Init a k8s
May god have mercy on my ~soul~. The firewall config may not be valid, due to node recycling, but here's hoping!
This commit is contained in:
parent
2715161929
commit
3ad719a4e7
1 changed files with 28 additions and 0 deletions
28
terraform/the-ring.tf
Normal file
28
terraform/the-ring.tf
Normal file
|
@ -0,0 +1,28 @@
|
||||||
|
resource "linode_lke_cluster" "the-ring" {
|
||||||
|
label = "the-ring"
|
||||||
|
k8s_version = "1.22"
|
||||||
|
region = "eu-west"
|
||||||
|
|
||||||
|
pool {
|
||||||
|
type = "g6-standard-1"
|
||||||
|
count = 1
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "linode_firewall" "the-ring" {
|
||||||
|
label = "the-ring"
|
||||||
|
linodes = [
|
||||||
|
for node in linode_lke_cluster.the-ring.pool[0].nodes :
|
||||||
|
node.instance_id
|
||||||
|
]
|
||||||
|
outbound_policy = "ACCEPT"
|
||||||
|
inbound_policy = "DROP"
|
||||||
|
|
||||||
|
inbound {
|
||||||
|
label = "allow-ping"
|
||||||
|
action = "ACCEPT"
|
||||||
|
protocol = "ICMP"
|
||||||
|
ipv4 = ["0.0.0.0/0"]
|
||||||
|
ipv6 = ["::/0"]
|
||||||
|
}
|
||||||
|
}
|
Loading…
Reference in a new issue