terraform-hcloud-kube-hetzner/terraform.tfvars.example

93 lines
4.4 KiB
Plaintext
Raw Normal View History

2022-03-03 01:28:51 +01:00
# Only the first values starting with a * are obligatory, the rest can remain with their default values, or you
2022-03-02 22:32:34 +01:00
# could adapt them to your needs.
2022-03-02 20:54:29 +01:00
#
2022-03-02 22:32:34 +01:00
# Note that some values, notably "location" and "public_key" have no effect after the initial cluster has been setup.
# This is in order to keep terraform from re-provisioning all nodes at once which would loose data. If you want to update,
# those, you should instead change the value here and then manually re-provision each node one-by-one. Grep for "lifecycle".
2022-03-02 20:54:29 +01:00
2022-03-02 22:32:34 +01:00
# * Your Hetzner project API token
2022-01-06 07:16:18 +01:00
hcloud_token = "xxxxxxxxxxxxxxxxxxYYYYYYYYYYYYYYYYYYYzzzzzzzzzzzzzzzzzzzzz"
2022-03-02 22:32:34 +01:00
# * Your public key
2022-01-06 07:16:18 +01:00
public_key = "/home/username/.ssh/id_ed25519.pub"
2022-03-02 22:32:34 +01:00
# * Your private key, must be "private_key = null" when you want to use ssh-agent, for a Yubikey like device auth or an SSH key-pair with passphrase
2022-01-06 07:16:18 +01:00
private_key = "/home/username/.ssh/id_ed25519"
# These can be customized, or left with the default values
# For Hetzner locations see https://docs.hetzner.com/general/others/data-centers-and-connection/
# For Hetzner server types see https://www.hetzner.com/cloud
2022-02-25 19:16:38 +01:00
location = "fsn1" # change to `ash` for us-east Ashburn, Virginia location
network_region = "eu-central" # change to `us-east` if location is ash
2022-02-27 10:51:41 +01:00
# At least 3 server nodes is recommended for HA, otherwise you need to turn off automatic upgrade (see ReadMe).
2022-02-28 14:27:24 +01:00
# As per rancher docs, it must be always an odd number, never even! See https://rancher.com/docs/k3s/latest/en/installation/ha-embedded/
# For instance, 1 is ok (non-HA), 2 not ok, 3 is ok (becomes HA).
2022-03-02 22:32:34 +01:00
control_plane_count = 3
2022-02-28 14:27:24 +01:00
2022-03-02 12:09:31 +01:00
# The type of control plane nodes, see https://www.hetzner.com/cloud, the minimum instance supported is cpx11 (just a few cents more than cx11)
control_plane_server_type = "cpx11"
# As for the agent nodepools, below is just an example, if you do not want nodepools, just use one,
2022-02-28 00:17:52 +01:00
# and change the name to what you want, it need not be "agent-big" or "agent-small", also give them the subnet prefer.
2022-03-09 03:43:10 +01:00
# For single node clusters set this equal to [] or just set the counts to 0.
# IMPORTANT: Once the cluster is created, you can change the count, and even set it to 0, but do not remove a nodepool from the list.
# You can add others at the end of the list if you want.
agent_nodepools = [
{
name = "agent-small",
2022-02-27 21:48:33 +01:00
server_type = "cpx11",
2022-03-09 02:17:00 +01:00
count = 2
},
{
name = "agent-large",
server_type = "cpx21",
count = 1
2022-02-23 16:46:46 +01:00
}
]
2022-01-13 22:41:36 +01:00
2022-02-28 14:27:24 +01:00
# That will depend on how much load you want it to handle, see https://www.hetzner.com/cloud/load-balancer
load_balancer_type = "lb11"
2022-03-02 22:32:34 +01:00
### The following values are fully optional
2022-01-13 22:41:36 +01:00
# If you want to use a specific Hetzner CCM and CSI version, set them below, otherwise leave as is for the latest versions
# hetzner_ccm_version = ""
# hetzner_csi_version = ""
# If you want to use letsencrypt with tls Challenge, the email address is used to send you certificates expiration notices
# traefik_acme_tls = true
# traefik_acme_email = "mail@example.com"
# If you want to allow non-control-plane workloads to run on the control-plane nodes set "true" below. The default is "false".
2022-03-04 16:21:22 +01:00
# Also good for single node clusters.
# allow_scheduling_on_control_plane = true
2022-02-16 03:18:40 +01:00
2022-02-23 21:35:42 +01:00
# If you want to disable automatic upgrade of k3s, you can set this to false, default is "true".
2022-02-16 03:18:40 +01:00
# automatically_upgrade_k3s = false
2022-02-23 21:35:42 +01:00
# Allows you to specify either stable, latest, or testing (defaults to stable), see https://rancher.com/docs/k3s/latest/en/upgrades/basic/
# initial_k3s_channel = "latest"
2022-03-09 05:19:06 +01:00
# The cluster name, by default "k3s"
# cluster_name = ""
2022-03-09 09:44:16 +01:00
# Whether to use the cluster name in the node name, in the form of {cluster_name}-{nodepool_name} the default is "true".
# use_cluster_name_in_node_name = false
# Adding extra firewall rules, like opening a port
# In this example with allow port TCP 5432 for a Postgres service we will open via a nodeport
# More info on the format here https://registry.terraform.io/providers/hetznercloud/hcloud/latest/docs/resources/firewall
2022-02-27 23:30:56 +01:00
# extra_firewall_rules = [
# {
# direction = "in"
# protocol = "tcp"
# port = "5432"
# source_ips = [
# "0.0.0.0/0"
# ]
# },
# ]
2022-03-04 15:02:54 +01:00
# If you want to configure additional Arguments for traefik, enter them here as a list and in the form of traefik CLI arguments; see https://doc.traefik.io/traefik/reference/static-configuration/cli/
2022-03-05 10:59:20 +01:00
# Example: traefik_additional_options = ["--log.level=DEBUG", "--tracing=true"]
# traefik_additional_options = []