Open kaukiran opened 6 years ago
From my experience I have had to make use the of the Terraform Helm Provider in combination with this Kubernetes Provider fork as there is no nice way to do custom (or any other non supported by this provider) resource at this time. With the helm provider you can apply a helm chart that contains all and any custom resources or edit for example the helm chart you are using here to include the CR's.
Alternatively a hacky way of doing it is using a null_resource and kubectl apply which does work but is not a very good approach as it doesnt properly maintain the sate etc
here is an example that first authenticates to an AKS cluster with the Az powershell tools then applys some CR's for Cert-Manager
resource "null_resource" "kubernetes_certmanager_clusterIssuer" {
triggers {
content = "${file("${path.module}/templates/clusterIssuer.yaml")}"
}
provisioner "local-exec" {
interpreter = ["pwsh", "-c"]
command = <<EOF
Clear-AzContext -Scope CurrentUser -Force
Connect-AzAccount -ServicePrincipal -Credential (new-object Management.Automation.PSCredential $env:ARM_CLIENT_ID, ($env:ARM_CLIENT_SECRET | ConvertTo-SecureString -AsPlainText -Force)) -TenantId $env:ARM_TENANT_ID | Out-Null
Import-AzAksCredential -ResourceGroupName ${var.resource_group} -Name "${var.name_prefix}-${var.gitlab_project_id}-aks" -admin -force | Out-Null
kubectl apply -f ${path.module}/templates/clusterIssuer.yaml
EOF
}
provisioner "local-exec" {
interpreter = ["pwsh", "-c"]
when = "destroy"
on_failure = "continue"
command = <<EOF
Clear-AzContext -Scope CurrentUser -Force
Connect-AzAccount -ServicePrincipal -Credential (new-object Management.Automation.PSCredential $env:ARM_CLIENT_ID, ($env:ARM_CLIENT_SECRET | ConvertTo-SecureString -AsPlainText -Force)) -TenantId $env:ARM_TENANT_ID | Out-Null
Import-AzAksCredential -ResourceGroupName ${var.resource_group} -Name "${var.name_prefix}-${var.gitlab_project_id}-aks" -admin -force | Out-Null
kubectl delete -f ${path.module}/templates/clusterIssuer.yaml
EOF
}
depends_on = ["helm_release.cert-manager"]
}
Maybe once TF 12 drops the official K8s provider might get some love to make it a bit more usable
Hi
Im trying to deploy metrics-server addon. Is APIService resource supported ? If not is there any work around to do this ?
metrics-server APIService resource
Reference -
Thank you for the support.