From 6f9b3b6d3790ffce196a26dd8db6eb3f806b58f3 Mon Sep 17 00:00:00 2001
From: Ian Fijolek <ian@iamthefij.com>
Date: Thu, 3 Mar 2022 14:51:42 -0800
Subject: [PATCH] Get started with k8s examples

---
 k8s-test/.terraform.lock.hcl     | 38 ++++++++++++++
 k8s-test/main.tf                 | 83 ++++++++++++++++++++++++++++++
 k8s-test/simple_service/main.tf  | 74 +++++++++++++++++++++++++++
 k8s-test/traefik_ingress/main.tf | 86 ++++++++++++++++++++++++++++++++
 4 files changed, 281 insertions(+)
 create mode 100644 k8s-test/.terraform.lock.hcl
 create mode 100644 k8s-test/main.tf
 create mode 100644 k8s-test/simple_service/main.tf
 create mode 100644 k8s-test/traefik_ingress/main.tf

diff --git a/k8s-test/.terraform.lock.hcl b/k8s-test/.terraform.lock.hcl
new file mode 100644
index 0000000..8982790
--- /dev/null
+++ b/k8s-test/.terraform.lock.hcl
@@ -0,0 +1,38 @@
+# This file is maintained automatically by "terraform init".
+# Manual edits may be lost in future updates.
+
+provider "registry.terraform.io/hashicorp/helm" {
+  version = "2.4.1"
+  hashes = [
+    "h1:aFvUq5HOEwFV/3e7DGU45zDf6j2SThDRjaCAeY2Qfss=",
+    "zh:07517b24ea2ce4a1d3be3b88c3efc7fb452cd97aea8fac93ca37a08a8ec06e14",
+    "zh:11ef6118ed03a1b40ff66adfe21b8707ece0568dae1347ddfbcff8452c0655d5",
+    "zh:1ae07e9cc6b088a6a68421642c05e2fa7d00ed03e9401e78c258cf22a239f526",
+    "zh:1c5b4cd44033a0d7bf7546df930c55aa41db27b70b3bca6d145faf9b9a2da772",
+    "zh:256413132110ddcb0c3ea17c7b01123ad2d5b70565848a77c5ccc22a3f32b0dd",
+    "zh:4ab46fd9aadddef26604382bc9b49100586647e63ef6384e0c0c3f010ff2f66e",
+    "zh:5a35d23a9f08c36fceda3cef7ce2c7dc5eca32e5f36494de695e09a5007122f0",
+    "zh:8e9823a1e5b985b63fe283b755a821e5011a58112447d42fb969c7258ed57ed3",
+    "zh:8f79722eba9bf77d341edf48a1fd51a52d93ec31d9cac9ba8498a3a061ea4a7f",
+    "zh:b2ea782848b10a343f586ba8ee0cf4d7ff65aa2d4b144eea5bbd8f9801b54c67",
+    "zh:e72d1ccf8a75d8e8456c6bb4d843fd4deb0e962ad8f167fa84cf17f12c12304e",
+  ]
+}
+
+provider "registry.terraform.io/hashicorp/kubernetes" {
+  version = "2.8.0"
+  hashes = [
+    "h1:LZLKGKTlBmG8jtMBdZ4ZMe+r15OQLSMYV0DktfROk+Y=",
+    "zh:0cf42c17c05ae5f0f5eb4b2c375dd2068960b97392e50823e47b2cee7b5e01be",
+    "zh:29e3751eceae92c7400a17fe3a5394ed761627bcadfda66e7ac91d6485c37927",
+    "zh:2d95584504c651e1e2e49fbb5fae1736e32a505102c3dbd2c319b26884a7d3d5",
+    "zh:4a5f1d915c19e7c7b4f04d7d68f82db2c872dad75b9e6f33a6ddce43aa160405",
+    "zh:4b959187fd2c884a4c6606e1c4edc7b506ec4cadb2742831f37aca1463eb349d",
+    "zh:5e76a2b81c93d9904d50c2a703845f79d2b080c2f87c07ef8f168592033d638f",
+    "zh:c5aa21a7168f96afa4b4776cbd7eefd3e1f47d48430dce75c7f761f2d2fac77b",
+    "zh:d45e8bd98fc6752ea087e744efdafb209e7ec5a4224f9affee0a24fb51d26bb9",
+    "zh:d4739255076ed7f3ac2a06aef89e8e48a87667f3e470c514ce2185c0569cc1fb",
+    "zh:dbd2f11529a422ffd17040a70c0cc2802b7f1be2499e976dc22f1138d022b1b4",
+    "zh:dbd5357082b2485bb9978bce5b6d508d6b431d15c53bfa1fcc2781131826b5d8",
+  ]
+}
diff --git a/k8s-test/main.tf b/k8s-test/main.tf
new file mode 100644
index 0000000..4b5b6a1
--- /dev/null
+++ b/k8s-test/main.tf
@@ -0,0 +1,83 @@
+variable "kube_config_path" {
+  type = string
+  default = "~/.kube/config"
+}
+
+variable "kube_config_context" {
+  type = string
+  default = "colima"
+}
+
+provider "kubernetes" {
+  config_path = var.kube_config_path
+  config_context = var.kube_config_context
+}
+
+provider "helm" {
+  kubernetes {
+    config_path = var.kube_config_path
+    config_context = var.kube_config_context
+  }
+}
+
+resource "helm_release" "traefik" {
+  name = "traefik"
+  repository = "https://helm.traefik.io/traefik"
+  chart = "traefik"
+}
+
+resource "kubernetes_manifest" "traefik_dashboard" {
+  manifest = {
+    apiVersion = "traefik.containo.us/v1alpha1"
+    kind = "IngressRoute"
+    metadata = {
+      name = "public-traefik-dashboard"
+      namespace = "default"
+    }
+    spec = {
+      entryPoints = [ "web" ]
+      routes = [
+        {
+          match = "PathPrefix(`/dashboard`) || PathPrefix(`/api`)"
+          kind = "Rule"
+          services = [
+            {
+              name = "api@internal"
+              kind = "TraefikService"
+            },
+          ]
+        },
+      ]
+    }
+  }
+}
+
+module "whoami" {
+  source = "./simple_service"
+
+  name = "whoami"
+  image = "containous/whoami:latest"
+  expose_ports = [80]
+}
+
+module "whoami-ingress" {
+  source = "./traefik_ingress"
+  
+  app_name = "whoami"
+  match_route = "PathPrefix(`/whoami`)"
+}
+
+module "whoami2" {
+  source = "./simple_service"
+
+  name = "whoami2"
+  image = "containous/whoami:latest"
+  expose_ports = [80]
+}
+
+module "whoami2-ingress" {
+  source = "./traefik_ingress"
+  
+  app_name = "whoami2"
+  match_route = "PathPrefix(`/whoami2`)"
+}
diff --git a/k8s-test/simple_service/main.tf b/k8s-test/simple_service/main.tf
new file mode 100644
index 0000000..d195b6c
--- /dev/null
+++ b/k8s-test/simple_service/main.tf
@@ -0,0 +1,74 @@
+variable "name" {
+  type = string
+}
+
+variable "image" {
+  type = string
+}
+
+variable "replicas" {
+  type = number
+  default = 1
+}
+
+variable "expose_ports" {
+  type = list(number)
+  default = []
+}
+
+variable "host_ports" {
+  type = list(object({
+    host_port = number
+    container_port = number
+  }))
+  default = []
+}
+
+resource "kubernetes_deployment" "simple-service" {
+  metadata {
+    name = var.name
+    labels = {
+      app = var.name,
+    }
+  }
+
+  spec {
+    replicas = var.replicas
+
+    selector {
+      match_labels = {
+        app = var.name,
+      }
+    }
+
+    template {
+      metadata {
+        labels = {
+          app = var.name,
+        }
+      }
+
+      spec {
+        container {
+          name = var.name
+          image = var.image
+
+          dynamic "port" {
+            for_each = toset(var.expose_ports)
+            content {
+              container_port = port.key
+            }
+          }
+
+          dynamic "port" {
+            for_each = toset(var.host_ports)
+            content {
+              host_port = port.key.host_port
+              container_port = port.key.container_port
+            }
+          }
+        }
+      }
+    }
+  }
+}
diff --git a/k8s-test/traefik_ingress/main.tf b/k8s-test/traefik_ingress/main.tf
new file mode 100644
index 0000000..e901751
--- /dev/null
+++ b/k8s-test/traefik_ingress/main.tf
@@ -0,0 +1,86 @@
+variable "app_name" {
+  type = string
+}
+
+variable "match_route" {
+  type = string
+}
+
+variable "app_port" {
+  type = number
+  default = 80
+}
+
+variable "app_port_name" {
+  type = string
+  default = "http"
+}
+
+variable "entrypoints" {
+  type = list(string)
+  default = [
+    "web",
+    "websecure",
+  ]
+}
+
+variable "namespace" {
+  type = string
+  default = "default"
+}
+
+locals {
+  service_name =  "${var.app_name}-service"
+  ingress_name = "${var.app_name}-ingress"
+}
+
+resource "kubernetes_service" "traefik-ingress-service" {
+  metadata {
+    name = local.service_name
+  }
+  spec {
+    selector = {
+      app = var.app_name
+    }
+    
+    port {
+      name = var.app_port_name
+      port = var.app_port
+    }
+  }
+}
+
+resource "kubernetes_manifest" "traefik-ingress-route" {
+  manifest = {
+    apiVersion = "traefik.containo.us/v1alpha1"
+    kind = "IngressRoute"
+    metadata = {
+      name = local.ingress_name
+      namespace = var.namespace
+    }
+    spec = {
+      entryPoints = var.entrypoints
+      routes = [
+        {
+          match = var.match_route
+          kind = "Rule"
+          services = [
+            {
+              kind = "Service"
+              name = local.service_name
+              port = var.app_port
+            },
+          ]
+        },
+      ]
+    }
+  }
+}
+
+output "service_name" {
+  value = local.service_name
+}
+
+output "ingress_name" {
+  value = local.ingress_name
+}