147 lines
3.8 KiB
HCL
147 lines
3.8 KiB
HCL
resource "null_resource" "cp-config" {
|
|
triggers = {
|
|
version = var.control_plane_k3s_version
|
|
}
|
|
}
|
|
|
|
resource "null_resource" "control_plane_generation" {
|
|
for_each = var.k3s_control_plane
|
|
triggers = {
|
|
timestamp = "${each.value.generation}"
|
|
}
|
|
}
|
|
|
|
resource "hcloud_server" "control-plane" {
|
|
for_each = var.k3s_control_plane
|
|
name = each.key
|
|
server_type = each.value.server_type
|
|
location = each.value.location
|
|
image = "ubuntu-22.04"
|
|
|
|
backups = false
|
|
|
|
lifecycle {
|
|
replace_triggered_by = [
|
|
null_resource.cp-config,
|
|
null_resource.control_plane_generation
|
|
]
|
|
}
|
|
|
|
ssh_keys = [
|
|
hcloud_ssh_key.provisioning_key.id,
|
|
hcloud_ssh_key.default.id
|
|
]
|
|
|
|
labels = {
|
|
"node_type" = "control-plane"
|
|
"cluster" = "icb4dc0.de"
|
|
}
|
|
|
|
network {
|
|
network_id = hcloud_network.k8s_net.id
|
|
ip = each.value.private_ip
|
|
alias_ips = each.value.alias_ips
|
|
}
|
|
|
|
public_net {
|
|
ipv4_enabled = true
|
|
ipv6_enabled = true
|
|
}
|
|
|
|
# boot into rescue OS
|
|
rescue = "linux64"
|
|
|
|
connection {
|
|
host = self.ipv4_address
|
|
private_key = tls_private_key.provisioning.private_key_pem
|
|
timeout = "5m"
|
|
}
|
|
|
|
provisioner "file" {
|
|
content = data.ct_config.machine-ignitions-cp[each.key].rendered
|
|
destination = "/root/ignition.json"
|
|
}
|
|
|
|
provisioner "remote-exec" {
|
|
inline = [
|
|
"set -ex",
|
|
"apt-get install -y gawk",
|
|
"curl -fsSLO --retry-delay 1 --retry 60 --retry-connrefused --retry-max-time 60 --connect-timeout 20 https://raw.githubusercontent.com/flatcar/init/flatcar-master/bin/flatcar-install",
|
|
"chmod +x flatcar-install",
|
|
"./flatcar-install -s -i /root/ignition.json -C ${var.flatcar_release_channel}",
|
|
"reboot",
|
|
]
|
|
on_failure = continue
|
|
}
|
|
|
|
provisioner "remote-exec" {
|
|
connection {
|
|
host = self.ipv4_address
|
|
private_key = tls_private_key.provisioning.private_key_pem
|
|
timeout = "3m"
|
|
user = "core"
|
|
}
|
|
|
|
inline = [
|
|
"sudo hostnamectl set-hostname ${self.name}",
|
|
]
|
|
}
|
|
}
|
|
|
|
resource "cloudflare_dns_record" "cp-host-ipv4" {
|
|
for_each = var.k3s_control_plane
|
|
|
|
depends_on = [hcloud_server.control-plane]
|
|
|
|
zone_id = cloudflare_zone.icb4dc0de.id
|
|
name = "${each.key}.k8s.${cloudflare_zone.icb4dc0de.name}"
|
|
type = "A"
|
|
ttl = 1
|
|
content = hcloud_server.control-plane[each.key].ipv4_address
|
|
}
|
|
|
|
resource "cloudflare_dns_record" "cp-host-ipv6" {
|
|
for_each = var.k3s_control_plane
|
|
|
|
depends_on = [hcloud_server.control-plane]
|
|
|
|
zone_id = cloudflare_zone.icb4dc0de.id
|
|
name = "${each.key}.k8s.${cloudflare_zone.icb4dc0de.name}"
|
|
type = "AAAA"
|
|
ttl = 1
|
|
content = hcloud_server.control-plane[each.key].ipv6_address
|
|
}
|
|
|
|
data "ct_config" "machine-ignitions-cp" {
|
|
for_each = var.k3s_control_plane
|
|
strict = true
|
|
content = templatefile(
|
|
"${path.module}/configs/cp/k3s-flatcar.yaml",
|
|
{
|
|
"host" = each.key
|
|
"k3s_token" = data.azurerm_key_vault_secret.k3s_token.value
|
|
"litestream_version" = var.litestream_version,
|
|
"litestream_config" = base64encode(
|
|
templatefile(
|
|
"${path.module}/configs/cp/litestream.yml",
|
|
{
|
|
"accessKey" = data.azurerm_key_vault_secret.k3s_backup_access_key.value,
|
|
"secretKey" = data.azurerm_key_vault_secret.k3s_backup_secret_key.value,
|
|
"endpoint" = data.azurerm_key_vault_secret.k3s_backup_endpoint.value
|
|
}
|
|
)
|
|
)
|
|
"node_ip" = each.value.private_ip
|
|
"k3s_version" = var.control_plane_k3s_version,
|
|
"k3s_sans" = var.k3s_sans,
|
|
}
|
|
)
|
|
snippets = [
|
|
templatefile(
|
|
"${path.module}/configs/core-user.yaml.tmpl",
|
|
{
|
|
ssh_keys = jsonencode(concat(var.ssh_keys, [tls_private_key.provisioning.public_key_openssh]))
|
|
}
|
|
)
|
|
]
|
|
}
|