a0s · March 17, 2021 19:42 · Mar 17, 2021
diff --git a/metallb-k8s.tf b/metallb-k8s.tf
@@ -0,0 +1,91 @@
+# Input 
+
+# local.kube_config_path - path to kubeconfig.yml
+# local.external_ips - list of external ips
+
+# Providers
+
+terraform {
+  required_providers {
+    kubernetes = {
+      source = "hashicorp/kubernetes"
+      version = "2.0.2"
+    }
+
+    kubectl = {
+      source = "gavinbunney/kubectl"
+      version = "1.10.0"
+    }
+
+    http = {
+      source = "hashicorp/http"
+      version = "2.1.0"
+    }
+  }
+}
+
+provider "kubernetes" {
+  config_path = local.kube_config_path
+}
+
+provider "kubectl" {
+  config_path = local.kube_config_path
+}
+
+
+# MetalLB config
+
+resource "kubernetes_namespace" "metallb" {
+  metadata {
+    name = "metallb-system"
+  }
+}
+
+resource "kubernetes_config_map" "metallb_config" {
+  metadata {
+    namespace = kubernetes_namespace.metallb.metadata[0].name
+    name = "config"
+  }
+  data = {
+    config = <<YAML
+address-pools:
+- name: custom-ip-space
+  protocol: layer2
+  addresses:
+%{ for addr in toset(local.external_ips) ~}
+  - ${addr}/32
+%{ endfor ~}
+YAML
+  }
+}
+
+resource "random_id" "metallb_memberlist" {
+  byte_length = 128
+}
+
+resource "kubernetes_secret" "metallb_memberlist" {
+  metadata {
+    name = "memberlist"
+    namespace = kubernetes_namespace.metallb.metadata[0].name
+  }
+  data = {
+    secretkey = random_id.metallb_memberlist.b64_std
+  }
+}
+
+data "http" "metallb" {
+  url = "https://raw.githubusercontent.com/metallb/metallb/v0.9.5/manifests/metallb.yaml"
+}
+
+data "kubectl_file_documents" "metallb" {
+  content = data.http.metallb.body
+}
+
+resource "kubectl_manifest" "metallb" {
+  depends_on = [
+    kubernetes_secret.metallb_memberlist,
+    kubernetes_config_map.metallb_config
+  ]
+  count     = length(data.kubectl_file_documents.metallb.documents)
+  yaml_body = element(data.kubectl_file_documents.metallb.documents, count.index)
+}