This module provides an easy way to deploy pods and to expose them to the Internet by configuring the proper service and ingresses. It has been designed to allow pods with only one container. See examples below.
This module has been designed to work on a K3S cluster with Traefik and files stored locally.
It supports cert-manager for creating Let's Encrypt certificates. Take into consideration that a ClusterIssuer with name "letsencrypt" should be created before using this module.
Currently there is only one ingress supported. Feel free to open PR's to add support for others:
- Traefik
| Name | Version |
|---|---|
| kubernetes | n/a |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| image | Image name and tag to deploy. | string |
n/a | yes |
| name | Name used to identify deployed container and all related resources. | string |
n/a | yes |
| allow_from | List of services to allow traffic from | list(string) |
[] |
no |
| annotations | Annotations added to some components. Only ingress supported at the moment. | object({ |
{ |
no |
| capabilities_add | List of capabilities to add to the container. | list(string) |
[] |
no |
| container_port | Container port where to send to requests to. | string |
"80" |
no |
| domains | List of domains that should be configured to route traffic from. | list(string) |
[] |
no |
| environment_variables | Map with environment variables injected to the containers. | map(any) |
{} |
no |
| host_port | Host port where to send to requests to. | string |
null |
no |
| http | Whether to create an ingress for HTTP traffic. | bool |
true |
no |
| https | Whether to create an ingress for HTTPS traffic. | bool |
true |
no |
| image_pull_secret | Kubernetes secret storing registry credentials. | string |
"" |
no |
| namespace | Kubernetes namespace where resources must be created. | string |
"default" |
no |
| node_selector | Node selector to use when deploying the container. | map(string) |
null |
no |
| paths | Object mapping local paths to container paths | map(any) |
{} |
no |
| pod_additional_ports | List of additional ports to expose on the pod. | list(object({ |
[] |
no |
| pvcs | Object that contains the list of PVCs to mount in the container | list(object({ |
[] |
no |
| resources | Map with resources limits and requests. | object({ |
{ |
no |
| service_port | Port configured on the service side to receive requests (routed to the container port). | string |
"80" |
no |
| supplemental_groups | List of supplemental groups to add to the container. | list(string) |
[] |
no |
No outputs.
On the following example we are deploying Wordpress stack with:
- 1 x Wordpress: All data is stored on a local folder.
- 1 x MariaDB (MySQL) database. All data is stored on a local folder.
- 1 x PHPMyAdmin
module "wordpress" {
source = "alemuro/expose-service-ingress/kubernetes"
version = "1.1.0"
name = "wordpress-example"
image = "wordpress:5"
domains = ["wordpress-example.com", "wordpress.example.com"]
container_port = "80"
paths = {
"/opt/k3s/wordpress-example" = "/var/www/html"
}
pvcs = {
name = "pvc-name"
path = "/tmp/pvc-example"
}
environment_variables = {
WORDPRESS_DB_HOST = "database"
WORDPRESS_DB_USER = "wordpress-example"
WORDPRESS_DB_PASSWORD = "r@ndomPa$$w0rd!"
WORDPRESS_DB_NAME = "wordpress-example"
}
}
module "database" {
source = "alemuro/expose-service-ingress/kubernetes"
version = "1.1.0"
name = "database"
image = "mariadb"
container_port = "3306"
service_port = "3306"
paths = {
"/opt/k3s/database" = "/var/lib/mysql"
}
environment_variables = {
MYSQL_ALLOW_EMPTY_PASSWORD = "true"
}
}
module "phpmyadmin" {
source = "alemuro/expose-service-ingress/kubernetes"
version = "1.1.0"
name = "phpmyadmin"
image = "phpmyadmin"
domains = ["phpmyadmin.wordpress-example.com"]
container_port = "80"
environment_variables = {
PMA_HOST = "database"
PMA_PORT = 3306
MYSQL_ROOT_PASSWORD = "r@ndomPa$$w0rd!"
}
}