0

我有一个在 Oracle 云中创建 kubernetes 集群资源的 terraform 代码。我想 endpoint_config在集群为公共时忽略块,并在集群为私有时执行此块。我怎样才能做到这一点

resource "oci_containerengine_cluster" "cluster" {
  count              = var.deploy_oke_cluster ? 1 : 0
  compartment_id     = var.compartment_id
  kubernetes_version = var.cluster_kubernetes_version
  name               = "oke-${var.environment}"
  vcn_id             = oci_core_virtual_network.base_vcn.id

  endpoint_config {
    is_public_ip_enabled = false
    subnet_id            = oci_core_subnet.snet-apiserver.id
  }
  options {
    add_ons {
      is_kubernetes_dashboard_enabled = true
      is_tiller_enabled               = false
    }

    kubernetes_network_config {
      pods_cidr     = var.pods_cidr
      services_cidr = var.services_cidr
    }
    service_lb_subnet_ids = [oci_core_subnet.snet-pub-lb.id]

  }
}
4

1 回答 1

2

您可以使用动态块执行此操作:

resource "oci_containerengine_cluster" "cluster" {
  count              = var.deploy_oke_cluster ? 1 : 0
  compartment_id     = var.compartment_id
  kubernetes_version = var.cluster_kubernetes_version
  name               = "oke-${var.environment}"
  vcn_id             = oci_core_virtual_network.base_vcn.id


  dynamic "endpoint_config" {

      for_each = var.is_public == true ? [1] : []    

      content {
        is_public_ip_enabled = false
        subnet_id            = oci_core_subnet.snet-apiserver.id
      }
  }


  options {
    add_ons {
      is_kubernetes_dashboard_enabled = true
      is_tiller_enabled               = false
    }

    kubernetes_network_config {
      pods_cidr     = var.pods_cidr
      services_cidr = var.services_cidr
    }
    service_lb_subnet_ids = [oci_core_subnet.snet-pub-lb.id]

  }
}
于 2021-11-09T10:35:18.997 回答