From 22606926a14bb6614465d542d65c3f88e1a00961 Mon Sep 17 00:00:00 2001 From: phaer Date: Sat, 26 Feb 2022 12:04:45 +0100 Subject: [PATCH 1/4] servers_num -> control_plane_count --- README.md | 2 +- servers.tf | 4 ++-- terraform.tfvars.example | 2 +- variables.tf | 10 +++++----- 4 files changed, 9 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index f5d0301..81cc5c7 100644 --- a/README.md +++ b/README.md @@ -100,7 +100,7 @@ To scale the number of nodes up or down, just make sure to properly `kubectl dra For instance: ```tfvars -servers_num = 4 +control_plane_count = 4 agents_num = 3 ``` diff --git a/servers.tf b/servers.tf index 0263f15..9f26677 100644 --- a/servers.tf +++ b/servers.tf @@ -1,7 +1,7 @@ module "control_planes" { source = "./modules/host" - count = var.servers_num + count = var.control_plane_count name = "k3s-control-plane-${count.index}" ssh_keys = [hcloud_ssh_key.k3s.id] @@ -28,7 +28,7 @@ module "control_planes" { } resource "null_resource" "control_planes" { - count = var.servers_num + count = var.control_plane_count triggers = { control_plane_id = module.control_planes[count.index].id diff --git a/terraform.tfvars.example b/terraform.tfvars.example index f3942ce..5ae9930 100644 --- a/terraform.tfvars.example +++ b/terraform.tfvars.example @@ -20,7 +20,7 @@ control_plane_server_type = "cpx11" lb_server_type = "lb11" # At least 3 server nodes is recommended for HA, otherwise you need to turn off automatic upgrade (see ReadMe). -servers_num = 3 +control_plane_count = 3 agent_nodepools = { diff --git a/variables.tf b/variables.tf index 24bb8f1..a0ed062 100644 --- a/variables.tf +++ b/variables.tf @@ -45,6 +45,11 @@ variable "control_plane_server_type" { type = string } +variable "control_plane_count" { + description = "Number of control plane nodes." + type = number +} + variable "lb_server_type" { description = "Default load balancer server type" @@ -57,11 +62,6 @@ variable "lb_disable_ipv6" { default = false } -variable "servers_num" { - description = "Number of control plane nodes." - type = number -} - variable "agent_nodepools" { description = "Number of agent nodes." type = map(any) From 2045f4293bab38e0fa1ecd521c6445b215977183 Mon Sep 17 00:00:00 2001 From: phaer Date: Sat, 26 Feb 2022 12:07:42 +0100 Subject: [PATCH 2/4] servers.tf -> control_planes.tf --- servers.tf => control_planes.tf | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename servers.tf => control_planes.tf (100%) diff --git a/servers.tf b/control_planes.tf similarity index 100% rename from servers.tf rename to control_planes.tf From 52b3d9b82c514f363b8def5bd16b5b2d255e3faf Mon Sep 17 00:00:00 2001 From: phaer Date: Sat, 26 Feb 2022 12:10:50 +0100 Subject: [PATCH 3/4] lb -> load_balancer... ...to keep variables and output naming consistent --- init.tf | 4 ++-- templates/traefik_config.yaml.tpl | 4 ++-- terraform.tfvars.example | 2 +- variables.tf | 4 ++-- 4 files changed, 7 insertions(+), 7 deletions(-) diff --git a/init.tf b/init.tf index 0812470..68bfa1a 100644 --- a/init.tf +++ b/init.tf @@ -96,8 +96,8 @@ resource "null_resource" "kustomization" { content = templatefile( "${path.module}/templates/traefik_config.yaml.tpl", { - lb_disable_ipv6 = var.lb_disable_ipv6 - lb_server_type = var.lb_server_type + load_balancer_disable_ipv6 = var.load_balancer_disable_ipv6 + load_balancer_type = var.load_balancer_type location = var.location traefik_acme_tls = var.traefik_acme_tls traefik_acme_email = var.traefik_acme_email diff --git a/templates/traefik_config.yaml.tpl b/templates/traefik_config.yaml.tpl index f8156f8..75ce20f 100644 --- a/templates/traefik_config.yaml.tpl +++ b/templates/traefik_config.yaml.tpl @@ -15,9 +15,9 @@ spec: # keep hetzner-ccm from exposing our private ingress ip, which in general isn't routeable from the public internet "load-balancer.hetzner.cloud/disable-private-ingress": "true" # disable ipv6 by default, because external-dns doesn't support AAAA for hcloud yet https://github.com/kubernetes-sigs/external-dns/issues/2044 - "load-balancer.hetzner.cloud/ipv6-disabled": "${lb_disable_ipv6}" + "load-balancer.hetzner.cloud/ipv6-disabled": "${load_balancer_disable_ipv6}" "load-balancer.hetzner.cloud/location": "${location}" - "load-balancer.hetzner.cloud/type": "${lb_server_type}" + "load-balancer.hetzner.cloud/type": "${load_balancer_type}" "load-balancer.hetzner.cloud/uses-proxyprotocol": "true" additionalArguments: - "--entryPoints.web.proxyProtocol.trustedIPs=127.0.0.1/32,10.0.0.0/8" diff --git a/terraform.tfvars.example b/terraform.tfvars.example index 5ae9930..0f7aa6c 100644 --- a/terraform.tfvars.example +++ b/terraform.tfvars.example @@ -17,7 +17,7 @@ network_subnets = { } control_plane_server_type = "cpx11" -lb_server_type = "lb11" +load_balancer_type = "lb11" # At least 3 server nodes is recommended for HA, otherwise you need to turn off automatic upgrade (see ReadMe). control_plane_count = 3 diff --git a/variables.tf b/variables.tf index a0ed062..627a04e 100644 --- a/variables.tf +++ b/variables.tf @@ -51,12 +51,12 @@ variable "control_plane_count" { } -variable "lb_server_type" { +variable "load_balancer_type" { description = "Default load balancer server type" type = string } -variable "lb_disable_ipv6" { +variable "load_balancer_disable_ipv6" { description = "Disable ipv6 for the load balancer" type = bool default = false From 38fc145ad0cf13423f8d1103fc8bc3c96e29bc89 Mon Sep 17 00:00:00 2001 From: phaer Date: Sat, 26 Feb 2022 12:26:14 +0100 Subject: [PATCH 4/4] ip -> ipv4... ...explictly label current ip values as ipv4, in order to more easily add ipv6 support later on. --- agents.tf | 6 +++--- control_planes.tf | 4 ++-- init.tf | 10 +++++----- locals.tf | 2 +- main.tf | 10 +++++----- modules/host/main.tf | 4 ++-- modules/host/variables.tf | 4 ++-- output.tf | 10 +++++----- terraform.tfvars.example | 4 ++-- variables.tf | 7 +++---- 10 files changed, 30 insertions(+), 31 deletions(-) diff --git a/agents.tf b/agents.tf index 8c3f6c9..da4c4f5 100644 --- a/agents.tf +++ b/agents.tf @@ -12,8 +12,8 @@ module "agents" { placement_group_id = hcloud_placement_group.k3s.id location = var.location server_type = each.value.server_type - subnet_id = hcloud_network_subnet.subnet[each.value.subnet].id - private_ip = cidrhost(var.network_subnets[each.value.subnet], each.value.index + 1) + ipv4_subnet_id = hcloud_network_subnet.subnet[each.value.subnet].id + private_ipv4 = cidrhost(var.network_ipv4_subnets[each.value.subnet], each.value.index + 1) labels = { "provisioner" = "terraform", "engine" = "k3s" @@ -44,7 +44,7 @@ resource "null_resource" "agents" { provisioner "file" { content = yamlencode({ node-name = module.agents[each.key].name - server = "https://${local.first_control_plane_network_ip}:6443" + server = "https://${local.first_control_plane_network_ipv4}:6443" token = random_password.k3s_token.result kubelet-arg = "cloud-provider=external" flannel-iface = "eth1" diff --git a/control_planes.tf b/control_planes.tf index 9f26677..1f7c239 100644 --- a/control_planes.tf +++ b/control_planes.tf @@ -12,8 +12,8 @@ module "control_planes" { placement_group_id = hcloud_placement_group.k3s.id location = var.location server_type = var.control_plane_server_type - subnet_id = hcloud_network_subnet.subnet["control_plane"].id - private_ip = cidrhost(var.network_subnets["control_plane"], count.index + 1) + ipv4_subnet_id = hcloud_network_subnet.subnet["control_plane"].id + private_ipv4 = cidrhost(var.network_ipv4_subnets["control_plane"], count.index + 1) labels = { "provisioner" = "terraform", diff --git a/init.tf b/init.tf index 68bfa1a..7f7e021 100644 --- a/init.tf +++ b/init.tf @@ -96,11 +96,11 @@ resource "null_resource" "kustomization" { content = templatefile( "${path.module}/templates/traefik_config.yaml.tpl", { - load_balancer_disable_ipv6 = var.load_balancer_disable_ipv6 - load_balancer_type = var.load_balancer_type - location = var.location - traefik_acme_tls = var.traefik_acme_tls - traefik_acme_email = var.traefik_acme_email + load_balancer_disable_ipv6 = var.load_balancer_disable_ipv6 + load_balancer_type = var.load_balancer_type + location = var.location + traefik_acme_tls = var.traefik_acme_tls + traefik_acme_email = var.traefik_acme_email }) destination = "/tmp/post_install/traefik.yaml" } diff --git a/locals.tf b/locals.tf index 5141bc0..08d3fd7 100644 --- a/locals.tf +++ b/locals.tf @@ -1,5 +1,5 @@ locals { - first_control_plane_network_ip = module.control_planes[0].private_ipv4_address + first_control_plane_network_ipv4 = module.control_planes[0].private_ipv4_address ssh_public_key = trimspace(file(var.public_key)) # ssh_private_key is either the contents of var.private_key or null to use a ssh agent. diff --git a/main.tf b/main.tf index d135788..190c5ce 100644 --- a/main.tf +++ b/main.tf @@ -10,11 +10,11 @@ resource "hcloud_ssh_key" "k3s" { resource "hcloud_network" "k3s" { name = "k3s" - ip_range = var.network_ip_range + ip_range = var.network_ipv4_range } resource "hcloud_network_subnet" "subnet" { - for_each = var.network_subnets + for_each = var.network_ipv4_subnets network_id = hcloud_network.k3s.id type = "cloud" network_zone = var.network_region @@ -30,7 +30,7 @@ resource "hcloud_firewall" "k3s" { protocol = "tcp" port = "any" source_ips = [ - var.network_ip_range, + var.network_ipv4_range, "127.0.0.1/32", "169.254.169.254/32", "213.239.246.1/32" @@ -41,7 +41,7 @@ resource "hcloud_firewall" "k3s" { protocol = "udp" port = "any" source_ips = [ - var.network_ip_range, + var.network_ipv4_range, "127.0.0.1/32", "169.254.169.254/32", "213.239.246.1/32" @@ -51,7 +51,7 @@ resource "hcloud_firewall" "k3s" { direction = "in" protocol = "icmp" source_ips = [ - var.network_ip_range, + var.network_ipv4_range, "127.0.0.1/32", "169.254.169.254/32", "213.239.246.1/32" diff --git a/modules/host/main.tf b/modules/host/main.tf index fc0ee44..beb8e99 100644 --- a/modules/host/main.tf +++ b/modules/host/main.tf @@ -64,7 +64,7 @@ resource "hcloud_server" "server" { } resource "hcloud_server_network" "server" { - ip = var.private_ip + ip = var.private_ipv4 server_id = hcloud_server.server.id - subnet_id = var.subnet_id + subnet_id = var.ipv4_subnet_id } diff --git a/modules/host/variables.tf b/modules/host/variables.tf index 614317f..01abaa6 100644 --- a/modules/host/variables.tf +++ b/modules/host/variables.tf @@ -54,12 +54,12 @@ variable "location" { type = string } -variable "subnet_id" { +variable "ipv4_subnet_id" { description = "The subnet id" type = string } -variable "private_ip" { +variable "private_ipv4" { description = "Private IP for the server" type = string } diff --git a/output.tf b/output.tf index 6710da1..762290d 100644 --- a/output.tf +++ b/output.tf @@ -1,16 +1,16 @@ -output "controlplanes_public_ip" { +output "control_planes_public_ipv4" { value = module.control_planes.*.ipv4_address - description = "The public IP addresses of the controlplane server." + description = "The public IPv4 addresses of the controlplane server." } -output "agents_public_ip" { +output "agents_public_ipv4" { value = [ for obj in module.agents : obj.ipv4_address ] - description = "The public IP addresses of the agent server." + description = "The public IPv4 addresses of the agent server." } -output "load_balancer_public_ip" { +output "load_balancer_public_ipv4" { description = "The public IPv4 address of the Hetzner load balancer" value = data.hcloud_load_balancer.traefik.ipv4 } diff --git a/terraform.tfvars.example b/terraform.tfvars.example index 0f7aa6c..949ed81 100644 --- a/terraform.tfvars.example +++ b/terraform.tfvars.example @@ -9,8 +9,8 @@ private_key = "/home/username/.ssh/id_ed25519" # For Hetzner server types see https://www.hetzner.com/cloud location = "fsn1" # change to `ash` for us-east Ashburn, Virginia location network_region = "eu-central" # change to `us-east` if location is ash -network_ip_range = "10.0.0.0/8" -network_subnets = { +network_ipv4_range = "10.0.0.0/8" +network_ipv4_subnets = { control_plane = "10.1.0.0/16" subnet1 = "10.2.0.0/16" subnet2 = "10.3.0.0/16" diff --git a/variables.tf b/variables.tf index 627a04e..ab836e0 100644 --- a/variables.tf +++ b/variables.tf @@ -30,12 +30,12 @@ variable "network_region" { type = string } -variable "network_ip_range" { - description = "Default IP range for network" +variable "network_ipv4_range" { + description = "Default IPv4 range for network" type = string } -variable "network_subnets" { +variable "network_ipv4_subnets" { description = "Subnets definition for default network" type = map(string) } @@ -50,7 +50,6 @@ variable "control_plane_count" { type = number } - variable "load_balancer_type" { description = "Default load balancer server type" type = string