rancher install ok

This commit is contained in:
Karim Naufal 2022-05-04 15:59:03 +02:00
parent ebe1a279fc
commit 725eb334a9
No known key found for this signature in database
GPG Key ID: 9CB4A7C28C139CA5
5 changed files with 112 additions and 3 deletions

26
init.tf
View File

@ -88,9 +88,11 @@ resource "null_resource" "kustomization" {
"https://raw.githubusercontent.com/rancher/system-upgrade-controller/master/manifests/system-upgrade-controller.yaml", "https://raw.githubusercontent.com/rancher/system-upgrade-controller/master/manifests/system-upgrade-controller.yaml",
], ],
var.disable_hetzner_csi ? [] : ["https://raw.githubusercontent.com/hetznercloud/csi-driver/${local.csi_version}/deploy/kubernetes/hcloud-csi.yml"], var.disable_hetzner_csi ? [] : ["https://raw.githubusercontent.com/hetznercloud/csi-driver/${local.csi_version}/deploy/kubernetes/hcloud-csi.yml"],
var.enable_longhorn ? ["longhorn.yaml"] : [],
local.is_single_node_cluster ? [] : var.traefik_enabled ? ["traefik_config.yaml"] : [], local.is_single_node_cluster ? [] : var.traefik_enabled ? ["traefik_config.yaml"] : [],
var.cni_plugin == "calico" ? ["https://projectcalico.docs.tigera.io/manifests/calico.yaml"] : [] var.cni_plugin == "calico" ? ["https://projectcalico.docs.tigera.io/manifests/calico.yaml"] : [],
var.enable_longhorn ? ["longhorn.yaml"] : [],
var.enable_cert_manager || var.enable_rancher ? ["cert-manager.yaml"] : [],
var.enable_rancher ? ["rancher.yaml"] : [],
), ),
patchesStrategicMerge = concat( patchesStrategicMerge = concat(
[ [
@ -160,6 +162,26 @@ resource "null_resource" "kustomization" {
destination = "/var/post_install/longhorn.yaml" destination = "/var/post_install/longhorn.yaml"
} }
# Upload the cert-manager config
provisioner "file" {
content = templatefile(
"${path.module}/templates/cert-manager.yaml.tpl",
{})
destination = "/var/post_install/cert-manager.yaml"
}
# Upload the rancher config
provisioner "file" {
content = templatefile(
"${path.module}/templates/rancher.yaml.tpl",
{
rancher_install_channel = var.rancher_install_channel
rancher_hostname = var.rancher_hostname
number_control_plane_nodes = length(local.control_plane_nodes)
})
destination = "/var/post_install/rancher.yaml"
}
# Deploy secrets, logging is automatically disabled due to sensitive variables # Deploy secrets, logging is automatically disabled due to sensitive variables
provisioner "remote-exec" { provisioner "remote-exec" {
inline = [ inline = [

View File

@ -0,0 +1,17 @@
---
apiVersion: v1
kind: Namespace
metadata:
name: cert-manager
---
apiVersion: helm.cattle.io/v1
kind: HelmChart
metadata:
name: cert-manager
namespace: kube-system
spec:
chart: cert-manager
repo: https://charts.jetstack.io
targetNamespace: cert-manager
valuesContent: |-
installCRDs: true

View File

@ -0,0 +1,21 @@
---
apiVersion: v1
kind: Namespace
metadata:
name: cattle-system
---
apiVersion: helm.cattle.io/v1
kind: HelmChart
metadata:
name: rancher
namespace: kube-system
spec:
chart: rancher
repo: https://releases.rancher.com/server-charts/${rancher_install_channel}
targetNamespace: cattle-system
valuesContent: |-
ingress:
tls:
source: rancher
hostname: ${rancher_hostname}
replicas: ${number_control_plane_nodes}

View File

@ -183,3 +183,23 @@ load_balancer_location = "fsn1"
# If you want to disable the automatic use of placement group "spread". See https://docs.hetzner.com/cloud/placement-groups/overview/ # If you want to disable the automatic use of placement group "spread". See https://docs.hetzner.com/cloud/placement-groups/overview/
# That may be useful if you need to deploy more than 500 nodes! The default is "false". # That may be useful if you need to deploy more than 500 nodes! The default is "false".
# placement_group_disable = true # placement_group_disable = true
# You can enable cert-manager (installed by Helm behind the scenes) with the following flag, the default is "false".
# enable_cert_manager = true
# You can enable rancher (installed by Helm behind the scenes) with the following flag, the default is "false".
# When rancher is enabled, it automatically installs cert-manager too, and it uses rancher's own certificates.
# As for the number of replicas, it is set to the numbe of control plane nodes.
# You can customized all of the above by creating and applying a HelmChartConfig to pass the helm chart values of your choice.
# See https://rancher.com/docs/k3s/latest/en/helm/
# and https://rancher.com/docs/rancher/v2.6/en/installation/install-rancher-on-k8s/chart-options/
# enable_rancher = true
# When rancher is deployed, by default is uses the "stable" channel. But this can be customized.
# The allowed values are "stable", "latest", and "alpha".
# rancher_install_channel = "latest"
# Set your rancher hostname, the default is "rancher.example.com".
# It is a required value when using rancher, but up to you to point the DNS to it or not.
# You can also not point the DNS, and just port-forward locally via kubectl to get access to the dashboard.
# rancher_hostname = "rancher.xyz.dev"

View File

@ -107,7 +107,7 @@ variable "initial_k3s_channel" {
description = "Allows you to specify an initial k3s channel" description = "Allows you to specify an initial k3s channel"
validation { validation {
condition = contains(["stable", "latest", "testing", "v1.16", "v1.17", "v1.18", "v1.19", "v1.20", "v1.21", "v1.22", "v1.23"], var.initial_k3s_channel) condition = contains(["stable", "latest", "testing", "v1.16", "v1.17", "v1.18", "v1.19", "v1.20", "v1.21", "v1.22", "v1.23", "v1.24"], var.initial_k3s_channel)
error_message = "The initial k3s channel must be one of stable, latest or testing." error_message = "The initial k3s channel must be one of stable, latest or testing."
} }
} }
@ -175,3 +175,32 @@ variable "disable_hetzner_csi" {
default = false default = false
description = "Disable hetzner csi driver" description = "Disable hetzner csi driver"
} }
variable "enable_cert_manager" {
type = bool
default = false
description = "Enable cert manager"
}
variable "enable_rancher" {
type = bool
default = false
description = "Enable rancher"
}
variable "rancher_install_channel" {
type = string
default = "stable"
description = "Rancher install channel"
validation {
condition = contains(["stable", "latest", "alpha"], var.rancher_install_channel)
error_message = "The allowed values for the rancher install channel are stable, latest, or alpha."
}
}
variable "rancher_hostname" {
type = string
default = "rancher.example.com"
description = "Enable rancher"
}