Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

offline setup - disconnected environment #128

Open
abdennour opened this issue Dec 4, 2022 · 3 comments
Open

offline setup - disconnected environment #128

abdennour opened this issue Dec 4, 2022 · 3 comments

Comments

@abdennour
Copy link

overview

Trying to execute the example but it includes public links.

challenge

we are running infra behind proxy
@isaaguilar
Copy link
Collaborator

Hi @abdennour Thanks for trying tfo out. The urls do not have to be public as they are in the example. It's hard to give a good example that does not use public links because the uses of terraform vary widely from org to org. But if you wanted to try getting started and have an internal endpoint accessible. Other options are inline modules or configmap modules. Here is an example of an inline module:

apiVersion: tf.isaaguilar.com/v1alpha2
kind: Terraform
metadata:
  name: simple-template-example
  namespace: default
spec:
  terraformVersion: 1.0.0
  # Pull this module to execute
  terraformModule:
    # source: <REPLACE_ME>  example: https://git.example.com/myorg/mymodule
    inline: |-
      terraform {    
        required_providers {
          local  = "~> 2.2"
          random = "~> 2.2"
        }
      }

      variable "example" {
        description = "Example variable"
        default     = "hello world"
      }
      
      resource "random_integer" "id" {
        min = 1
        max = 50000
        keepers = {
          example = var.example
        }
      }
      
      locals {
        example = format("%v %v", var.example, join("", random_integer.id[*].result))
      }

      output "example" {
        description = "Example output"
        value       =  local.example 
      }
      
      output "id" {
        description = "Stable random number for this example"
        value       = join("", random_integer.id[*].result) 
      }

  # Use kubernetes as a backend which is available for terraform >= v0.13
  backend: |-
    terraform {
      backend "kubernetes" {
        secret_suffix      = "simple-template-example"
        in_cluster_config  = true
        namespace          = "default"
      }
    }
  ignoreDelete: false
  keepLatestPodsOnly: true

@abdennour
Copy link
Author

Awesome! And thanks for the example.
Let's say I want to use the Nutanix module, how it will work? Also let's I want to use vault as backend or s3 as backend , how it will work too ?

@rajewluk
Copy link

rajewluk commented Mar 7, 2023

@isaaguilar Looks like the issue or question is still valid. First, the bash scripts for default tasks are being downloaded from the github. This can be changed by including setup and tf scripts in the CR definition so they are taken from the inline source, configmap, or internal source. The issue is unfortunately still valid for any terraform stage pods/jobs. Although we can specify the docker image for them, which comes from the internal (behind the firewall) registry, the operator and CRD does not allow setting imagePullSecrets for such an internal registry. In consequence, the images cannot be pulled from such a registry. So, in order to fix it, CRD must support imagePullSecrets option, and the operator, when creating pods/jobs, must use it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@abdennour @rajewluk @isaaguilar