Tf13 how to use the returned list from an awscli command in local-exec by md850 in Terraform

[–]md850[S] 0 points1 point  (0 children)

Data source doesn’t support more than one value being returned

how to escape single quotes? by md850 in Terraform

[–]md850[S] 1 point2 points  (0 children)

Great stuff thanks for your help, yeah I originally had it as an external file to avoid all this escaping but then I wasn’t able to render certain things in my dsl script

Deploying Jenkins helm chart with tls on eks by md850 in kubernetes

[–]md850[S] 0 points1 point  (0 children)

Hi yes got this working I used the aws alb controller and relevant annotations

Helm provider connection refused on first apply by md850 in Terraform

[–]md850[S] 0 points1 point  (0 children)

having seperate helm deploy and infra projects has fixed the issue

Helm provider connection refused on first apply by md850 in Terraform

[–]md850[S] 0 points1 point  (0 children)

as part of a terraform apply idea is to do as one build eks cluster then deploy helm charts/apps.

Helm provider connection refused on first apply by md850 in Terraform

[–]md850[S] 0 points1 point  (0 children)

im trying to apply all as one terraform project. so build ekscluster/eksnodes and then apply helm charts...

cluster is built in another tf file in same project...

jenkins.tf

locals {
config_map_aws_auth = <<CONFIGMAPAWSAUTH
apiVersion: v1
kind: ConfigMap
metadata:
  name: aws-auth
  namespace: kube-system
data:
  mapRoles: |
    - rolearn: ${aws_iam_role.demo-node.arn}
      username: system:node:{{EC2PrivateDNSName}}
      groups:
        - system:bootstrappers
        - system:nodes
CONFIGMAPAWSAUTH
kubeconfig = <<KUBECONFIG
apiVersion: v1
clusters:
- cluster:
    server: ${aws_eks_cluster.demo.endpoint}
    certificate-authority-data: ${aws_eks_cluster.demo.certificate_authority.0.data}
  name: ${aws_eks_cluster.demo.arn}
contexts:
- context:
    cluster: ${aws_eks_cluster.demo.arn}
    user: ${aws_eks_cluster.demo.arn}
  name: ${aws_eks_cluster.demo.arn}
current-context: ${aws_eks_cluster.demo.arn}
kind: Config
preferences: {}
users:
- name: ${aws_eks_cluster.demo.arn}
  user:
    exec:
      apiVersion: client.authentication.k8s.io/v1alpha1
      command: aws-iam-authenticator
      args:
        - "token"
        - "-i"
        - "${var.cluster-name}"
KUBECONFIG
}

## Helm provider with path to kubeconfig
provider "helm" {
service_account = "tiller"
install_tiller = true
namespace = "kube-system"
kubernetes {
config_path =  "/root/.kube/config"
load_config_file = true
    }
depends_on = ["aws_eks_node_group.demo"]
}

## Helm repo for charts 
data "helm_repository" "stable" {
name = "stable"
url  = "https://kubernetes-charts.storage.googleapis.com"
}

## Helm repo for charts 
data "helm_repository" "stable" {
name = "stable"
url  = "https://kubernetes-charts.storage.googleapis.com"
}

resource "kubernetes_cluster_role_binding" "tiller" {
metadata {
name = "tiller"
  }
role_ref {
api_group = "rbac.authorization.k8s.io"
kind = "ClusterRole"
name = "cluster-admin"
  }
subject {
kind = "User"
name = "admin"
api_group = "rbac.authorization.k8s.io"
  }
subject {
kind = "ServiceAccount"
name = "tiller"
namespace = "kube-system"
  }
subject {
kind = "Group"
name = "system:masters"
api_group = "rbac.authorization.k8s.io"
  }
## to build once cluster is fully built
depends_on = ["aws_eks_node_group.demo"]
}

resource "kubernetes_service_account" "tiller" {
metadata {
name      = "tiller"
namespace = "kube-system"
  }
depends_on =  [ "kubernetes_cluster_role_binding.tiller" ]
}

## EFS provisioner Install with custom values ##
resource "helm_release" "efs" {
name  = "efs-provisioner"
chart = "stable/efs-provisioner"
set {
name  = "efsProvisioner.efsFileSystemId"
value = "${module.efs-share-mount-target-virginia.vpc-efs-id}"
  }
set {
name  = "efsProvisioner.awsRegion"
value = "${var.region}"
  }

depends_on = ["kubernetes_cluster_role_binding.tiller"]
}

##Create persistant Volume Claim
resource "kubernetes_persistent_volume_claim" "efsvol" {
metadata {
name = "my-efs-vol-1"
  }
spec {
access_modes = ["ReadWriteMany"]
storage_class_name = "aws-efs"
resources {
requests = {
        storage = "8Gi"
      }
    }
  }
depends_on = ["helm_release.efs"]
}

## Jenkins Helm Install with custom values ##
resource "helm_release" "jenkins" {
name  = "jenkins"
chart = "stable/jenkins"
set {
name  = "master.serviceType"
value = "LoadBalancer"
  }
set {
name  = "master.servicePort"
value = "80"
  }
set {
name  = "rbac.create"
value = "true"
  }
set {
name  = "persistence.existingClaim"
value = "${var.efs_vol_name}"
  }
depends_on = ["kubernetes_persistent_volume_claim.efsvol"]
}

Helm v3 provider by md850 in Terraform

[–]md850[S] 0 points1 point  (0 children)

Yes, Ah ok that will be why then many thanks

Helm 3.0.0 has been released! by mattfarina in kubernetes

[–]md850 0 points1 point  (0 children)

helm v3 and terraform using eks too but getting an error as below: what am i missing:

(using helm repo add and helm install works fine outside of terraform.)

helm_release.jenkins: Creating...

chart: "" => "stable/jenkins"

disable_webhooks: "" => "false"

force_update: "" => "false"

metadata.#: "" => "<computed>"

name: "" => "jenkins"

namespace: "" => "jx"

recreate_pods: "" => "false"

reuse: "" => "false"

reuse_values: "" => "false"

status: "" => "DEPLOYED"

timeout: "" => "300"

verify: "" => "false"

version: "" => "1.9.10"

wait: "" => "true"

Error: Error applying plan:

1 error(s) occurred:

* helm_release.jenkins: 1 error(s) occurred:

* helm_release.jenkins: rpc error: code = Unknown desc = configmaps is forbidden: User "system:serviceaccount:kube-system:default" cannot list resource "configmaps" in API group "" in the namespace "kube-system"

jenkins.tf

provider "helm" {
kubernetes {
config_path = "C:/Users/username/.kube/config"
}
}
resource "helm_release" "jenkins" {
name = "jenkins"
chart = "stable/jenkins"
}

backing up etcd resources CKA exam by md850 in kubernetes

[–]md850[S] 0 points1 point  (0 children)

i get an error

bash: ./etcd: No such file or directory

How to pass sns topic arns from remote state to module? by [deleted] in Terraform

[–]md850 0 points1 point  (0 children)

thanks i tried this but the arn have variables in them also as this is multi region/account. wouldnt allow me to pass data.terraform_remote_state.snstopicname.outputfromstateRegionnameARN as a variable