提问人:Naman_sharma 提问时间:11/15/2023 更新时间:11/15/2023 访问量:24
在 k8s pod 的字符串转换为 yaml 时,用 terraform 编写的 Kubernetes pod 出错
Kubernetes pod written in terraform error in string conversion to yaml for k8s pod
问:
这是我的 Terraform 文件:
provider "kubernetes" {
config_path = "~/.kube/config"
config_context = "minikube"
}
resource "kubernetes_service_v1" "nginx_service" {
metadata {
name = "nginx-service"
}
spec {
selector = {
app = "mypod"
}
port {
protocol = "TCP"
port = 80
}
}
}
resource "kubernetes_config_map" "nginx_config" {
metadata {
name = "nginx-config"
}
data = {
"default.conf" = <<-EOT
server {
listen 80;
autoindex on;
location / {
root /usr/share/nginx/html;
index index.html;
}
location /secure {
alias /usr/share/nginx/html/secure;
index index.html;
try_files $uri $uri/ =404;
}
location /insecure {
alias /usr/share/nginx/html/insecure;
index index.html;
}
}
EOT
}
}
resource "kubernetes_pod" "mypod" {
metadata {
name = "mypod"
labels = {
app = "mypod"
}
}
spec {
volume {
name = "html-files"
empty_dir {}
}
volume {
name = "nginx-config"
config_map {
name = "nginx-config"
}
}
container {
name = "nginx-container"
image = "nginx"
volume_mount {
name = "html-files"
mount_path = "/usr/share/nginx/html"
}
volume_mount {
name = "nginx-config"
mount_path = "/etc/nginx/conf.d"
}
}
container {
name = "ubuntu-container"
image = "ubuntu"
volume_mount {
name = "html-files"
mount_path = "/usr/share/nginx/html"
}
command = ["/bin/sh", "-c"]
args = [
"echo '<html><body><h1>This is the HOME page</h1></body></html>' > /usr/share/nginx/html/index.html ",
"mkdir -p /usr/share/nginx/html/insecure /usr/share/nginx/html/secure" ,
"echo '<html><body><h1>This is an insecure page</h1></body></html>' > /usr/share/nginx/html/insecure/index.html",
"echo '<html><body><h1>This is a secure page</h1></body></html>' > /usr/share/nginx/html/secure/index.html ",
"sleep infinity ",
]
}
}
}
resource "kubernetes_ingress_v1" "nginx_ingress" {
metadata {
name = "nginx-ingress"
annotations = {
"kubernetes.io/ingress.class" = "nginx"
"nginx.ingress.kubernetes.io/auth-type" = "basic"
"nginx.ingress.kubernetes.io/auth-secret" = "basic-auth"
"nginx.ingress.kubernetes.io/auth-realm" = "Authentication required"
}
}
spec {
rule {
host = "naman.training.app"
http {
path {
path = "/secure"
backend {
service {
name = kubernetes_service_v1.nginx_service.metadata[0].name
port {
number = kubernetes_service_v1.nginx_service.spec[0].port[0].port
}
}
}
}
path {
path = "/insecure"
backend {
service {
name = kubernetes_service_v1.nginx_service.metadata[0].name
port {
number = kubernetes_service_v1.nginx_service.spec[0].port[0].port
}
}
}
}
}
}
tls {
hosts = ["naman.training.app"]
secret_name = "my-tls-secret"
}
}
}
resource "kubernetes_secret" "my_tls_secret" {
metadata {
name = "my-tls-secret"
}
data = {
"tls.crt" = file("naman.training.app.crt")
"tls.key" = file("naman.training.app-key.pem")
}
}
resource "kubernetes_secret" "basic_auth" {
metadata {
name = "basic-auth"
}
data = {
auth = file("./auth")
}
}
在这种情况下,每次我执行时 Ubuntu 容器都会失败terraform apply
但是如果我使用此 yaml 单独部署 pod,它可以工作 -
apiVersion: v1
kind: Pod
metadata:
name: mypod
labels:
app: mypod
spec:
volumes:
- name: html-files
emptyDir: {}
- name: nginx-config
configMap:
name: nginx-config
containers:
- name: nginx-container
image: nginx
volumeMounts:
- name: html-files
mountPath: /usr/share/nginx/html
- name: nginx-config
mountPath: /etc/nginx/conf.d
- name: ubuntu-container
image: ubuntu
volumeMounts:
- name: html-files
mountPath: /usr/share/nginx/html
command: ["/bin/sh", "-c"]
args:
- |
echo '<html><body><h1>This is the HOME page</h1></body></html>' > /usr/share/nginx/html/index.html &&
mkdir -p /usr/share/nginx/html/insecure /usr/share/nginx/html/secure &&
echo '<html><body><h1>This is an insecure page</h1></body></html>' > /usr/share/nginx/html/insecure/index.html &&
echo '<html><body><h1>This is a secure page</h1></body></html>' > /usr/share/nginx/html/secure/index.html &&
sleep infinity
我尝试过一些字符串格式,例如-
args = <<-EOT
- mkdir -p /usr/share/nginx/html/insecure /usr/share/nginx/html/secure
- >-
echo '<html><body><h1>This is an insecure page</h1></body></html>' >
/usr/share/nginx/html/insecure/index.html
- >-
echo '<html><body><h1>This is a secure page</h1></body></html>' >
/usr/share/nginx/html/secure/index.html
- sleep infinity
EOT
和
args = [ <<-EOT
echo '<html><body><h1>This is the HOME page</h1></body></html>' > /usr/share/nginx/html/index.html &&
mkdir -p /usr/share/nginx/html/insecure /usr/share/nginx/html/secure &&
echo '<html><body><h1>This is an insecure page</h1></body></html>' > /usr/share/nginx/html/insecure/index.html &&
echo '<html><body><h1>This is a secure page</h1></body></html>' > /usr/share/nginx/html/secure/index.html &&
sleep infinity
EOT
]
当我单独使用 yaml 文件进行部署时,pod 内的 yaml 是这样的 -
args:
- >
echo '<html><body><h1>This is the HOME page</h1></body></html>' >
/usr/share/nginx/html/index.html &&
mkdir -p /usr/share/nginx/html/insecure /usr/share/nginx/html/secure
&&
echo '<html><body><h1>This is an insecure page</h1></body></html>' >
/usr/share/nginx/html/insecure/index.html &&
echo '<html><body><h1>This is a secure page</h1></body></html>' >
/usr/share/nginx/html/secure/index.html &&
sleep infinity
它工作得很好,但正因为如此,我必须单独部署 pod,我想使用 terraform 完成这一切,我找不到问题所在。
答: 暂无答案
评论
terraform applykubectl get podminikube dashboard