This commit is contained in:
Michael Karbowiak 2022-05-02 20:49:18 +00:00 committed by GitHub
commit 02b2bdad99
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
8 changed files with 96 additions and 22 deletions

View File

@ -54,7 +54,7 @@ Follow those simple steps, and your world's cheapest Kube cluster will be up and
First and foremost, you need to have a Hetzner Cloud account. You can sign up for free [here](https://hetzner.com/cloud/).
Then you'll need to have [terraform](https://learn.hashicorp.com/tutorials/terraform/install-cli), [kubectl](https://kubernetes.io/docs/tasks/tools/) cli, and [hcloud](<https://github.com/hetznercloud/cli>) the Hetzner cli. The easiest way is to use the [homebrew](https://brew.sh/) package manager to install them (available on Linux, Mac, and Windows Linux Subsystem).
Then you'll need to have [terraform](https://learn.hashicorp.com/tutorials/terraform/install-cli), [kubectl](https://kubernetes.io/docs/tasks/tools/) cli and [hcloud](<https://github.com/hetznercloud/cli>) the Hetzner cli. The easiest way is to use the [homebrew](https://brew.sh/) package manager to install them (available on Linux, Mac, and Windows Linux Subsystem).
```sh
brew install terraform

44
init.tf
View File

@ -80,18 +80,25 @@ resource "null_resource" "kustomization" {
content = yamlencode({
apiVersion = "kustomize.config.k8s.io/v1beta1"
kind = "Kustomization"
resources = concat([
"https://github.com/hetznercloud/hcloud-cloud-controller-manager/releases/download/${local.ccm_version}/ccm-networks.yaml",
"https://raw.githubusercontent.com/hetznercloud/csi-driver/${local.csi_version}/deploy/kubernetes/hcloud-csi.yml",
"https://github.com/weaveworks/kured/releases/download/${local.kured_version}/kured-${local.kured_version}-dockerhub.yaml",
"https://raw.githubusercontent.com/rancher/system-upgrade-controller/master/manifests/system-upgrade-controller.yaml",
], local.is_single_node_cluster ? [] : var.traefik_enabled ? ["traefik_config.yaml"] : []
, var.cni_plugin == "calico" ? ["https://projectcalico.docs.tigera.io/manifests/calico.yaml"] : []),
patchesStrategicMerge = concat([
file("${path.module}/kustomize/kured.yaml"),
file("${path.module}/kustomize/ccm.yaml"),
file("${path.module}/kustomize/system-upgrade-controller.yaml")
], var.cni_plugin == "calico" ? [file("${path.module}/kustomize/calico.yaml")] : [])
resources = concat(
[
"https://github.com/hetznercloud/hcloud-cloud-controller-manager/releases/download/${local.ccm_version}/ccm-networks.yaml",
"https://github.com/weaveworks/kured/releases/download/${local.kured_version}/kured-${local.kured_version}-dockerhub.yaml",
"https://raw.githubusercontent.com/rancher/system-upgrade-controller/master/manifests/system-upgrade-controller.yaml",
],
var.disable_hetzner_csi ? [] : ["https://raw.githubusercontent.com/hetznercloud/csi-driver/${local.csi_version}/deploy/kubernetes/hcloud-csi.yml"],
var.enable_longhorn ? ["longhorn.yaml"] : [],
local.is_single_node_cluster ? [] : var.traefik_enabled ? ["traefik_config.yaml"] : [],
var.cni_plugin == "calico" ? ["https://projectcalico.docs.tigera.io/manifests/calico.yaml"] : []
),
patchesStrategicMerge = concat(
[
file("${path.module}/kustomize/kured.yaml"),
file("${path.module}/kustomize/ccm.yaml"),
file("${path.module}/kustomize/system-upgrade-controller.yaml")
],
var.cni_plugin == "calico" ? [file("${path.module}/kustomize/calico.yaml")] : []
)
})
destination = "/var/post_install/kustomization.yaml"
}
@ -122,6 +129,16 @@ resource "null_resource" "kustomization" {
destination = "/var/post_install/plans.yaml"
}
# Upload the Longhorn config
provisioner "file" {
content = templatefile(
"${path.module}/templates/longhorn.yaml.tpl",
{
disable_hetzner_csi = var.disable_hetzner_csi
})
destination = "/var/post_install/longhorn.yaml"
}
# Deploy secrets, logging is automatically disabled due to sensitive variables
provisioner "remote-exec" {
inline = [
@ -161,6 +178,7 @@ resource "null_resource" "kustomization" {
}
depends_on = [
null_resource.first_control_plane
null_resource.first_control_plane,
local_sensitive_file.kubeconfig
]
}

View File

@ -13,7 +13,7 @@ locals {
ccm_version = var.hetzner_ccm_version != null ? var.hetzner_ccm_version : data.github_release.hetzner_ccm.release_tag
csi_version = var.hetzner_csi_version != null ? var.hetzner_csi_version : data.github_release.hetzner_csi.release_tag
kured_version = data.github_release.kured.release_tag
kured_version = var.kured_version != null ? var.kured_version : data.github_release.kured.release_tag
common_commands_install_k3s = [
"set -ex",

View File

@ -69,7 +69,7 @@ resource "hcloud_server" "server" {
provisioner "remote-exec" {
inline = [
"set -ex",
"transactional-update shell <<< 'rpm --import https://rpm.rancher.io/public.key;zypper install -y https://github.com/k3s-io/k3s-selinux/releases/download/v0.5.stable.1/k3s-selinux-0.5-1.sle.noarch.rpm'"
"transactional-update shell <<< 'rpm --import https://rpm.rancher.io/public.key; zypper install -y open-iscsi https://github.com/k3s-io/k3s-selinux/releases/download/v0.5.stable.1/k3s-selinux-0.5-1.sle.noarch.rpm'"
]
}
@ -84,6 +84,14 @@ resource "hcloud_server" "server" {
done
EOT
}
# Enable open-iscsi
provisioner "remote-exec" {
inline = [
"set -ex",
"systemctl enable --now iscsid"
]
}
}
resource "hcloud_server_network" "server" {

View File

@ -0,0 +1,22 @@
---
apiVersion: v1
kind: Namespace
metadata:
name: longhorn
---
apiVersion: helm.cattle.io/v1
kind: HelmChart
metadata:
name: longhorn
namespace: kube-system
spec:
chart: longhorn
repo: https://charts.longhorn.io
targetNamespace: longhorn
valuesContent: |-
defaultSettings:
defaultDataPath: /var/longhorn
persistence:
defaultFsType: ext4
defaultClassReplicaCount: 2
%{ if disable_hetzner_csi ~}defaultClass: true%{ else ~}defaultClass: false%{ endif ~}

View File

@ -103,10 +103,18 @@ load_balancer_location = "fsn1"
### The following values are entirely optional
# To use local storage on the nodes, you can enable Longhorn, default is "false"
# enable_longhorn = false
# To disable Hetzner CSI storage, you can set the following to true, default is "false"
# disable_hetzner_csi = false
# If you want to use a specific Hetzner CCM and CSI version, set them below; otherwise, leave them as-is for the latest versions
# hetzner_ccm_version = ""
# hetzner_csi_version = ""
# If you want to specify the Kured version, set it below - otherwise it'll use the latest version available
# kured_version = ""
# We give you the possibility to use letsencrypt directly with Traefik because it's an easy setup, however it's not optimal,
# as the free version of Traefik causes a little bit of downtime when when the certificates get renewed. For proper SSL management,

View File

@ -65,6 +65,12 @@ variable "hetzner_csi_version" {
description = "Version of Container Storage Interface driver for Hetzner Cloud"
}
variable "kured_version" {
type = string
default = null
description = "Version of Kured"
}
variable "traefik_enabled" {
type = bool
default = true
@ -157,3 +163,15 @@ variable "cni_plugin" {
default = "flannel"
description = "CNI plugin for k3s"
}
variable "enable_longhorn" {
type = bool
default = false
description = "Enable Longhorn"
}
variable "disable_hetzner_csi" {
type = bool
default = false
description = "Disable hetzner csi driver"
}