merge from upstream
This commit is contained in:
commit
ec42a2b519
20
README.md
20
README.md
@ -153,12 +153,18 @@ _To turn off k3s upgrades, you can either set the `k3s_upgrade=true` label in th
|
|||||||
kubectl -n system-upgrade label node <node-name> k3s_upgrade-
|
kubectl -n system-upgrade label node <node-name> k3s_upgrade-
|
||||||
```
|
```
|
||||||
|
|
||||||
## Example Ingress with TLS
|
## Examples
|
||||||
|
|
||||||
|
<details>
|
||||||
|
|
||||||
|
<summary>Ingress with TLS</summary>
|
||||||
|
|
||||||
|
Here is an example of an ingress to run an application with TLS, change the host to fit your need in `examples/tls/ingress.yaml` and then deploy the example:
|
||||||
|
|
||||||
Here is an example of an ingress to run an application with TLS, change the host to fit your need in `examples/tls/ingress.yaml` and then deploy the example
|
|
||||||
```sh
|
```sh
|
||||||
kubectl apply -f examples/tls/.
|
kubectl apply -f examples/tls/.
|
||||||
```
|
```
|
||||||
|
|
||||||
```yml
|
```yml
|
||||||
apiVersion: networking.k8s.io/v1
|
apiVersion: networking.k8s.io/v1
|
||||||
kind: Ingress
|
kind: Ingress
|
||||||
@ -184,20 +190,20 @@ spec:
|
|||||||
port:
|
port:
|
||||||
number: 80
|
number: 80
|
||||||
|
|
||||||
|
|
||||||
```
|
```
|
||||||
|
|
||||||
|
</details>
|
||||||
|
|
||||||
## Takedown
|
## Takedown
|
||||||
|
|
||||||
If you want to takedown the cluster, you can proceed as follows:
|
If you want to takedown the cluster, you can proceed as follows:
|
||||||
|
|
||||||
```sh
|
```sh
|
||||||
hcloud load-balancer delete traefik
|
|
||||||
hcloud network delete k3s
|
|
||||||
terraform destroy -auto-approve
|
terraform destroy -auto-approve
|
||||||
```
|
```
|
||||||
|
|
||||||
|
And if the network is slow to delete, just issue `hcloud network delete k3s` to speed things up!
|
||||||
|
|
||||||
_Also, if you had a full-blown cluster in use, it would be best to delete the whole project in your Hetzner account directly as operators or deployments may create other resources during regular operation._
|
_Also, if you had a full-blown cluster in use, it would be best to delete the whole project in your Hetzner account directly as operators or deployments may create other resources during regular operation._
|
||||||
|
|
||||||
<!-- CONTRIBUTING -->
|
<!-- CONTRIBUTING -->
|
||||||
@ -210,7 +216,9 @@ There is also a branch where openSUSE MicroOS came preinstalled with the k3s RPM
|
|||||||
|
|
||||||
## Contributing
|
## Contributing
|
||||||
|
|
||||||
Any contributions you make are **greatly appreciated**.
|
🌱 This project currently installs openSUSE MicroOS via the Hetzner rescue mode, which makes things a few minutes slower. If you could **take a few minutes to send a support request to Hetzner, asking them to please add openSUSE MicroOS as a default image**, not just an ISO, it would be wonderful. The more requests they receive the likelier they are to add support for it, and if they do, that would cut the deploy time by half. The official link to openSUSE MicroOS is <https://get.opensuse.org/microos>.
|
||||||
|
|
||||||
|
About code contributions, they are **greatly appreciated**.
|
||||||
|
|
||||||
1. Fork the Project
|
1. Fork the Project
|
||||||
2. Create your Branch (`git checkout -b AmazingFeature`)
|
2. Create your Branch (`git checkout -b AmazingFeature`)
|
||||||
|
2
init.tf
2
init.tf
@ -110,7 +110,7 @@ resource "null_resource" "kustomization" {
|
|||||||
content = templatefile(
|
content = templatefile(
|
||||||
"${path.module}/templates/plans.yaml.tpl",
|
"${path.module}/templates/plans.yaml.tpl",
|
||||||
{
|
{
|
||||||
channel = var.k3s_upgrade_channel
|
channel = var.initial_k3s_channel
|
||||||
})
|
})
|
||||||
destination = "/tmp/post_install/plans.yaml"
|
destination = "/tmp/post_install/plans.yaml"
|
||||||
}
|
}
|
||||||
|
@ -27,9 +27,9 @@ locals {
|
|||||||
"[ -e /etc/rancher/k3s/k3s.yaml ] && exit 0",
|
"[ -e /etc/rancher/k3s/k3s.yaml ] && exit 0",
|
||||||
]
|
]
|
||||||
|
|
||||||
install_k3s_server = concat(local.common_commands_install_k3s, ["curl -sfL https://get.k3s.io | INSTALL_K3S_SKIP_SELINUX_RPM=true INSTALL_K3S_SKIP_START=true INSTALL_K3S_EXEC=server sh -"])
|
install_k3s_server = concat(local.common_commands_install_k3s, ["curl -sfL https://get.k3s.io | INSTALL_K3S_SKIP_SELINUX_RPM=true INSTALL_K3S_SKIP_START=true INSTALL_K3S_CHANNEL=${var.initial_k3s_channel} INSTALL_K3S_EXEC=server sh -"])
|
||||||
|
|
||||||
install_k3s_agent = concat(local.common_commands_install_k3s, ["curl -sfL https://get.k3s.io | INSTALL_K3S_SKIP_SELINUX_RPM=true INSTALL_K3S_SKIP_START=true INSTALL_K3S_EXEC=agent sh -"])
|
install_k3s_agent = concat(local.common_commands_install_k3s, ["curl -sfL https://get.k3s.io | INSTALL_K3S_SKIP_SELINUX_RPM=true INSTALL_K3S_SKIP_START=true INSTALL_K3S_CHANNEL=${var.initial_k3s_channel} INSTALL_K3S_EXEC=agent sh -"])
|
||||||
|
|
||||||
agent_nodepools = merge([
|
agent_nodepools = merge([
|
||||||
for nodepool_name, nodepool_obj in var.agent_nodepools : {
|
for nodepool_name, nodepool_obj in var.agent_nodepools : {
|
||||||
|
26
main.tf
26
main.tf
@ -159,3 +159,29 @@ data "hcloud_load_balancer" "traefik" {
|
|||||||
|
|
||||||
depends_on = [null_resource.kustomization]
|
depends_on = [null_resource.kustomization]
|
||||||
}
|
}
|
||||||
|
|
||||||
|
resource "null_resource" "destroy_traefik_loadbalancer" {
|
||||||
|
# this only gets triggered before total destruction of the cluster, but when the necessary elements to run the commands are still available
|
||||||
|
triggers = {
|
||||||
|
kustomization_id = null_resource.kustomization.id
|
||||||
|
}
|
||||||
|
|
||||||
|
# Important when issuing terraform destroy, otherwise the LB will not let the network get deleted
|
||||||
|
provisioner "local-exec" {
|
||||||
|
when = destroy
|
||||||
|
command = <<-EOT
|
||||||
|
kubectl -n kube-system delete service traefik --kubeconfig ${path.module}/kubeconfig.yaml
|
||||||
|
EOT
|
||||||
|
on_failure = continue
|
||||||
|
}
|
||||||
|
|
||||||
|
depends_on = [
|
||||||
|
local_file.kubeconfig,
|
||||||
|
null_resource.control_planes[0],
|
||||||
|
hcloud_network_subnet.k3s,
|
||||||
|
hcloud_network.k3s,
|
||||||
|
hcloud_firewall.k3s,
|
||||||
|
hcloud_placement_group.k3s,
|
||||||
|
hcloud_ssh_key.k3s
|
||||||
|
]
|
||||||
|
}
|
||||||
|
@ -61,11 +61,14 @@ locals {
|
|||||||
|
|
||||||
combustion_script = <<EOF
|
combustion_script = <<EOF
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
sed -i 's#NETCONFIG_NIS_SETDOMAINNAME="yes"#NETCONFIG_NIS_SETDOMAINNAME="no"#g' /etc/sysconfig/network/config
|
||||||
|
sed -i 's#WAIT_FOR_INTERFACES="30"#WAIT_FOR_INTERFACES="60"#g' /etc/sysconfig/network/config
|
||||||
|
sed -i 's#CHECK_DUPLICATE_IP="yes"#CHECK_DUPLICATE_IP="no"#g' /etc/sysconfig/network/config
|
||||||
# combustion: network
|
# combustion: network
|
||||||
rpm --import https://rpm.rancher.io/public.key
|
rpm --import https://rpm.rancher.io/public.key
|
||||||
zypper refresh
|
zypper refresh
|
||||||
zypper --gpg-auto-import-keys install -y https://rpm.rancher.io/k3s/stable/common/microos/noarch/k3s-selinux-0.4-1.sle.noarch.rpm
|
zypper --gpg-auto-import-keys install -y https://rpm.rancher.io/k3s/stable/common/microos/noarch/k3s-selinux-0.4-1.sle.noarch.rpm
|
||||||
udevadm settle
|
udevadm settle || true
|
||||||
EOF
|
EOF
|
||||||
|
|
||||||
}
|
}
|
||||||
|
@ -54,12 +54,11 @@ resource "hcloud_server" "server" {
|
|||||||
provisioner "remote-exec" {
|
provisioner "remote-exec" {
|
||||||
inline = [
|
inline = [
|
||||||
# Disable automatic reboot (after transactional updates), and configure the reboot method as kured
|
# Disable automatic reboot (after transactional updates), and configure the reboot method as kured
|
||||||
"rebootmgrctl set-strategy off && echo 'REBOOT_METHOD=kured' > /etc/transactional-update.conf",
|
"set -ex",
|
||||||
|
"rebootmgrctl set-strategy off",
|
||||||
|
"echo 'REBOOT_METHOD=kured' > /etc/transactional-update.conf",
|
||||||
# set the hostname
|
# set the hostname
|
||||||
<<-EOT
|
"hostnamectl set-hostname ${self.name}"
|
||||||
hostnamectl set-hostname ${self.name}
|
|
||||||
sed -e 's#NETCONFIG_NIS_SETDOMAINNAME="yes"#NETCONFIG_NIS_SETDOMAINNAME="no"#g' /etc/sysconfig/network/config > /dev/null
|
|
||||||
EOT
|
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -47,9 +47,8 @@ agent_nodepools = {
|
|||||||
# If you want to allow non-control-plane workloads to run on the control-plane nodes set "true" below. The default is "false".
|
# If you want to allow non-control-plane workloads to run on the control-plane nodes set "true" below. The default is "false".
|
||||||
# allow_scheduling_on_control_plane = true
|
# allow_scheduling_on_control_plane = true
|
||||||
|
|
||||||
# If you want to disable automatic upgrade of k3s (stable channel), you can set this to false, default is "true".
|
# If you want to disable automatic upgrade of k3s, you can set this to false, default is "true".
|
||||||
# automatically_upgrade_k3s = false
|
# automatically_upgrade_k3s = false
|
||||||
|
|
||||||
# If you would like to specify the k3s upgrade channel from the get go, you can do so, the default is "stable".
|
# Allows you to specify either stable, latest, or testing (defaults to stable), see https://rancher.com/docs/k3s/latest/en/upgrades/basic/
|
||||||
# For a list of available channels, see https://rancher.com/docs/k3s/latest/en/upgrades/basic/ and https://update.k3s.io/v1-release/channels
|
# initial_k3s_channel = "latest"
|
||||||
# k3s_upgrade_channel = "latest"
|
|
||||||
|
@ -97,10 +97,15 @@ variable "allow_scheduling_on_control_plane" {
|
|||||||
description = "Whether to allow non-control-plane workloads to run on the control-plane nodes"
|
description = "Whether to allow non-control-plane workloads to run on the control-plane nodes"
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "k3s_upgrade_channel" {
|
variable "initial_k3s_channel" {
|
||||||
type = string
|
type = string
|
||||||
default = "stable"
|
default = "stable"
|
||||||
description = "Allows you to specify the k3s upgrade channel"
|
description = "Allows you to specify an initial k3s channel"
|
||||||
|
|
||||||
|
validation {
|
||||||
|
condition = contains(["stable", "latest", "testing"], var.initial_k3s_channel)
|
||||||
|
error_message = "The initial k3s channel must be one of stable, latest or testing."
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "automatically_upgrade_k3s" {
|
variable "automatically_upgrade_k3s" {
|
||||||
|
Loading…
Reference in New Issue
Block a user