add specific subnet for nodepool
This commit is contained in:
parent
b5039e2bc1
commit
c9101824fc
10
agents.tf
10
agents.tf
@ -11,15 +11,19 @@ module "agents" {
|
|||||||
firewall_ids = [hcloud_firewall.k3s.id]
|
firewall_ids = [hcloud_firewall.k3s.id]
|
||||||
placement_group_id = hcloud_placement_group.k3s.id
|
placement_group_id = hcloud_placement_group.k3s.id
|
||||||
location = var.location
|
location = var.location
|
||||||
network_id = hcloud_network.k3s.id
|
|
||||||
server_type = each.value.server_type
|
server_type = each.value.server_type
|
||||||
|
subnet_id = hcloud_network_subnet.subnet[each.value.subnet].id
|
||||||
|
private_ip = cidrhost(var.network_subnets[each.value.subnet], each.value.index + 1)
|
||||||
labels = {
|
labels = {
|
||||||
"provisioner" = "terraform",
|
"provisioner" = "terraform",
|
||||||
"engine" = "k3s"
|
"engine" = "k3s"
|
||||||
}
|
}
|
||||||
|
|
||||||
hcloud_token = var.hcloud_token
|
hcloud_token = var.hcloud_token
|
||||||
|
|
||||||
|
depends_on = [
|
||||||
|
hcloud_network_subnet.subnet
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "null_resource" "agents" {
|
resource "null_resource" "agents" {
|
||||||
@ -73,6 +77,6 @@ resource "null_resource" "agents" {
|
|||||||
|
|
||||||
depends_on = [
|
depends_on = [
|
||||||
null_resource.first_control_plane,
|
null_resource.first_control_plane,
|
||||||
hcloud_network_subnet.k3s
|
hcloud_network_subnet.subnet
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
2
init.tf
2
init.tf
@ -58,7 +58,7 @@ resource "null_resource" "first_control_plane" {
|
|||||||
}
|
}
|
||||||
|
|
||||||
depends_on = [
|
depends_on = [
|
||||||
hcloud_network_subnet.k3s
|
hcloud_network_subnet.subnet["control_plane"]
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -33,9 +33,11 @@ locals {
|
|||||||
|
|
||||||
agent_nodepools = merge([
|
agent_nodepools = merge([
|
||||||
for nodepool_name, nodepool_obj in var.agent_nodepools : {
|
for nodepool_name, nodepool_obj in var.agent_nodepools : {
|
||||||
for index in range(lookup(nodepool_obj, "count", var.agents_num)) :
|
for index in range(nodepool_obj.count) :
|
||||||
format("%s-%s", nodepool_name, index) => {
|
format("%s-%s", nodepool_name, index) => {
|
||||||
server_type : nodepool_obj.server_type
|
server_type : nodepool_obj.server_type,
|
||||||
|
subnet : lookup(nodepool_obj, "subnet", "default"),
|
||||||
|
index : index
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
]...)
|
]...)
|
||||||
|
13
main.tf
13
main.tf
@ -10,14 +10,15 @@ resource "hcloud_ssh_key" "k3s" {
|
|||||||
|
|
||||||
resource "hcloud_network" "k3s" {
|
resource "hcloud_network" "k3s" {
|
||||||
name = "k3s"
|
name = "k3s"
|
||||||
ip_range = "10.0.0.0/8"
|
ip_range = var.network_ip_range
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "hcloud_network_subnet" "k3s" {
|
resource "hcloud_network_subnet" "subnet" {
|
||||||
|
for_each = var.network_subnets
|
||||||
network_id = hcloud_network.k3s.id
|
network_id = hcloud_network.k3s.id
|
||||||
type = "cloud"
|
type = "cloud"
|
||||||
network_zone = var.network_region
|
network_zone = var.network_region
|
||||||
ip_range = "10.0.0.0/16"
|
ip_range = each.value
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "hcloud_firewall" "k3s" {
|
resource "hcloud_firewall" "k3s" {
|
||||||
@ -29,8 +30,8 @@ resource "hcloud_firewall" "k3s" {
|
|||||||
protocol = "tcp"
|
protocol = "tcp"
|
||||||
port = "any"
|
port = "any"
|
||||||
source_ips = [
|
source_ips = [
|
||||||
|
var.network_ip_range,
|
||||||
"127.0.0.1/32",
|
"127.0.0.1/32",
|
||||||
"10.0.0.0/8",
|
|
||||||
"169.254.169.254/32",
|
"169.254.169.254/32",
|
||||||
"213.239.246.1/32"
|
"213.239.246.1/32"
|
||||||
]
|
]
|
||||||
@ -40,8 +41,8 @@ resource "hcloud_firewall" "k3s" {
|
|||||||
protocol = "udp"
|
protocol = "udp"
|
||||||
port = "any"
|
port = "any"
|
||||||
source_ips = [
|
source_ips = [
|
||||||
|
var.network_ip_range,
|
||||||
"127.0.0.1/32",
|
"127.0.0.1/32",
|
||||||
"10.0.0.0/8",
|
|
||||||
"169.254.169.254/32",
|
"169.254.169.254/32",
|
||||||
"213.239.246.1/32"
|
"213.239.246.1/32"
|
||||||
]
|
]
|
||||||
@ -50,8 +51,8 @@ resource "hcloud_firewall" "k3s" {
|
|||||||
direction = "in"
|
direction = "in"
|
||||||
protocol = "icmp"
|
protocol = "icmp"
|
||||||
source_ips = [
|
source_ips = [
|
||||||
|
var.network_ip_range,
|
||||||
"127.0.0.1/32",
|
"127.0.0.1/32",
|
||||||
"10.0.0.0/8",
|
|
||||||
"169.254.169.254/32",
|
"169.254.169.254/32",
|
||||||
"213.239.246.1/32"
|
"213.239.246.1/32"
|
||||||
]
|
]
|
||||||
|
@ -65,6 +65,7 @@ resource "hcloud_server" "server" {
|
|||||||
}
|
}
|
||||||
|
|
||||||
resource "hcloud_server_network" "server" {
|
resource "hcloud_server_network" "server" {
|
||||||
server_id = hcloud_server.server.id
|
ip = var.private_ip
|
||||||
network_id = var.network_id
|
server_id = hcloud_server.server.id
|
||||||
|
subnet_id = var.subnet_id
|
||||||
}
|
}
|
||||||
|
@ -54,9 +54,14 @@ variable "location" {
|
|||||||
type = string
|
type = string
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "network_id" {
|
variable "subnet_id" {
|
||||||
description = "The network or subnet id"
|
description = "The subnet id"
|
||||||
type = number
|
type = string
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "private_ip" {
|
||||||
|
description = "Private IP for the server"
|
||||||
|
type = string
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "server_type" {
|
variable "server_type" {
|
||||||
|
@ -11,8 +11,9 @@ module "control_planes" {
|
|||||||
firewall_ids = [hcloud_firewall.k3s.id]
|
firewall_ids = [hcloud_firewall.k3s.id]
|
||||||
placement_group_id = hcloud_placement_group.k3s.id
|
placement_group_id = hcloud_placement_group.k3s.id
|
||||||
location = var.location
|
location = var.location
|
||||||
network_id = hcloud_network.k3s.id
|
|
||||||
server_type = var.control_plane_server_type
|
server_type = var.control_plane_server_type
|
||||||
|
subnet_id = hcloud_network_subnet.subnet["control_plane"].id
|
||||||
|
private_ip = cidrhost(var.network_subnets["control_plane"], count.index + 1)
|
||||||
|
|
||||||
labels = {
|
labels = {
|
||||||
"provisioner" = "terraform",
|
"provisioner" = "terraform",
|
||||||
@ -20,6 +21,10 @@ module "control_planes" {
|
|||||||
}
|
}
|
||||||
|
|
||||||
hcloud_token = var.hcloud_token
|
hcloud_token = var.hcloud_token
|
||||||
|
|
||||||
|
depends_on = [
|
||||||
|
hcloud_network_subnet.subnet
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "null_resource" "control_planes" {
|
resource "null_resource" "control_planes" {
|
||||||
@ -78,6 +83,6 @@ resource "null_resource" "control_planes" {
|
|||||||
|
|
||||||
depends_on = [
|
depends_on = [
|
||||||
null_resource.first_control_plane,
|
null_resource.first_control_plane,
|
||||||
hcloud_network_subnet.k3s
|
hcloud_network_subnet.subnet
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
@ -7,24 +7,32 @@ private_key = "/home/username/.ssh/id_ed25519"
|
|||||||
# These can be customized, or left with the default values
|
# These can be customized, or left with the default values
|
||||||
# For Hetzner locations see https://docs.hetzner.com/general/others/data-centers-and-connection/
|
# For Hetzner locations see https://docs.hetzner.com/general/others/data-centers-and-connection/
|
||||||
# For Hetzner server types see https://www.hetzner.com/cloud
|
# For Hetzner server types see https://www.hetzner.com/cloud
|
||||||
location = "fsn1" # change to `ash` for us-east Ashburn, Virginia location
|
location = "fsn1" # change to `ash` for us-east Ashburn, Virginia location
|
||||||
network_region = "eu-central" # change to `us-east` if location is ash
|
network_region = "eu-central" # change to `us-east` if location is ash
|
||||||
|
network_ip_range = "10.0.0.0/8"
|
||||||
|
network_subnets = {
|
||||||
|
control_plane = "10.1.0.0/16"
|
||||||
|
subnet1 = "10.2.0.0/16"
|
||||||
|
subnet2 = "10.3.0.0/16"
|
||||||
|
}
|
||||||
|
|
||||||
control_plane_server_type = "cpx11"
|
control_plane_server_type = "cpx11"
|
||||||
lb_server_type = "lb11"
|
lb_server_type = "lb11"
|
||||||
|
|
||||||
# At least 3 server nodes is recommended for HA, otherwise you need to turn off automatic upgrade (see ReadMe).
|
# At least 3 server nodes is recommended for HA, otherwise you need to turn off automatic upgrade (see ReadMe).
|
||||||
servers_num = 3
|
servers_num = 3
|
||||||
|
|
||||||
# For agent nodes, at least 2 is recommended for HA, but you can keep automatic upgrades.
|
|
||||||
agents_num = 2
|
|
||||||
|
|
||||||
agent_nodepools = {
|
agent_nodepools = {
|
||||||
big = {
|
big = {
|
||||||
server_type = "cpx31",
|
server_type = "cpx31",
|
||||||
count = 1
|
count = 1,
|
||||||
|
subnet = "subnet1",
|
||||||
}
|
}
|
||||||
small = {
|
small = {
|
||||||
server_type = "cpx21",
|
server_type = "cpx21",
|
||||||
|
count = 2,
|
||||||
|
subnet = "subnet2",
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
15
variables.tf
15
variables.tf
@ -30,6 +30,16 @@ variable "network_region" {
|
|||||||
type = string
|
type = string
|
||||||
}
|
}
|
||||||
|
|
||||||
|
variable "network_ip_range" {
|
||||||
|
description = "Default IP range for network"
|
||||||
|
type = string
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "network_subnets" {
|
||||||
|
description = "Subnets definition for default network"
|
||||||
|
type = map(string)
|
||||||
|
}
|
||||||
|
|
||||||
variable "control_plane_server_type" {
|
variable "control_plane_server_type" {
|
||||||
description = "Default control plane server type"
|
description = "Default control plane server type"
|
||||||
type = string
|
type = string
|
||||||
@ -52,11 +62,6 @@ variable "servers_num" {
|
|||||||
type = number
|
type = number
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "agents_num" {
|
|
||||||
description = "Number of agent nodes."
|
|
||||||
type = number
|
|
||||||
}
|
|
||||||
|
|
||||||
variable "agent_nodepools" {
|
variable "agent_nodepools" {
|
||||||
description = "Number of agent nodes."
|
description = "Number of agent nodes."
|
||||||
type = map(any)
|
type = map(any)
|
||||||
|
Loading…
Reference in New Issue
Block a user