From abf3297498a7b5f4413243b5ce63c8423b50bbe6 Mon Sep 17 00:00:00 2001 From: shockrah Date: Sun, 8 Dec 2024 15:54:14 -0800 Subject: [PATCH] Example nodeport based service now done --- infra/vultr-kubernetes/firewall.tf | 9 ++++ infra/vultr-kubernetes/test-nginx.tf | 64 ++++++++++++++++++++++++++++ 2 files changed, 73 insertions(+) create mode 100644 infra/vultr-kubernetes/test-nginx.tf diff --git a/infra/vultr-kubernetes/firewall.tf b/infra/vultr-kubernetes/firewall.tf index 2a2973f..f475500 100644 --- a/infra/vultr-kubernetes/firewall.tf +++ b/infra/vultr-kubernetes/firewall.tf @@ -7,3 +7,12 @@ resource vultr_firewall_rule web_inbound { subnet_size = 0 port = each.value } + +resource vultr_firewall_rule web-health-inbound { + firewall_group_id = vultr_kubernetes.athens.firewall_group_id + protocol = "tcp" + ip_type = "v4" + subnet = "0.0.0.0" + subnet_size = 0 + port = local.sanity.port +} diff --git a/infra/vultr-kubernetes/test-nginx.tf b/infra/vultr-kubernetes/test-nginx.tf new file mode 100644 index 0000000..89caeae --- /dev/null +++ b/infra/vultr-kubernetes/test-nginx.tf @@ -0,0 +1,64 @@ +# Here we create a super simple pod that we can reach via IP +# Using nginx as the service to expose + +locals { + sanity = { + namespace = "sanity" + service = "web-health" + port = 30808 + } +} + +resource kubernetes_namespace sanity { + metadata { + name = local.sanity.namespace + } +} + +resource kubernetes_pod nginx { + metadata { + name = local.sanity.service + labels = { + app = local.sanity.service + } + } + spec { + container { + image = "nginx:latest" + name = "nginx" + resources { + limits = { + cpu = "200m" + memory = "64Mi" + } + } + liveness_probe { + http_get { + path = "/" + port = 80 + } + + initial_delay_seconds = 30 + period_seconds = 30 + } + } + } +} + +resource kubernetes_service nginx { + metadata { + name = local.sanity.service + } + spec { + selector = { + app = local.sanity.service + } + port { + port = 8080 + target_port = 80 + node_port = local.sanity.port + } + type = "NodePort" + } +} +