From 4c4c69ddffa8f24c04a27decf3d026bfa61ff700 Mon Sep 17 00:00:00 2001 From: Sergei Razukov Date: Tue, 28 Jun 2022 15:18:48 +0700 Subject: [PATCH] feat(kowl): add node selector variable for deployment --- modules/kowl/deployment.tf | 28 +++++++++++++++------------- modules/kowl/variables.tf | 14 ++++++++++---- 2 files changed, 25 insertions(+), 17 deletions(-) diff --git a/modules/kowl/deployment.tf b/modules/kowl/deployment.tf index 99c57a4..b5ce846 100644 --- a/modules/kowl/deployment.tf +++ b/modules/kowl/deployment.tf @@ -15,7 +15,7 @@ resource "kubernetes_deployment" "this" { template { metadata { - labels = local.global_labels + labels = local.global_labels annotations = merge({ "checksum/kowl-config" = sha512(var.kowl_config), "checksum/roles" = sha512(var.kowl_roles), @@ -30,6 +30,8 @@ resource "kubernetes_deployment" "this" { run_as_non_root = true } + node_selector = var.deployment_kowl_node_selector + volume { name = "secrets" secret { @@ -47,26 +49,26 @@ resource "kubernetes_deployment" "this" { container { name = "kowl" image = "${var.deployment_kowl_image}:${var.deployment_kowl_image_tag}" - args = concat( - [ + args = concat( + [ "--config.filepath=/etc/kowl/configs/config.yaml"], - var.secret_kafka_sasl_password != "" ? [ + var.secret_kafka_sasl_password != "" ? [ "--kafka.sasl.password=$(KAFKA_SASL_PASSWORD)"] : [], - var.secret_kafka_tls_passphrase != "" ? [ + var.secret_kafka_tls_passphrase != "" ? [ "--kafka.tls.passphrase=$(KAFKA_TLS_PASSPHRASE)"] : [], - var.secret_cloudhut_license_token != "" ? [ + var.secret_cloudhut_license_token != "" ? [ "--cloudhut.license-token=$(CLOUDHUT_LICENSE_TOKEN)"] : [], - # Secrets for login providers - var.secret_cloudhut_license_token != "" ? [ + # Secrets for login providers + var.secret_cloudhut_license_token != "" ? [ "--login.jwt-secret=$(LOGIN_JWT_SECRET)"] : [], - var.secret_login_google_oauth_client_secret != "" ? [ + var.secret_login_google_oauth_client_secret != "" ? [ "--login.google.client-secret=$(LOGIN_GOOGLE_CLIENT_SECRET)"] : [], - var.secret_login_github_oauth_client_secret != "" ? [ + var.secret_login_github_oauth_client_secret != "" ? [ "--login.github.client-secret=$(LOGIN_GITHUB_CLIENT_SECRET)"] : [], - # Secrets for GitHub - var.secret_topic_docs_git_basic_auth_password != "" ? [ + # Secrets for GitHub + var.secret_topic_docs_git_basic_auth_password != "" ? [ "owl.topic-documentation.git.basic-auth.password=$(TOPIC_DOCUMENTATION_BASIC_AUTH_PASSWORD)"] : [], ) @@ -217,4 +219,4 @@ resource "kubernetes_deployment" "this" { } } } -} \ No newline at end of file +} diff --git a/modules/kowl/variables.tf b/modules/kowl/variables.tf index 6939cfd..fb4ef45 100644 --- a/modules/kowl/variables.tf +++ b/modules/kowl/variables.tf @@ -10,7 +10,7 @@ variable "annotations" { variable "labels" { type = map(string) description = "Map of labels that will be merged with all other labels on all kubernetes resource." - default = { + default = { managed-by = "Terraform" terraform-module = "cloudhut-kowl" } @@ -36,7 +36,7 @@ variable "deployment_name" { variable "deployment_annotations" { description = "Map of annotations to apply to the deployment." - default = { + default = { "prometheus.io/scrape" = "true" "prometheus.io/port" = 8080 "prometheus.io/path" = "/admin/metrics" @@ -62,7 +62,7 @@ variable "deployment_replicas" { variable "deployment_resources_limits" { type = map(string) description = "Resource limits that shall be assigned to the pods" - default = { + default = { memory = "512Mi" } } @@ -70,7 +70,7 @@ variable "deployment_resources_limits" { variable "deployment_resources_requests" { type = map(string) description = "Resource limits that shall be assigned to the pods" - default = { + default = { cpu = "100m" memory = "512Mi" } @@ -94,6 +94,12 @@ variable "deployment_kowl_container_port" { default = 8080 } +variable "deployment_kowl_node_selector" { + type = map(string) + default = {} + description = "Node selector map" +} + #---------------------------------------- # Secrets #----------------------------------------