Merge 6fa7daa21d
into a5d641c930
This commit is contained in:
commit
02b2bdad99
@ -54,7 +54,7 @@ Follow those simple steps, and your world's cheapest Kube cluster will be up and
|
|||||||
|
|
||||||
First and foremost, you need to have a Hetzner Cloud account. You can sign up for free [here](https://hetzner.com/cloud/).
|
First and foremost, you need to have a Hetzner Cloud account. You can sign up for free [here](https://hetzner.com/cloud/).
|
||||||
|
|
||||||
Then you'll need to have [terraform](https://learn.hashicorp.com/tutorials/terraform/install-cli), [kubectl](https://kubernetes.io/docs/tasks/tools/) cli, and [hcloud](<https://github.com/hetznercloud/cli>) the Hetzner cli. The easiest way is to use the [homebrew](https://brew.sh/) package manager to install them (available on Linux, Mac, and Windows Linux Subsystem).
|
Then you'll need to have [terraform](https://learn.hashicorp.com/tutorials/terraform/install-cli), [kubectl](https://kubernetes.io/docs/tasks/tools/) cli and [hcloud](<https://github.com/hetznercloud/cli>) the Hetzner cli. The easiest way is to use the [homebrew](https://brew.sh/) package manager to install them (available on Linux, Mac, and Windows Linux Subsystem).
|
||||||
|
|
||||||
```sh
|
```sh
|
||||||
brew install terraform
|
brew install terraform
|
||||||
@ -205,7 +205,7 @@ It is easy to use Kube-Hetzner as a Terraform module. To do so:
|
|||||||
``` terraform
|
``` terraform
|
||||||
module "kube-hetzner" {
|
module "kube-hetzner" {
|
||||||
source = "kube-hetzner/kube-hetzner/hcloud"
|
source = "kube-hetzner/kube-hetzner/hcloud"
|
||||||
|
|
||||||
# insert the required variables here found in terraform.tfvars.example
|
# insert the required variables here found in terraform.tfvars.example
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
@ -285,4 +285,4 @@ Code contributions are very much **welcome**.
|
|||||||
[issues-url]: https://github.com/mysticaltech/kube-hetzner/issues
|
[issues-url]: https://github.com/mysticaltech/kube-hetzner/issues
|
||||||
[license-shield]: https://img.shields.io/github/license/mysticaltech/kube-hetzner.svg?style=for-the-badge
|
[license-shield]: https://img.shields.io/github/license/mysticaltech/kube-hetzner.svg?style=for-the-badge
|
||||||
[license-url]: https://github.com/mysticaltech/kube-hetzner/blob/master/LICENSE.txt
|
[license-url]: https://github.com/mysticaltech/kube-hetzner/blob/master/LICENSE.txt
|
||||||
[product-screenshot]: https://github.com/kube-hetzner/kube-hetzner/raw/master/.images/kubectl-pod-all-17022022.png
|
[product-screenshot]: https://github.com/kube-hetzner/kube-hetzner/raw/master/.images/kubectl-pod-all-17022022.png
|
||||||
|
44
init.tf
44
init.tf
@ -80,18 +80,25 @@ resource "null_resource" "kustomization" {
|
|||||||
content = yamlencode({
|
content = yamlencode({
|
||||||
apiVersion = "kustomize.config.k8s.io/v1beta1"
|
apiVersion = "kustomize.config.k8s.io/v1beta1"
|
||||||
kind = "Kustomization"
|
kind = "Kustomization"
|
||||||
resources = concat([
|
resources = concat(
|
||||||
"https://github.com/hetznercloud/hcloud-cloud-controller-manager/releases/download/${local.ccm_version}/ccm-networks.yaml",
|
[
|
||||||
"https://raw.githubusercontent.com/hetznercloud/csi-driver/${local.csi_version}/deploy/kubernetes/hcloud-csi.yml",
|
"https://github.com/hetznercloud/hcloud-cloud-controller-manager/releases/download/${local.ccm_version}/ccm-networks.yaml",
|
||||||
"https://github.com/weaveworks/kured/releases/download/${local.kured_version}/kured-${local.kured_version}-dockerhub.yaml",
|
"https://github.com/weaveworks/kured/releases/download/${local.kured_version}/kured-${local.kured_version}-dockerhub.yaml",
|
||||||
"https://raw.githubusercontent.com/rancher/system-upgrade-controller/master/manifests/system-upgrade-controller.yaml",
|
"https://raw.githubusercontent.com/rancher/system-upgrade-controller/master/manifests/system-upgrade-controller.yaml",
|
||||||
], local.is_single_node_cluster ? [] : var.traefik_enabled ? ["traefik_config.yaml"] : []
|
],
|
||||||
, var.cni_plugin == "calico" ? ["https://projectcalico.docs.tigera.io/manifests/calico.yaml"] : []),
|
var.disable_hetzner_csi ? [] : ["https://raw.githubusercontent.com/hetznercloud/csi-driver/${local.csi_version}/deploy/kubernetes/hcloud-csi.yml"],
|
||||||
patchesStrategicMerge = concat([
|
var.enable_longhorn ? ["longhorn.yaml"] : [],
|
||||||
file("${path.module}/kustomize/kured.yaml"),
|
local.is_single_node_cluster ? [] : var.traefik_enabled ? ["traefik_config.yaml"] : [],
|
||||||
file("${path.module}/kustomize/ccm.yaml"),
|
var.cni_plugin == "calico" ? ["https://projectcalico.docs.tigera.io/manifests/calico.yaml"] : []
|
||||||
file("${path.module}/kustomize/system-upgrade-controller.yaml")
|
),
|
||||||
], var.cni_plugin == "calico" ? [file("${path.module}/kustomize/calico.yaml")] : [])
|
patchesStrategicMerge = concat(
|
||||||
|
[
|
||||||
|
file("${path.module}/kustomize/kured.yaml"),
|
||||||
|
file("${path.module}/kustomize/ccm.yaml"),
|
||||||
|
file("${path.module}/kustomize/system-upgrade-controller.yaml")
|
||||||
|
],
|
||||||
|
var.cni_plugin == "calico" ? [file("${path.module}/kustomize/calico.yaml")] : []
|
||||||
|
)
|
||||||
})
|
})
|
||||||
destination = "/var/post_install/kustomization.yaml"
|
destination = "/var/post_install/kustomization.yaml"
|
||||||
}
|
}
|
||||||
@ -122,6 +129,16 @@ resource "null_resource" "kustomization" {
|
|||||||
destination = "/var/post_install/plans.yaml"
|
destination = "/var/post_install/plans.yaml"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# Upload the Longhorn config
|
||||||
|
provisioner "file" {
|
||||||
|
content = templatefile(
|
||||||
|
"${path.module}/templates/longhorn.yaml.tpl",
|
||||||
|
{
|
||||||
|
disable_hetzner_csi = var.disable_hetzner_csi
|
||||||
|
})
|
||||||
|
destination = "/var/post_install/longhorn.yaml"
|
||||||
|
}
|
||||||
|
|
||||||
# Deploy secrets, logging is automatically disabled due to sensitive variables
|
# Deploy secrets, logging is automatically disabled due to sensitive variables
|
||||||
provisioner "remote-exec" {
|
provisioner "remote-exec" {
|
||||||
inline = [
|
inline = [
|
||||||
@ -161,6 +178,7 @@ resource "null_resource" "kustomization" {
|
|||||||
}
|
}
|
||||||
|
|
||||||
depends_on = [
|
depends_on = [
|
||||||
null_resource.first_control_plane
|
null_resource.first_control_plane,
|
||||||
|
local_sensitive_file.kubeconfig
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
@ -13,7 +13,7 @@ locals {
|
|||||||
|
|
||||||
ccm_version = var.hetzner_ccm_version != null ? var.hetzner_ccm_version : data.github_release.hetzner_ccm.release_tag
|
ccm_version = var.hetzner_ccm_version != null ? var.hetzner_ccm_version : data.github_release.hetzner_ccm.release_tag
|
||||||
csi_version = var.hetzner_csi_version != null ? var.hetzner_csi_version : data.github_release.hetzner_csi.release_tag
|
csi_version = var.hetzner_csi_version != null ? var.hetzner_csi_version : data.github_release.hetzner_csi.release_tag
|
||||||
kured_version = data.github_release.kured.release_tag
|
kured_version = var.kured_version != null ? var.kured_version : data.github_release.kured.release_tag
|
||||||
|
|
||||||
common_commands_install_k3s = [
|
common_commands_install_k3s = [
|
||||||
"set -ex",
|
"set -ex",
|
||||||
|
@ -69,7 +69,7 @@ resource "hcloud_server" "server" {
|
|||||||
provisioner "remote-exec" {
|
provisioner "remote-exec" {
|
||||||
inline = [
|
inline = [
|
||||||
"set -ex",
|
"set -ex",
|
||||||
"transactional-update shell <<< 'rpm --import https://rpm.rancher.io/public.key;zypper install -y https://github.com/k3s-io/k3s-selinux/releases/download/v0.5.stable.1/k3s-selinux-0.5-1.sle.noarch.rpm'"
|
"transactional-update shell <<< 'rpm --import https://rpm.rancher.io/public.key; zypper install -y open-iscsi https://github.com/k3s-io/k3s-selinux/releases/download/v0.5.stable.1/k3s-selinux-0.5-1.sle.noarch.rpm'"
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -84,6 +84,14 @@ resource "hcloud_server" "server" {
|
|||||||
done
|
done
|
||||||
EOT
|
EOT
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# Enable open-iscsi
|
||||||
|
provisioner "remote-exec" {
|
||||||
|
inline = [
|
||||||
|
"set -ex",
|
||||||
|
"systemctl enable --now iscsid"
|
||||||
|
]
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "hcloud_server_network" "server" {
|
resource "hcloud_server_network" "server" {
|
||||||
|
22
templates/longhorn.yaml.tpl
Normal file
22
templates/longhorn.yaml.tpl
Normal file
@ -0,0 +1,22 @@
|
|||||||
|
---
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Namespace
|
||||||
|
metadata:
|
||||||
|
name: longhorn
|
||||||
|
---
|
||||||
|
apiVersion: helm.cattle.io/v1
|
||||||
|
kind: HelmChart
|
||||||
|
metadata:
|
||||||
|
name: longhorn
|
||||||
|
namespace: kube-system
|
||||||
|
spec:
|
||||||
|
chart: longhorn
|
||||||
|
repo: https://charts.longhorn.io
|
||||||
|
targetNamespace: longhorn
|
||||||
|
valuesContent: |-
|
||||||
|
defaultSettings:
|
||||||
|
defaultDataPath: /var/longhorn
|
||||||
|
persistence:
|
||||||
|
defaultFsType: ext4
|
||||||
|
defaultClassReplicaCount: 2
|
||||||
|
%{ if disable_hetzner_csi ~}defaultClass: true%{ else ~}defaultClass: false%{ endif ~}
|
@ -47,4 +47,4 @@ spec:
|
|||||||
serviceAccountName: system-upgrade
|
serviceAccountName: system-upgrade
|
||||||
cordon: true
|
cordon: true
|
||||||
upgrade:
|
upgrade:
|
||||||
image: rancher/k3s-upgrade
|
image: rancher/k3s-upgrade
|
||||||
|
@ -24,9 +24,9 @@ network_region = "eu-central" # change to `us-east` if location is ash
|
|||||||
# Of course, you can choose any number of nodepools you want, with the location you want. The only constraint on the location is that you need to stay in the same network region, Europe, or the US.
|
# Of course, you can choose any number of nodepools you want, with the location you want. The only constraint on the location is that you need to stay in the same network region, Europe, or the US.
|
||||||
# For the server type, the minimum instance supported is cpx11 (just a few cents more than cx11); see https://www.hetzner.com/cloud.
|
# For the server type, the minimum instance supported is cpx11 (just a few cents more than cx11); see https://www.hetzner.com/cloud.
|
||||||
|
|
||||||
# IMPORTANT: Before you create your cluster, you can do anything you want with the nodepools, but you need at least one of each control plane and agent.
|
# IMPORTANT: Before you create your cluster, you can do anything you want with the nodepools, but you need at least one of each control plane and agent.
|
||||||
# Once the cluster is up and running, you can change nodepool count and even set it to 0 (in the case of the first control-plane nodepool, the minimum is 1),
|
# Once the cluster is up and running, you can change nodepool count and even set it to 0 (in the case of the first control-plane nodepool, the minimum is 1),
|
||||||
# you can also rename it (if the count is 0), but do not remove a nodepool from the list.
|
# you can also rename it (if the count is 0), but do not remove a nodepool from the list.
|
||||||
|
|
||||||
# The only nodepools that are safe to remove from the list when you edit it are at the end of the lists. That is due to how subnets and IPs get allocated (FILO).
|
# The only nodepools that are safe to remove from the list when you edit it are at the end of the lists. That is due to how subnets and IPs get allocated (FILO).
|
||||||
# You can, however, freely add other nodepools at the end of each list if you want! The maximum number of nodepools you can create combined for both lists is 255.
|
# You can, however, freely add other nodepools at the end of each list if you want! The maximum number of nodepools you can create combined for both lists is 255.
|
||||||
@ -103,10 +103,18 @@ load_balancer_location = "fsn1"
|
|||||||
|
|
||||||
### The following values are entirely optional
|
### The following values are entirely optional
|
||||||
|
|
||||||
|
# To use local storage on the nodes, you can enable Longhorn, default is "false"
|
||||||
|
# enable_longhorn = false
|
||||||
|
|
||||||
|
# To disable Hetzner CSI storage, you can set the following to true, default is "false"
|
||||||
|
# disable_hetzner_csi = false
|
||||||
|
|
||||||
# If you want to use a specific Hetzner CCM and CSI version, set them below; otherwise, leave them as-is for the latest versions
|
# If you want to use a specific Hetzner CCM and CSI version, set them below; otherwise, leave them as-is for the latest versions
|
||||||
# hetzner_ccm_version = ""
|
# hetzner_ccm_version = ""
|
||||||
# hetzner_csi_version = ""
|
# hetzner_csi_version = ""
|
||||||
|
|
||||||
|
# If you want to specify the Kured version, set it below - otherwise it'll use the latest version available
|
||||||
|
# kured_version = ""
|
||||||
|
|
||||||
# We give you the possibility to use letsencrypt directly with Traefik because it's an easy setup, however it's not optimal,
|
# We give you the possibility to use letsencrypt directly with Traefik because it's an easy setup, however it's not optimal,
|
||||||
# as the free version of Traefik causes a little bit of downtime when when the certificates get renewed. For proper SSL management,
|
# as the free version of Traefik causes a little bit of downtime when when the certificates get renewed. For proper SSL management,
|
||||||
@ -175,4 +183,4 @@ load_balancer_location = "fsn1"
|
|||||||
|
|
||||||
# If you want to disable the automatic use of placement group "spread". See https://docs.hetzner.com/cloud/placement-groups/overview/
|
# If you want to disable the automatic use of placement group "spread". See https://docs.hetzner.com/cloud/placement-groups/overview/
|
||||||
# That may be useful if you need to deploy more than 500 nodes! The default is "false".
|
# That may be useful if you need to deploy more than 500 nodes! The default is "false".
|
||||||
# placement_group_disable = true
|
# placement_group_disable = true
|
||||||
|
18
variables.tf
18
variables.tf
@ -65,6 +65,12 @@ variable "hetzner_csi_version" {
|
|||||||
description = "Version of Container Storage Interface driver for Hetzner Cloud"
|
description = "Version of Container Storage Interface driver for Hetzner Cloud"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
variable "kured_version" {
|
||||||
|
type = string
|
||||||
|
default = null
|
||||||
|
description = "Version of Kured"
|
||||||
|
}
|
||||||
|
|
||||||
variable "traefik_enabled" {
|
variable "traefik_enabled" {
|
||||||
type = bool
|
type = bool
|
||||||
default = true
|
default = true
|
||||||
@ -157,3 +163,15 @@ variable "cni_plugin" {
|
|||||||
default = "flannel"
|
default = "flannel"
|
||||||
description = "CNI plugin for k3s"
|
description = "CNI plugin for k3s"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
variable "enable_longhorn" {
|
||||||
|
type = bool
|
||||||
|
default = false
|
||||||
|
description = "Enable Longhorn"
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "disable_hetzner_csi" {
|
||||||
|
type = bool
|
||||||
|
default = false
|
||||||
|
description = "Disable hetzner csi driver"
|
||||||
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user