7

I'm working on a terraform module to create a GKE cluster. The same module invokes a provisioner that performs a helm install of an application.

The helm chart creates load balancer. The load balancer is not know to the terraform module so that the assigned IP address can't be reused in the module.

Question:

How can I use the IP of the load balancer to create DNS entries and get certificates?

I think this is no exotic use case but I haven't yet found a decent way to achieve this.

Randy
  • 1,299
  • 2
  • 10
  • 23

2 Answers2

5

The correct answer to this question is:

The data source of the kubernetes_service.

The concept of Data Source is exactly solving the issue here.

Appart from the above kubernetes_service data source I could have also ran a shell script with kubectl querying the ip and use External Data Source as a generic solution.

From there I can use the IP address in a dns provider and in an acme provider to create dns entries and certificates.

Randy
  • 1,299
  • 2
  • 10
  • 23
0

In my case the cloud provider did not expose the load_balancer_ip so I had to create the service as type: NodePort via helm and created the loadbalancer manually directly via terraform.

I guess this is a valid workaround in cases where the accepted solution doesn't work due to this specific reason and the helm chart provides means to deploy the service as a different type.

MoRe
  • 1,478
  • 13
  • 25
  • Hi MoRe, I am also trying to get this working with a type NodePort service and creating a load balancer myself, but when I do this I get 404 on each route. I have created a topic for this, do you have an idea how to fix this maybe? https://stackoverflow.com/questions/75420451/404-with-traefik-ingress-controller-using-nodeport-service-type – Levissie Feb 12 '23 at 06:51