kubeone icon indicating copy to clipboard operation
kubeone copied to clipboard

Published 20 hours ago verified publisher icon kubermatic

Openstack: Allow to use clouds.yaml

Open johscheuer opened this issue 4 years ago • 4 comments

What feature would you like to be added?

I would like to add support for the clouds.yaml, terraform already supports this (see: https://www.inovex.de/blog/managing-secrets-openstack-terraform).

What are use cases of the feature?

This feature allows that I can use my existing clouds.yaml without redefining all the OS_ environment variables. IMHO the usage of the clouds.yaml should be preferred over the environment variable.

My idea would be to check if the OS_CLOUD variable is set, if so read the content of clouds.yaml otherwise use the environment variables.

johscheuer avatar Jul 09 '20 11:07 johscheuer

If you think that this feature makes sense I would start implementing it.

johscheuer avatar Jul 09 '20 11:07 johscheuer

@johscheuer FYI those OS_ are actually passed down to our machine-controller and openstack CCM (or simply kubelet as cloud-config), that we deploy to the cluster after control-plane has been initialized.

kron4eg avatar Jul 09 '20 11:07 kron4eg

ENV variables are not the only way to provide secrets, there is also credentials-file

kron4eg avatar Jul 09 '20 11:07 kron4eg

Okay, I still think that it would be useful to be able to use the clouds.yaml.

What is the difference between the credentials-file and the cloudConfig in the manifest:

apiVersion: kubeone.io/v1alpha1
kind: KubeOneCluster
name: demo-cluster

versions:
  kubernetes: "1.18.4"

cloudProvider:
  name: "openstack"
  cloudConfig: |
    [Global]
    username=redacted
    password=redacted
    auth_url="https://redacted/v3"
    project_name=redacted
    default_domain_id=default
    domain_id=default
    domain_name=Default
    tenant_id=redacted 

    [LoadBalancer]
    subnet-id=redacted

johscheuer avatar Jul 09 '20 11:07 johscheuer