Skip to content

Latest commit

 

History

History
78 lines (60 loc) · 6.73 KB

README.md

File metadata and controls

78 lines (60 loc) · 6.73 KB

Module Name: terraform-helm-istio

Description: Install and setup Istio via Helm

Terraform Registry Module

Requirements

Name Version
terraform >= 0.15

Providers

Name Version
aws n/a
helm n/a
kubernetes n/a

Modules

No modules.

Resources

Name Type
helm_release.istio-base resource
helm_release.istiod resource
kubernetes_secret.istio-ca resource
aws_secretsmanager_secret_version.ca_cert data source
aws_secretsmanager_secret_version.ca_cert_chain data source
aws_secretsmanager_secret_version.ca_private_key data source

Inputs

Name Description Type Default Required
ca_cert the aws secret arn to use for the ca_cert, required string "" no
ca_cert_chain the aws secret arn to use for the ca_cert_chain, required string "" no
ca_private_key the aws secret arn to use for ca_private_key, required string "" no
cluster_name k8s cluster name, required any n/a yes
create_namespace Have helm_resource create the namespace, default true bool true no
enable_aws_secret_manager_based_certs If you would like to provide your own mTLS CA certs for istio to use, enable this flag and input AWS secret ARNs required bool false no
force_update (Optional) Force resource update through delete/recreate if needed. Defaults to false bool false no
helm_chart_version Version of the Helm chart string "1.12.6" no
helm_repo_url Helm repository string "https://istio-release.storage.googleapis.com/charts" no
istio_base_settings Additional settings which will be passed to the Helm chart values, yamldecode will be performed on the HCL map(any) {} no
istiod_global_meshID Istio telementry mesh name, default mesh1 string "mesh1" no
istiod_global_network Istio telementry network name, default network1 string "network1" no
istiod_meshConfig_accessLogFile The mesh config access log file string "/dev/stdout" no
istiod_meshConfig_defaultConfig_envoyAccessLogService_address The mesh default config envoy access log service address string "gloo-mesh-agent.gloo-mesh:9977" no
istiod_meshConfig_defaultConfig_envoyMetricsService_address The mesh default config envoy metrics service address string "gloo-mesh-agent.gloo-mesh:9977" no
istiod_meshConfig_defaultConfig_proxyMetadata_IstioMetaDNSAutoAllocate The mesh config default for ISTIO_META_DNS_AUTO_ALLOCATE, enable or disable, default 'true' string "true" no
istiod_meshConfig_defaultConfig_proxyMetadata_IstioMetaDNSCapture The mesh config default for ISTIO_META_DNS_CAPTURE, enable or disable, default 'true' string "true" no
istiod_meshConfig_enableAutoMtls The mesh config enable automtls, default 'true' string "true" no
istiod_meshConfig_rootNamespace The mesh config root namespace string "istio-system" no
istiod_pilot_env_PilotSkipValidateTrustDomain Pilot skip validate trust domain flag, default 'true' string "true" no
k8s_namespace The K8s namespace in which to install the Helm chart, default: 'istio-system' string "istio-system" no
recreate_pods (Optional) Perform pods restart during upgrade/rollback. Defaults to false. bool false no

Outputs

No outputs.

Contributing

Updated Readme by terraform-docs

terraform-docs markdown . --output-file README.md

Automated testing on module

Testing is done via GHA workflow using K8s Kind. See .tests/