feat: central/shared kubernetes platform landing zone and optional namespace creation in app landing zone#39
Conversation
lweberru
changed the title
| effective_dns_zones = var.dns.create_zones ? sort([ | ||
| for zone in values(stackit_dns_zone.ske_extension) : zone.dns_name | ||
| ]) : local.dns_extension_zones | ||
| default_node_pools = [ |
There was a problem hiding this comment.
the default_node_pools should go into the var.cluster variable as default
also allow_system_components is not set, I would split it up in "system" and "application" node pool
| volume_type = optional(string, "storage_premium_perf1") | ||
| os_name = optional(string, "flatcar") | ||
| labels = optional(map(string), {}) | ||
| })), []) |
There was a problem hiding this comment.
, []) -> here the default node pools instead of the default_node_pools local can be defined
| volume_type = optional(string, "storage_premium_perf1") | ||
| os_name = optional(string, "flatcar") | ||
| labels = optional(map(string), {}) | ||
| })), []) |
There was a problem hiding this comment.
here the default node pools also can be defined
| cleanup_on_fail = true | ||
| } | ||
|
|
||
| resource "helm_release" "demo_ingress_nginx" { |
There was a problem hiding this comment.
ingress nginx is deprecated due to security reasons --> gateway controller
| @@ -0,0 +1,1371 @@ | |||
| ############################# | |||
There was a problem hiding this comment.
I would not include the setup of the kubernetes demo in the landing zone Terraform since not every customer wants to use Kubernetes and for production setups this demo needs to be removed afterwards manually
| } | ||
| } | ||
| } | ||
|
|
There was a problem hiding this comment.
everything after here doesnt make sense
There was a problem hiding this comment.
this doesnt make sense to me
| locals { | ||
| platform_kubernetes_cluster_key = try(one([ | ||
| for key, value in module.platform_kubernetes : key | ||
| if value.ske_cluster_region == var.region |
There was a problem hiding this comment.
why checking the region here?
| acl = optional(list(string), []) | ||
| name = optional(string, null) | ||
| }), {}) | ||
| namespace_service = optional(object({ |
There was a problem hiding this comment.
this should not be in here
| error_message = "If namespace_service.dns_subdomain is set, it must be a valid DNS label (<=63 chars, lowercase alphanumeric and '-', must start/end with alphanumeric)." | ||
| } | ||
|
|
||
| validation { |
There was a problem hiding this comment.
this validation is not neccessary since the namespace_service.enabled boolean is not needed. If namespace_service is not null, it is true anyway. I think it doesnt make sense to define namespace_service and leave namespace_service.enabled on false
2 participants
Summary
This PR adds a complete Landing Zone namespace service demo flow with real observability integration and Grafana dashboard provisioning.
Included
Validation
Issue References
Closes #35
Closes #36
Out of Scope