From 8ec0b51d8dcccd81d4c146915c0104aee328963e Mon Sep 17 00:00:00 2001 From: Francesco Latini Date: Mon, 8 Jul 2024 14:13:23 +0200 Subject: [PATCH 1/8] Removed autocluster from the properties file --- conf/axonserver.properties.tmpl | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/conf/axonserver.properties.tmpl b/conf/axonserver.properties.tmpl index c37a98c..195b4a5 100644 --- a/conf/axonserver.properties.tmpl +++ b/conf/axonserver.properties.tmpl @@ -12,8 +12,8 @@ # See the License for the specific language governing permissions and # limitations under the License. -axoniq.axonserver.autocluster.first=${first_name}.${namespace}.svc.cluster.local -axoniq.axonserver.autocluster.contexts=_admin,default +#axoniq.axonserver.autocluster.first=${first_name}.${namespace}.svc.cluster.local +#axoniq.axonserver.autocluster.contexts=_admin,default axoniq.axonserver.enterprise.licenseDirectory=./license From 1938b738b2b721202e83f32217db1ea9606f769e Mon Sep 17 00:00:00 2001 From: Francesco Latini Date: Mon, 8 Jul 2024 14:55:19 +0200 Subject: [PATCH 2/8] Add a condition for console auth --- statefulset.tf | 37 +++++++++++++++++++++++++------------ 1 file changed, 25 insertions(+), 12 deletions(-) diff --git a/statefulset.tf b/statefulset.tf index 99c1e44..77a2d73 100755 --- a/statefulset.tf +++ b/statefulset.tf @@ -1,5 +1,9 @@ +locals { + console = var.console_authentication != "" +} + resource "kubernetes_stateful_set" "axonserver" { - count = var.nodes_number + count = var.nodes_number metadata { name = "${var.cluster_name}-${count.index + 1}" @@ -82,9 +86,12 @@ resource "kubernetes_stateful_set" "axonserver" { value = "${var.cluster_name}-${count.index + 1}" } - env { - name = "AXONIQ_CONSOLE_AUTHENTICATION" - value = var.console_authentication + dynamic "env" { + for_each = locals.console ? 1 : 0 + content { + name = "AXONIQ_CONSOLE_AUTHENTICATION" + value = var.console_authentication + } } volume_mount { @@ -119,10 +126,13 @@ resource "kubernetes_stateful_set" "axonserver" { read_only = true } - volume_mount { - name = "license" - mount_path = "/axonserver/license" - read_only = true + dynamic "volume_mount" { + for_each = locals.console ? 0 : 1 + content { + name = "license" + mount_path = "/axonserver/license" + read_only = true + } } startup_probe { @@ -181,11 +191,14 @@ resource "kubernetes_stateful_set" "axonserver" { } } - volume { - name = "license" + dynamic "volume" { + for_each = locals.console ? 0 : 1 + content { + name = "license" - secret { - secret_name = kubernetes_secret.axoniq_license.metadata[0].name + secret { + secret_name = kubernetes_secret.axoniq_license.metadata[0].name + } } } From e75872bf7c6c713cec75a72799aafd3fcfdd9bde Mon Sep 17 00:00:00 2001 From: Francesco Latini Date: Mon, 8 Jul 2024 14:56:55 +0200 Subject: [PATCH 3/8] Fixed a typo --- statefulset.tf | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/statefulset.tf b/statefulset.tf index 77a2d73..69ceab0 100755 --- a/statefulset.tf +++ b/statefulset.tf @@ -87,7 +87,7 @@ resource "kubernetes_stateful_set" "axonserver" { } dynamic "env" { - for_each = locals.console ? 1 : 0 + for_each = local.console ? 1 : 0 content { name = "AXONIQ_CONSOLE_AUTHENTICATION" value = var.console_authentication @@ -127,7 +127,7 @@ resource "kubernetes_stateful_set" "axonserver" { } dynamic "volume_mount" { - for_each = locals.console ? 0 : 1 + for_each = local.console ? 0 : 1 content { name = "license" mount_path = "/axonserver/license" @@ -192,7 +192,7 @@ resource "kubernetes_stateful_set" "axonserver" { } dynamic "volume" { - for_each = locals.console ? 0 : 1 + for_each = local.console ? 0 : 1 content { name = "license" From 50f79971c75b9345ce249bed34ab768a8de53313 Mon Sep 17 00:00:00 2001 From: Francesco Latini Date: Mon, 8 Jul 2024 15:05:20 +0200 Subject: [PATCH 4/8] Use length in a dymanic block --- statefulset.tf | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) diff --git a/statefulset.tf b/statefulset.tf index 69ceab0..2f1ec9d 100755 --- a/statefulset.tf +++ b/statefulset.tf @@ -1,7 +1,3 @@ -locals { - console = var.console_authentication != "" -} - resource "kubernetes_stateful_set" "axonserver" { count = var.nodes_number @@ -87,7 +83,7 @@ resource "kubernetes_stateful_set" "axonserver" { } dynamic "env" { - for_each = local.console ? 1 : 0 + for_each = length(var.console_authentication) > 0 ? [1] : [] content { name = "AXONIQ_CONSOLE_AUTHENTICATION" value = var.console_authentication @@ -127,7 +123,7 @@ resource "kubernetes_stateful_set" "axonserver" { } dynamic "volume_mount" { - for_each = local.console ? 0 : 1 + for_each = length(var.console_authentication) > 0 ? [] : [1] content { name = "license" mount_path = "/axonserver/license" @@ -192,7 +188,7 @@ resource "kubernetes_stateful_set" "axonserver" { } dynamic "volume" { - for_each = local.console ? 0 : 1 + for_each = length(var.console_authentication) > 0 ? [] : [1] content { name = "license" From 2c364762d9bd03d866bb38026e01b9b41efe0bbc Mon Sep 17 00:00:00 2001 From: Francesco Latini Date: Mon, 8 Jul 2024 15:19:27 +0200 Subject: [PATCH 5/8] Remove the license secret if there is no license --- secrets.tf | 1 + 1 file changed, 1 insertion(+) diff --git a/secrets.tf b/secrets.tf index 69583de..9a2a232 100755 --- a/secrets.tf +++ b/secrets.tf @@ -18,6 +18,7 @@ resource "kubernetes_secret" "axonserver_token" { } resource "kubernetes_secret" "axoniq_license" { + count = length(var.console_authentication) > 0 ? [] : [1] metadata { name = "axoniq.license" namespace = kubernetes_namespace.as_demo.id From e1d7ef8a7c7d94d2ecc07cf4bf96b06d546f92d1 Mon Sep 17 00:00:00 2001 From: Francesco Latini Date: Mon, 8 Jul 2024 15:20:36 +0200 Subject: [PATCH 6/8] Remove the license secret if there is no license --- secrets.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/secrets.tf b/secrets.tf index 9a2a232..73b185c 100755 --- a/secrets.tf +++ b/secrets.tf @@ -18,7 +18,7 @@ resource "kubernetes_secret" "axonserver_token" { } resource "kubernetes_secret" "axoniq_license" { - count = length(var.console_authentication) > 0 ? [] : [1] + count = length(var.console_authentication) > 0 ? 0 : 1 metadata { name = "axoniq.license" namespace = kubernetes_namespace.as_demo.id From a6b10183e12e8f1beeb5a09d5202d561ce1e0542 Mon Sep 17 00:00:00 2001 From: Francesco Latini Date: Mon, 8 Jul 2024 15:22:50 +0200 Subject: [PATCH 7/8] Remove the license secret if there is no license --- statefulset.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/statefulset.tf b/statefulset.tf index 2f1ec9d..320e691 100755 --- a/statefulset.tf +++ b/statefulset.tf @@ -193,7 +193,7 @@ resource "kubernetes_stateful_set" "axonserver" { name = "license" secret { - secret_name = kubernetes_secret.axoniq_license.metadata[0].name + secret_name = kubernetes_secret.axoniq_license[0].metadata[0].name } } } From 106c82f2b4ce03156908869a5f69e13004432b94 Mon Sep 17 00:00:00 2001 From: Francesco Latini Date: Mon, 8 Jul 2024 15:25:37 +0200 Subject: [PATCH 8/8] Updated the latest tag on the example --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 3a91ed8..f9a3343 100644 --- a/README.md +++ b/README.md @@ -19,7 +19,7 @@ ```terraform module "as_demo" { - source = "git@github.com:AxonIQ/terraform-axonserver-gke.git?ref=v1.1" + source = "git@github.com:AxonIQ/terraform-axonserver-gke.git?ref=v1.4" nodes_number = 3 cluster_name = "axonserver"