add random pet names for cluster & nodes

This commit is contained in:
phaer 2022-03-04 22:04:07 +01:00
parent b0b616c4da
commit 5cf6f9eef4
6 changed files with 26 additions and 9 deletions

View File

@ -1,9 +1,13 @@
resource "random_pet" "agents" {
for_each = local.agent_nodepools
}
module "agents" { module "agents" {
source = "./modules/host" source = "./modules/host"
for_each = local.agent_nodepools for_each = local.agent_nodepools
name = each.key name = "${each.key}-${random_pet.cluster.id}-${random_pet.agents[each.key].id}"
ssh_keys = [hcloud_ssh_key.k3s.id] ssh_keys = [hcloud_ssh_key.k3s.id]
public_key = var.public_key public_key = var.public_key
private_key = var.private_key private_key = var.private_key

View File

@ -1,8 +1,12 @@
resource "random_pet" "control_planes" {
count = var.control_plane_count
}
module "control_planes" { module "control_planes" {
source = "./modules/host" source = "./modules/host"
count = var.control_plane_count count = var.control_plane_count
name = "control-plane-${count.index}" name = "control-plane-${random_pet.cluster.id}-${random_pet.control_planes[count.index].id}"
ssh_keys = [hcloud_ssh_key.k3s.id] ssh_keys = [hcloud_ssh_key.k3s.id]
public_key = var.public_key public_key = var.public_key

View File

@ -94,6 +94,7 @@ resource "null_resource" "kustomization" {
content = local.is_single_node_cluster ? "" : templatefile( content = local.is_single_node_cluster ? "" : templatefile(
"${path.module}/templates/traefik_config.yaml.tpl", "${path.module}/templates/traefik_config.yaml.tpl",
{ {
cluster_pet_name = random_pet.cluster.id
load_balancer_disable_ipv6 = var.load_balancer_disable_ipv6 load_balancer_disable_ipv6 = var.load_balancer_disable_ipv6
load_balancer_type = var.load_balancer_type load_balancer_type = var.load_balancer_type
location = var.location location = var.location

13
main.tf
View File

@ -1,15 +1,18 @@
resource "random_pet" "cluster" {
}
resource "random_password" "k3s_token" { resource "random_password" "k3s_token" {
length = 48 length = 48
special = false special = false
} }
resource "hcloud_ssh_key" "k3s" { resource "hcloud_ssh_key" "k3s" {
name = "k3s" name = "k3s-${random_pet.cluster.id}"
public_key = local.ssh_public_key public_key = local.ssh_public_key
} }
resource "hcloud_network" "k3s" { resource "hcloud_network" "k3s" {
name = "k3s" name = "k3s-${random_pet.cluster.id}"
ip_range = var.network_ipv4_range ip_range = var.network_ipv4_range
} }
@ -22,7 +25,7 @@ resource "hcloud_network_subnet" "subnet" {
} }
resource "hcloud_firewall" "k3s" { resource "hcloud_firewall" "k3s" {
name = "k3s" name = "k3s-${random_pet.cluster.id}"
dynamic "rule" { dynamic "rule" {
for_each = concat(local.base_firewall_rules, var.extra_firewall_rules) for_each = concat(local.base_firewall_rules, var.extra_firewall_rules)
@ -37,7 +40,7 @@ resource "hcloud_firewall" "k3s" {
} }
resource "hcloud_placement_group" "k3s" { resource "hcloud_placement_group" "k3s" {
name = "k3s" name = "k3s-${random_pet.cluster.id}"
type = "spread" type = "spread"
labels = { labels = {
"provisioner" = "terraform", "provisioner" = "terraform",
@ -47,7 +50,7 @@ resource "hcloud_placement_group" "k3s" {
data "hcloud_load_balancer" "traefik" { data "hcloud_load_balancer" "traefik" {
count = local.is_single_node_cluster ? 0 : 1 count = local.is_single_node_cluster ? 0 : 1
name = "traefik" name = "traefik-${random_pet.cluster.id}"
depends_on = [null_resource.kustomization] depends_on = [null_resource.kustomization]
} }

View File

@ -1,3 +1,8 @@
output "cluster_pet_name" {
value = random_pet.cluster
description = "Shared suffix for all resources belonging to this cluster."
}
output "control_planes_public_ipv4" { output "control_planes_public_ipv4" {
value = module.control_planes.*.ipv4_address value = module.control_planes.*.ipv4_address
description = "The public IPv4 addresses of the controlplane server." description = "The public IPv4 addresses of the controlplane server."

View File

@ -9,7 +9,7 @@ spec:
enabled: true enabled: true
type: LoadBalancer type: LoadBalancer
annotations: annotations:
"load-balancer.hetzner.cloud/name": "traefik" "load-balancer.hetzner.cloud/name": "traefik-${cluster_pet_name}"
# make hetzners load-balancer connect to our nodes via our private k3s # make hetzners load-balancer connect to our nodes via our private k3s
"load-balancer.hetzner.cloud/use-private-ip": "true" "load-balancer.hetzner.cloud/use-private-ip": "true"
# keep hetzner-ccm from exposing our private ingress ip, which in general isn't routeable from the public internet # keep hetzner-ccm from exposing our private ingress ip, which in general isn't routeable from the public internet