Fast and dirty MetalLB for Kubernetes with Terraform

metallb-k8s.tf

# Input 

# local.kube_config_path - path to kubeconfig.yml
# local.external_ips - list of external ips

# Providers

terraform {
  required_providers {
    kubernetes = {
      source = "hashicorp/kubernetes"
      version = "2.0.2"
    }
    
    kubectl = {
      source = "gavinbunney/kubectl"
      version = "1.10.0"
    }
    
    http = {
      source = "hashicorp/http"
      version = "2.1.0"
    }
  }
}

provider "kubernetes" {
  config_path = local.kube_config_path
}

provider "kubectl" {
  config_path = local.kube_config_path
}

    
# MetalLB config

resource "kubernetes_namespace" "metallb" {
  metadata {
    name = "metallb-system"
  }
}

resource "kubernetes_config_map" "metallb_config" {
  metadata {
    namespace = kubernetes_namespace.metallb.metadata[0].name
    name = "config"
  }
  data = {
    config = <<YAML
address-pools:
- name: custom-ip-space
  protocol: layer2
  addresses:
%{ for addr in toset(local.external_ips) ~}
  - ${addr}/32
%{ endfor ~}
YAML
  }
}

resource "random_id" "metallb_memberlist" {
  byte_length = 128
}

resource "kubernetes_secret" "metallb_memberlist" {
  metadata {
    name = "memberlist"
    namespace = kubernetes_namespace.metallb.metadata[0].name
  }
  data = {
    secretkey = random_id.metallb_memberlist.b64_std
  }
}

data "http" "metallb" {
  url = "https://raw.githubusercontent.com/metallb/metallb/v0.9.5/manifests/metallb.yaml"
}

data "kubectl_file_documents" "metallb" {
  content = data.http.metallb.body
}

resource "kubectl_manifest" "metallb" {
  depends_on = [
    kubernetes_secret.metallb_memberlist,
    kubernetes_config_map.metallb_config
  ]
  count     = length(data.kubectl_file_documents.metallb.documents)
  yaml_body = element(data.kubectl_file_documents.metallb.documents, count.index)
}