我们有一个Helm Chart,我们希望将该图表安装在3个云(AWS,Azure和GCP)中的任何一个集群上。如何下载Kubernetes集群的kubeconfig文件并使用它来安装Helm Chart?
9w11ddsr1#
对于Azure:删除群集的data:
data
data "azurerm_kubernetes_cluster" "main" { name = "your-cluster" resource_group_name = "your-rg" }
在您的providers.tf文件中添加以下内容:
terraform { required_providers { azurerm = { source = "hashicorp/azurerm" version = "~> 3.6" } helm = { source = "hashicorp/helm" version = "2.9.0" } }
如果可以使用admin kubeconfig:
provider "helm" { load_config_file = "false" host = azurerm_kubernetes_cluster.main.kube_admin_config.0.host username = azurerm_kubernetes_cluster.main.kube_admin_config.0.username password = azurerm_kubernetes_cluster.main.kube_admin_config.0.password client_certificate = "${base64decode(azurerm_kubernetes_cluster.main.kube_admin_config.0.client_certificate)}" client_key = "${base64decode(azurerm_kubernetes_cluster.main.kube_admin_config.0.client_key)}" cluster_ca_certificate = "${base64decode(azurerm_kubernetes_cluster.main.kube_admin_config.0.cluster_ca_certificate)}" }
如果你想避免使用admin kubeconfig:
provider "helm" { host = data.azurerm_kubernetes_cluster.main.kube_config.0.host cluster_ca_certificate = base64decode(data.azurerm_kubernetes_cluster.main.kube_config.0.cluster_ca_certificate) exec { api_version = "client.authentication.k8s.io/v1beta1" command = "./kubelogin" args = [ "get-token", "--login", "spn", "--environment", "AzurePublicCloud", "--tenant-id", var.tenant_id, "--server-id", var.aad_server_id, "--client-id", var.client_id, "--client-secret", var.client_secret ] } }
请注意,您需要在repo中包含kubelogin二进制文件。More details here。然后你可以像这样安装Helm Chart:
resource "helm_release" "your-release" { name = "your-release" namespace = "your-namespace" repository = "whatever/repo" chart = "a-chart" version = "1.2.3" }
我不确定GCP或AWS,但我不会感到惊讶的过程是相似的
1条答案
按热度按时间9w11ddsr1#
对于Azure:
删除群集的
data:在您的providers.tf文件中添加以下内容:
如果可以使用admin kubeconfig:
如果你想避免使用admin kubeconfig:
请注意,您需要在repo中包含kubelogin二进制文件。More details here。
然后你可以像这样安装Helm Chart:
我不确定GCP或AWS,但我不会感到惊讶的过程是相似的