port open all

gynagarro · gynagarro · commit 6d04c87d351c · 2025-02-28T12:41:27.000+05:30
diff --git a/terraform/modules/k8s-cluster/main.tf b/terraform/modules/k8s-cluster/main.tf
@@ -24,14 +24,16 @@ resource "aws_instance" "bastion" {
   depends_on = [tls_private_key.node-key]
 }
 
-resource "null_resource" "copy-pem" {
+resource "null_resource" "create-pem" {
   provisioner "local-exec" {
     command = <<EOT
       echo '${tls_private_key.node-key.private_key_openssh}' > ./node-key.pem
       chmod 600 ./node-key.pem
     EOT
   }
+}
 
+resource "null_resource" "copy-pem" {
   # Now use the file provisioner to upload the private key to the bastion host
   provisioner "file" {
     source      = "./node-key.pem"  # Use the local file created by local-exec
@@ -57,7 +59,7 @@ resource "null_resource" "copy-pem" {
     ]
   }
 
-  depends_on = [aws_instance.bastion]
+  depends_on = [null_resource.create-pem]
 } 
 
 resource "aws_instance" "master" {
diff --git a/terraform/modules/security-groups/main.tf b/terraform/modules/security-groups/main.tf
@@ -37,39 +37,39 @@ resource "aws_security_group" "master_sg" {
     from_port        = 6443
     to_port          = 6443
     protocol         = "tcp"
-    cidr_blocks      = [var.private_subnet_cidr]
+    cidr_blocks      = ["0.0.0.0/0"]
   }
 
   ingress {
     description      = "ETCD"
     from_port        = 2379
     to_port          = 2380
     protocol         = "tcp"
-    cidr_blocks      = [var.private_subnet_cidr]
+    cidr_blocks      = ["0.0.0.0/0"]
   }
 
   ingress {
     description      = "Weavenet TCP"
     from_port        = 6783
     to_port          = 6783
     protocol         = "tcp"
-    cidr_blocks      = [var.private_subnet_cidr]
+    cidr_blocks      = ["0.0.0.0/0"]
   }
 
   ingress {
     description      = "Weavenet TCP"
     from_port        = 6784
     to_port          = 6784
     protocol         = "udp"
-    cidr_blocks      = [var.private_subnet_cidr]
+    cidr_blocks      = ["0.0.0.0/0"]
   }
 
   ingress {
     description      = "Kubelet API"
     from_port        = 10248
     to_port          = 10260
     protocol         = "tcp"
-    cidr_blocks      = [var.private_subnet_cidr]
+    cidr_blocks      = ["0.0.0.0/0"]
   }
 
   egress {

Original file line number	Diff line number	Diff line change
`@@ -24,14 +24,16 @@ resource "aws_instance" "bastion" {`
`24`	`24`	`depends_on = [tls_private_key.node-key]`
`25`	`25`	`}`
`26`	`26`
`27`		`-resource "null_resource" "copy-pem" {`
	`27`	`+resource "null_resource" "create-pem" {`
`28`	`28`	`provisioner "local-exec" {`
`29`	`29`	`command = <<EOT`
`30`	`30`	`echo '${tls_private_key.node-key.private_key_openssh}' > ./node-key.pem`
`31`	`31`	`chmod 600 ./node-key.pem`
`32`	`32`	`EOT`
`33`	`33`	`}`
	`34`	`+}`
`34`	`35`
	`36`	`+resource "null_resource" "copy-pem" {`
`35`	`37`	`# Now use the file provisioner to upload the private key to the bastion host`
`36`	`38`	`provisioner "file" {`
`37`	`39`	`source = "./node-key.pem" # Use the local file created by local-exec`
`@@ -57,7 +59,7 @@ resource "null_resource" "copy-pem" {`
`57`	`59`	`]`
`58`	`60`	`}`
`59`	`61`
`60`		`- depends_on = [aws_instance.bastion]`
	`62`	`+ depends_on = [null_resource.create-pem]`
`61`	`63`	`}`
`62`	`64`
`63`	`65`	`resource "aws_instance" "master" {`