Like for any Kubestack upgrade, update the version of your cluster module(s) and the image tag in the Dockerfiles. This is required to deprovision the previous Nginx ingress resources for all three providers. For AKS and GKE it additionally provides the reserved IP as an output of the cluster module. This output is used in the Nginx ingress cluster-servide-module's loadBalancerIP patch.
-
Define the Kustomization provider as a required provider in
versions.tfterraform { required_providers { kustomization = { source = "kbst/kustomization" } } required_version = ">= 0.15" }
-
Create an aliased Kustomization provider configured using the cluster-module's kubeconfig output in
providers.tfprovider "kustomization" { alias = "aks_zero" kubeconfig_raw = module.aks_zero.kubeconfig }
-
Call the nginx ingress cluster-service-module, inject the alias provider and patch the
loadBalancerIPafter the cluster-module inclusters.tfmodule "aks_zero_nginx" { providers = { kustomization = kustomization.aks_zero } source = "kbst.xyz/catalog/nginx/kustomization" version = "0.46.0-kbst.1" configuration = { apps = { patches = [{ patch = <<-EOF apiVersion: v1 kind: Service metadata: name: ingress-nginx-controller namespace: ingress-nginx spec: loadBalancerIP: ${module.aks_zero.default_ingress_ip} EOF }] } ops = {} loc = {} } }
-
Define the Kustomization and Kuberentes providers as a required provider in
versions.tfterraform { required_providers { kubernetes = { source = "hashicorp/kubernetes" } kustomization = { source = "kbst/kustomization" } } required_version = ">= 0.15" }
-
Create aliased Kustomization and Kubernetes providers configured using the cluster-module's kubeconfig output in
providers.tfprovider "kustomization" { alias = "eks_zero" kubeconfig_raw = module.eks_zero.kubeconfig } locals { eks_zero_kubeconfig = yamldecode(module.eks_zero.kubeconfig) } provider "kubernetes" { alias = "eks_zero" host = local.eks_zero_kubeconfig["clusters"][0]["cluster"]["server"] cluster_ca_certificate = base64decode(local.eks_zero_kubeconfig["clusters"][0]["cluster"]["certificate-authority-data"]) exec { api_version = local.eks_zero_kubeconfig["users"][0]["user"]["exec"]["apiVersion"] args = local.eks_zero_kubeconfig["users"][0]["user"]["exec"]["args"] command = local.eks_zero_kubeconfig["users"][0]["user"]["exec"]["command"] } }
-
Call the nginx ingress cluster-service-module, and the cluster/elb-dns module to set up DNS after the cluster-module in
clusters.tfmodule "eks_zero_nginx" { providers = { kustomization = kustomization.eks_zero } source = "kbst.xyz/catalog/nginx/kustomization" version = "0.46.0-kbst.1" configuration = { apps = {} ops = {} loc = {} } } module "eks_zero_dns_zone" { providers = { aws = aws.eks_zero kubernetes = kubernetes.eks_zero } source = "github.com/kbst/terraform-kubestack//aws/cluster/elb-dns?ref=3a249aeecf0ea35f162e9ea029a3916687510b30" ingress_service_name = "ingress-nginx-controller" ingress_service_namespace = "ingress-nginx" metadata_fqdn = module.eks_zero.current_metadata["fqdn"] depends_on = [module.eks_zero, module.eks_zero_nginx] }
-
Define the Kustomization provider as a required provider in
versions.tfterraform { required_providers { kustomization = { source = "kbst/kustomization" } } required_version = ">= 0.15" }
-
Create an aliased Kustomization provider configured using the cluster-module's kubeconfig output in
providers.tfprovider "kustomization" { alias = "gke_zero" kubeconfig_raw = module.gke_zero.kubeconfig }
-
Call the nginx ingress cluster-service-module, inject the alias provider and patch the
loadBalancerIPafter the cluster-module inclusters.tfmodule "gke_zero_nginx" { providers = { kustomization = kustomization.gke_zero } source = "kbst.xyz/catalog/nginx/kustomization" version = "0.46.0-kbst.1" configuration = { apps = { patches = [{ patch = <<-EOF apiVersion: v1 kind: Service metadata: name: ingress-nginx-controller namespace: ingress-nginx spec: loadBalancerIP: ${module.gke_zero.default_ingress_ip} EOF }] } ops = {} loc = {} } }