deploy k8s using rke-provider

2026-01-13 13:01:03 +00:00 · 2019-05-13 01:05:58 +02:00 · 2019-05-13 01:05:58 +02:00 · 0f08cfb0d2
commit 0f08cfb0d2
parent 2a2d951971
14 changed files with 167 additions and 153 deletions
--- a/dashboard.tf
+++ b/dashboard.tf
@ -0,0 +1,32 @@
 resource "kubernetes_service_account" "dashboard" {
  metadata {
    name      = "dashboard-admin"
    namespace = "kube-system"
    labels = {
      app = "dashboard"
    }
  }
 }
 resource "kubernetes_cluster_role_binding" "dashboard" {
  metadata {
    name = "dashboard-admin"
    labels = {
      app = "dashboard"
    }
  }
  role_ref {
    api_group = "rbac.authorization.k8s.io"
    kind      = "ClusterRole"
    name      = "cluster-admin"
  }
  subject {
    kind      = "ServiceAccount"
    name      = "dashboard-admin"
    namespace = "kube-system"
  }
 }
--- a/main.tf
+++ b/main.tf
@ -3,6 +3,29 @@ resource hcloud_server control {
  name        = "control${count.index}"
  image       = "ubuntu-18.04"
  server_type = "cx21"
  ssh_keys = ["${hcloud_ssh_key.terraform.id}"]
  connection {
    private_key = "${file("./keys/id_terraform")}"
  }
  user_data = <<END
 #cloud-config
 package_upgrade: true
 packages:
 - docker.io
 END
  provisioner "remote-exec" {
    inline = [
      "cloud-init status --wait",
    ]
  }
  lifecycle {
    create_before_destroy = false
  }
 }
 resource hcloud_server compute {
@ -10,28 +33,107 @@ resource hcloud_server compute {
  name        = "compute${count.index}"
  image       = "ubuntu-18.04"
  server_type = "cx21"
  ssh_keys = ["${hcloud_ssh_key.terraform.id}"]
  connection {
    private_key = "${file("./keys/id_terraform")}"
  }
  user_data = <<END
 #cloud-config
 package_upgrade: true
 packages:
 - docker.io
 END
  provisioner "remote-exec" {
    inline = [
      "cloud-init status --wait",
    ]
  }
  lifecycle {
    create_before_destroy = false
  }
 }
-data "template_file" "ansible_inventory" {
+resource rke_cluster "cluster" {
-  template = "${file("${path.module}/templates/ansible_inventory.cfg")}"
+  services_kube_api {
    extra_args = {
      feature-gates = "CSINodeInfo=true,CSIDriverRegistry=true"
    }
  }
-  depends_on = [
+  services_kubelet {
-    "hcloud_server.control",
+    extra_args = {
-    "hcloud_server.compute",
+      feature-gates = "CSINodeInfo=true,CSIDriverRegistry=true"
    }
  }
  addons = <<EOL
 ---
 apiVersion: v1
 kind: Secret
 metadata:
  name: hcloud-csi
  namespace: kube-system
 stringData:
  token: ${var.hcloud_csi_token}
 ---
 EOL
  addons_include = [
    "https://raw.githubusercontent.com/kubernetes/csi-api/release-1.13/pkg/crd/manifests/csidriver.yaml",
    "https://raw.githubusercontent.com/kubernetes/csi-api/release-1.13/pkg/crd/manifests/csinodeinfo.yaml",
    "https://raw.githubusercontent.com/hetznercloud/csi-driver/master/deploy/kubernetes/hcloud-csi.yml",
    "https://raw.githubusercontent.com/kubernetes/dashboard/v1.10.1/src/deploy/recommended/kubernetes-dashboard.yaml",
  ]
-  vars {
+  nodes {
-    control = "${join("\n", hcloud_server.control.*.ipv4_address)}"
+    address = "${hcloud_server.control.0.ipv4_address}"
-    compute = "${join("\n", hcloud_server.compute.*.ipv4_address)}"
+    user    = "root"
    role    = ["controlplane", "etcd"]
    ssh_key = "${file("keys/id_terraform")}"
  }
  nodes {
    address = "${hcloud_server.control.1.ipv4_address}"
    user    = "root"
    role    = ["controlplane", "etcd"]
    ssh_key = "${file("keys/id_terraform")}"
  }
  nodes {
    address = "${hcloud_server.control.2.ipv4_address}"
    user    = "root"
    role    = ["controlplane", "etcd"]
    ssh_key = "${file("keys/id_terraform")}"
  }
  nodes {
    address = "${hcloud_server.compute.0.ipv4_address}"
    user    = "root"
    role    = ["worker"]
    ssh_key = "${file("keys/id_terraform")}"
  }
  nodes {
    address = "${hcloud_server.compute.1.ipv4_address}"
    user    = "root"
    role    = ["worker"]
    ssh_key = "${file("keys/id_terraform")}"
  }
  nodes {
    address = "${hcloud_server.compute.2.ipv4_address}"
    user    = "root"
    role    = ["worker"]
    ssh_key = "${file("keys/id_terraform")}"
  }
 }
-resource "null_resource" "ansible_inventory" {
+resource local_file kube_cluster_yaml {
-  triggers {
+  filename = "${path.root}/kube_config_cluster.yml"
-    template_rendered = "${data.template_file.ansible_inventory.rendered}"
+  content  = "${rke_cluster.cluster.kube_config_yaml}"
  }
  provisioner "local-exec" {
    command = "echo '${data.template_file.ansible_inventory.rendered}' > ansible_inventory"
  }
 }
--- a/provider_hcloud.tf
+++ b/provider_hcloud.tf
@ -18,8 +18,4 @@ provider "hcloud" {
 resource "hcloud_ssh_key" "terraform" {
  name       = "terraform"
  public_key = "${file("./keys/id_terraform.pub")}"
  labels = {
    "description" = "Used by terraform to provision nodes"
  }
 }
--- a/provider_kubernetes.tf
+++ b/provider_kubernetes.tf
@ -0,0 +1,9 @@
 provider "kubernetes" {
  version = "~> 1.6"
  host = "${rke_cluster.cluster.api_server_url}"
  client_certificate     = "${rke_cluster.cluster.client_cert}"
  client_key             = "${rke_cluster.cluster.client_key}"
  cluster_ca_certificate = "${rke_cluster.cluster.ca_crt}"
 }
--- a/provider_other.tf
+++ b/provider_other.tf
@ -2,6 +2,10 @@ provider "null" {
  version = "~> 1.0"
 }
 provider "local" {
  version = "~> 1.2"
 }
 provider "template" {
  version = "~> 1.0"
 }
--- a/provider_rke.tf
+++ b/provider_rke.tf
@ -0,0 +1,3 @@
 provider "rke" {
  version = "~> 0.11"
 }
--- a/templates/ansible_inventory.cfg
+++ b/templates/ansible_inventory.cfg
@ -1,8 +0,0 @@
 [kube-master]
 ${control}
 [etcd]
 ${control}
 [kube-node]
 ${compute}
--- a/terraform_provider_test/Makefile
+++ b/terraform_provider_test/Makefile
@ -1,14 +0,0 @@
 TF=terraform
 TFFLAGS=-var-file=credentials.tfvars
 apply: init
 	$(TF) apply $(TFFLAGS) 
 plan: init
 	$(TF) plan $(TFFLAGS)
 destroy: init
 	$(TF) destroy $(TFFLAGS)
 init:
 	$(TF) init
--- a/terraform_provider_test/cluster.tf
+++ b/terraform_provider_test/cluster.tf
@ -1,60 +0,0 @@
 resource "rancher2_cluster" "sandbox" {
  name        = "sandbox"
  description = "home-cloud sandbox cluster"
  kind        = "rke"
  rke_config {
    network {
      plugin = "canal"
    }
    kubernetes_version = "v1.13.4-rancher1-1"
    addons = <<ADDONS
 apiVersion: v1
 kind: Secret
 metadata:
  name: hcloud-csi
  namespace: kube-system
 stringData:
  token: ${var.hcloud_token}
 ---
 apiVersion: v1
 kind: Secret
 metadata:
  name: hcloud
  namespace: kube-system
 stringData:
  token: ${var.hcloud_token}
 ADDONS
    addons_include = [
      "https://raw.githubusercontent.com/kubernetes/csi-api/release-1.13/pkg/crd/manifests/csidriver.yaml",
      "https://raw.githubusercontent.com/kubernetes/csi-api/release-1.13/pkg/crd/manifests/csinodeinfo.yaml",
      "https://raw.githubusercontent.com/hetznercloud/csi-driver/master/deploy/kubernetes/hcloud-csi.yml",
      "https://raw.githubusercontent.com/hetznercloud/hcloud-cloud-controller-manager/master/deploy/v1.2.0.yaml",
    ]
  }
 }
 resource "rancher2_node_pool" "control" {
  cluster_id       = "${rancher2_cluster.sandbox.id}"
  name             = "control"
  hostname_prefix  = "control"
  node_template_id = "user-x5qrl:nt-mdfr7"
  quantity         = 1
  control_plane    = true
  etcd             = true
  worker           = false
 }
 resource "rancher2_node_pool" "compute" {
  cluster_id       = "${rancher2_cluster.sandbox.id}"
  name             = "compute"
  hostname_prefix  = "compute"
  node_template_id = "user-x5qrl:nt-mdfr7"
  quantity         = 1
  control_plane    = false
  etcd             = false
  worker           = true
 }
--- a/terraform_provider_test/nodes.tf
+++ b/terraform_provider_test/nodes.tf
@ -1,19 +0,0 @@
 resource rancher2_node_driver hcloud {
  active            = true
  builtin           = false
  description       = "Hetzner Cloud"
  external_id       = "hcloud"
  name              = "hetzner"
  ui_url            = "https://storage.googleapis.com/hcloud-rancher-v2-ui-driver/component.js"
  url               = "https://github.com/JonasProgrammer/docker-machine-driver-hetzner/releases/download/1.2.2/docker-machine-driver-hetzner_1.2.2_linux_amd64.tar.gz"
  whitelist_domains = ["storage.googleapis.com"]
 }
 resource hcloud_floating_ip cluster {
  type          = "ipv4"
  home_location = "${var.hcloud_location}"
 }
 output cluster_ip {
  value = "${hcloud_floating_ip.cluster.ip_address}"
 }
--- a/terraform_provider_test/provider_hcloud.tf
+++ b/terraform_provider_test/provider_hcloud.tf
@ -1,12 +0,0 @@
 # Set the variable value in *.tfvars file
 # or using -var="hcloud_token=..." CLI option
 variable "hcloud_token" {}
 variable "hcloud_location" {}
 # Configure the Hetzner Cloud Provider
 provider "hcloud" {
  version = "~> 1.7.0"
  token = "${var.hcloud_token}"
 }
--- a/terraform_provider_test/provider_rancher2.tf
+++ b/terraform_provider_test/provider_rancher2.tf
@ -1,17 +0,0 @@
 variable "rancher2_api_url" {
  type = "string"
 }
 variable "rancher2_access_key" {
  type = "string"
 }
 variable "rancher2_secret_key" {
  type = "string"
 }
 provider "rancher2" {
  api_url    = "${var.rancher2_api_url}"
  access_key = "${var.rancher2_access_key}"
  secret_key = "${var.rancher2_secret_key}"
 }
--- a/terraform_provider_test/terraform.tfvars
+++ b/terraform_provider_test/terraform.tfvars
@ -1,3 +0,0 @@
 rancher2_api_url = "https://rancher.apricote.de/v3"
 hcloud_location = "nbg1"
--- a/vars.tf
+++ b/vars.tf
@ -0,0 +1 @@
 variable hcloud_csi_token {}
		`@ -1,3 +0,0 @@`
			`rancher2_api_url = "https://rancher.apricote.de/v3"`

			`hcloud_location = "nbg1"`