From ee23406f494100231008a9b8fca3151a71f509f1 Mon Sep 17 00:00:00 2001 From: shockrah Date: Wed, 18 Dec 2024 20:42:40 -0800 Subject: [PATCH] admin services namespace, pods, and services --- infra/vultr-kubernetes/admin-services.tf | 58 ++++++++++++++++++++++++ 1 file changed, 58 insertions(+) create mode 100644 infra/vultr-kubernetes/admin-services.tf diff --git a/infra/vultr-kubernetes/admin-services.tf b/infra/vultr-kubernetes/admin-services.tf new file mode 100644 index 0000000..d6b53d4 --- /dev/null +++ b/infra/vultr-kubernetes/admin-services.tf @@ -0,0 +1,58 @@ +resource kubernetes_namespace admin-servers { + metadata { + name = var.admin_services.namespace + } +} + +resource kubernetes_pod admin { + for_each = var.admin_services.configs + + metadata { + name = each.key + namespace = var.admin_services.namespace + labels = { + app = each.key + } + } + spec { + container { + image = each.value.image + name = coalesce(each.value.name, each.key) + resources { + limits = { + cpu = each.value.cpu + memory = each.value.mem + } + } + port { + container_port = each.value.port.internal + protocol = coalesce(each.value.proto, "TCP") + } + } + } +} + +resource kubernetes_service admin { + for_each = var.admin_services.configs + metadata { + name = each.key + namespace = var.admin_services.namespace + labels = { + app = each.key + } + } + # TODO: don't make these NodePorts since we're gonna want them + # to be purely internal to the Cluster. + # WHY? Because we want to keep dashboards as unexposed as possible + spec { + selector = { + app = each.key + } + port { + target_port = each.value.port.internal + port = each.value.port.expose + } + type = "NodePort" + } +} +