fix

gynagarro · gynagarro · commit def83b6c092e · 2025-02-28T11:31:01.000+05:30
diff --git a/terraform/modules/k8s-cluster/main.tf b/terraform/modules/k8s-cluster/main.tf
@@ -26,7 +26,10 @@ resource "aws_instance" "bastion" {
 
 resource "null_resource" "copy-pem" {
   provisioner "local-exec" {
-    command = "echo '${tls_private_key.node-key.private_key_openssh}' > ./node-key.pem"
+    command = <<EOT
+      echo '${tls_private_key.node-key.private_key_openssh}' > ./node-key.pem
+      chmod 600 ./node-key.pem
+    EOT
   }
 
   # Now use the file provisioner to upload the private key to the bastion host
@@ -114,7 +117,7 @@ resource "null_resource" "setup-master" {
     ]
   }
 
-  depends_on = [ aws_instance.master ]
+  depends_on = [ null_resource.copy-pem ]
 }
 
 resource "aws_instance" "worker" {
diff --git a/terraform/modules/k8s-cluster/master.sh b/terraform/modules/k8s-cluster/master.sh
@@ -10,6 +10,11 @@ echo "-------------Disabling swap-------------"
 swapoff -a
 sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab
 
+# Install Dependencies
+echo "-------------Installing Required Packages-------------"
+apt-get update -y
+apt-get install -y curl wget gpg apt-transport-https ca-certificates
+
 # Install Containerd
 echo "-------------Installing Containerd-------------"
 wget https://github.com/containerd/containerd/releases/download/v1.7.4/containerd-1.7.4-linux-amd64.tar.gz
@@ -66,14 +71,13 @@ sysctl net.bridge.bridge-nf-call-iptables net.bridge.bridge-nf-call-ip6tables ne
 modprobe br_netfilter
 sysctl -p /etc/sysctl.conf
 
-# Install kubectl, kubelet and kubeadm
-echo "-------------Installing Kubectl, Kubelet and Kubeadm-------------"
-apt-get update && sudo apt-get install -y apt-transport-https curl
-curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add -
-
-cat <<EOF | sudo tee /etc/apt/sources.list.d/kubernetes.list
-deb https://apt.kubernetes.io/ kubernetes-xenial main
-EOF
+# Check if the key file already exists
+if [ ! -f /etc/apt/keyrings/kubernetes-apt-keyring.gpg ]; then
+  # Download the key if it doesn't exist
+  curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.30/deb/Release.key | gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
+  # Add the Kubernetes repository to the sources list
+  echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.30/deb/ /' | sudo tee /etc/apt/sources.list.d/kubernetes.list
+fi
 
 apt update -y
 apt install -y kubelet kubeadm kubectl

Original file line number	Diff line number	Diff line change
`@@ -26,7 +26,10 @@ resource "aws_instance" "bastion" {`
`26`	`26`
`27`	`27`	`resource "null_resource" "copy-pem" {`
`28`	`28`	`provisioner "local-exec" {`
`29`		`- command = "echo '${tls_private_key.node-key.private_key_openssh}' > ./node-key.pem"`
	`29`	`+ command = <<EOT`
	`30`	`+ echo '${tls_private_key.node-key.private_key_openssh}' > ./node-key.pem`
	`31`	`+ chmod 600 ./node-key.pem`
	`32`	`+ EOT`
`30`	`33`	`}`
`31`	`34`
`32`	`35`	`# Now use the file provisioner to upload the private key to the bastion host`
`@@ -114,7 +117,7 @@ resource "null_resource" "setup-master" {`
`114`	`117`	`]`
`115`	`118`	`}`
`116`	`119`
`117`		`- depends_on = [ aws_instance.master ]`
	`120`	`+ depends_on = [ null_resource.copy-pem ]`
`118`	`121`	`}`
`119`	`122`
`120`	`123`	`resource "aws_instance" "worker" {`