of 'count' cannot be computed

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions