Refacto and add lb
This commit is contained in:
@@ -1,17 +1,21 @@
|
||||
locals {
|
||||
mysql_host = "${var.instance}-${var.component}-db.${var.namespace}.svc"
|
||||
mysql_username = data.kubernetes_secret_v1.prj_mysql_secret.data["rootUser"]
|
||||
mysql_password = data.kubernetes_secret_v1.prj_mysql_secret.data["rootPassword"]
|
||||
mysql_labels = merge(var.labels, {
|
||||
"app.kubernetes.io/component" = "mysql"
|
||||
})
|
||||
app_slug = "${var.instance}${var.component == "" ? "" : "-"}${var.component}"
|
||||
mysql_host = "${local.app_slug}-mysql.${var.namespace}.svc"
|
||||
mysql_username = data.kubernetes_secret_v1.mysql_secret.data["rootUser"]
|
||||
mysql_password = data.kubernetes_secret_v1.mysql_secret.data["rootPassword"]
|
||||
}
|
||||
|
||||
resource "kubectl_manifest" "prj_mysql_secret" {
|
||||
resource "kubectl_manifest" "mysql_secret" {
|
||||
yaml_body = <<-EOF
|
||||
apiVersion: "secretgenerator.mittwald.de/v1alpha1"
|
||||
kind: "StringSecret"
|
||||
metadata:
|
||||
name: "${var.instance}-${var.component}-db"
|
||||
name: "${local.app_slug}-mysql"
|
||||
namespace: "${var.namespace}"
|
||||
labels: ${jsonencode(var.labels)}
|
||||
labels: ${jsonencode(local.mysql_labels)}
|
||||
spec:
|
||||
forceRegenerate: false
|
||||
data:
|
||||
@@ -27,19 +31,26 @@ resource "kubectl_manifest" "prj_mysql_secret" {
|
||||
EOF
|
||||
}
|
||||
|
||||
resource "kubectl_manifest" "prj_mysql" {
|
||||
depends_on = [kubectl_manifest.prj_mysql_secret]
|
||||
data "kubernetes_secret_v1" "mysql_secret" {
|
||||
depends_on = [kubectl_manifest.mysql_secret]
|
||||
metadata {
|
||||
name = "${local.app_slug}-mysql"
|
||||
namespace = var.namespace
|
||||
labels = local.mysql_labels
|
||||
}
|
||||
}
|
||||
|
||||
resource "kubectl_manifest" "mysql" {
|
||||
yaml_body = <<-EOF
|
||||
apiVersion: mysql.oracle.com/v2
|
||||
kind: InnoDBCluster
|
||||
metadata:
|
||||
name: "${var.instance}-${var.component}-db"
|
||||
name: "${local.app_slug}-mysql"
|
||||
namespace: "${var.namespace}"
|
||||
labels: ${jsonencode(var.labels)}
|
||||
labels: ${jsonencode(local.mysql_labels)}
|
||||
spec:
|
||||
secretName: ${kubectl_manifest.prj_mysql_secret.name}
|
||||
secretName: ${data.kubernetes_secret_v1.mysql_secret.metadata[0].name}
|
||||
tlsUseSelfSigned: true
|
||||
# tlsSecretName: "${var.instance}-db-cert"
|
||||
instances: 1
|
||||
router:
|
||||
instances: 1
|
||||
@@ -55,38 +66,29 @@ resource "kubectl_manifest" "prj_mysql" {
|
||||
}
|
||||
|
||||
resource "time_sleep" "wait_mysql_ready" {
|
||||
depends_on = [kubectl_manifest.prj_mysql_secret, kubectl_manifest.prj_mysql]
|
||||
depends_on = [kubectl_manifest.mysql]
|
||||
create_duration = "45s"
|
||||
}
|
||||
|
||||
data "kubernetes_secret_v1" "prj_mysql_secret" {
|
||||
depends_on = [kubectl_manifest.prj_mysql_secret, kubectl_manifest.prj_mysql, time_sleep.wait_mysql_ready]
|
||||
metadata {
|
||||
name = "${var.instance}-${var.component}-db"
|
||||
namespace = var.namespace
|
||||
}
|
||||
}
|
||||
|
||||
resource "mysql_database" "app" {
|
||||
depends_on = [kubectl_manifest.prj_mysql_secret, kubectl_manifest.prj_mysql, time_sleep.wait_mysql_ready]
|
||||
name = var.database
|
||||
depends_on = [
|
||||
kubectl_manifest.mysql,
|
||||
time_sleep.wait_mysql_ready
|
||||
]
|
||||
name = var.database
|
||||
}
|
||||
|
||||
resource "mysql_user" "app_user" {
|
||||
depends_on = [kubectl_manifest.prj_mysql_secret, kubectl_manifest.prj_mysql, time_sleep.wait_mysql_ready]
|
||||
host = data.kubernetes_secret_v1.prj_mysql_secret.data["userHost"]
|
||||
user = data.kubernetes_secret_v1.prj_mysql_secret.data["username"]
|
||||
plaintext_password = data.kubernetes_secret_v1.prj_mysql_secret.data["password"]
|
||||
depends_on = [
|
||||
time_sleep.wait_mysql_ready,
|
||||
mysql_database.app,
|
||||
]
|
||||
host = data.kubernetes_secret_v1.mysql_secret.data["userHost"]
|
||||
user = data.kubernetes_secret_v1.mysql_secret.data["username"]
|
||||
plaintext_password = data.kubernetes_secret_v1.mysql_secret.data["password"]
|
||||
}
|
||||
|
||||
resource "mysql_grant" "app_user_grant" {
|
||||
depends_on = [
|
||||
kubectl_manifest.prj_mysql_secret,
|
||||
kubectl_manifest.prj_mysql,
|
||||
time_sleep.wait_mysql_ready,
|
||||
mysql_database.app,
|
||||
mysql_user.app_user
|
||||
]
|
||||
user = mysql_user.app_user.user
|
||||
host = mysql_user.app_user.host
|
||||
database = mysql_database.app.name
|
||||
|
||||
12
mysql/outpost.tf
Normal file
12
mysql/outpost.tf
Normal file
@@ -0,0 +1,12 @@
|
||||
output "dns_names" {
|
||||
value = [
|
||||
"${local.app_slug}-mysql",
|
||||
"${local.app_slug}-mysql-instances"
|
||||
]
|
||||
}
|
||||
output "mysql_host" {
|
||||
value =" ${local.app_slug}-mysql"
|
||||
}
|
||||
output "secret_name" {
|
||||
value = "${local.app_slug}-db"
|
||||
}
|
||||
Reference in New Issue
Block a user