resource "null_resource" "cp-config" { triggers = { version = var.control_plane_k3s_version } } resource "null_resource" "control_plane_generation" { for_each = var.k3s_control_plane triggers = { timestamp = "${each.value.generation}" } } resource "hcloud_volume" "cp-k3s-storage" { for_each = var.k3s_control_plane name = "${each.key}-k3s-storage" size = 15 format = "ext4" delete_protection = true } resource "hcloud_server" "control-plane" { for_each = var.k3s_control_plane name = each.key server_type = each.value.server_type location = each.value.location image = "ubuntu-22.04" backups = false lifecycle { replace_triggered_by = [ null_resource.cp-config, null_resource.control_plane_generation ] } ssh_keys = [ hcloud_ssh_key.provisioning_key.id, hcloud_ssh_key.default.id ] labels = { "node_type" = "control-plane" "cluster" = "icb4dc0.de" } network { network_id = hcloud_network.k8s_net.id ip = each.value.private_ip alias_ips = each.value.alias_ips } public_net { ipv4_enabled = true ipv6_enabled = true } # boot into rescue OS rescue = "linux64" connection { host = self.ipv4_address private_key = tls_private_key.provisioning.private_key_pem timeout = "5m" } provisioner "file" { content = data.ct_config.machine-ignitions-cp[each.key].rendered destination = "/root/ignition.json" } provisioner "remote-exec" { inline = [ "set -ex", "apt-get install -y gawk", "curl -fsSLO --retry-delay 1 --retry 60 --retry-connrefused --retry-max-time 60 --connect-timeout 20 https://raw.githubusercontent.com/flatcar/init/flatcar-master/bin/flatcar-install", "chmod +x flatcar-install", "./flatcar-install -s -i /root/ignition.json -C ${var.flatcar_release_channel}", "reboot", ] on_failure = continue } provisioner "remote-exec" { connection { host = self.ipv4_address private_key = tls_private_key.provisioning.private_key_pem timeout = "3m" user = "core" } inline = [ "sudo hostnamectl set-hostname ${self.name}", ] } } resource "hcloud_volume_attachment" "cp-k3s-storage" { for_each = var.k3s_control_plane volume_id = hcloud_volume.cp-k3s-storage[each.key].id server_id = hcloud_server.control-plane[each.key].id automount = true } resource "cloudflare_record" "cp-host-ipv4" { for_each = var.k3s_control_plane depends_on = [hcloud_server.control-plane] zone_id = cloudflare_zone.icb4dc0de.id name = "${each.key}.k8s" type = "A" content = hcloud_server.control-plane[each.key].ipv4_address } resource "cloudflare_record" "cp-host-ipv6" { for_each = var.k3s_control_plane depends_on = [hcloud_server.control-plane] zone_id = cloudflare_zone.icb4dc0de.id name = "${each.key}.k8s" type = "AAAA" content = hcloud_server.control-plane[each.key].ipv6_address } data "ct_config" "machine-ignitions-cp" { for_each = var.k3s_control_plane strict = true content = templatefile( "${path.module}/configs/cp/k3s-flatcar.yaml", { "host" = "${each.key}" "k3s_token" = "${var.k3s_token}" "litestream_version" = "${var.litestream_version}", "litestream_config" = base64encode( templatefile( "${path.module}/configs/cp/litestream.yml", { "accessKey" = var.k3s_backup_access_key, "secretKey" = var.k3s_backup_secret_key, "endpoint" = var.k3s_backup_endpoint } ) ) "node_ip" = "${each.value.private_ip}" "k3s_version" = "${var.control_plane_k3s_version}", "k3s_sans" = var.k3s_sans, "volume_id" = hcloud_volume.cp-k3s-storage[each.key].id } ) snippets = [ templatefile( "${path.module}/configs/core-user.yaml.tmpl", { ssh_keys = jsonencode(concat(var.ssh_keys, [tls_private_key.provisioning.public_key_openssh])) } ) ] }