From 38fa7dff1abaa6dec85ceb79bb7c8a6c9350533a Mon Sep 17 00:00:00 2001 From: Dalton Hubble Date: Sun, 14 Jan 2018 12:36:40 -0800 Subject: [PATCH] Create separate bare-metal container-linux-install profiles * Create separate container-linux-install profiles (and cached-container-linux-install) for each node in a cluster * Fix contention bug on bare-metal during `terraform apply`. With only a global install profile, terraform would create (or retain) the profile for each cluster and try to delete it for each cluster being deleted. As a result, in some cases apply had to be run multiple times before terraform's repr of constraints was satisfied (profile deleted and recreated) * Allow Container Linux install properties to vary between clusters, such as using a different Container Linux channel or version for different clusters --- CHANGES.md | 6 ++++++ .../container-linux/kubernetes/groups.tf | 2 +- .../container-linux/kubernetes/profiles.tf | 20 +++++++++++++------ 3 files changed, 21 insertions(+), 7 deletions(-) diff --git a/CHANGES.md b/CHANGES.md index a96770394..79feca6ef 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -12,6 +12,12 @@ Notable changes between versions. * Update kube-dns from v1.14.7 to v1.14.8 * Use separate service account for kube-dns +#### Bare-Metal + +* Use per-node Container Linux install profiles ([#97](https://github.com/poseidon/typhoon/pull/97)) + * Allow Container Linux channel/version to be chosen per-cluster + * Fix issue where cluster deletion could require `terraform apply` multiple times + ## v1.9.1 * Kubernetes [v1.9.1](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.9.md#v191) diff --git a/bare-metal/container-linux/kubernetes/groups.tf b/bare-metal/container-linux/kubernetes/groups.tf index f6e68db54..cdc66eda9 100644 --- a/bare-metal/container-linux/kubernetes/groups.tf +++ b/bare-metal/container-linux/kubernetes/groups.tf @@ -3,7 +3,7 @@ resource "matchbox_group" "container-linux-install" { count = "${length(var.controller_names) + length(var.worker_names)}" name = "${format("container-linux-install-%s", element(concat(var.controller_names, var.worker_names), count.index))}" - profile = "${var.cached_install == "true" ? matchbox_profile.cached-container-linux-install.name : matchbox_profile.container-linux-install.name}" + profile = "${var.cached_install == "true" ? element(matchbox_profile.cached-container-linux-install.*.name, count.index) : element(matchbox_profile.container-linux-install.*.name, count.index)}" selector { mac = "${element(concat(var.controller_macs, var.worker_macs), count.index)}" diff --git a/bare-metal/container-linux/kubernetes/profiles.tf b/bare-metal/container-linux/kubernetes/profiles.tf index d43478a05..cdcadf2ec 100644 --- a/bare-metal/container-linux/kubernetes/profiles.tf +++ b/bare-metal/container-linux/kubernetes/profiles.tf @@ -1,6 +1,8 @@ // Container Linux Install profile (from release.core-os.net) resource "matchbox_profile" "container-linux-install" { - name = "container-linux-install" + count = "${length(var.controller_names) + length(var.worker_names)}" + name = "${format("%s-container-linux-install-%s", var.cluster_name, element(concat(var.controller_names, var.worker_names), count.index))}" + kernel = "http://${var.container_linux_channel}.release.core-os.net/amd64-usr/${var.container_linux_version}/coreos_production_pxe.vmlinuz" initrd = [ @@ -16,10 +18,12 @@ resource "matchbox_profile" "container-linux-install" { "${var.kernel_args}", ] - container_linux_config = "${data.template_file.container-linux-install-config.rendered}" + container_linux_config = "${element(data.template_file.container-linux-install-configs.*.rendered, count.index)}" } -data "template_file" "container-linux-install-config" { +data "template_file" "container-linux-install-configs" { + count = "${length(var.controller_names) + length(var.worker_names)}" + template = "${file("${path.module}/cl/container-linux-install.yaml.tmpl")}" vars { @@ -37,7 +41,9 @@ data "template_file" "container-linux-install-config" { // Container Linux Install profile (from matchbox /assets cache) // Note: Admin must have downloaded container_linux_version into matchbox assets. resource "matchbox_profile" "cached-container-linux-install" { - name = "cached-container-linux-install" + count = "${length(var.controller_names) + length(var.worker_names)}" + name = "${format("%s-cached-container-linux-install-%s", var.cluster_name, element(concat(var.controller_names, var.worker_names), count.index))}" + kernel = "/assets/coreos/${var.container_linux_version}/coreos_production_pxe.vmlinuz" initrd = [ @@ -53,10 +59,12 @@ resource "matchbox_profile" "cached-container-linux-install" { "${var.kernel_args}", ] - container_linux_config = "${data.template_file.cached-container-linux-install-config.rendered}" + container_linux_config = "${element(data.template_file.cached-container-linux-install-configs.*.rendered, count.index)}" } -data "template_file" "cached-container-linux-install-config" { +data "template_file" "cached-container-linux-install-configs" { + count = "${length(var.controller_names) + length(var.worker_names)}" + template = "${file("${path.module}/cl/container-linux-install.yaml.tmpl")}" vars {