kjuulh/terraform-hcloud-kube-hetzner
1
0
Fork 0
Code Issues 1 Pull Requests Projects Releases Wiki Activity

microOS prep

Browse Source
This commit is contained in:
Karim Naufal 2022-02-05 00:02:25 +01:00
parent 87e6ac43f3
commit 3f0f0ca705
10 changed files with 27 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -7,3 +7,4 @@ kubeconfig.yaml
kubeconfig.yaml-e kubeconfig.yaml-e
terraform.tfvars terraform.tfvars
templates/rendered/traefik_config.yaml templates/rendered/traefik_config.yaml
.temp/*

1
README.md
View File

@ -161,7 +161,6 @@ Any contributions you make are **greatly appreciated**.
- [k-andy](https://github.com/StarpTech/k-andy) was the starting point for this project. It wouldn't have been possible without it. - [k-andy](https://github.com/StarpTech/k-andy) was the starting point for this project. It wouldn't have been possible without it.
- [Best-README-Template](https://github.com/othneildrew/Best-README-Template) that made writing this readme a lot easier. - [Best-README-Template](https://github.com/othneildrew/Best-README-Template) that made writing this readme a lot easier.
- [k3os-hetzner](https://github.com/hughobrien/k3os-hetzner) was the inspiration for the k3os installation method.
- [Hetzner Cloud](https://www.hetzner.com) for providing a solid infrastructure and terraform package. - [Hetzner Cloud](https://www.hetzner.com) for providing a solid infrastructure and terraform package.
- [Hashicorp](https://www.hashicorp.com) for the amazing terraform framework that makes all the magic happen. - [Hashicorp](https://www.hashicorp.com) for the amazing terraform framework that makes all the magic happen.
- [Rancher](https://www.rancher.com) for k3s and k3os, robust and innovative technologies that are the very core engine of this project. - [Rancher](https://www.rancher.com) for k3s and k3os, robust and innovative technologies that are the very core engine of this project.

4
agents.tf
View File

@ -6,7 +6,7 @@ resource "hcloud_server" "agents" {
rescue = "linux64" rescue = "linux64"
server_type = var.agent_server_type server_type = var.agent_server_type
location = var.location location = var.location
ssh_keys = [hcloud_ssh_key.default.id] ssh_keys = [hcloud_ssh_key.k3s.id]
firewall_ids = [hcloud_firewall.k3s.id] firewall_ids = [hcloud_firewall.k3s.id]
placement_group_id = hcloud_placement_group.k3s_placement_group.id placement_group_id = hcloud_placement_group.k3s_placement_group.id
@ -37,7 +37,7 @@ resource "hcloud_server" "agents" {
provisioner "remote-exec" { provisioner "remote-exec" {
inline = local.k3os_install_commands inline = local.microOS_install_commands
connection { connection {
user = "root" user = "root"

22
locals.tf
View File

@ -11,14 +11,22 @@ locals {
# if an ssh agent is used. # if an ssh agent is used.
ssh_identity_file = var.private_key == null ? var.public_key : var.private_key ssh_identity_file = var.private_key == null ? var.public_key : var.private_key
k3os_install_commands = [ microOS_install_commands = [
"apt install -y grub-efi grub-pc-bin mtools xorriso", "set -ex",
"latest=$(curl -s https://api.github.com/repos/rancher/k3os/releases | jq '.[0].tag_name')", "aria2c https://download.opensuse.org/tumbleweed/appliances/openSUSE-MicroOS.x86_64-kvm-and-xen.qcow2.meta4",
"curl -Lo ./install.sh https://raw.githubusercontent.com/rancher/k3os/$(echo $latest | xargs)/install.sh", "qemu-img convert -p -f qcow2 -O host_device $(ls -a | grep MicroOS | grep -v meta4) /dev/sda",
"chmod +x ./install.sh", "sgdisk -e /dev/sda",
"./install.sh --config /tmp/config.yaml /dev/sda https://github.com/rancher/k3os/releases/download/$(echo $latest | xargs)/k3os-amd64.iso", "partprobe /dev/sda",
"parted -s /dev/sda resizepart 4 99%",
"parted -s /dev/sda mkpart primary ext2 99% 100%",
"mount /dev/sda4 /mnt/ && btrfs filesystem resize max /mnt && umount /mnt",
"mke2fs -L ignition /dev/sda5",
"mount /dev/sda5 /mnt",
"mkdir /mnt/ignition",
"cp /root/config.ign /mnt/ignition/config.ign",
"umount /mnt",
"shutdown -r +1", "shutdown -r +1",
"sleep 3", "sleep 1",
"exit 0" "exit 0"
] ]
} }

8
main.tf
View File

@ -3,13 +3,13 @@ resource "random_password" "k3s_token" {
special = false special = false
} }
resource "hcloud_ssh_key" "default" { resource "hcloud_ssh_key" "k3s" {
name = "K3S terraform module - Provisioning SSH key" name = "k3s"
public_key = local.ssh_public_key public_key = local.ssh_public_key
} }
resource "hcloud_network" "k3s" { resource "hcloud_network" "k3s" {
name = "k3s-net" name = "k3s"
ip_range = "10.0.0.0/8" ip_range = "10.0.0.0/8"
} }
@ -21,7 +21,7 @@ resource "hcloud_network_subnet" "k3s" {
} }
resource "hcloud_firewall" "k3s" { resource "hcloud_firewall" "k3s" {
name = "k3s-firewall" name = "k3s"
# Allowing internal cluster traffic and Hetzner metadata service and cloud API IPs # Allowing internal cluster traffic and Hetzner metadata service and cloud API IPs
rule { rule {

6
master.tf
View File

@ -5,7 +5,7 @@ resource "hcloud_server" "first_control_plane" {
rescue = "linux64" rescue = "linux64"
server_type = var.control_plane_server_type server_type = var.control_plane_server_type
location = var.location location = var.location
ssh_keys = [hcloud_ssh_key.default.id] ssh_keys = [hcloud_ssh_key.k3s.id]
firewall_ids = [hcloud_firewall.k3s.id] firewall_ids = [hcloud_firewall.k3s.id]
placement_group_id = hcloud_placement_group.k3s_placement_group.id placement_group_id = hcloud_placement_group.k3s_placement_group.id
@ -33,7 +33,7 @@ resource "hcloud_server" "first_control_plane" {
# Install k3os # Install k3os
provisioner "remote-exec" { provisioner "remote-exec" {
inline = local.k3os_install_commands inline = local.microOS_install_commands
connection { connection {
user = "root" user = "root"
@ -43,7 +43,7 @@ resource "hcloud_server" "first_control_plane" {
} }
} }
# Wait for k3os to be ready and fetch kubeconfig.yaml # Wait for MicroOS to be ready and fetch kubeconfig.yaml
provisioner "local-exec" { provisioner "local-exec" {
command = <<-EOT command = <<-EOT
sleep 60 && ping ${self.ipv4_address} | grep --line-buffered "bytes from" | head -1 && sleep 100 && scp -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -i ${local.ssh_identity_file} rancher@${self.ipv4_address}:/etc/rancher/k3s/k3s.yaml ${path.module}/kubeconfig.yaml sleep 60 && ping ${self.ipv4_address} | grep --line-buffered "bytes from" | head -1 && sleep 100 && scp -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -i ${local.ssh_identity_file} rancher@${self.ipv4_address}:/etc/rancher/k3s/k3s.yaml ${path.module}/kubeconfig.yaml

4
servers.tf
View File

@ -6,7 +6,7 @@ resource "hcloud_server" "control_planes" {
rescue = "linux64" rescue = "linux64"
server_type = var.control_plane_server_type server_type = var.control_plane_server_type
location = var.location location = var.location
ssh_keys = [hcloud_ssh_key.default.id] ssh_keys = [hcloud_ssh_key.k3s.id]
firewall_ids = [hcloud_firewall.k3s.id] firewall_ids = [hcloud_firewall.k3s.id]
placement_group_id = hcloud_placement_group.k3s_placement_group.id placement_group_id = hcloud_placement_group.k3s_placement_group.id
@ -36,7 +36,7 @@ resource "hcloud_server" "control_planes" {
provisioner "remote-exec" { provisioner "remote-exec" {
inline = local.k3os_install_commands inline = local.microOS_install_commands
connection { connection {
user = "root" user = "root"

2
templates/agent.tpl
View File

@ -22,8 +22,6 @@ k3os:
- "--kubelet-arg" - "--kubelet-arg"
- "cloud-provider=external" - "cloud-provider=external"
- "--flannel-iface=eth1" - "--flannel-iface=eth1"
- "--node-label"
- "k3os.io/upgrade=latest"
token: ${k3s_token} token: ${k3s_token}
ntp_servers: ntp_servers:
- 0.de.pool.ntp.org - 0.de.pool.ntp.org

2
templates/master.tpl
View File

@ -28,8 +28,6 @@ k3os:
- "${master_ip}" - "${master_ip}"
- "--kubelet-arg" - "--kubelet-arg"
- "cloud-provider=external" - "cloud-provider=external"
- "--node-label"
- "k3os.io/upgrade=latest"
token: ${k3s_token} token: ${k3s_token}
ntp_servers: ntp_servers:
- 0.de.pool.ntp.org - 0.de.pool.ntp.org

2
templates/server.tpl
View File

@ -31,8 +31,6 @@ k3os:
- "${node_ip}" - "${node_ip}"
- "--kubelet-arg" - "--kubelet-arg"
- "cloud-provider=external" - "cloud-provider=external"
- "--node-label"
- "k3os.io/upgrade=latest"
token: ${k3s_token} token: ${k3s_token}
ntp_servers: ntp_servers:
- 0.de.pool.ntp.org - 0.de.pool.ntp.org