microOS prep

This commit is contained in:
Karim Naufal 2022-02-05 00:02:25 +01:00
parent 87e6ac43f3
commit 3f0f0ca705
10 changed files with 27 additions and 25 deletions

1
.gitignore vendored
View File

@ -7,3 +7,4 @@ kubeconfig.yaml
kubeconfig.yaml-e
terraform.tfvars
templates/rendered/traefik_config.yaml
.temp/*

View File

@ -161,7 +161,6 @@ Any contributions you make are **greatly appreciated**.
- [k-andy](https://github.com/StarpTech/k-andy) was the starting point for this project. It wouldn't have been possible without it.
- [Best-README-Template](https://github.com/othneildrew/Best-README-Template) that made writing this readme a lot easier.
- [k3os-hetzner](https://github.com/hughobrien/k3os-hetzner) was the inspiration for the k3os installation method.
- [Hetzner Cloud](https://www.hetzner.com) for providing a solid infrastructure and terraform package.
- [Hashicorp](https://www.hashicorp.com) for the amazing terraform framework that makes all the magic happen.
- [Rancher](https://www.rancher.com) for k3s and k3os, robust and innovative technologies that are the very core engine of this project.

View File

@ -6,7 +6,7 @@ resource "hcloud_server" "agents" {
rescue = "linux64"
server_type = var.agent_server_type
location = var.location
ssh_keys = [hcloud_ssh_key.default.id]
ssh_keys = [hcloud_ssh_key.k3s.id]
firewall_ids = [hcloud_firewall.k3s.id]
placement_group_id = hcloud_placement_group.k3s_placement_group.id
@ -37,7 +37,7 @@ resource "hcloud_server" "agents" {
provisioner "remote-exec" {
inline = local.k3os_install_commands
inline = local.microOS_install_commands
connection {
user = "root"

View File

@ -11,14 +11,22 @@ locals {
# if an ssh agent is used.
ssh_identity_file = var.private_key == null ? var.public_key : var.private_key
k3os_install_commands = [
"apt install -y grub-efi grub-pc-bin mtools xorriso",
"latest=$(curl -s https://api.github.com/repos/rancher/k3os/releases | jq '.[0].tag_name')",
"curl -Lo ./install.sh https://raw.githubusercontent.com/rancher/k3os/$(echo $latest | xargs)/install.sh",
"chmod +x ./install.sh",
"./install.sh --config /tmp/config.yaml /dev/sda https://github.com/rancher/k3os/releases/download/$(echo $latest | xargs)/k3os-amd64.iso",
microOS_install_commands = [
"set -ex",
"aria2c https://download.opensuse.org/tumbleweed/appliances/openSUSE-MicroOS.x86_64-kvm-and-xen.qcow2.meta4",
"qemu-img convert -p -f qcow2 -O host_device $(ls -a | grep MicroOS | grep -v meta4) /dev/sda",
"sgdisk -e /dev/sda",
"partprobe /dev/sda",
"parted -s /dev/sda resizepart 4 99%",
"parted -s /dev/sda mkpart primary ext2 99% 100%",
"mount /dev/sda4 /mnt/ && btrfs filesystem resize max /mnt && umount /mnt",
"mke2fs -L ignition /dev/sda5",
"mount /dev/sda5 /mnt",
"mkdir /mnt/ignition",
"cp /root/config.ign /mnt/ignition/config.ign",
"umount /mnt",
"shutdown -r +1",
"sleep 3",
"sleep 1",
"exit 0"
]
}

View File

@ -3,13 +3,13 @@ resource "random_password" "k3s_token" {
special = false
}
resource "hcloud_ssh_key" "default" {
name = "K3S terraform module - Provisioning SSH key"
resource "hcloud_ssh_key" "k3s" {
name = "k3s"
public_key = local.ssh_public_key
}
resource "hcloud_network" "k3s" {
name = "k3s-net"
name = "k3s"
ip_range = "10.0.0.0/8"
}
@ -21,7 +21,7 @@ resource "hcloud_network_subnet" "k3s" {
}
resource "hcloud_firewall" "k3s" {
name = "k3s-firewall"
name = "k3s"
# Allowing internal cluster traffic and Hetzner metadata service and cloud API IPs
rule {

View File

@ -5,7 +5,7 @@ resource "hcloud_server" "first_control_plane" {
rescue = "linux64"
server_type = var.control_plane_server_type
location = var.location
ssh_keys = [hcloud_ssh_key.default.id]
ssh_keys = [hcloud_ssh_key.k3s.id]
firewall_ids = [hcloud_firewall.k3s.id]
placement_group_id = hcloud_placement_group.k3s_placement_group.id
@ -33,7 +33,7 @@ resource "hcloud_server" "first_control_plane" {
# Install k3os
provisioner "remote-exec" {
inline = local.k3os_install_commands
inline = local.microOS_install_commands
connection {
user = "root"
@ -43,7 +43,7 @@ resource "hcloud_server" "first_control_plane" {
}
}
# Wait for k3os to be ready and fetch kubeconfig.yaml
# Wait for MicroOS to be ready and fetch kubeconfig.yaml
provisioner "local-exec" {
command = <<-EOT
sleep 60 && ping ${self.ipv4_address} | grep --line-buffered "bytes from" | head -1 && sleep 100 && scp -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -i ${local.ssh_identity_file} rancher@${self.ipv4_address}:/etc/rancher/k3s/k3s.yaml ${path.module}/kubeconfig.yaml

View File

@ -6,7 +6,7 @@ resource "hcloud_server" "control_planes" {
rescue = "linux64"
server_type = var.control_plane_server_type
location = var.location
ssh_keys = [hcloud_ssh_key.default.id]
ssh_keys = [hcloud_ssh_key.k3s.id]
firewall_ids = [hcloud_firewall.k3s.id]
placement_group_id = hcloud_placement_group.k3s_placement_group.id
@ -36,7 +36,7 @@ resource "hcloud_server" "control_planes" {
provisioner "remote-exec" {
inline = local.k3os_install_commands
inline = local.microOS_install_commands
connection {
user = "root"

View File

@ -22,8 +22,6 @@ k3os:
- "--kubelet-arg"
- "cloud-provider=external"
- "--flannel-iface=eth1"
- "--node-label"
- "k3os.io/upgrade=latest"
token: ${k3s_token}
ntp_servers:
- 0.de.pool.ntp.org

View File

@ -28,8 +28,6 @@ k3os:
- "${master_ip}"
- "--kubelet-arg"
- "cloud-provider=external"
- "--node-label"
- "k3os.io/upgrade=latest"
token: ${k3s_token}
ntp_servers:
- 0.de.pool.ntp.org

View File

@ -31,8 +31,6 @@ k3os:
- "${node_ip}"
- "--kubelet-arg"
- "cloud-provider=external"
- "--node-label"
- "k3os.io/upgrade=latest"
token: ${k3s_token}
ntp_servers:
- 0.de.pool.ntp.org