diff --git a/README.md b/README.md index 32ee44a..f5d0301 100644 --- a/README.md +++ b/README.md @@ -153,12 +153,18 @@ _To turn off k3s upgrades, you can either set the `k3s_upgrade=true` label in th kubectl -n system-upgrade label node k3s_upgrade- ``` -## Example Ingress with TLS +## Examples + +
+ +Ingress with TLS + +Here is an example of an ingress to run an application with TLS, change the host to fit your need in `examples/tls/ingress.yaml` and then deploy the example: -Here is an example of an ingress to run an application with TLS, change the host to fit your need in `examples/tls/ingress.yaml` and then deploy the example ```sh kubectl apply -f examples/tls/. ``` + ```yml apiVersion: networking.k8s.io/v1 kind: Ingress @@ -184,20 +190,20 @@ spec: port: number: 80 - ``` +
## Takedown If you want to takedown the cluster, you can proceed as follows: ```sh -hcloud load-balancer delete traefik -hcloud network delete k3s terraform destroy -auto-approve ``` +And if the network is slow to delete, just issue `hcloud network delete k3s` to speed things up! + _Also, if you had a full-blown cluster in use, it would be best to delete the whole project in your Hetzner account directly as operators or deployments may create other resources during regular operation._ @@ -210,7 +216,9 @@ There is also a branch where openSUSE MicroOS came preinstalled with the k3s RPM ## Contributing -Any contributions you make are **greatly appreciated**. +🌱 This project currently installs openSUSE MicroOS via the Hetzner rescue mode, which makes things a few minutes slower. If you could **take a few minutes to send a support request to Hetzner, asking them to please add openSUSE MicroOS as a default image**, not just an ISO, it would be wonderful. The more requests they receive the likelier they are to add support for it, and if they do, that would cut the deploy time by half. The official link to openSUSE MicroOS is . + +About code contributions, they are **greatly appreciated**. 1. Fork the Project 2. Create your Branch (`git checkout -b AmazingFeature`) diff --git a/init.tf b/init.tf index 4f1d350..0812470 100644 --- a/init.tf +++ b/init.tf @@ -110,7 +110,7 @@ resource "null_resource" "kustomization" { content = templatefile( "${path.module}/templates/plans.yaml.tpl", { - channel = var.k3s_upgrade_channel + channel = var.initial_k3s_channel }) destination = "/tmp/post_install/plans.yaml" } diff --git a/locals.tf b/locals.tf index 785c1c3..5141bc0 100644 --- a/locals.tf +++ b/locals.tf @@ -27,9 +27,9 @@ locals { "[ -e /etc/rancher/k3s/k3s.yaml ] && exit 0", ] - install_k3s_server = concat(local.common_commands_install_k3s, ["curl -sfL https://get.k3s.io | INSTALL_K3S_SKIP_SELINUX_RPM=true INSTALL_K3S_SKIP_START=true INSTALL_K3S_EXEC=server sh -"]) + install_k3s_server = concat(local.common_commands_install_k3s, ["curl -sfL https://get.k3s.io | INSTALL_K3S_SKIP_SELINUX_RPM=true INSTALL_K3S_SKIP_START=true INSTALL_K3S_CHANNEL=${var.initial_k3s_channel} INSTALL_K3S_EXEC=server sh -"]) - install_k3s_agent = concat(local.common_commands_install_k3s, ["curl -sfL https://get.k3s.io | INSTALL_K3S_SKIP_SELINUX_RPM=true INSTALL_K3S_SKIP_START=true INSTALL_K3S_EXEC=agent sh -"]) + install_k3s_agent = concat(local.common_commands_install_k3s, ["curl -sfL https://get.k3s.io | INSTALL_K3S_SKIP_SELINUX_RPM=true INSTALL_K3S_SKIP_START=true INSTALL_K3S_CHANNEL=${var.initial_k3s_channel} INSTALL_K3S_EXEC=agent sh -"]) agent_nodepools = merge([ for nodepool_name, nodepool_obj in var.agent_nodepools : { diff --git a/main.tf b/main.tf index 34ba1bd..d86fea1 100644 --- a/main.tf +++ b/main.tf @@ -159,3 +159,29 @@ data "hcloud_load_balancer" "traefik" { depends_on = [null_resource.kustomization] } + +resource "null_resource" "destroy_traefik_loadbalancer" { + # this only gets triggered before total destruction of the cluster, but when the necessary elements to run the commands are still available + triggers = { + kustomization_id = null_resource.kustomization.id + } + + # Important when issuing terraform destroy, otherwise the LB will not let the network get deleted + provisioner "local-exec" { + when = destroy + command = <<-EOT + kubectl -n kube-system delete service traefik --kubeconfig ${path.module}/kubeconfig.yaml + EOT + on_failure = continue + } + + depends_on = [ + local_file.kubeconfig, + null_resource.control_planes[0], + hcloud_network_subnet.k3s, + hcloud_network.k3s, + hcloud_firewall.k3s, + hcloud_placement_group.k3s, + hcloud_ssh_key.k3s + ] +} diff --git a/modules/host/locals.tf b/modules/host/locals.tf index 5a61b2a..08306d6 100644 --- a/modules/host/locals.tf +++ b/modules/host/locals.tf @@ -61,11 +61,14 @@ locals { combustion_script = < /etc/transactional-update.conf", + "set -ex", + "rebootmgrctl set-strategy off", + "echo 'REBOOT_METHOD=kured' > /etc/transactional-update.conf", # set the hostname - <<-EOT - hostnamectl set-hostname ${self.name} - sed -e 's#NETCONFIG_NIS_SETDOMAINNAME="yes"#NETCONFIG_NIS_SETDOMAINNAME="no"#g' /etc/sysconfig/network/config > /dev/null - EOT + "hostnamectl set-hostname ${self.name}" ] } } diff --git a/terraform.tfvars.example b/terraform.tfvars.example index f97712b..f3942ce 100644 --- a/terraform.tfvars.example +++ b/terraform.tfvars.example @@ -47,9 +47,8 @@ agent_nodepools = { # If you want to allow non-control-plane workloads to run on the control-plane nodes set "true" below. The default is "false". # allow_scheduling_on_control_plane = true -# If you want to disable automatic upgrade of k3s (stable channel), you can set this to false, default is "true". +# If you want to disable automatic upgrade of k3s, you can set this to false, default is "true". # automatically_upgrade_k3s = false -# If you would like to specify the k3s upgrade channel from the get go, you can do so, the default is "stable". -# For a list of available channels, see https://rancher.com/docs/k3s/latest/en/upgrades/basic/ and https://update.k3s.io/v1-release/channels -# k3s_upgrade_channel = "latest" +# Allows you to specify either stable, latest, or testing (defaults to stable), see https://rancher.com/docs/k3s/latest/en/upgrades/basic/ +# initial_k3s_channel = "latest" diff --git a/variables.tf b/variables.tf index c83a294..24bb8f1 100644 --- a/variables.tf +++ b/variables.tf @@ -97,10 +97,15 @@ variable "allow_scheduling_on_control_plane" { description = "Whether to allow non-control-plane workloads to run on the control-plane nodes" } -variable "k3s_upgrade_channel" { +variable "initial_k3s_channel" { type = string default = "stable" - description = "Allows you to specify the k3s upgrade channel" + description = "Allows you to specify an initial k3s channel" + + validation { + condition = contains(["stable", "latest", "testing"], var.initial_k3s_channel) + error_message = "The initial k3s channel must be one of stable, latest or testing." + } } variable "automatically_upgrade_k3s" {