我使用Terraform(link)启动了GKE集群,现在我试图发布集群上的舵图,并尝试获取“ Nginx Ingress”舵图,如下所示:
resource "helm_release" "ingress" {
name = "ingress"
repository = "https://kubernetes.github.io/ingress-nginx"
chart = "ingress-nginx"
}
地形计划:
Terraform will perform the following actions:
# helm_release.ingress will be created
+ resource "helm_release" "ingress" {
+ chart = "ingress-nginx"
+ disable_webhooks = false
+ force_update = false
+ id = (known after apply)
+ metadata = (known after apply)
+ name = "ingress"
+ namespace = "default"
+ recreate_pods = false
+ repository = "https://kubernetes.github.io/ingress-nginx"
+ reuse = false
+ reuse_values = false
+ status = "DEPLOYED"
+ timeout = 300
+ verify = false
+ version = "2.3.0"
+ wait = true
}
但是我遇到了错误
Error: Kubernetes cluster unreachable: Get https://35.232.164.12/version?timeout=32s: dial tcp 35.232.164.12:443: i/o timeout
on helm.tf line 36, in resource "helm_release" "ingress":
36: resource "helm_release" "ingress" {
答案 0 :(得分:1)
此处的Terraform无法与Kubernetes集群建立连接。群集无法访问。
还必须先使用Terraform设置分till,然后才能使用舵图。
在Terraform中,您可以使用helm提供程序,如果正在使用服务帐户,则添加现有帐户或根据需要创建一个帐户。
provider "helm" {
service_account = "${kubernetes_service_account.helm_account.metadata.0.name}"
tiller_image = "gcr.io/kubernetes-helm/tiller:${var.helm_version}"
#install_tiller = false
kubernetes {
host = "${google_container_cluster.<name>.endpoint}"
token = "${data.google_client_config.current.access_token}"
client_certificate = "${base64decode(google_container_cluster.data-dome-cluster.master_auth.0.client_certificate)}"
client_key = "${base64decode(google_container_cluster.data-dome-cluster.master_auth.0.client_key)}"
cluster_ca_certificate = "${base64decode(google_container_cluster.data-dome-cluster.master_auth.0.cluster_ca_certificate)}"
}
一个helm开始运行,您可以开始使用头盔包管理器设置其他版本。
您也可以查看此答案以获取更多详细信息:Deploying Helm workloads with Terraform on GKE cluster