k/digitalocean: place resources in vpc-id

This commit is contained in:
ryan-distrust.co 2023-05-13 01:31:07 -04:00
parent 837587782b
commit cf10ecc371
Signed by untrusted user who does not match committer: ryan
GPG Key ID: 8E401478A3FBEF72
5 changed files with 31 additions and 21 deletions

View File

@ -110,3 +110,7 @@ output "database" {
value = module.digitalocean_database_cluster.database_cluster value = module.digitalocean_database_cluster.database_cluster
sensitive = true sensitive = true
} }
output "vpc_id" {
value = digitalocean_vpc.main.id
}

View File

@ -18,28 +18,33 @@ spec:
serviceAccountName: cloud-controller-manager serviceAccountName: cloud-controller-manager
priorityClassName: system-cluster-critical priorityClassName: system-cluster-critical
tolerations: tolerations:
# this taint is set by all kubelets running `--cloud-provider=external` # this taint is set by all kubelets running `--cloud-provider=external`
# so we should tolerate it to schedule the digitalocean ccm # so we should tolerate it to schedule the digitalocean ccm
- key: "node.cloudprovider.kubernetes.io/uninitialized" - key: "node.cloudprovider.kubernetes.io/uninitialized"
value: "true" value: "true"
effect: "NoSchedule" effect: "NoSchedule"
- key: "CriticalAddonsOnly" - key: "CriticalAddonsOnly"
operator: "Exists" operator: "Exists"
- key: "node-role.kubernetes.io/control-plane" - key: "node-role.kubernetes.io/control-plane"
effect: NoSchedule effect: NoSchedule
containers: containers:
- image: digitalocean/digitalocean-cloud-controller-manager:v0.1.42 - image: digitalocean/digitalocean-cloud-controller-manager:v0.1.42
name: digitalocean-cloud-controller-manager name: digitalocean-cloud-controller-manager
command: command:
- "/bin/digitalocean-cloud-controller-manager" - "/bin/digitalocean-cloud-controller-manager"
- "--leader-elect=false" - "--leader-elect=false"
resources: resources:
requests: requests:
cpu: 100m cpu: 100m
memory: 50Mi memory: 50Mi
env: env:
- name: DO_ACCESS_TOKEN - name: DO_ACCESS_TOKEN
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: digitalocean name: digitalocean
key: access-token key: access-token
- name: DO_CLUSTER_VPC_ID
valueFrom:
secretKeyRef:
name: digitalocean
key: vpc-id

View File

@ -4,14 +4,15 @@ metadata:
name: digitalocean name: digitalocean
stringData: stringData:
access-token: ENC[AES256_GCM,data:SncEdDwS401k+njXftfwHM9Zb6+u4QdijjFWuXrzwlh8cjYa8Rz84SeRcjzwdXZFmJKBN83zH0nIpXzDy288wgL+1yeqQLk=,iv:DVSrIJtkcbOQoyZkb3P4lweVBHrJVDiI8+yO0AqSPS8=,tag:RKmJqay1ldCZZhJRa8EEdw==,type:str] access-token: ENC[AES256_GCM,data:SncEdDwS401k+njXftfwHM9Zb6+u4QdijjFWuXrzwlh8cjYa8Rz84SeRcjzwdXZFmJKBN83zH0nIpXzDy288wgL+1yeqQLk=,iv:DVSrIJtkcbOQoyZkb3P4lweVBHrJVDiI8+yO0AqSPS8=,tag:RKmJqay1ldCZZhJRa8EEdw==,type:str]
vpc-id: ENC[AES256_GCM,data:ZHqBS5AyTXikzaAAVgAZBVcTSphE9eO2GQfuhjaxiBqCQSGN,iv:0OogtBVicAGsbKUoD/lJ2lzrTPDuDT7jYztqz+xyNMM=,tag:MelJVnJepBehgLupdHzdKg==,type:str]
sops: sops:
kms: [] kms: []
gcp_kms: [] gcp_kms: []
azure_kv: [] azure_kv: []
hc_vault: [] hc_vault: []
age: [] age: []
lastmodified: "2023-05-10T23:42:01Z" lastmodified: "2023-05-13T05:26:48Z"
mac: ENC[AES256_GCM,data:hlsYbJptvkswHHQeH0MzxO0a52Sl84dBvsOdB4rSaEkmWpyblS9rpX1GZNIXrwEyj4A12V1lTAIclPAekP6a7ebBUhQzgonF3TjmdevusnSo63NExhbVV/ViJQG+wlFD65gB26e5VGy30vRUMDZk4s6Lhwa4pK7LvijsgKK3rq8=,iv:pK7FoKYF0s/NuUn+TY4nLhFIQAsG6gWTbGzuKOze0Fo=,tag:TXTbYfdHLNimFWzh6xUH+A==,type:str] mac: ENC[AES256_GCM,data:d4ZzlU1WT+h4PKspmThDct2XlpHbw8YLHwhGB73jOU1bLNPht6WUhcWD1mS5vhPKhdGa1fOB2reshJ6ueSkm8dhozcPNtHBt9cSKERVgQ8pcNF3DUET4iEp/pRY4YZ1Lr5gUzaos8hN9Gys8JpuTJR6axfOmlD75j0a3tKyLpq0=,iv:J8XxKp8WSmp7E2qR5dm1UmWWmNUotck21Jk6Lwp30K4=,tag:CLDhCsbaHb+2Rlnc2GEttQ==,type:str]
pgp: pgp:
- created_at: "2022-05-20T06:11:55Z" - created_at: "2022-05-20T06:11:55Z"
enc: |- enc: |-
@ -34,4 +35,4 @@ sops:
-----END PGP MESSAGE----- -----END PGP MESSAGE-----
fp: 88823A75ECAA786B0FF38B148E401478A3FBEF72 fp: 88823A75ECAA786B0FF38B148E401478A3FBEF72
encrypted_regex: ^(data|stringData)$ encrypted_regex: ^(data|stringData)$
version: 3.7.2 version: 3.7.3

View File

@ -1,7 +1,7 @@
apiVersion: kustomize.config.k8s.io/v1beta1 apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization kind: Kustomization
namespace: kube-system namespace: kube-system
bases: resources:
- cloud-controller-manager - cloud-controller-manager
- csi-driver - csi-driver
generators: generators:

View File

@ -3,4 +3,4 @@ kind: ksops
metadata: metadata:
name: ksops name: ksops
files: files:
- ./digitalocean-token.enc.yaml - ./digitalocean-config.enc.yaml