feat(agents): add location, label and taint options to agent-nodepool

2022-04-04 21:06:08 +02:00 · 2022-04-04 21:06:08 +02:00 · 4d6afe7d04
commit 4d6afe7d04
parent 1178129545
3 changed files with 38 additions and 4 deletions
--- a/agents.tf
+++ b/agents.tf
@ -10,7 +10,7 @@ module "agents" {
  additional_public_keys = var.additional_public_keys
  firewall_ids           = [hcloud_firewall.k3s.id]
  placement_group_id     = hcloud_placement_group.k3s.id
-  location               = var.location
+  location               = each.value.location
  server_type            = each.value.server_type
  ipv4_subnet_id         = hcloud_network_subnet.subnet[[for i, v in var.agent_nodepools : i if v.name == each.value.nodepool_name][0] + 2].id

@ -51,7 +51,8 @@ resource "null_resource" "agents" {
      kubelet-arg   = "cloud-provider=external"
      flannel-iface = "eth1"
      node-ip       = module.agents[each.key].private_ipv4_address
-      node-label    = var.automatically_upgrade_k3s ? ["k3s_upgrade=true"] : []
+      node-label    = each.value.labels
+      node-taint    = each.value.taints
    })
    destination = "/tmp/config.yaml"
  }
--- a/locals.tf
+++ b/locals.tf
@ -175,6 +175,9 @@ locals {
      format("%s-%s", nodepool_obj.name, index) => {
        nodepool_name : nodepool_obj.name,
        server_type : nodepool_obj.server_type,
+        location : nodepool_obj.location,
+        labels : concat(local.default_labels, nodepool_obj.labels),
+        taints : nodepool_obj.taints,
        index : index
      }
    }
@ -190,4 +193,7 @@ locals {
  # disable k3s extras
  disable_extras = concat(["local-storage"], local.is_single_node_cluster ? [] : ["servicelb"], var.traefik_enabled ? [] : ["traefik"], var.metrics_server_enabled ? [] : ["metrics-server"])

+
+  # Default k3s node labels
+  default_labels = concat([], var.automatically_upgrade_k3s ? ["k3s_upgrade=true"] : [])
 }
--- a/terraform.tfvars.example
+++ b/terraform.tfvars.example
@ -14,7 +14,6 @@ private_key  = "/home/username/.ssh/id_ed25519"

 # These can be customized, or left with the default values
 # For Hetzner locations see https://docs.hetzner.com/general/others/data-centers-and-connection/
-# For Hetzner server types see https://www.hetzner.com/cloud
 location         = "fsn1"       # change to `ash` for us-east Ashburn, Virginia location
 network_region   = "eu-central" # change to `us-east` if location is ash

@ -31,15 +30,35 @@ control_plane_server_type = "cpx11"
 # For single node clusters set this equal to [] or just set the counts to 0.
 # IMPORTANT: Once the cluster is created, you can change the count, and even set it to 0, but do not remove a nodepool from the list. 
 # You can add others at the end of the list if you want.
+# For Hetzner locations see https://docs.hetzner.com/general/others/data-centers-and-connection/
+# For Hetzner server types see https://www.hetzner.com/cloud
 agent_nodepools = [
  {
    name        = "agent-small",
    server_type = "cpx11",
+    location    = "fsn1",
+    labels      = [],
+    taints      = [],
    count       = 2
  },
  {
    name        = "agent-large",
    server_type = "cpx21",
+    location    = "fsn1",
+    labels      = [],
+    taints      = [],
+    count       = 1
+  },
+  {
+    name        = "storage",
+    server_type = "cpx21",
+    location    = "fsn1",
+    labels      = [
+      "node.kubernetes.io/server-usage=storage"
+    ],
+    taints      = [
+      "server-usage=storage:NoSchedule"
+    ],
    count       = 1
  }
 ]
@ -81,7 +100,7 @@ load_balancer_type        = "lb11"
 # use_cluster_name_in_node_name = false

 # Adding extra firewall rules, like opening a port
-# In this example with allow port TCP 5432 for a Postgres service we will open via a nodeport
+# In this example with allow port TCP 5432 for a Postgres service we will open via a nodeport and allow outgoing SMTP traffic on port TCP 465
 # More info on the format here https://registry.terraform.io/providers/hetznercloud/hcloud/latest/docs/resources/firewall
 # extra_firewall_rules = [
 #   {
@ -92,6 +111,14 @@ load_balancer_type        = "lb11"
 #       "0.0.0.0/0"
 #     ]
 #   },
+#   {
+#     direction = "out"
+#     protocol  = "tcp"
+#     port      = "465"
+#     destination_ips = [
+#       "0.0.0.0/0"
+#     ]
+#   },
 # ]

 # If you want to configure additional Arguments for traefik, enter them here as a list and in the form of traefik CLI arguments; see https://doc.traefik.io/traefik/reference/static-configuration/cli/