Skip to content

Commit 51b9478

Browse files
juniorjunior
committed
grafana ingress
Signed-off-by: junior <junior@users.noreply.github.com>
1 parent 0fa607c commit 51b9478

File tree

3 files changed

+113
-2
lines changed

3 files changed

+113
-2
lines changed

modules/cluster-tools/cert-manager.tf

Lines changed: 59 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -29,5 +29,64 @@ resource "helm_release" "cert_manager" {
2929
value = "30"
3030
}
3131

32+
count = var.cert_manager_enabled ? 1 : 0
33+
}
34+
35+
resource "kubernetes_manifest" "clusterissuer_letsencrypt_prod" {
36+
manifest = {
37+
"apiVersion" = "cert-manager.io/v1"
38+
"kind" = "ClusterIssuer"
39+
"metadata" = {
40+
"name" = "letsencrypt-prod"
41+
}
42+
"spec" = {
43+
"acme" = {
44+
"email" = "${var.ingress_email_issuer}"
45+
"privateKeySecretRef" = {
46+
"name" = "letsencrypt-prod"
47+
}
48+
"server" = "https://acme-v02.api.letsencrypt.org/directory"
49+
"solvers" = [
50+
{
51+
"http01" = {
52+
"ingress" = {
53+
"class" = "nginx"
54+
}
55+
}
56+
},
57+
]
58+
}
59+
}
60+
}
61+
62+
count = var.cert_manager_enabled ? 1 : 0
63+
}
64+
resource "kubernetes_manifest" "clusterissuer_letsencrypt_staging" {
65+
manifest = {
66+
"apiVersion" = "cert-manager.io/v1"
67+
"kind" = "ClusterIssuer"
68+
"metadata" = {
69+
"name" = "letsencrypt-staging"
70+
}
71+
"spec" = {
72+
"acme" = {
73+
"email" = "${var.ingress_email_issuer}"
74+
"privateKeySecretRef" = {
75+
"name" = "letsencrypt-staging"
76+
}
77+
"server" = "https://acme-staging-v02.api.letsencrypt.org/directory"
78+
"solvers" = [
79+
{
80+
"http01" = {
81+
"ingress" = {
82+
"class" = "nginx"
83+
}
84+
}
85+
},
86+
]
87+
}
88+
}
89+
}
90+
3291
count = var.cert_manager_enabled ? 1 : 0
3392
}

modules/cluster-tools/cluster-tools.tf

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -13,11 +13,11 @@ locals {
1313
# Helm repos
1414
helm_repository = {
1515
ingress_nginx = "https://kubernetes.github.io/ingress-nginx"
16-
ingress_nginx_version = "4.2.3"
16+
ingress_nginx_version = "4.2.5"
1717
jetstack = "https://charts.jetstack.io" # cert-manager
1818
jetstack_version = "1.9.1" # cert-manager
1919
grafana = "https://grafana.github.io/helm-charts"
20-
grafana_version = "6.34.0"
20+
grafana_version = "6.38.0"
2121
prometheus = "https://prometheus-community.github.io/helm-charts"
2222
prometheus_version = "15.12.0"
2323
metrics_server = "https://kubernetes-sigs.github.io/metrics-server"

modules/cluster-tools/grafana.tf

Lines changed: 52 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -149,6 +149,58 @@ EOF
149149
count = var.grafana_enabled ? 1 : 0
150150
}
151151

152+
## Grafana Ingress
153+
resource "kubernetes_ingress_v1" "grafana" {
154+
wait_for_load_balancer = true
155+
metadata {
156+
name = "grafana"
157+
namespace = kubernetes_namespace.cluster_tools.id
158+
annotations = local.ingress_nginx_annotations
159+
}
160+
spec {
161+
ingress_class_name = "nginx"
162+
rule {
163+
http {
164+
path {
165+
path = "/grafana(/|$)(.*)"
166+
path_type = "Prefix"
167+
backend {
168+
service {
169+
name = "grafana"
170+
port {
171+
number = 80
172+
}
173+
}
174+
}
175+
}
176+
}
177+
}
178+
179+
dynamic "rule" {
180+
for_each = local.ingress_hosts
181+
content {
182+
host = rule.value
183+
http {
184+
path {
185+
path = "/grafana(/|$)(.*)"
186+
path_type = "Prefix"
187+
backend {
188+
service {
189+
name = "grafana"
190+
port {
191+
number = 80
192+
}
193+
}
194+
}
195+
}
196+
}
197+
}
198+
}
199+
}
200+
depends_on = [helm_release.ingress_nginx, helm_release.grafana]
201+
202+
count = (var.grafana_enabled && var.ingress_nginx_enabled) ? 1 : 0
203+
}
152204
## Kubernetes Secret: Grafana Admin Password
153205
data "kubernetes_secret" "grafana" {
154206
metadata {

0 commit comments

Comments
 (0)