terraform-hcloud-kube-hetzner/control_planes.tf

module "control_planes" {
  source = "./modules/host"

  for_each = local.control_plane_nodepools

  name                   = "${var.use_cluster_name_in_node_name ? "${var.cluster_name}-" : ""}${each.value.nodepool_name}"
  ssh_keys               = [hcloud_ssh_key.k3s.id]
  public_key             = var.public_key
  private_key            = var.private_key
  additional_public_keys = var.additional_public_keys
  firewall_ids           = [hcloud_firewall.k3s.id]
  placement_group_id     = hcloud_placement_group.k3s.id
  location               = each.value.location
  server_type            = each.value.server_type
  ipv4_subnet_id         = hcloud_network_subnet.subnet[[for i, v in var.control_plane_nodepools : i if v.name == each.value.nodepool_name][0] + 1].id

  # We leave some room so 100 eventual Hetzner LBs that can be created perfectly safely
  # It leaves the subnet with 254 x 254 - 100 = 64416 IPs to use, so probably enough.
  private_ipv4 = cidrhost(local.network_ipv4_subnets[[for i, v in var.control_plane_nodepools : i if v.name == each.value.nodepool_name][0] + 1], each.value.index + 101)

  labels = {
    "provisioner" = "terraform",
    "engine"      = "k3s"
  }

  depends_on = [
    hcloud_network_subnet.subnet
  ]
}

resource "null_resource" "control_planes" {
  for_each = local.control_plane_nodepools

  triggers = {
    control_plane_id = module.control_planes[each.key].id
  }

  connection {
    user           = "root"
    private_key    = local.ssh_private_key
    agent_identity = local.ssh_identity
    host           = module.control_planes[each.key].ipv4_address
  }

  # Generating k3s server config file
  provisioner "file" {
    content = yamlencode({
      node-name                = module.control_planes[each.key].name
      server                   = "https://${module.control_planes[each.key].private_ipv4_address == module.control_planes[keys(module.control_planes)[0]].private_ipv4_address && length(module.control_planes) > 1 ? module.control_planes[keys(module.control_planes)[1]].private_ipv4_address : module.control_planes[keys(module.control_planes)[0]].private_ipv4_address}:6443"
      token                    = random_password.k3s_token.result
      disable-cloud-controller = true
      disable                  = local.disable_extras
      flannel-iface            = "eth1"
      kubelet-arg              = "cloud-provider=external"
      node-ip                  = module.control_planes[each.key].private_ipv4_address
      advertise-address        = module.control_planes[each.key].private_ipv4_address
      tls-san                  = module.control_planes[each.key].ipv4_address
      node-label               = each.value.labels
      node-taint               = each.value.taints
    })
    destination = "/tmp/config.yaml"
  }

  # Install k3s server
  provisioner "remote-exec" {
    inline = local.install_k3s_server
  }

  # Start the k3s server and wait for it to have started correctly
  provisioner "remote-exec" {
    inline = [
      "systemctl start k3s 2> /dev/null",
      <<-EOT
      timeout 120 bash <<EOF
        until systemctl status k3s > /dev/null; do
          systemctl start k3s 2> /dev/null
          echo "Waiting for the k3s server to start..."
          sleep 2
        done
      EOF
      EOT
    ]
  }

  depends_on = [
    null_resource.first_control_plane,
    hcloud_network_subnet.subnet
  ]
}
Fist attempt to factor microOS install 2022-02-19 13:38:24 +01:00			`module "control_planes" {`
			`source = "./modules/host"`

wip 2022-04-06 20:38:24 +02:00			`for_each = local.control_plane_nodepools`

fixed ips 2022-04-12 14:48:43 +02:00			`name = "${var.use_cluster_name_in_node_name ? "${var.cluster_name}-" : ""}${each.value.nodepool_name}"`
Merge branch 'master' into modules 2022-02-20 11:30:07 +01:00			`ssh_keys = [hcloud_ssh_key.k3s.id]`
			`public_key = var.public_key`
			`private_key = var.private_key`
			`additional_public_keys = var.additional_public_keys`
			`firewall_ids = [hcloud_firewall.k3s.id]`
			`placement_group_id = hcloud_placement_group.k3s.id`
wip 2022-04-06 20:38:24 +02:00			`location = each.value.location`
			`server_type = each.value.server_type`
ip problem solved 2022-04-09 09:51:11 +02:00			`ipv4_subnet_id = hcloud_network_subnet.subnet[[for i, v in var.control_plane_nodepools : i if v.name == each.value.nodepool_name][0] + 1].id`
Fix LB IP collision for good 2022-03-06 00:59:19 +01:00
			`# We leave some room so 100 eventual Hetzner LBs that can be created perfectly safely`
simplify contitions, little fix 2022-03-11 14:24:24 +01:00			`# It leaves the subnet with 254 x 254 - 100 = 64416 IPs to use, so probably enough.`
ip problem solved 2022-04-09 09:51:11 +02:00			`private_ipv4 = cidrhost(local.network_ipv4_subnets[[for i, v in var.control_plane_nodepools : i if v.name == each.value.nodepool_name][0] + 1], each.value.index + 101)`
initial k3s on MicroOS on Hetzner ok 2022-02-06 08:40:51 +01:00
			`labels = {`
			`"provisioner" = "terraform",`
Fist attempt to factor microOS install 2022-02-19 13:38:24 +01:00			`"engine" = "k3s"`
initial k3s on MicroOS on Hetzner ok 2022-02-06 08:40:51 +01:00			`}`

add specific subnet for nodepool 2022-02-25 19:16:38 +01:00			`depends_on = [`
			`hcloud_network_subnet.subnet`
			`]`
Fist attempt to factor microOS install 2022-02-19 13:38:24 +01:00			`}`
initial k3s on MicroOS on Hetzner ok 2022-02-06 08:40:51 +01:00
Fist attempt to factor microOS install 2022-02-19 13:38:24 +01:00			`resource "null_resource" "control_planes" {`
wip 2022-04-06 20:38:24 +02:00			`for_each = local.control_plane_nodepools`
moved k3s-selinux install to combustion 2022-02-17 13:19:21 +01:00
Fist attempt to factor microOS install 2022-02-19 13:38:24 +01:00			`triggers = {`
wip 2022-04-06 20:38:24 +02:00			`control_plane_id = module.control_planes[each.key].id`
initial k3s on MicroOS on Hetzner ok 2022-02-06 08:40:51 +01:00			`}`

Fist attempt to factor microOS install 2022-02-19 13:38:24 +01:00			`connection {`
			`user = "root"`
			`private_key = local.ssh_private_key`
			`agent_identity = local.ssh_identity`
wip 2022-04-06 20:38:24 +02:00			`host = module.control_planes[each.key].ipv4_address`
initial k3s on MicroOS on Hetzner ok 2022-02-06 08:40:51 +01:00			`}`

			`# Generating k3s server config file`
			`provisioner "file" {`
use yamlencode for k3s configs... ...and remove the now, hopefully unneeded workaround for agent.conf, all values are in config.yaml now 2022-02-07 12:56:13 +01:00			`content = yamlencode({`
wip 2022-04-06 20:38:24 +02:00			`node-name = module.control_planes[each.key].name`
fixed ips 2022-04-12 14:48:43 +02:00			`server = "https://${module.control_planes[each.key].private_ipv4_address == module.control_planes[keys(module.control_planes)[0]].private_ipv4_address && length(module.control_planes) > 1 ? module.control_planes[keys(module.control_planes)[1]].private_ipv4_address : module.control_planes[keys(module.control_planes)[0]].private_ipv4_address}:6443"`
k3s install method ok 2022-02-16 04:24:20 +01:00			`token = random_password.k3s_token.result`
use yamlencode for k3s configs... ...and remove the now, hopefully unneeded workaround for agent.conf, all values are in config.yaml now 2022-02-07 12:56:13 +01:00			`disable-cloud-controller = true`
disable flags tweak 2022-03-22 11:47:51 +01:00			`disable = local.disable_extras`
use yamlencode for k3s configs... ...and remove the now, hopefully unneeded workaround for agent.conf, all values are in config.yaml now 2022-02-07 12:56:13 +01:00			`flannel-iface = "eth1"`
			`kubelet-arg = "cloud-provider=external"`
wip 2022-04-06 20:38:24 +02:00			`node-ip = module.control_planes[each.key].private_ipv4_address`
			`advertise-address = module.control_planes[each.key].private_ipv4_address`
fixed ips 2022-04-12 14:48:43 +02:00			`tls-san = module.control_planes[each.key].ipv4_address`
wip 2022-04-06 20:38:24 +02:00			`node-label = each.value.labels`
			`node-taint = each.value.taints`
initial k3s on MicroOS on Hetzner ok 2022-02-06 08:40:51 +01:00			`})`
k3s-install ready for testing 2022-02-16 03:18:40 +01:00			`destination = "/tmp/config.yaml"`
			`}`

			`# Install k3s server`
			`provisioner "remote-exec" {`
			`inline = local.install_k3s_server`
			`}`

making k3s start more robust 2022-02-20 02:04:37 +01:00			`# Start the k3s server and wait for it to have started correctly`
initial k3s on MicroOS on Hetzner ok 2022-02-06 08:40:51 +01:00			`provisioner "remote-exec" {`
			`inline = [`
tweaked k3s start 2022-02-20 13:36:41 +01:00			`"systemctl start k3s 2> /dev/null",`
pre master 2022-02-10 03:01:40 +01:00			`<<-EOT`
k3s-install ready for testing 2022-02-16 03:18:40 +01:00			`timeout 120 bash <<EOF`
			`until systemctl status k3s > /dev/null; do`
tweaked k3s start 2022-02-20 13:36:41 +01:00			`systemctl start k3s 2> /dev/null`
k3s-install ready for testing 2022-02-16 03:18:40 +01:00			`echo "Waiting for the k3s server to start..."`
k3s install method ok 2022-02-16 04:24:20 +01:00			`sleep 2`
pre master 2022-02-10 03:01:40 +01:00			`done`
k3s-install ready for testing 2022-02-16 03:18:40 +01:00			`EOF`
pre master 2022-02-10 03:01:40 +01:00			`EOT`
initial k3s on MicroOS on Hetzner ok 2022-02-06 08:40:51 +01:00			`]`
			`}`

			`depends_on = [`
Fist attempt to factor microOS install 2022-02-19 13:38:24 +01:00			`null_resource.first_control_plane,`
add specific subnet for nodepool 2022-02-25 19:16:38 +01:00			`hcloud_network_subnet.subnet`
initial k3s on MicroOS on Hetzner ok 2022-02-06 08:40:51 +01:00			`]`
			`}`