feat: configure placement group

This commit is contained in:
Peter 2024-05-04 16:57:25 +02:00
parent 5124e35f05
commit 5e8635e5ce
Signed by: prskr
GPG key ID: F56BED6903BC5E37
8 changed files with 127 additions and 80 deletions

View file

@ -20,7 +20,7 @@ systemd:
Environment="K3S_URL=https://172.23.2.10:6443" Environment="K3S_URL=https://172.23.2.10:6443"
Environment="K3S_TOKEN=${k3s_token}" Environment="K3S_TOKEN=${k3s_token}"
Environment="INSTALL_K3S_VERSION=${k3s_version}" Environment="INSTALL_K3S_VERSION=${k3s_version}"
Environment="INSTALL_K3S_EXEC=agent --node-ip=${node_ip} --kubelet-arg --cloud-provider=external" Environment="INSTALL_K3S_EXEC=agent --node-ip=${node_ip} --kubelet-arg --cloud-provider=external --node-label k8s.icb4dc0.de/storage-node=${tostring(storage_node)}"
ExecStart=/usr/bin/sh -c "/opt/k3s-install.sh" ExecStart=/usr/bin/sh -c "/opt/k3s-install.sh"
[Install] [Install]
WantedBy=multi-user.target WantedBy=multi-user.target

View file

@ -3,7 +3,7 @@ resource "cloudflare_zone" "icb4dc0de" {
zone = "icb4dc0.de" zone = "icb4dc0.de"
lifecycle { lifecycle {
ignore_changes = [ account_id ] ignore_changes = [account_id]
} }
} }

View file

@ -4,6 +4,13 @@ resource "null_resource" "cp-config" {
} }
} }
resource "null_resource" "control_plane_generation" {
for_each = var.k3s_control_plane
triggers = {
timestamp = "${each.value.generation}"
}
}
resource "hcloud_server" "control-plane" { resource "hcloud_server" "control-plane" {
for_each = var.k3s_control_plane for_each = var.k3s_control_plane
name = each.key name = each.key
@ -14,7 +21,10 @@ resource "hcloud_server" "control-plane" {
backups = false backups = false
lifecycle { lifecycle {
replace_triggered_by = [ null_resource.cp-config ] replace_triggered_by = [
null_resource.cp-config,
null_resource.control_plane_generation
]
} }
ssh_keys = [ ssh_keys = [
@ -81,7 +91,7 @@ resource "hcloud_server" "control-plane" {
resource "cloudflare_record" "cp-host-ipv4" { resource "cloudflare_record" "cp-host-ipv4" {
for_each = var.k3s_control_plane for_each = var.k3s_control_plane
depends_on = [ hcloud_server.control-plane ] depends_on = [hcloud_server.control-plane]
zone_id = cloudflare_zone.icb4dc0de.id zone_id = cloudflare_zone.icb4dc0de.id
name = "${each.key}.k8s" name = "${each.key}.k8s"
@ -92,7 +102,7 @@ resource "cloudflare_record" "cp-host-ipv4" {
resource "cloudflare_record" "cp-host-ipv6" { resource "cloudflare_record" "cp-host-ipv6" {
for_each = var.k3s_control_plane for_each = var.k3s_control_plane
depends_on = [ hcloud_server.control-plane ] depends_on = [hcloud_server.control-plane]
zone_id = cloudflare_zone.icb4dc0de.id zone_id = cloudflare_zone.icb4dc0de.id
name = "${each.key}.k8s" name = "${each.key}.k8s"

View file

@ -28,17 +28,36 @@ resource "local_file" "provisioning_key_pub" {
file_permission = "0440" file_permission = "0440"
} }
resource "null_resource" "machine_generation" {
for_each = var.k3s_workers
triggers = {
timestamp = "${each.value.generation}"
}
}
resource "hcloud_placement_group" "k3s_machines" {
name = "k3s-machines"
type = "spread"
labels = {
"cluster" = "icb4dc0.de"
}
}
resource "hcloud_server" "machine" { resource "hcloud_server" "machine" {
for_each = var.k3s_workers for_each = var.k3s_workers
name = each.key name = each.key
server_type = each.value.server_type server_type = each.value.server_type
location = each.value.location location = each.value.location
image = "ubuntu-22.04" image = "ubuntu-22.04"
placement_group_id = hcloud_placement_group.k3s_machines.id
backups = false backups = false
lifecycle { lifecycle {
replace_triggered_by = [ null_resource.worker-config ] replace_triggered_by = [
null_resource.worker-config,
null_resource.machine_generation[each.key]
]
} }
ssh_keys = [ ssh_keys = [
@ -114,9 +133,9 @@ data "ct_config" "machine-ignitions" {
{ {
"host" = "${each.key}" "host" = "${each.key}"
"k3s_token" = "${var.k3s_token}" "k3s_token" = "${var.k3s_token}"
"datacenter" = "hel1-dc2"
"node_ip" = "${each.value.private_ip}" "node_ip" = "${each.value.private_ip}"
"k3s_version" = "${var.worker_k3s_version}" "k3s_version" = "${var.worker_k3s_version}"
"storage_node" = each.value.storage_node
} }
) )
snippets = [ snippets = [

View file

@ -14,3 +14,8 @@ resource "hcloud_ssh_key" "default" {
name = "Default Management" name = "Default Management"
public_key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKfHZaI0F5GjAcrM8hjWqwMfULDkAZ2TOIBTQtRocg1F id_ed25519" public_key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKfHZaI0F5GjAcrM8hjWqwMfULDkAZ2TOIBTQtRocg1F id_ed25519"
} }
resource "hcloud_ssh_key" "yubikey" {
name = "Yubikey"
public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDQoNCLuHgcaDn4JTjCeQKJsIsYU0Jmub5PUMzIIZbUBb+TGMh6mCAY/UbYaq/n4jVnskXopzPGJbx4iPBG5HrNzqYZqMjkk8uIeeT0mdIcNv9bXxuCxCH1iHZF8LlzIZCmQ0w3X6VQ1izcJgvjrAYzbHN3gqCHOXtNkqIUkwaadIWCEjg33OVSlM4yrIDElr6+LHzv84VNh/PhemixCVVEMJ83GjhDtpApMg9WWW3es6rpJn4TlYEMV+aPNU4ZZEWFen/DFBKoX+ulkiJ8CwpY3eJxSzlBijs5ZKH89OOk/MXN1lnREElFqli+jE8EbZKQzi59Zmx8ZOb52qVNot8XZT0Un4EttAIEeE8cETqUC4jK+6RbUrsXtclVbU9i57LWRpl65LYSIJEFmkTxvYdkPXqGbvlW024IjgSo8kds121w95+Rpo6419cSYsQWowS8+aXfEv2Q8SE81QH7ObYfWFXsPBAmmNleQNN3E5HOoaxpWQjv3aTUGuxm4PCzKLdP0LsHmTfGJB7Priaj+9i8xLjDWe7zXDde2Gp9FmdedDr06uEkVSRFnS35Dwfd7M7xP6NsilfMOdWzJWWy/BAYxtnWcrEFxhaEr4vgs8Ub+KBtKhr740x3Mr8up+mythConAs4LOj37lWK4kJ8cI7TXjcSJi9nTIPd39us7tp3Aw=="
}

View file

@ -51,18 +51,23 @@ variable "k3s_sans" {
type = list(string) type = list(string)
} }
variable "vms" { variable "garage_storage" {
type = map(object({ description = "Config of Garage storage"
node_type = string type = object({
server_type = string size = number
backups = bool location = string
private_ip = string })
}))
default = {
size = 20
location = "hel1"
}
} }
variable "k3s_control_plane" { variable "k3s_control_plane" {
type = map(object({ type = map(object({
server_type = string server_type = string
generation = number
private_ip = string private_ip = string
location = string location = string
alias_ips = set(string) alias_ips = set(string)
@ -72,8 +77,10 @@ variable "k3s_control_plane" {
variable "k3s_workers" { variable "k3s_workers" {
type = map(object({ type = map(object({
server_type = string server_type = string
generation = number
private_ip = string private_ip = string
location = string location = string
storage_node = bool
})) }))
} }

View file

@ -17,12 +17,12 @@ terraform {
required_providers { required_providers {
hcloud = { hcloud = {
source = "hetznercloud/hcloud" source = "hetznercloud/hcloud"
version = "1.45.0" version = "1.47.0"
} }
cloudflare = { cloudflare = {
source = "cloudflare/cloudflare" source = "cloudflare/cloudflare"
version = "4.26.0" version = "4.31.0"
} }
ct = { ct = {
@ -32,7 +32,7 @@ terraform {
null = { null = {
source = "hashicorp/null" source = "hashicorp/null"
version = "~> 3.2.1" version = "~> 3.2.2"
} }
} }
} }

View file

@ -1,6 +1,7 @@
k3s_control_plane = { k3s_control_plane = {
"cp1-cax11-hel1-gen4" = { "cp1-cax11-hel1" = {
server_type = "cax11", server_type = "cax11",
generation = 5
private_ip = "172.23.2.10" private_ip = "172.23.2.10"
location = "hel1" location = "hel1"
alias_ips = [] alias_ips = []
@ -16,29 +17,34 @@ k3s_sans = [
k3s_workers = { k3s_workers = {
"w1-cx21-hel1-gen2" = { "w1-cx21-hel1-gen2" = {
server_type = "cx21" server_type = "cx21"
generation = 2
private_ip = "172.23.2.20" private_ip = "172.23.2.20"
location = "hel1" location = "hel1"
storage_node = false
} }
"w2-cax21-hel1-gen7" = { "w2-cax21-hel1-gen7" = {
server_type = "cax21" server_type = "cax21"
generation = 7
private_ip = "172.23.2.21" private_ip = "172.23.2.21"
location = "hel1" location = "hel1"
storage_node = true
} }
"w3-cax21-hel1-gen7" = { "w3-cax21-hel1-gen7" = {
server_type = "cax21" server_type = "cax21"
generation = 7
private_ip = "172.23.2.22" private_ip = "172.23.2.22"
location = "hel1" location = "hel1"
storage_node = true
} }
}
vms = { "w4-cax21-hel1" = {
"cp1" = { server_type = "cax21"
node_type = "control-plane" generation = 8
server_type = "cpx11", private_ip = "172.23.2.23"
backups = true, location = "hel1"
private_ip = "172.23.2.15" storage_node = true
} }
} }