Commit Graph

131 Commits

Author SHA1 Message Date
Marco Nenciarini
7e6eb731dd
Add setting to allow_scheduling_on_control_plane 2022-02-07 16:11:41 +01:00
Karim Naufal
ee7a0af8aa
Merge pull request #43 from mnencia/taint
Taint control-plane nodes with node-role.kubernetes.io/master:NoSchedule
2022-02-07 15:56:39 +01:00
Karim Naufal
61f8b30b55
Merge pull request #42 from mnencia/staging
Really disable servicelb
2022-02-07 15:55:34 +01:00
Karim Naufal
9803e9a920
Merge pull request #44 from phaer/fix-ssh-identity
fix ssh identity in staging
2022-02-07 15:45:42 +01:00
Karim Naufal
837ad60a71
Merge pull request #45 from phaer/staging-fix-kubectl
fix kubectl get nodes missing --kubeconfig
2022-02-07 15:43:06 +01:00
phaer
bc18586132 fix kubectl get nodes missing --kubeconfig
the current implementation works co-incidentally for most
setups, when terraform apply is run from the repos root,
but not when kube-hetzner is used as a terraform module
2022-02-07 13:58:21 +01:00
phaer
1a50ace0d3 remove root from ssh_args...
because scp does not take the username via -l, so we just re-add
it to the commands themselves.
2022-02-07 13:19:06 +01:00
phaer
a5914f81e6 fix ssh identity...
Newly added ssh commands were missing the flag -i to pass an
identity file. This means that those commands use different
settings then the provisioners and their connection blocks
around them.

While adding this parameter, I decided it would be cleanest
to add local.ssh_args.
2022-02-07 13:08:47 +01:00
Marco Nenciarini
8ee732e694
Taint control-plane nodes with node-role.kubernetes.io/master:NoSchedule 2022-02-07 12:30:43 +01:00
Marco Nenciarini
f37c6c73c4
Really disable servicelb 2022-02-07 12:29:26 +01:00
Karim Naufal
d61b000af0 removed generated kured kustomization from git 2022-02-07 10:05:02 +01:00
Karim Naufal
c18d14e145
Merge pull request #41 from mnencia/staging
Reduce reboot time
2022-02-07 10:02:39 +01:00
Marco Nenciarini
cf68368eea
Reduce reboot time 2022-02-07 09:55:02 +01:00
Karim Naufal
919e1087f8 added kured and fixed initial ignition disk partitioning 2022-02-07 09:36:21 +01:00
Karim Naufal
fba212de47 added kured and fixed initial ignition disk partitioning 2022-02-07 08:46:10 +01:00
Karim Naufal
7532e7a4d5 initial k3s on MicroOS on Hetzner ok 2022-02-06 08:40:51 +01:00
Karim Naufal
4eaebce270
Merge pull request #40 from mnencia/staging
Configure eth1 and set hostname
2022-02-05 23:01:11 +01:00
Marco Nenciarini
63eb166eb9
Configure eth1 and set hostname 2022-02-05 19:34:36 +01:00
Karim Naufal
7bbd42d1e6 tweaked .gitignore 2022-02-05 02:06:56 +01:00
Karim Naufal
623954e5ef microOS eth1 still down 2022-02-05 01:22:35 +01:00
Karim Naufal
3f0f0ca705 microOS prep 2022-02-05 00:02:25 +01:00
Karim Naufal
87e6ac43f3
Merge pull request #37 from Olivierwenger/feature/add-tls
added letsencrypt with http challenge configuration for traefik
2022-02-03 09:34:52 +01:00
Olivier Wenger
23d17382ac Replaced httpChallenge with tlsChallenge
Co-authored-by: Marco Nenciarini <mnencia@kcore.it>
2022-02-03 09:29:56 +01:00
Olivier Wenger
285e115475 added letsencrypt configuration for traefik 2022-02-03 09:29:56 +01:00
Karim Naufal
5384643866 tweaked readme 2022-02-03 09:29:56 +01:00
Waël Ammar
9b7375e424 Add Hetzner placement group and link servers to it 2022-02-03 09:29:56 +01:00
Karim Naufal
d722c0e7b6 tweaked readme 2022-01-30 01:20:43 +01:00
Karim Naufal
4fb1e2fb85
Merge pull request #34 from waammar/feature/add-placement-group
Add Hetzner placement group and link servers to it
2022-01-30 01:09:38 +01:00
Karim Naufal
0dcecd46f8
Merge pull request #33 from TimHeckel/master
Use variable for network region
2022-01-30 01:07:05 +01:00
Waël Ammar
8aa3cf780f Add Hetzner placement group and link servers to it 2022-01-29 21:15:23 +01:00
Tim Heckel
e77bc4d161
Update variables.tf
Declare the `network_region` variable
2022-01-29 14:02:00 -06:00
Tim Heckel
c72e212f2b
Use a variable for network_region
..instead of hardcoding it to `eu-central`
2022-01-29 13:21:30 -06:00
Tim Heckel
efcbbd53dc
Allow for network_region to be specified
This is to enable the creation of the hetzner network to be in `us-east` instead of `eu-central` when deploying to location `ash`
2022-01-29 13:20:33 -06:00
Karim Naufal
aa6fc8dce5 tweaked readme 2022-01-25 22:28:18 +01:00
Karim Naufal
4dd64fd62f tweaked readme 2022-01-25 21:41:01 +01:00
Karim Naufal
c00cd3b0c2 tweaked readme 2022-01-25 21:36:10 +01:00
Karim Naufal
ca1455391e tweaked readme 2022-01-25 21:28:25 +01:00
Karim Naufal
5a46127533
Merge pull request #27 from phaer/optional-private-key
make private key optional to support SSH agent usage
2022-01-25 21:21:29 +01:00
Karim Naufal
7fbf5a88d6
Merge pull request #29 from phaer/ingress-no-private-ip-optional-ipv6
ingress: don't use private ip, make ipv6 optional
2022-01-25 21:13:14 +01:00
phaer
b0838c8a01 ingress: don't use private ip, make ipv6 optional 2022-01-25 15:05:29 +01:00
phaer
d8fccc5ccb document ssh agent usage in README.md 2022-01-25 14:33:35 +01:00
phaer
07ab83a09f use locals to deduplicate ssh key expressions 2022-01-25 14:29:10 +01:00
phaer
9bb945a302 run terraform fmt 2022-01-25 14:28:48 +01:00
Karim Naufal
f6046c4f96
Merge pull request #26 from kube-hetzner/revert-22-optional-private-key
Revert "make private key optional to support hardware tokens for SSH"
2022-01-25 13:17:54 +01:00
Karim Naufal
1ed7932dc9
Revert "make private key optional to support hardware tokens for SSH" 2022-01-25 13:17:40 +01:00
Karim Naufal
214d0bf98b
Merge pull request #22 from phaer/optional-private-key
make private key optional to support hardware tokens for SSH
2022-01-25 13:11:51 +01:00
Karim Naufal
5ffb366a93
Merge pull request #23 from phaer/remove-empty-providers
remove empty provider blocks
2022-01-24 22:02:08 +01:00
phaer
8b12225e07 remove empty provider blocks
terraform v1.1.4 (and at least v1.0.11) emits a warning for empty
provider blocks. Removing those still seems to work while avoiding
that warning.
2022-01-23 14:31:27 +01:00
phaer
1236bbe6f3 make private key optional
Setting private_key to null uses the local ssh-agent as a fallback for
authentication. Using the public_key instead of the private_key for
ssh -i lets the agent select the right identity if loaded. tested
with a yubikey
2022-01-23 14:14:53 +01:00
Karim Naufal
2ef034bdf0 tweaked readme 2022-01-18 07:52:06 +01:00