TL;DR:
- Call the module once per desired target cluster.
- The provider alias you pass into the module determines the cluster.
- Customize the Kubernetes resources per environment using Terraform syntax.
Use the module
To provision the cert-manager Terraform module on a Kubernetes cluster, call the module, set source
and version
, and pass an aliased kustomization
provider into the module.
The provider configuration determines what cluster the Kuberneters resources are provisioned on.
Framework documentation includes a complete example of how the kubeconfig
output of a cluster module can be used to configure a kustomization
provider alias.
module "eks_zero_cert_manager" {providers = {kustomization = kustomization.eks_zero}source = "kbst.xyz/catalog/cert-manager/kustomization"version = "1.10.0-kbst.1"}
module "aks_zero_cert_manager" {providers = {kustomization = kustomization.aks_zero}source = "kbst.xyz/catalog/cert-manager/kustomization"version = "1.10.0-kbst.1"}
module "gke_zero_cert_manager" {providers = {kustomization = kustomization.gke_zero}source = "kbst.xyz/catalog/cert-manager/kustomization"version = "1.10.0-kbst.1"}
Customize resources
All Kubestack cluster service modules support the same module attributes and per environment configuration. The module configuration is a Kustomization set in the per environment configuration map following Kubestack's inheritance model.
This example overwrites the metadata.namespace
of all Kubernetes resources provisioned by the cert-manager module using a Terraform variable.
module "example_cert_manager" {providers = {kustomization = kustomization.example}source = "kbst.xyz/catalog/cert-manager/kustomization"version = "1.10.0-kbst.1"configuration = {apps = {namespace = var.example_cert_manager_namespace}ops = {}loc = {}}}
Full documentation how to customize a module's Kubernetes resources is available in the cluster service module configuration section of the framework documentation.