kjuulh/terraform-hcloud-kube-hetzner
1
0
Fork 0
Code Issues 1 Pull Requests Projects Releases Wiki Activity

Merge pull request #100 from kube-hetzner/variable-names

Browse Source 
Overhaul variable naming
This commit is contained in:
Paul Haerle 2022-02-27 00:48:14 +01:00 committed by GitHub
commit 059630ec86
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
12 changed files with 43 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@ -100,7 +100,7 @@ To scale the number of nodes up or down, just make sure to properly `kubectl dra
For instance: For instance:
```tfvars ```tfvars
servers_num = 4 control_plane_count = 4
agents_num = 3 agents_num = 3
``` ```

6
agents.tf
View File

@ -12,8 +12,8 @@ module "agents" {
placement_group_id = hcloud_placement_group.k3s.id placement_group_id = hcloud_placement_group.k3s.id
location = var.location location = var.location
server_type = each.value.server_type server_type = each.value.server_type
subnet_id = hcloud_network_subnet.subnet[each.value.subnet].id ipv4_subnet_id = hcloud_network_subnet.subnet[each.value.subnet].id
private_ip = cidrhost(var.network_subnets[each.value.subnet], each.value.index + 1) private_ipv4 = cidrhost(var.network_ipv4_subnets[each.value.subnet], each.value.index + 1)
labels = { labels = {
"provisioner" = "terraform", "provisioner" = "terraform",
"engine" = "k3s" "engine" = "k3s"
@ -44,7 +44,7 @@ resource "null_resource" "agents" {
provisioner "file" { provisioner "file" {
content = yamlencode({ content = yamlencode({
node-name = module.agents[each.key].name node-name = module.agents[each.key].name
server = "https://${local.first_control_plane_network_ip}:6443" server = "https://${local.first_control_plane_network_ipv4}:6443"
token = random_password.k3s_token.result token = random_password.k3s_token.result
kubelet-arg = "cloud-provider=external" kubelet-arg = "cloud-provider=external"
flannel-iface = "eth1" flannel-iface = "eth1"

8
servers.tf → control_planes.tf
View File

@ -1,7 +1,7 @@
module "control_planes" { module "control_planes" {
source = "./modules/host" source = "./modules/host"
count = var.servers_num count = var.control_plane_count
name = "k3s-control-plane-${count.index}" name = "k3s-control-plane-${count.index}"
ssh_keys = [hcloud_ssh_key.k3s.id] ssh_keys = [hcloud_ssh_key.k3s.id]
@ -12,8 +12,8 @@ module "control_planes" {
placement_group_id = hcloud_placement_group.k3s.id placement_group_id = hcloud_placement_group.k3s.id
location = var.location location = var.location
server_type = var.control_plane_server_type server_type = var.control_plane_server_type
subnet_id = hcloud_network_subnet.subnet["control_plane"].id ipv4_subnet_id = hcloud_network_subnet.subnet["control_plane"].id
private_ip = cidrhost(var.network_subnets["control_plane"], count.index + 1) private_ipv4 = cidrhost(var.network_ipv4_subnets["control_plane"], count.index + 1)
labels = { labels = {
"provisioner" = "terraform", "provisioner" = "terraform",
@ -28,7 +28,7 @@ module "control_planes" {
} }
resource "null_resource" "control_planes" { resource "null_resource" "control_planes" {
count = var.servers_num count = var.control_plane_count
triggers = { triggers = {
control_plane_id = module.control_planes[count.index].id control_plane_id = module.control_planes[count.index].id

4
init.tf
View File

@ -96,8 +96,8 @@ resource "null_resource" "kustomization" {
content = templatefile( content = templatefile(
"${path.module}/templates/traefik_config.yaml.tpl", "${path.module}/templates/traefik_config.yaml.tpl",
{ {
lb_disable_ipv6 = var.lb_disable_ipv6 load_balancer_disable_ipv6 = var.load_balancer_disable_ipv6
lb_server_type = var.lb_server_type load_balancer_type = var.load_balancer_type
location = var.location location = var.location
traefik_acme_tls = var.traefik_acme_tls traefik_acme_tls = var.traefik_acme_tls
traefik_acme_email = var.traefik_acme_email traefik_acme_email = var.traefik_acme_email

2
locals.tf
View File

@ -1,5 +1,5 @@
locals { locals {
first_control_plane_network_ip = module.control_planes[0].private_ipv4_address first_control_plane_network_ipv4 = module.control_planes[0].private_ipv4_address
ssh_public_key = trimspace(file(var.public_key)) ssh_public_key = trimspace(file(var.public_key))
# ssh_private_key is either the contents of var.private_key or null to use a ssh agent. # ssh_private_key is either the contents of var.private_key or null to use a ssh agent.

10
main.tf
View File

@ -10,11 +10,11 @@ resource "hcloud_ssh_key" "k3s" {
resource "hcloud_network" "k3s" { resource "hcloud_network" "k3s" {
name = "k3s" name = "k3s"
ip_range = var.network_ip_range ip_range = var.network_ipv4_range
} }
resource "hcloud_network_subnet" "subnet" { resource "hcloud_network_subnet" "subnet" {
for_each = var.network_subnets for_each = var.network_ipv4_subnets
network_id = hcloud_network.k3s.id network_id = hcloud_network.k3s.id
type = "cloud" type = "cloud"
network_zone = var.network_region network_zone = var.network_region
@ -30,7 +30,7 @@ resource "hcloud_firewall" "k3s" {
protocol = "tcp" protocol = "tcp"
port = "any" port = "any"
source_ips = [ source_ips = [
var.network_ip_range, var.network_ipv4_range,
"127.0.0.1/32", "127.0.0.1/32",
"169.254.169.254/32", "169.254.169.254/32",
"213.239.246.1/32" "213.239.246.1/32"
@ -41,7 +41,7 @@ resource "hcloud_firewall" "k3s" {
protocol = "udp" protocol = "udp"
port = "any" port = "any"
source_ips = [ source_ips = [
var.network_ip_range, var.network_ipv4_range,
"127.0.0.1/32", "127.0.0.1/32",
"169.254.169.254/32", "169.254.169.254/32",
"213.239.246.1/32" "213.239.246.1/32"
@ -51,7 +51,7 @@ resource "hcloud_firewall" "k3s" {
direction = "in" direction = "in"
protocol = "icmp" protocol = "icmp"
source_ips = [ source_ips = [
var.network_ip_range, var.network_ipv4_range,
"127.0.0.1/32", "127.0.0.1/32",
"169.254.169.254/32", "169.254.169.254/32",
"213.239.246.1/32" "213.239.246.1/32"

4
modules/host/main.tf
View File

@ -64,7 +64,7 @@ resource "hcloud_server" "server" {
} }
resource "hcloud_server_network" "server" { resource "hcloud_server_network" "server" {
ip = var.private_ip ip = var.private_ipv4
server_id = hcloud_server.server.id server_id = hcloud_server.server.id
subnet_id = var.subnet_id subnet_id = var.ipv4_subnet_id
} }

4
modules/host/variables.tf
View File

@ -54,12 +54,12 @@ variable "location" {
type = string type = string
} }
variable "subnet_id" { variable "ipv4_subnet_id" {
description = "The subnet id" description = "The subnet id"
type = string type = string
} }
variable "private_ip" { variable "private_ipv4" {
description = "Private IP for the server" description = "Private IP for the server"
type = string type = string
} }

10
output.tf
View File

@ -1,16 +1,16 @@
output "controlplanes_public_ip" { output "control_planes_public_ipv4" {
value = module.control_planes.*.ipv4_address value = module.control_planes.*.ipv4_address
description = "The public IP addresses of the controlplane server." description = "The public IPv4 addresses of the controlplane server."
} }
output "agents_public_ip" { output "agents_public_ipv4" {
value = [ value = [
for obj in module.agents : obj.ipv4_address for obj in module.agents : obj.ipv4_address
] ]
description = "The public IP addresses of the agent server." description = "The public IPv4 addresses of the agent server."
} }
output "load_balancer_public_ip" { output "load_balancer_public_ipv4" {
description = "The public IPv4 address of the Hetzner load balancer" description = "The public IPv4 address of the Hetzner load balancer"
value = data.hcloud_load_balancer.traefik.ipv4 value = data.hcloud_load_balancer.traefik.ipv4
} }

4
templates/traefik_config.yaml.tpl
View File

@ -15,9 +15,9 @@ spec:
# keep hetzner-ccm from exposing our private ingress ip, which in general isn't routeable from the public internet # keep hetzner-ccm from exposing our private ingress ip, which in general isn't routeable from the public internet
"load-balancer.hetzner.cloud/disable-private-ingress": "true" "load-balancer.hetzner.cloud/disable-private-ingress": "true"
# disable ipv6 by default, because external-dns doesn't support AAAA for hcloud yet https://github.com/kubernetes-sigs/external-dns/issues/2044 # disable ipv6 by default, because external-dns doesn't support AAAA for hcloud yet https://github.com/kubernetes-sigs/external-dns/issues/2044
"load-balancer.hetzner.cloud/ipv6-disabled": "${lb_disable_ipv6}" "load-balancer.hetzner.cloud/ipv6-disabled": "${load_balancer_disable_ipv6}"
"load-balancer.hetzner.cloud/location": "${location}" "load-balancer.hetzner.cloud/location": "${location}"
"load-balancer.hetzner.cloud/type": "${lb_server_type}" "load-balancer.hetzner.cloud/type": "${load_balancer_type}"
"load-balancer.hetzner.cloud/uses-proxyprotocol": "true" "load-balancer.hetzner.cloud/uses-proxyprotocol": "true"
additionalArguments: additionalArguments:
- "--entryPoints.web.proxyProtocol.trustedIPs=127.0.0.1/32,10.0.0.0/8" - "--entryPoints.web.proxyProtocol.trustedIPs=127.0.0.1/32,10.0.0.0/8"

8
terraform.tfvars.example
View File

@ -9,18 +9,18 @@ private_key = "/home/username/.ssh/id_ed25519"
# For Hetzner server types see https://www.hetzner.com/cloud # For Hetzner server types see https://www.hetzner.com/cloud
location = "fsn1" # change to `ash` for us-east Ashburn, Virginia location location = "fsn1" # change to `ash` for us-east Ashburn, Virginia location
network_region = "eu-central" # change to `us-east` if location is ash network_region = "eu-central" # change to `us-east` if location is ash
network_ip_range = "10.0.0.0/8" network_ipv4_range = "10.0.0.0/8"
network_subnets = { network_ipv4_subnets = {
control_plane = "10.1.0.0/16" control_plane = "10.1.0.0/16"
subnet1 = "10.2.0.0/16" subnet1 = "10.2.0.0/16"
subnet2 = "10.3.0.0/16" subnet2 = "10.3.0.0/16"
} }
control_plane_server_type = "cpx11" control_plane_server_type = "cpx11"
lb_server_type = "lb11" load_balancer_type = "lb11"
# At least 3 server nodes is recommended for HA, otherwise you need to turn off automatic upgrade (see ReadMe). # At least 3 server nodes is recommended for HA, otherwise you need to turn off automatic upgrade (see ReadMe).
servers_num = 3 control_plane_count = 3
agent_nodepools = { agent_nodepools = {

19
variables.tf
View File

@ -30,12 +30,12 @@ variable "network_region" {
type = string type = string
} }
variable "network_ip_range" { variable "network_ipv4_range" {
description = "Default IP range for network" description = "Default IPv4 range for network"
type = string type = string
} }
variable "network_subnets" { variable "network_ipv4_subnets" {
description = "Subnets definition for default network" description = "Subnets definition for default network"
type = map(string) type = map(string)
} }
@ -45,23 +45,22 @@ variable "control_plane_server_type" {
type = string type = string
} }
variable "control_plane_count" {
description = "Number of control plane nodes."
type = number
}
variable "lb_server_type" { variable "load_balancer_type" {
description = "Default load balancer server type" description = "Default load balancer server type"
type = string type = string
} }
variable "lb_disable_ipv6" { variable "load_balancer_disable_ipv6" {
description = "Disable ipv6 for the load balancer" description = "Disable ipv6 for the load balancer"
type = bool type = bool
default = false default = false
} }
variable "servers_num" {
description = "Number of control plane nodes."
type = number
}
variable "agent_nodepools" { variable "agent_nodepools" {
description = "Number of agent nodes." description = "Number of agent nodes."
type = map(any) type = map(any)