From 28e4ab0a1ac1bd9f52346bcba6415ab6f9ccf499 Mon Sep 17 00:00:00 2001 From: Victor Barba Martin Date: Sun, 31 Oct 2021 13:36:53 +0100 Subject: [PATCH] fix ingress-nginx --- README.md | 26 ++-------- argocd | 38 -------------- argocd.pub | 1 - k8s/applications/applications.yaml | 11 ++++ k8s/applications/ingress-nginx.yaml | 2 +- k8s/argocd/base/kustomization.yaml | 4 +- k8s/cert-manager/cluster-issuer-haproxy.yaml | 2 +- k8s/cert-manager/cluster-issuer-nginx.yaml | 2 +- terraform/.terraform.lock.hcl | 53 ++++++++++++++++++++ terraform/aws-dns.tf | 42 ---------------- terraform/lke.tf | 33 ++++-------- terraform/terraform.tf | 15 +++--- 12 files changed, 91 insertions(+), 138 deletions(-) delete mode 100644 argocd delete mode 100644 argocd.pub delete mode 100644 terraform/aws-dns.tf diff --git a/README.md b/README.md index 4d31f0a..1c195ca 100644 --- a/README.md +++ b/README.md @@ -28,30 +28,14 @@ This README would normally document whatever steps are necessary to get your app * Repo owner or admin * Other community or team contact -# Install NGINX-INGRESS-CONTROLLER -helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx -helm repo update -helm install ingress-nginx ingress-nginx/ingress-nginx +# Apply terraform -# GET NGINX INGRESS CONTROLLER LOADBALANCER IP -kubectl --namespace default get services -o wide -w ingress-nginx-controller - -# SETUP *.staging.video.jamkazam.com A RECORD to NGINX INGRESS CONTROLLER LB IP - -Manually AWS console - -# Install cert-manager -helm install cert-manager cert-manager \ ---repo https://charts.jetstack.io \ ---create-namespace --namespace cert-manager \ ---set installCRDs=true - -# Create cluster-issuer -kubectl apply -f k8s/cert-manager/cluster-issuer.yaml # Install ArgoCD kubectl create namespace argocd kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml -# Create ArgoCD Ingress -kubectl apply -f k8s/argocd/ingress.yaml \ No newline at end of file +# Add Bitbucket SSH Key secret + + + diff --git a/argocd b/argocd deleted file mode 100644 index 299bf85..0000000 --- a/argocd +++ /dev/null @@ -1,38 +0,0 @@ ------BEGIN OPENSSH PRIVATE KEY----- -b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABlwAAAAdzc2gtcn -NhAAAAAwEAAQAAAYEA+cVjgXqQ5qP/+2J3uunKU681+c1YohjBWLXoyglz+GI9MNDoWcz1 -s0v8GX1AgMU4fTkHcuQCvGLvOiOgNFYWKGKhXvvp8PlXa6qgDIOW62Qg1C6VxdwUMu3QzH -lVR/dxCUrtlYL92lj6URXzStCSpviBKnqzGMJitlwyI2CtrEZIRlYkzG9QLypFQ+NdjI3d -Q3848g6gOwkInij+LR3x6MvkOOZeXyc+js4YR7wWkzOi/KHrJZ+zwuJqTD2d/wvDR3Eiyf -egDDiiyy29ryXWy2LCb5+FmXxzD/iO9Lio0EP8+4figw69jH2LZP/AIn9u7nOs7u6ZXQ56 -TijgF7UpUwrg7VsfOm1fjC33gdeMwAkOLA8oOTVlaYW3ZbnWYGZ6BHRV8yhohaB7XN3Hc5 -jDW6y4frmw+Vk8Om0bi6SKTPqn812NfIGSkxFZ9nQ5Z40PtFh/qX9MJQyI6yCwRGFtaARG -/8mitnoCClL47kaYHepMy4tSgfKzTFr575tRKJMnAAAFkJVexiOVXsYjAAAAB3NzaC1yc2 -EAAAGBAPnFY4F6kOaj//tid7rpylOvNfnNWKIYwVi16MoJc/hiPTDQ6FnM9bNL/Bl9QIDF -OH05B3LkArxi7zojoDRWFihioV776fD5V2uqoAyDlutkINQulcXcFDLt0Mx5VUf3cQlK7Z -WC/dpY+lEV80rQkqb4gSp6sxjCYrZcMiNgraxGSEZWJMxvUC8qRUPjXYyN3UN/OPIOoDsJ -CJ4o/i0d8ejL5DjmXl8nPo7OGEe8FpMzovyh6yWfs8Liakw9nf8Lw0dxIsn3oAw4osstva -8l1stiwm+fhZl8cw/4jvS4qNBD/PuH4oMOvYx9i2T/wCJ/bu5zrO7umV0Oek4o4Be1KVMK -4O1bHzptX4wt94HXjMAJDiwPKDk1ZWmFt2W51mBmegR0VfMoaIWge1zdx3OYw1usuH65sP -lZPDptG4ukikz6p/NdjXyBkpMRWfZ0OWeND7RYf6l/TCUMiOsgsERhbWgERv/JorZ6AgpS -+O5GmB3qTMuLUoHys0xa+e+bUSiTJwAAAAMBAAEAAAGAduOBANGxhUdNAoCVUzATcY/11k -jrRoUYCzzTaM/lFrbUP5dA8fXAgi7J+ewHtwOpZtmtdP+ZWciR7I+moyLS+zgvbcHlUiGt -ff9CnZJJVRRdGAJwojSmnLNcbufWMyJR+MVkn4UxhixSQiR7oQH0vGuPOAQdmcx1Ji5uYy -6SnGz73BcG/xSBC2JIhA8GqW+hgY5eMcHKfS9IndgPXLRjQJdEs9zb0NkiSuFI52RdLoYm -r6/2+PqymzIgvNebjBoxUeV7IGRjaXoqW7f+D5D0oRLnUb+7ueIHlxrdydtvWaTM6IBeCa -9gngve6y71eVJVuxeaXzuzxUjZqXEKQXNBJV6HQRy4uFzpJcvYcZQLAZTa6KIjXGPO8Ujw -MnIcs/YaoQMOXYR357kFSFMTQ9aN4tnzAYFnY32+R3o4NQX6nkcld9mje3F1msMosPlLOe -7AVqkqs4ebZk6F7THisTN1s7WP3mq1ogCb+JgujGRaArDULrkmOWUM5bQigAPjGDMhAAAA -wQCJSnPE7HFPLcTxXv5YvHlMdtRTLbvWtvKjMM1lMPo5rKd1gJHKJfYp16EmI9TUeFFiev -HzCHDaamzXcFs1th8u1exYxWdN4bftxBiM9QiFA3OMbl+qtBa9nSU+nOwtmRb6TP1Ai5QM -gtsqhQ6GIeeYWTtS8spFhIkQdCejb8mvGbZDvvbGO3vlddwPKJtoDWHzETje+ygRTrjqOi -4jCUuNAAyw1LFQshY9BLbCcCd+MOlvEd5wDlNALg1PdyUx/OkAAADBAP6iX1VmMMfwb2Bw -wW2ZR6QkEHsDMt1N5hBQmj5E765zou6Cxcud8/sRjfEfSrGr4m0MpqmrED4AB4lKo1GxG6 -zxO7Xrv7DwXjrj95F9cTvMEE5o4TiKh5ZB+lCNdqhb/scidMkrnFQgn3qpWAMkLIXOqG0O -rrCYMrKyjgoM0nKovZseboIAiHGmTkIJfSOiT0Lwd9rKznNugYcuZkCB3eyW+rujowIcry -Nb6AInHJh8TRoBpRpNEs+bAsfdNuJkEQAAAMEA+xxWvMfUG82ZEjRIxLIzVuEB1OihiVhN -IHYxYpz5qrqbva+fCNIKGZypqhbtf6pJUvOD1rS8OyzBUZYhPryUGRuiabMggK+RrfK0st -+fHCYbquigYgLJoODF7RUTGEE/EaXR9gJdyETSXH6K+PzNUI4bytOdgorxNnKxB6jnyNeZ -t2hY8ruoZe+I94E2Elmq9IQ9xG2UZtlZ8PviJT1Llr54p7AWmD00O6mczf95XNE7bo/ykH -as6fPnAPSssVu3AAAAGnZiYXJiYUBNYWNCb29rLVByby0yLmxvY2Fs ------END OPENSSH PRIVATE KEY----- diff --git a/argocd.pub b/argocd.pub deleted file mode 100644 index 5171052..0000000 --- a/argocd.pub +++ /dev/null @@ -1 +0,0 @@ -ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQD5xWOBepDmo//7Yne66cpTrzX5zViiGMFYtejKCXP4Yj0w0OhZzPWzS/wZfUCAxTh9OQdy5AK8Yu86I6A0VhYoYqFe++nw+VdrqqAMg5brZCDULpXF3BQy7dDMeVVH93EJSu2Vgv3aWPpRFfNK0JKm+IEqerMYwmK2XDIjYK2sRkhGViTMb1AvKkVD412Mjd1DfzjyDqA7CQieKP4tHfHoy+Q45l5fJz6OzhhHvBaTM6L8oesln7PC4mpMPZ3/C8NHcSLJ96AMOKLLLb2vJdbLYsJvn4WZfHMP+I70uKjQQ/z7h+KDDr2MfYtk/8Aif27uc6zu7pldDnpOKOAXtSlTCuDtWx86bV+MLfeB14zACQ4sDyg5NWVphbdludZgZnoEdFXzKGiFoHtc3cdzmMNbrLh+ubD5WTw6bRuLpIpM+qfzXY18gZKTEVn2dDlnjQ+0WH+pf0wlDIjrILBEYW1oBEb/yaK2egIKUvjuRpgd6kzLi1KB8rNMWvnvm1Eokyc= vbarba@MacBook-Pro-2.local diff --git a/k8s/applications/applications.yaml b/k8s/applications/applications.yaml index 77f9823..e255b4c 100644 --- a/k8s/applications/applications.yaml +++ b/k8s/applications/applications.yaml @@ -2,6 +2,7 @@ apiVersion: argoproj.io/v1alpha1 kind: Application metadata: name: applications + namespace: argocd spec: destination: name: '' @@ -12,3 +13,13 @@ spec: repoURL: 'git@bitbucket.org:jamkazam/video-iac.git' targetRevision: HEAD project: default + syncPolicy: + automated: + prune: true + allowEmpty: false + retry: + limit: 5 + backoff: + duration: 5s + factor: 2 + maxDuration: 3m \ No newline at end of file diff --git a/k8s/applications/ingress-nginx.yaml b/k8s/applications/ingress-nginx.yaml index a46de5a..b7ca6df 100644 --- a/k8s/applications/ingress-nginx.yaml +++ b/k8s/applications/ingress-nginx.yaml @@ -13,6 +13,6 @@ spec: source: path: '' repoURL: 'https://kubernetes.github.io/ingress-nginx' - targetRevision: 1.0.4 + # targetRevision: 1.0.4 chart: ingress-nginx project: default diff --git a/k8s/argocd/base/kustomization.yaml b/k8s/argocd/base/kustomization.yaml index 4150f56..9a90dad 100644 --- a/k8s/argocd/base/kustomization.yaml +++ b/k8s/argocd/base/kustomization.yaml @@ -1,7 +1,7 @@ --- apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization - +namespace: argocd resources: - - https://github.com/argoproj/argo-cd/manifests/namespace-install?ref=stable + # - https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml - ingress.yaml diff --git a/k8s/cert-manager/cluster-issuer-haproxy.yaml b/k8s/cert-manager/cluster-issuer-haproxy.yaml index 03df4f4..efa4922 100644 --- a/k8s/cert-manager/cluster-issuer-haproxy.yaml +++ b/k8s/cert-manager/cluster-issuer-haproxy.yaml @@ -11,7 +11,7 @@ spec: server: https://acme-v02.api.letsencrypt.org/directory privateKeySecretRef: # Secret resource that will be used to store the account's private key. - name: issuer-account-key + name: haproxy-issuer-account-key # Add a single challenge solver, HTTP01 using nginx solvers: - http01: diff --git a/k8s/cert-manager/cluster-issuer-nginx.yaml b/k8s/cert-manager/cluster-issuer-nginx.yaml index ccd1944..1abeea3 100644 --- a/k8s/cert-manager/cluster-issuer-nginx.yaml +++ b/k8s/cert-manager/cluster-issuer-nginx.yaml @@ -11,7 +11,7 @@ spec: server: https://acme-v02.api.letsencrypt.org/directory privateKeySecretRef: # Secret resource that will be used to store the account's private key. - name: issuer-account-key + name: nginx-issuer-account-key # Add a single challenge solver, HTTP01 using nginx solvers: - http01: diff --git a/terraform/.terraform.lock.hcl b/terraform/.terraform.lock.hcl index 80e1ae5..86cd369 100644 --- a/terraform/.terraform.lock.hcl +++ b/terraform/.terraform.lock.hcl @@ -1,6 +1,23 @@ # This file is maintained automatically by "terraform init". # Manual edits may be lost in future updates. +provider "registry.terraform.io/gavinbunney/kubectl" { + version = "1.13.0" + constraints = ">= 1.7.0" + hashes = [ + "h1:rL7qqvUpmTiaZDi0b+GQC8mUMpme+RfRfWFzLsp3F0Q=", + "zh:088c99d7e079ba2be3abe1d5c5b2070eff85256178467783af125d11026f08b6", + "zh:0d3fa3bfb4768dd39e2f3af4d85e69fdb8f6abcbe92fece37fc78a97dedd7dc1", + "zh:227d9fb591a0cdcd482410b88c6d91f17922a85fb9caef9b73c2883f6964b483", + "zh:607bff8e6e03ae2b4d523c21377fa655d370cc8310812310ae61b409e7c271d5", + "zh:621d46414e23d5a7cfb1ba25275f1cac1fba78be5c1512f0a0614752425411cc", + "zh:76aace9adb7dc9c10abcc52b31947821335b60b7b335b485bd05f20a91debd63", + "zh:a9ff1f7c676d89cacd64605ad899749dd718f65cb879fabba8e15fcfd0a07629", + "zh:b122fa06ad1978ec3092cce48f16456aa820bf5786a101a8378323659ed11db3", + "zh:fcf5ad18fafe717739c5d40d8c4e4a70e123cf4296efc7286f9d98e3c42e410f", + ] +} + provider "registry.terraform.io/hashicorp/aws" { version = "3.63.0" hashes = [ @@ -19,6 +36,24 @@ provider "registry.terraform.io/hashicorp/aws" { ] } +provider "registry.terraform.io/hashicorp/http" { + version = "2.1.0" + hashes = [ + "h1:GYoVrTtiSAE3AlP1fad3fFmHoPaXAPhm/DJyMcVCwZA=", + "zh:03d82dc0887d755b8406697b1d27506bc9f86f93b3e9b4d26e0679d96b802826", + "zh:0704d02926393ddc0cfad0b87c3d51eafeeae5f9e27cc71e193c141079244a22", + "zh:095ea350ea94973e043dad2394f10bca4a4bf41be775ba59d19961d39141d150", + "zh:0b71ac44e87d6964ace82979fc3cbb09eb876ed8f954449481bcaa969ba29cb7", + "zh:0e255a170db598bd1142c396cefc59712ad6d4e1b0e08a840356a371e7b73bc4", + "zh:67c8091cfad226218c472c04881edf236db8f2dc149dc5ada878a1cd3c1de171", + "zh:75df05e25d14b5101d4bc6624ac4a01bb17af0263c9e8a740e739f8938b86ee3", + "zh:b4e36b2c4f33fdc44bf55fa1c9bb6864b5b77822f444bd56f0be7e9476674d0e", + "zh:b9b36b01d2ec4771838743517bc5f24ea27976634987c6d5529ac4223e44365d", + "zh:ca264a916e42e221fddb98d640148b12e42116046454b39ede99a77fc52f59f4", + "zh:fe373b2fb2cc94777a91ecd7ac5372e699748c455f44f6ea27e494de9e5e6f92", + ] +} + provider "registry.terraform.io/hashicorp/kubernetes" { version = "2.6.1" hashes = [ @@ -37,6 +72,24 @@ provider "registry.terraform.io/hashicorp/kubernetes" { ] } +provider "registry.terraform.io/hashicorp/local" { + version = "2.1.0" + hashes = [ + "h1:KfieWtVyGWwplSoLIB5usKAUnrIkDQBkWaR5TI+4WYg=", + "zh:0f1ec65101fa35050978d483d6e8916664b7556800348456ff3d09454ac1eae2", + "zh:36e42ac19f5d68467aacf07e6adcf83c7486f2e5b5f4339e9671f68525fc87ab", + "zh:6db9db2a1819e77b1642ec3b5e95042b202aee8151a0256d289f2e141bf3ceb3", + "zh:719dfd97bb9ddce99f7d741260b8ece2682b363735c764cac83303f02386075a", + "zh:7598bb86e0378fd97eaa04638c1a4c75f960f62f69d3662e6d80ffa5a89847fe", + "zh:ad0a188b52517fec9eca393f1e2c9daea362b33ae2eb38a857b6b09949a727c1", + "zh:c46846c8df66a13fee6eff7dc5d528a7f868ae0dcf92d79deaac73cc297ed20c", + "zh:dc1a20a2eec12095d04bf6da5321f535351a594a636912361db20eb2a707ccc4", + "zh:e57ab4771a9d999401f6badd8b018558357d3cbdf3d33cc0c4f83e818ca8e94b", + "zh:ebdcde208072b4b0f8d305ebf2bfdc62c926e0717599dcf8ec2fd8c5845031c3", + "zh:ef34c52b68933bedd0868a13ccfd59ff1c820f299760b3c02e008dc95e2ece91", + ] +} + provider "registry.terraform.io/linode/linode" { version = "1.18.0" hashes = [ diff --git a/terraform/aws-dns.tf b/terraform/aws-dns.tf deleted file mode 100644 index 2c45aa0..0000000 --- a/terraform/aws-dns.tf +++ /dev/null @@ -1,42 +0,0 @@ - -provider "aws" { - region = "us-east-1" -} -resource "aws_iam_user" "lke-external-dns" { - name = "lke-external-dns" -} - -resource "aws_iam_access_key" "lke-external-dns" { - user = aws_iam_user.lke-external-dns.name -} - -resource "aws_iam_user_policy" "lke-external-dns" { - name = "route-53" - user = aws_iam_user.lke-external-dns.name - policy = <