diff --git a/gateway/0-gateway-versions.tf b/gateway/0-gateway-versions.tf
new file mode 100644
index 0000000000000000000000000000000000000000..7b1a3482b5d2b2989bd8c3ee9f6854f50f72bb20
--- /dev/null
+++ b/gateway/0-gateway-versions.tf
@@ -0,0 +1,9 @@
+terraform {
+ required_version = ">= 1.0"
+ required_providers {
+ ovh = {
+ source = "ovh/ovh"
+ version = "~>0.40"
+ }
+ }
+}
diff --git a/gateway/1-gateway.tf b/gateway/1-gateway.tf
new file mode 100644
index 0000000000000000000000000000000000000000..47f151f1b8c7714a59467e37a2b00b0882e2321e
--- /dev/null
+++ b/gateway/1-gateway.tf
@@ -0,0 +1,8 @@
+resource "ovh_cloud_project_gateway" "this" {
+ service_name = var.service-name
+ name = var.gateway-name
+ model = var.gateway-model
+ region = var.gateway-region
+ network_id = var.gateway-network-private-openstackid
+ subnet_id = var.gateway-network-private-subnet-id
+}
diff --git a/gateway/2-gateway-variables.tf b/gateway/2-gateway-variables.tf
new file mode 100644
index 0000000000000000000000000000000000000000..a454803a9e341a14f7dc2bbf4bacf067809762dc
--- /dev/null
+++ b/gateway/2-gateway-variables.tf
@@ -0,0 +1,29 @@
+variable "service-name" {
+ description = "Project ID"
+ type = string
+}
+
+variable "gateway-name" {
+ description = "Name of the gateway"
+ type = string
+}
+
+variable "gateway-model" {
+ description = "Model of the gateway"
+ type = string
+}
+
+variable "gateway-region" {
+ description = "Gateway region as an ouput of network region"
+ type = string
+}
+
+variable "gateway-network-private-openstackid" {
+ description = "Gateway region as an output of network private openstackid"
+ type = string
+}
+
+variable "gateway-network-private-subnet-id" {
+ description = "Output of network subnet id"
+ type = string
+}
diff --git a/helm/0-helm-versions.tf b/helm/0-helm-versions.tf
new file mode 100644
index 0000000000000000000000000000000000000000..79b64a5a64c7bf7b5083d2fdf7d3c29dc326c5dc
--- /dev/null
+++ b/helm/0-helm-versions.tf
@@ -0,0 +1,13 @@
+terraform {
+ required_version = ">= 1.0"
+ required_providers {
+ helm = {
+ source = "hashicorp/helm"
+ version = "~>2.0"
+ }
+ ovh = {
+ source = "ovh/ovh"
+ version = "~>0.40"
+ }
+ }
+}
diff --git a/helm/1-helm-provider.tf b/helm/1-helm-provider.tf
new file mode 100644
index 0000000000000000000000000000000000000000..37dfbc4dfe9a3d6fff573c49c8a41d6219d9e46b
--- /dev/null
+++ b/helm/1-helm-provider.tf
@@ -0,0 +1,8 @@
+provider "helm" {
+ kubernetes {
+ host = var.helm-host
+ client_certificate = var.helm-client-certificate
+ client_key = var.helm-client-key
+ cluster_ca_certificate = var.helm-client-ca-certificate
+ }
+}
diff --git a/helm/2-helm-release.tf b/helm/2-helm-release.tf
new file mode 100644
index 0000000000000000000000000000000000000000..f72cdc79862f3b2d26165b9ac87710e7b1eb432e
--- /dev/null
+++ b/helm/2-helm-release.tf
@@ -0,0 +1,6 @@
+resource "helm_release" "nginx" {
+ name = var.helm-release-name
+ repository = var.helm-release-repository
+ chart = var.helm-release-chart
+ version = var.helm-release-version
+}
diff --git a/helm/3-helm-variables.tf b/helm/3-helm-variables.tf
new file mode 100644
index 0000000000000000000000000000000000000000..b2db3d585058efc6f33c3dff3091757a3ea959f0
--- /dev/null
+++ b/helm/3-helm-variables.tf
@@ -0,0 +1,39 @@
+variable "helm-host" {
+ description = "host of k8s cluster"
+ type = string
+}
+
+variable "helm-client-certificate" {
+ description = "k8s cluster client certificate"
+ type = string
+}
+
+variable "helm-client-key" {
+ description = "k8s cluster client key"
+ type = string
+}
+
+variable "helm-client-ca-certificate" {
+ description = "k8s cluster ca-certificate"
+ type = string
+}
+
+variable "helm-release-name" {
+ description = "name of the helm release"
+ type = string
+}
+
+variable "helm-release-repository" {
+ description = "helm repository release"
+ type = string
+}
+
+variable "helm-release-chart" {
+ description = "helm chart name"
+ type = string
+}
+
+variable "helm-release-version" {
+ description = "chart version"
+ type = string
+}
diff --git a/k8s/0-k8s-versions.tf b/k8s/0-k8s-versions.tf
index d65bb9d9a3228892349e7b1a5e37abb08b7ab387..7b1a3482b5d2b2989bd8c3ee9f6854f50f72bb20 100644
--- a/k8s/0-k8s-versions.tf
+++ b/k8s/0-k8s-versions.tf
@@ -3,7 +3,7 @@ terraform {
required_providers {
ovh = {
source = "ovh/ovh"
- version = "~>0.39.0"
+ version = "~>0.40"
}
}
}
diff --git a/k8s/1-k8s-project.tf b/k8s/1-k8s-project.tf
index dff305e947fe385e07fd8288063bf68b7d568135..4586b85c8aeb126e203a5e4f976dfcb50bc17ade 100644
--- a/k8s/1-k8s-project.tf
+++ b/k8s/1-k8s-project.tf
@@ -1,10 +1,12 @@
resource "ovh_cloud_project_kube" "this" {
- service_name = var.service_name
- name = "${var.env}-${var.k8s-project-name}"
- region = var.k8s-project-region
-}
+ service_name = var.service-name
+ name = var.k8s-project-name
+ region = var.k8s-project-region
+ private_network_id = var.k8s-project-network-openstackid
-output "kubeconfig_file" {
- value = ovh_cloud_project_kube.this.kubeconfig
- sensitive = true
+ private_network_configuration {
+ default_vrack_gateway = var.k8s-project-default-vrack-gateway
+ private_network_routing_as_default = var.k8s-project-private_network_routing_as_default
+ }
}
+
diff --git a/k8s/2-k8s-project-nodepool.tf b/k8s/2-k8s-project-nodepool.tf
index 372b5bbef861691f971b90058f13787896e9bd54..9430378a2d393b4c32b917f50e28a03efb58c25c 100644
--- a/k8s/2-k8s-project-nodepool.tf
+++ b/k8s/2-k8s-project-nodepool.tf
@@ -1,9 +1,10 @@
resource "ovh_cloud_project_kube_nodepool" "this" {
- service_name = var.service_name
+ service_name = var.service-name
kube_id = ovh_cloud_project_kube.this.id
- name = "${var.k8s-project-name}-nodepool"
+ name = var.k8s-project-nodepool-name
flavor_name = var.k8s-project-nodepool-flavor-name
desired_nodes = var.k8s-project-nodepool-desired-nodes
max_nodes = var.k8s-project-nodepool-max-nodes
min_nodes = var.k8s-project-nodepool-min-nodes
+ depends_on = [ovh_cloud_project_kube.this]
}
diff --git a/k8s/3-k8s-variables.tf b/k8s/3-k8s-variables.tf
index 59af32fea3073c8979256a72f47256a6248153cb..6c7c05ececb72a17cf0e076c41342c419f748c53 100644
--- a/k8s/3-k8s-variables.tf
+++ b/k8s/3-k8s-variables.tf
@@ -1,9 +1,3 @@
-# Environment
-variable "env" {
- description = "Environmental name."
- type = string
-}
-
# Managed Kubenetes Service
variable "k8s-project-nodepool-flavor-name" {
description = "Name for the nodepool flavor"
@@ -35,7 +29,27 @@ variable "k8s-project-region" {
type = string
}
-variable "service_name" {
+variable "k8s-project-network-openstackid" {
+ description = "Network openstack ID for this k8s instance"
+ type = string
+}
+
+variable "k8s-project-default-vrack-gateway" {
+ description = "egress traffic will be routed towards this IP address"
+ type = string
+}
+
+variable "k8s-project-private_network_routing_as_default" {
+ description = "Defines whether routing should default to using the nodes' private interface, instead of their public interface"
+ type = bool
+}
+
+variable "k8s-project-nodepool-name" {
+ description = "Name for k8s nodepool"
+ type = string
+}
+
+variable "service-name" {
description = "project service name"
type = string
}
diff --git a/k8s/4-k8s-outputs.tf b/k8s/4-k8s-outputs.tf
new file mode 100644
index 0000000000000000000000000000000000000000..d66f5318ca7624a48cf500be9a34b42b1e9ff3be
--- /dev/null
+++ b/k8s/4-k8s-outputs.tf
@@ -0,0 +1,24 @@
+output "k8s-kubeconfig" {
+ value = ovh_cloud_project_kube.this.kubeconfig
+ sensitive = true
+}
+
+output "k8s-host" {
+ value = ovh_cloud_project_kube.this.kubeconfig_attributes[0].host
+ sensitive = true
+}
+
+output "k8s-client-certificate" {
+ value = ovh_cloud_project_kube.this.kubeconfig_attributes[0].client_certificate
+ sensitive = true
+}
+
+output "k8s-client-key" {
+ value = ovh_cloud_project_kube.this.kubeconfig_attributes[0].client_key
+ sensitive = true
+}
+
+output "k8s-client-ca-certificate" {
+ value = ovh_cloud_project_kube.this.kubeconfig_attributes[0].cluster_ca_certificate
+ sensitive = true
+}
diff --git a/network/0-network-versions.tf b/network/0-network-versions.tf
new file mode 100644
index 0000000000000000000000000000000000000000..7b1a3482b5d2b2989bd8c3ee9f6854f50f72bb20
--- /dev/null
+++ b/network/0-network-versions.tf
@@ -0,0 +1,9 @@
+terraform {
+ required_version = ">= 1.0"
+ required_providers {
+ ovh = {
+ source = "ovh/ovh"
+ version = "~>0.40"
+ }
+ }
+}
diff --git a/network/1-network-private.tf b/network/1-network-private.tf
new file mode 100644
index 0000000000000000000000000000000000000000..ef70ee57a3ae77111c92071dd0b8b27c932affd5
--- /dev/null
+++ b/network/1-network-private.tf
@@ -0,0 +1,6 @@
+resource "ovh_cloud_project_network_private" "this" {
+ service_name = var.service-name
+ name = var.network-private-name # Network name
+ regions = var.network-private-regions
+ vlan_id = var.network-private-vlan-id # VLAN ID for vRack
+}
diff --git a/network/2-network-private-subnets.tf b/network/2-network-private-subnets.tf
new file mode 100644
index 0000000000000000000000000000000000000000..f8798387585367bae9eafc5a2b7a324f2da8a543
--- /dev/null
+++ b/network/2-network-private-subnets.tf
@@ -0,0 +1,11 @@
+resource "ovh_cloud_project_network_private_subnet" "this" {
+ service_name = var.service-name
+ network_id = ovh_cloud_project_network_private.this.id
+ start = var.network-private-subnet-start # First IP of the subnet
+ end = var.network-private-subnet-end # Last IP of the subnet
+ network = var.network-private-subnet # Subnet IP address location
+ dhcp = var.network-private-subnet-dhcp # Enables DHCP
+ region = var.network-private-region
+ no_gateway = var.network-private-subnet-no-gateway # No default gateway
+ depends_on = [ovh_cloud_project_network_private.this]
+}
diff --git a/network/3-network-variables.tf b/network/3-network-variables.tf
new file mode 100644
index 0000000000000000000000000000000000000000..4d148ca0c754ecee62481d4af8da122a18cbd762
--- /dev/null
+++ b/network/3-network-variables.tf
@@ -0,0 +1,50 @@
+variable "service-name" {
+ description = "Project ID"
+ type = string
+}
+
+variable "network-private-name" {
+ description = "private network name"
+ type = string
+}
+
+variable "network-private-region" {
+ description = "list of regions for private network"
+ type = string
+}
+
+variable "network-private-regions" {
+ description = "list of regions for private network"
+ type = list(string)
+}
+
+variable "network-private-vlan-id" {
+ description = "vlan id"
+ type = number
+}
+
+variable "network-private-subnet-start" {
+ description = "start of the ip range for hosts"
+ type = string
+}
+
+variable "network-private-subnet-end" {
+ description = "end of the ip range for the hosts"
+ type = string
+}
+
+variable "network-private-subnet" {
+ description = "network subnet with mask"
+ type = string
+}
+
+variable "network-private-subnet-dhcp" {
+ description = "enable DHCP"
+ type = bool
+}
+
+variable "network-private-subnet-no-gateway" {
+ description = "is default gatweay used?"
+ type = bool
+}
+
diff --git a/network/4-network-outputs.tf b/network/4-network-outputs.tf
new file mode 100644
index 0000000000000000000000000000000000000000..40991686018acf089785eb8f0f25cd8f3cf53c86
--- /dev/null
+++ b/network/4-network-outputs.tf
@@ -0,0 +1,8 @@
+output "network-private-openstackid-out" {
+ value = one(ovh_cloud_project_network_private.this.regions_attributes[*].openstackid)
+}
+
+output "network-private-subnet-id-out" {
+ value = ovh_cloud_project_network_private_subnet.this.id
+}
+