replace kustomization.yaml.tpl with yamlencode
benefit is replacing inline strings in yaml with proper files locally while still just deploying a single file to the remote host.
This commit is contained in:
parent
ddcc473ea8
commit
347ba42866
30
locals.tf
30
locals.tf
@ -1,7 +1,8 @@
|
||||
locals {
|
||||
first_control_plane_network_ip = cidrhost(hcloud_network_subnet.k3s.ip_range, 2)
|
||||
hcloud_image_name = "ubuntu-20.04"
|
||||
ssh_public_key = trimspace(file(var.public_key))
|
||||
|
||||
ssh_public_key = trimspace(file(var.public_key))
|
||||
# ssh_private_key is either the contents of var.private_key or null to use a ssh agent.
|
||||
ssh_private_key = var.private_key == null ? null : trimspace(file(var.private_key))
|
||||
# ssh_identity is not set if the private key is passed directly, but if ssh agent is used, the public key tells ssh agent which private key to use.
|
||||
@ -10,10 +11,15 @@ locals {
|
||||
# ssh_identity_file is used for ssh "-i" flag, its the private key if that is set, or a public key file
|
||||
# if an ssh agent is used.
|
||||
ssh_identity_file = var.private_key == null ? var.public_key : var.private_key
|
||||
|
||||
# shared flags for ssh to ignore host keys, to use root and our ssh identity file for all connections during provisioning.
|
||||
ssh_args = "-o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -i ${local.ssh_identity_file}"
|
||||
|
||||
ccm_version = var.hetzner_ccm_version != null ? var.hetzner_ccm_version : data.github_release.hetzner_ccm.release_tag
|
||||
ccm_latest = var.hetzner_ccm_containers_latest
|
||||
csi_version = var.hetzner_csi_version != null ? var.hetzner_csi_version : data.github_release.hetzner_csi.release_tag
|
||||
csi_latest = var.hetzner_csi_containers_latest
|
||||
kured_version = data.github_release.kured.release_tag
|
||||
|
||||
MicroOS_install_commands = [
|
||||
"set -ex",
|
||||
"apt-get install -y aria2",
|
||||
@ -30,24 +36,4 @@ locals {
|
||||
"cp /root/config.ign /mnt/ignition/config.ign",
|
||||
"umount /mnt"
|
||||
]
|
||||
|
||||
post_install_kustomization = templatefile(
|
||||
"${path.module}/templates/kustomization.yaml.tpl",
|
||||
{
|
||||
ccm_version = var.hetzner_ccm_version != null ? var.hetzner_ccm_version : data.github_release.hetzner_ccm.release_tag
|
||||
ccm_latest = var.hetzner_ccm_containers_latest
|
||||
csi_version = var.hetzner_csi_version != null ? var.hetzner_csi_version : data.github_release.hetzner_csi.release_tag
|
||||
csi_latest = var.hetzner_csi_containers_latest
|
||||
kured_version = data.github_release.kured.release_tag
|
||||
})
|
||||
|
||||
traefik_config = templatefile(
|
||||
"${path.module}/templates/traefik_config.yaml.tpl",
|
||||
{
|
||||
lb_disable_ipv6 = var.lb_disable_ipv6
|
||||
lb_server_type = var.lb_server_type
|
||||
location = var.location
|
||||
traefik_acme_tls = var.traefik_acme_tls
|
||||
traefik_acme_email = var.traefik_acme_email
|
||||
})
|
||||
}
|
||||
|
27
master.tf
27
master.tf
@ -98,16 +98,39 @@ resource "hcloud_server" "first_control_plane" {
|
||||
|
||||
# Upload kustomization.yaml, containing Hetzner CSI & CSM, as well as kured.
|
||||
provisioner "file" {
|
||||
content = local.post_install_kustomization
|
||||
content = yamlencode({
|
||||
apiVersion = "kustomize.config.k8s.io/v1beta1"
|
||||
kind = "Kustomization"
|
||||
resources = [
|
||||
"https://github.com/hetznercloud/hcloud-cloud-controller-manager/releases/download/${local.ccm_version}/ccm-networks.yaml",
|
||||
"https://raw.githubusercontent.com/hetznercloud/csi-driver/${local.csi_version}/deploy/kubernetes/hcloud-csi.yml",
|
||||
"https://github.com/weaveworks/kured/releases/download/${local.kured_version}/kured-${local.kured_version}-dockerhub.yaml",
|
||||
"./traefik.yaml"
|
||||
]
|
||||
patchesStrategicMerge = [
|
||||
file("${path.module}/patches/kured.yaml"),
|
||||
local.ccm_latest ? file("${path.module}/patches/ccm_latest.yaml") : file("${path.module}/patches/ccm.yaml"),
|
||||
local.csi_latest ? file("${path.module}/patches/csi_latest.yaml") : null,
|
||||
]
|
||||
})
|
||||
destination = "/tmp/post_install/kustomization.yaml"
|
||||
}
|
||||
|
||||
# Upload traefik config
|
||||
provisioner "file" {
|
||||
content = local.traefik_config
|
||||
content = templatefile(
|
||||
"${path.module}/templates/traefik_config.yaml.tpl",
|
||||
{
|
||||
lb_disable_ipv6 = var.lb_disable_ipv6
|
||||
lb_server_type = var.lb_server_type
|
||||
location = var.location
|
||||
traefik_acme_tls = var.traefik_acme_tls
|
||||
traefik_acme_email = var.traefik_acme_email
|
||||
})
|
||||
destination = "/tmp/post_install/traefik.yaml"
|
||||
}
|
||||
|
||||
# Deploy our post-installation kustomization
|
||||
provisioner "remote-exec" {
|
||||
inline = [
|
||||
"kubectl -n kube-system create secret generic hcloud --from-literal=token=${var.hcloud_token} --from-literal=network=${hcloud_network.k3s.name}",
|
||||
|
17
patches/ccm.yaml
Normal file
17
patches/ccm.yaml
Normal file
@ -0,0 +1,17 @@
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: hcloud-cloud-controller-manager
|
||||
namespace: kube-system
|
||||
spec:
|
||||
template:
|
||||
spec:
|
||||
containers:
|
||||
- name: hcloud-cloud-controller-manager
|
||||
command:
|
||||
- "/bin/hcloud-cloud-controller-manager"
|
||||
- "--cloud-provider=hcloud"
|
||||
- "--leader-elect=false"
|
||||
- "--allow-untagged-cloud"
|
||||
- "--allocate-node-cidrs=true"
|
||||
- "--cluster-cidr=10.42.0.0/16"
|
19
patches/ccm_latest.yaml
Normal file
19
patches/ccm_latest.yaml
Normal file
@ -0,0 +1,19 @@
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: hcloud-cloud-controller-manager
|
||||
namespace: kube-system
|
||||
spec:
|
||||
template:
|
||||
spec:
|
||||
containers:
|
||||
- name: hcloud-cloud-controller-manager
|
||||
command:
|
||||
- "/bin/hcloud-cloud-controller-manager"
|
||||
- "--cloud-provider=hcloud"
|
||||
- "--leader-elect=false"
|
||||
- "--allow-untagged-cloud"
|
||||
- "--allocate-node-cidrs=true"
|
||||
- "--cluster-cidr=10.42.0.0/16"
|
||||
image: hetznercloud/hcloud-cloud-controller-manager:latest
|
||||
imagePullPolicy: Always
|
54
patches/csi_latest.yaml
Normal file
54
patches/csi_latest.yaml
Normal file
@ -0,0 +1,54 @@
|
||||
kind: StatefulSet
|
||||
apiVersion: apps/v1
|
||||
metadata:
|
||||
name: hcloud-csi-controller
|
||||
namespace: kube-system
|
||||
spec:
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: hcloud-csi-controller
|
||||
spec:
|
||||
containers:
|
||||
- name: csi-attacher
|
||||
image: quay.io/k8scsi/csi-attacher:canary
|
||||
imagePullPolicy: Always
|
||||
- name: csi-resizer
|
||||
image: quay.io/k8scsi/csi-resizer:canary
|
||||
imagePullPolicy: Always
|
||||
- name: csi-provisioner
|
||||
image: quay.io/k8scsi/csi-provisioner:canary
|
||||
imagePullPolicy: Always
|
||||
- name: hcloud-csi-driver
|
||||
image: hetznercloud/hcloud-csi-driver:latest
|
||||
imagePullPolicy: Always
|
||||
- name: liveness-probe
|
||||
image: quay.io/k8scsi/livenessprobe:canary
|
||||
imagePullPolicy: Always
|
||||
volumes:
|
||||
- name: socket-dir
|
||||
emptyDir: {}
|
||||
---
|
||||
kind: DaemonSet
|
||||
apiVersion: apps/v1
|
||||
metadata:
|
||||
name: hcloud-csi-node
|
||||
namespace: kube-system
|
||||
labels:
|
||||
app: hcloud-csi
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
app: hcloud-csi
|
||||
template:
|
||||
spec:
|
||||
containers:
|
||||
- name: csi-node-driver-registrar
|
||||
image: quay.io/k8scsi/csi-node-driver-registrar:canary
|
||||
imagePullPolicy: Always
|
||||
- name: hcloud-csi-driver
|
||||
image: hetznercloud/hcloud-csi-driver:latest
|
||||
imagePullPolicy: Always
|
||||
- name: liveness-probe
|
||||
image: quay.io/k8scsi/livenessprobe:canary
|
||||
imagePullPolicy: Always
|
20
patches/kured.yaml
Normal file
20
patches/kured.yaml
Normal file
@ -0,0 +1,20 @@
|
||||
apiVersion: apps/v1
|
||||
kind: DaemonSet
|
||||
metadata:
|
||||
name: kured
|
||||
namespace: kube-system
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
name: kured
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
name: kured
|
||||
spec:
|
||||
serviceAccountName: kured
|
||||
containers:
|
||||
- name: kured
|
||||
command:
|
||||
- /usr/bin/kured
|
||||
- --reboot-command=/usr/bin/systemctl reboot
|
@ -1,129 +0,0 @@
|
||||
---
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
|
||||
resources:
|
||||
- "https://github.com/hetznercloud/hcloud-cloud-controller-manager/releases/download/${ccm_version}/ccm-networks.yaml"
|
||||
- "https://raw.githubusercontent.com/hetznercloud/csi-driver/${csi_version}/deploy/kubernetes/hcloud-csi.yml"
|
||||
- "https://github.com/weaveworks/kured/releases/download/${kured_version}/kured-${kured_version}-dockerhub.yaml"
|
||||
- ./traefik.yaml
|
||||
|
||||
patchesStrategicMerge:
|
||||
- |-
|
||||
apiVersion: apps/v1
|
||||
kind: DaemonSet
|
||||
metadata:
|
||||
name: kured
|
||||
namespace: kube-system
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
name: kured
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
name: kured
|
||||
spec:
|
||||
serviceAccountName: kured
|
||||
containers:
|
||||
- name: kured
|
||||
command:
|
||||
- /usr/bin/kured
|
||||
- --reboot-command=/usr/bin/systemctl reboot
|
||||
- |-
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: hcloud-cloud-controller-manager
|
||||
namespace: kube-system
|
||||
spec:
|
||||
template:
|
||||
spec:
|
||||
containers:
|
||||
- name: hcloud-cloud-controller-manager
|
||||
command:
|
||||
- "/bin/hcloud-cloud-controller-manager"
|
||||
- "--cloud-provider=hcloud"
|
||||
- "--leader-elect=false"
|
||||
- "--allow-untagged-cloud"
|
||||
- "--allocate-node-cidrs=true"
|
||||
- "--cluster-cidr=10.42.0.0/16"
|
||||
%{ if ccm_latest ~}
|
||||
- |-
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: hcloud-cloud-controller-manager
|
||||
namespace: kube-system
|
||||
spec:
|
||||
template:
|
||||
spec:
|
||||
containers:
|
||||
- name: hcloud-cloud-controller-manager
|
||||
command:
|
||||
- "/bin/hcloud-cloud-controller-manager"
|
||||
- "--cloud-provider=hcloud"
|
||||
- "--leader-elect=false"
|
||||
- "--allow-untagged-cloud"
|
||||
- "--allocate-node-cidrs=true"
|
||||
- "--cluster-cidr=10.42.0.0/16"
|
||||
image: hetznercloud/hcloud-cloud-controller-manager:latest
|
||||
imagePullPolicy: Always
|
||||
%{ endif ~}
|
||||
%{ if csi_latest ~}
|
||||
- |-
|
||||
kind: StatefulSet
|
||||
apiVersion: apps/v1
|
||||
metadata:
|
||||
name: hcloud-csi-controller
|
||||
namespace: kube-system
|
||||
spec:
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: hcloud-csi-controller
|
||||
spec:
|
||||
containers:
|
||||
- name: csi-attacher
|
||||
image: quay.io/k8scsi/csi-attacher:canary
|
||||
imagePullPolicy: Always
|
||||
- name: csi-resizer
|
||||
image: quay.io/k8scsi/csi-resizer:canary
|
||||
imagePullPolicy: Always
|
||||
- name: csi-provisioner
|
||||
image: quay.io/k8scsi/csi-provisioner:canary
|
||||
imagePullPolicy: Always
|
||||
- name: hcloud-csi-driver
|
||||
image: hetznercloud/hcloud-csi-driver:latest
|
||||
imagePullPolicy: Always
|
||||
- name: liveness-probe
|
||||
image: quay.io/k8scsi/livenessprobe:canary
|
||||
imagePullPolicy: Always
|
||||
volumes:
|
||||
- name: socket-dir
|
||||
emptyDir: {}
|
||||
---
|
||||
kind: DaemonSet
|
||||
apiVersion: apps/v1
|
||||
metadata:
|
||||
name: hcloud-csi-node
|
||||
namespace: kube-system
|
||||
labels:
|
||||
app: hcloud-csi
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
app: hcloud-csi
|
||||
template:
|
||||
spec:
|
||||
containers:
|
||||
- name: csi-node-driver-registrar
|
||||
image: quay.io/k8scsi/csi-node-driver-registrar:canary
|
||||
imagePullPolicy: Always
|
||||
- name: hcloud-csi-driver
|
||||
image: hetznercloud/hcloud-csi-driver:latest
|
||||
imagePullPolicy: Always
|
||||
- name: liveness-probe
|
||||
image: quay.io/k8scsi/livenessprobe:canary
|
||||
imagePullPolicy: Always
|
||||
%{ endif ~}
|
Loading…
Reference in New Issue
Block a user