New namespace and volumes for the vault namespace

lab/cluster/filebrowser.tf

@@ -1,3 +1,15 @@
+locals {
+  filebrowser = {
+    # Name that is basically used everywhere
+    name = "filebrowser"
+    # For the claim itself
+    vol = {
+      size = "15Gi"
+      mode = "ReadWriteOnce"
+    }
+  }
+}
+
 resource kubernetes_pod filebrowser {
   metadata {
     name = "filebrowser"
@@ -37,3 +49,19 @@ resource kubernetes_service filebrowser {
     type = "LoadBalancer"
   }
 }
+
+resource kubernetes_persistent_volume_claim filebrowser {
+  metadata {
+    name = "${local.filebrowser.name}-pvc"
+  }
+  spec {
+    access_modes = [ local.filebrowser.vol.mode ]
+    resources {
+      requests = {
+        storage = local.filebrowser.vol.size
+      }
+    }
+    volume_name = "${local.filebrowser.name}-vol"
+  }
+}
+

lab/cluster/namespace.tf

@@ -1,5 +1,16 @@
+# This namespace is used for things that we need/want to store somewhere secure
 resource kubernetes_namespace vault {
   metadata {
     name = "vault"
   }
 }
+
+# This namespace is for more generic things like a simple nginx page or some 
+# documentation, etc.
+resource kubernetes_namespace web {
+  metadata {
+    name = "web-services"
+  }
+}
+
+

lab/cluster/volume.tf

@@ -0,0 +1,29 @@
+# Creating the volume for the vault namespace that we can use
+locals {
+  vault = {
+    volume = {
+      modes = [ "ReadWriteOnce" ]
+      name = "vault-vol"
+      size = "25Gi"
+    }
+  }
+}
+
+
+resource kubernetes_persistent_volume vault {
+  metadata {
+    name = local.vault.volume.name
+  }
+  spec {
+    capacity = {
+      storage = local.vault.volume.size
+    }
+    access_modes = local.vault.volume.modes
+    persistent_volume_source {
+      gce_persistent_disk {
+        pd_name = "${local.filebrowser.name}-vol-pd"
+      }
+    }
+  }
+}
+