An opinionated Terraform module that can be used to install and manage Tetragon on top of a Kubernetes cluster.
module "tetragon" {
source = "git::ssh://[email protected]/isovalent/terraform-k8s-tetragon.git?ref=<release-tag>"
# Wait until Cilium CNI is done.
depends_on = [
module.cilium
]
tetragon_helm_release_name = "tetragon"
tetragon_helm_values_file_path = var.tetragon_helm_values_file_path
tetragon_helm_version = var.tetragon_helm_version
tetragon_helm_chart = var.tetragon_helm_chart
tetragon_namespace = var.tetragon_namespace
path_to_kubeconfig_file = module.kubeadm_cluster.path_to_kubeconfig_file
tetragon_helm_values_override_file_path = var.tetragon_helm_values_override_file_path
post_tetragon_install_script = file("${path.module}/scripts/post-tetragon-install-script.sh")
extra_provisioner_environment_variables = local.extra_provisioner_environment_variables
}| Name | Version |
|---|---|
| terraform | >= 1.5.0 |
| null | >= 3.1.1 |
| Name | Version |
|---|---|
| null | >= 3.1.1 |
No modules.
| Name | Type |
|---|---|
| null_resource.provisioner | resource |
| null_resource.tp_deployer | resource |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| extra_provisioner_environment_variables | A map of extra environment variables to include when executing the provisioning script. | map(string) |
{} |
no |
| extra_tp_deployer_environment_variables | A map of extra environment variables to include when executing the TracingPolicy deployment script. | map(string) |
{} |
no |
| path_to_kubeconfig_file | The path to the kubeconfig file to use. | string |
n/a | yes |
| post_tetragon_install_script | A script to be run right after installing Tetragon. | string |
"" |
no |
| pre_tetragon_install_script | A script to be run right before installing Tetragon. | string |
"" |
no |
| tetragon_helm_chart | The name of the Helm chart to use to install Tetragon. It is assumed that the Helm repository containing this chart has been added beforehand (e.g. using 'helm repo add'). | string |
"tetragon/tetragon" |
no |
| tetragon_helm_extra_args | Extra arguments to be passed to the 'helm upgrade --install' command that installs Tetragon. | string |
"" |
no |
| tetragon_helm_release_name | The name of the Helm release to use for tetragon. | string |
"tetragon" |
no |
| tetragon_helm_values_file_path | The path to the file containing the values to use when installing Tetragon. | string |
n/a | yes |
| tetragon_helm_values_override_file_path | The path to the file containing the values to use when installing Tetragon. These values will override the ones in 'tetragon_helm_values_file_path'. | string |
"" |
no |
| tetragon_helm_version | The version of the Tetragon Helm chart to install. | string |
n/a | yes |
| tetragon_namespace | The namespace in which to install Tetragon. | string |
"kube-system" |
no |
| tetragon_tracingpolicy_directory | Path to the directory where TracingPolicy files are stored which should automatically be applied. The directory can contain one or multiple valid TracingPoliciy YAML files. | string |
"" |
no |
| wait_for_tetragon_crds | Whether to wait for the Tetragon CRDs to be created before proceeding with the post-install script. | bool |
true |
no |
No outputs.