Add HTTP proxy support for govcloud

alexsomesan · Jan 17, 2018 · fb6fdc9 · fb6fdc9
1 parent 28892da
commit fb6fdc9
Show file tree

Hide file tree

Showing 6 changed files with 33 additions and 27 deletions.
diff --git a/config.tf b/config.tf
@@ -485,7 +485,6 @@ variable "tectonic_custom_ca_pem_list" {
 EOF
 }
 
-
 variable "tectonic_iscsi_enabled" {
   type        = "string"
   default     = "false"

diff --git a/modules/ignition/outputs.import b/modules/ignition/outputs.import
@@ -37,7 +37,6 @@ variable "ign_ca_cert_id_list" {
   description = "The list of public CA certificate ignition file IDs."
 }
 
-
 variable "ign_iscsi_service_id" {
   type = "string"
 }

diff --git a/modules/ignition/outputs.tf b/modules/ignition/outputs.tf
@@ -144,7 +144,6 @@ output "etcd_crt_id_list" {
   ]
 }
 
-
 output "iscsi_service_id" {
   value = "${data.ignition_systemd_unit.iscsi.id}"
 }

diff --git a/modules/ignition/variables.tf b/modules/ignition/variables.tf
@@ -170,5 +170,4 @@ variable "https_proxy" {
 variable "no_proxy" {
   type        = "list"
   description = "List of local endpoints that will not use HTTP proxy."
-
 }
diff --git a/platforms/aws/main.tf b/platforms/aws/main.tf
@@ -88,8 +88,6 @@ module "etcd" {
   subnets                    = "${module.vpc.worker_subnet_ids}"
   tls_enabled                = "${var.tectonic_etcd_tls_enabled}"
   etcd_iam_role              = "${var.tectonic_aws_etcd_iam_role_name}"
-  ign_profile_env_id         = "${local.tectonic_http_proxy_enabled ? module.ignition_masters.profile_env_id : ""}"
-  ign_systemd_default_env_id = "${local.tectonic_http_proxy_enabled ? module.ignition_masters.systemd_default_env_id : ""}"
 }
 
 module "ignition_masters" {

diff --git a/platforms/govcloud/main.tf b/platforms/govcloud/main.tf
@@ -65,27 +65,29 @@ module "vpc" {
 module "etcd" {
   source = "../../modules/govcloud/etcd"
 
-  base_domain             = "${var.tectonic_base_domain}"
-  cluster_id              = "${module.tectonic.cluster_id}"
-  cluster_name            = "${var.tectonic_cluster_name}"
-  container_image         = "${var.tectonic_container_images["etcd"]}"
-  container_linux_channel = "${var.tectonic_container_linux_channel}"
-  container_linux_version = "${module.container_linux.version}"
-  ec2_type                = "${var.tectonic_govcloud_etcd_ec2_type}"
-  external_endpoints      = "${compact(var.tectonic_etcd_servers)}"
-  extra_tags              = "${var.tectonic_govcloud_extra_tags}"
-  ign_etcd_crt_id_list    = "${module.ignition_masters.etcd_crt_id_list}"
-  ign_etcd_dropin_id_list = "${module.ignition_masters.etcd_dropin_id_list}"
-  instance_count          = "${length(data.template_file.etcd_hostname_list.*.id)}"
-  root_volume_iops        = "${var.tectonic_govcloud_etcd_root_volume_iops}"
-  root_volume_size        = "${var.tectonic_govcloud_etcd_root_volume_size}"
-  root_volume_type        = "${var.tectonic_govcloud_etcd_root_volume_type}"
-  s3_bucket               = "${aws_s3_bucket.tectonic.bucket}"
-  sg_ids                  = "${concat(var.tectonic_govcloud_etcd_extra_sg_ids, list(module.vpc.etcd_sg_id))}"
-  ssh_key                 = "${var.tectonic_govcloud_ssh_key}"
-  subnets                 = "${module.vpc.worker_subnet_ids}"
-  tls_enabled             = "${var.tectonic_etcd_tls_enabled}"
-  dns_server_ip           = "${var.tectonic_govcloud_dns_server_ip}"
+  base_domain                = "${var.tectonic_base_domain}"
+  cluster_id                 = "${module.tectonic.cluster_id}"
+  cluster_name               = "${var.tectonic_cluster_name}"
+  container_image            = "${var.tectonic_container_images["etcd"]}"
+  container_linux_channel    = "${var.tectonic_container_linux_channel}"
+  container_linux_version    = "${module.container_linux.version}"
+  ec2_type                   = "${var.tectonic_govcloud_etcd_ec2_type}"
+  external_endpoints         = "${compact(var.tectonic_etcd_servers)}"
+  extra_tags                 = "${var.tectonic_govcloud_extra_tags}"
+  ign_etcd_crt_id_list       = "${module.ignition_masters.etcd_crt_id_list}"
+  ign_etcd_dropin_id_list    = "${module.ignition_masters.etcd_dropin_id_list}"
+  ign_profile_env_id         = "${local.tectonic_http_proxy_enabled ? module.ignition_masters.profile_env_id : ""}"
+  ign_systemd_default_env_id = "${local.tectonic_http_proxy_enabled ? module.ignition_masters.systemd_default_env_id : ""}"
+  instance_count             = "${length(data.template_file.etcd_hostname_list.*.id)}"
+  root_volume_iops           = "${var.tectonic_govcloud_etcd_root_volume_iops}"
+  root_volume_size           = "${var.tectonic_govcloud_etcd_root_volume_size}"
+  root_volume_type           = "${var.tectonic_govcloud_etcd_root_volume_type}"
+  s3_bucket                  = "${aws_s3_bucket.tectonic.bucket}"
+  sg_ids                     = "${concat(var.tectonic_govcloud_etcd_extra_sg_ids, list(module.vpc.etcd_sg_id))}"
+  ssh_key                    = "${var.tectonic_govcloud_ssh_key}"
+  subnets                    = "${module.vpc.worker_subnet_ids}"
+  tls_enabled                = "${var.tectonic_etcd_tls_enabled}"
+  dns_server_ip              = "${var.tectonic_govcloud_dns_server_ip}"
 }
 
 module "ignition_masters" {
@@ -109,6 +111,8 @@ module "ignition_masters" {
   etcd_server_crt_pem       = "${module.etcd_certs.etcd_server_crt_pem}"
   etcd_server_key_pem       = "${module.etcd_certs.etcd_server_key_pem}"
   etcd_tls_enabled          = "${var.tectonic_etcd_tls_enabled}"
+  http_proxy                = "${var.tectonic_http_proxy_address}"
+  https_proxy               = "${var.tectonic_https_proxy_address}"
   image_re                  = "${var.tectonic_image_re}"
   ingress_ca_cert_pem       = "${module.ingress_certs.ca_cert_pem}"
   iscsi_enabled             = "${var.tectonic_iscsi_enabled}"
@@ -118,6 +122,7 @@ module "ignition_masters" {
   kubelet_debug_config      = "${var.tectonic_kubelet_debug_config}"
   kubelet_node_label        = "node-role.kubernetes.io/master"
   kubelet_node_taints       = "node-role.kubernetes.io/master=:NoSchedule"
+  no_proxy                  = "${var.tectonic_no_proxy}"
 }
 
 module "masters" {
@@ -146,9 +151,11 @@ module "masters" {
   ign_kubelet_service_id               = "${module.ignition_masters.kubelet_service_id}"
   ign_locksmithd_service_id            = "${module.ignition_masters.locksmithd_service_id}"
   ign_max_user_watches_id              = "${module.ignition_masters.max_user_watches_id}"
+  ign_profile_env_id                   = "${local.tectonic_http_proxy_enabled ? module.ignition_masters.profile_env_id : ""}"
   ign_rm_assets_path_unit_id           = "${module.ignition_masters.rm_assets_path_unit_id}"
   ign_rm_assets_service_id             = "${module.ignition_masters.rm_assets_service_id}"
   ign_s3_puller_id                     = "${module.ignition_masters.s3_puller_id}"
+  ign_systemd_default_env_id           = "${local.tectonic_http_proxy_enabled ? module.ignition_masters.systemd_default_env_id : ""}"
   ign_tectonic_path_unit_id            = "${module.tectonic.systemd_path_unit_id}"
   ign_tectonic_service_id              = "${module.tectonic.systemd_service_id}"
   ign_update_ca_certificates_dropin_id = "${module.ignition_masters.update_ca_certificates_dropin_id}"
@@ -175,6 +182,8 @@ module "ignition_workers" {
   container_images        = "${var.tectonic_container_images}"
   custom_ca_cert_pem_list = "${var.tectonic_custom_ca_pem_list}"
   etcd_ca_cert_pem        = "${module.etcd_certs.etcd_ca_crt_pem}"
+  http_proxy              = "${var.tectonic_http_proxy_address}"
+  https_proxy             = "${var.tectonic_https_proxy_address}"
   image_re                = "${var.tectonic_image_re}"
   ingress_ca_cert_pem     = "${module.ingress_certs.ca_cert_pem}"
   iscsi_enabled           = "${var.tectonic_iscsi_enabled}"
@@ -184,6 +193,7 @@ module "ignition_workers" {
   kubelet_debug_config    = "${var.tectonic_kubelet_debug_config}"
   kubelet_node_label      = "node-role.kubernetes.io/node"
   kubelet_node_taints     = ""
+  no_proxy                = "${var.tectonic_no_proxy}"
 }
 
 module "workers" {
@@ -205,7 +215,9 @@ module "workers" {
   ign_kubelet_service_id               = "${module.ignition_workers.kubelet_service_id}"
   ign_locksmithd_service_id            = "${module.ignition_workers.locksmithd_service_id}"
   ign_max_user_watches_id              = "${module.ignition_workers.max_user_watches_id}"
+  ign_profile_env_id                   = "${local.tectonic_http_proxy_enabled ? module.ignition_workers.profile_env_id : ""}"
   ign_s3_puller_id                     = "${module.ignition_workers.s3_puller_id}"
+  ign_systemd_default_env_id           = "${local.tectonic_http_proxy_enabled ? module.ignition_workers.systemd_default_env_id : ""}"
   ign_update_ca_certificates_dropin_id = "${module.ignition_workers.update_ca_certificates_dropin_id}"
   instance_count                       = "${var.tectonic_worker_count}"
   load_balancers                       = "${var.tectonic_govcloud_worker_load_balancers}"