apricote/home-cloud
1
0
Fork 0
mirror of https://github.com/apricote/home-cloud.git synced 2026-01-13 13:01:03 +00:00
Code Issues Projects Releases Packages Wiki Activity

deploy k8s using rke-provider

Browse source
This commit is contained in:
Julian Tölle 2019-05-13 01:05:58 +02:00
parent 2a2d951971
commit 0f08cfb0d2
14 changed files with 167 additions and 153 deletions
Download patch file Download diff file Expand all files Collapse all files

32
dashboard.tf Normal file
View file

@ -0,0 +1,32 @@
resource "kubernetes_service_account" "dashboard" {
metadata {
name = "dashboard-admin"
namespace = "kube-system"
labels = {
app = "dashboard"
}
}
}
resource "kubernetes_cluster_role_binding" "dashboard" {
metadata {
name = "dashboard-admin"
labels = {
app = "dashboard"
}
}
role_ref {
api_group = "rbac.authorization.k8s.io"
kind = "ClusterRole"
name = "cluster-admin"
}
subject {
kind = "ServiceAccount"
name = "dashboard-admin"
namespace = "kube-system"
}
}

134
main.tf
View file

@ -3,6 +3,29 @@ resource hcloud_server control {
name = "control${count.index}"
image = "ubuntu-18.04"
server_type = "cx21"
ssh_keys = ["${hcloud_ssh_key.terraform.id}"]
connection {
private_key = "${file("./keys/id_terraform")}"
}
user_data = <<END
#cloud-config
package_upgrade: true
packages:
- docker.io
END
provisioner "remote-exec" {
inline = [
"cloud-init status --wait",
]
}
lifecycle {
create_before_destroy = false
}
}
resource hcloud_server compute {
@ -10,28 +33,107 @@ resource hcloud_server compute {
name = "compute${count.index}"
image = "ubuntu-18.04"
server_type = "cx21"
ssh_keys = ["${hcloud_ssh_key.terraform.id}"]
connection {
private_key = "${file("./keys/id_terraform")}"
}
data "template_file" "ansible_inventory" {
template = "${file("${path.module}/templates/ansible_inventory.cfg")}"
user_data = <<END
#cloud-config
package_upgrade: true
packages:
- docker.io
END
depends_on = [
"hcloud_server.control",
"hcloud_server.compute",
provisioner "remote-exec" {
inline = [
"cloud-init status --wait",
]
}
lifecycle {
create_before_destroy = false
}
}
resource rke_cluster "cluster" {
services_kube_api {
extra_args = {
feature-gates = "CSINodeInfo=true,CSIDriverRegistry=true"
}
}
services_kubelet {
extra_args = {
feature-gates = "CSINodeInfo=true,CSIDriverRegistry=true"
}
}
addons = <<EOL
---
apiVersion: v1
kind: Secret
metadata:
name: hcloud-csi
namespace: kube-system
stringData:
token: ${var.hcloud_csi_token}
---
EOL
addons_include = [
"https://raw.githubusercontent.com/kubernetes/csi-api/release-1.13/pkg/crd/manifests/csidriver.yaml",
"https://raw.githubusercontent.com/kubernetes/csi-api/release-1.13/pkg/crd/manifests/csinodeinfo.yaml",
"https://raw.githubusercontent.com/hetznercloud/csi-driver/master/deploy/kubernetes/hcloud-csi.yml",
"https://raw.githubusercontent.com/kubernetes/dashboard/v1.10.1/src/deploy/recommended/kubernetes-dashboard.yaml",
]
vars {
control = "${join("\n", hcloud_server.control.*.ipv4_address)}"
compute = "${join("\n", hcloud_server.compute.*.ipv4_address)}"
nodes {
address = "${hcloud_server.control.0.ipv4_address}"
user = "root"
role = ["controlplane", "etcd"]
ssh_key = "${file("keys/id_terraform")}"
}
nodes {
address = "${hcloud_server.control.1.ipv4_address}"
user = "root"
role = ["controlplane", "etcd"]
ssh_key = "${file("keys/id_terraform")}"
}
nodes {
address = "${hcloud_server.control.2.ipv4_address}"
user = "root"
role = ["controlplane", "etcd"]
ssh_key = "${file("keys/id_terraform")}"
}
nodes {
address = "${hcloud_server.compute.0.ipv4_address}"
user = "root"
role = ["worker"]
ssh_key = "${file("keys/id_terraform")}"
}
nodes {
address = "${hcloud_server.compute.1.ipv4_address}"
user = "root"
role = ["worker"]
ssh_key = "${file("keys/id_terraform")}"
}
nodes {
address = "${hcloud_server.compute.2.ipv4_address}"
user = "root"
role = ["worker"]
ssh_key = "${file("keys/id_terraform")}"
}
}
resource "null_resource" "ansible_inventory" {
triggers {
template_rendered = "${data.template_file.ansible_inventory.rendered}"
}
provisioner "local-exec" {
command = "echo '${data.template_file.ansible_inventory.rendered}' > ansible_inventory"
}
resource local_file kube_cluster_yaml {
filename = "${path.root}/kube_config_cluster.yml"
content = "${rke_cluster.cluster.kube_config_yaml}"
}

4
provider_hcloud.tf
View file

@ -18,8 +18,4 @@ provider "hcloud" {
resource "hcloud_ssh_key" "terraform" {
name = "terraform"
public_key = "${file("./keys/id_terraform.pub")}"
labels = {
"description" = "Used by terraform to provision nodes"
}
}

9
provider_kubernetes.tf Normal file
View file

@ -0,0 +1,9 @@
provider "kubernetes" {
version = "~> 1.6"
host = "${rke_cluster.cluster.api_server_url}"
client_certificate = "${rke_cluster.cluster.client_cert}"
client_key = "${rke_cluster.cluster.client_key}"
cluster_ca_certificate = "${rke_cluster.cluster.ca_crt}"
}

4
provider_other.tf
View file

@ -2,6 +2,10 @@ provider "null" {
version = "~> 1.0"
}
provider "local" {
version = "~> 1.2"
}
provider "template" {
version = "~> 1.0"
}

3
provider_rke.tf Normal file
View file

@ -0,0 +1,3 @@
provider "rke" {
version = "~> 0.11"
}

8
templates/ansible_inventory.cfg
View file

@ -1,8 +0,0 @@
[kube-master]
${control}
[etcd]
${control}
[kube-node]
${compute}

14
terraform_provider_test/Makefile
View file

@ -1,14 +0,0 @@
TF=terraform
TFFLAGS=-var-file=credentials.tfvars
apply: init
$(TF) apply $(TFFLAGS)
plan: init
$(TF) plan $(TFFLAGS)
destroy: init
$(TF) destroy $(TFFLAGS)
init:
$(TF) init

60
terraform_provider_test/cluster.tf
View file

@ -1,60 +0,0 @@
resource "rancher2_cluster" "sandbox" {
name = "sandbox"
description = "home-cloud sandbox cluster"
kind = "rke"
rke_config {
network {
plugin = "canal"
}
kubernetes_version = "v1.13.4-rancher1-1"
addons = <<ADDONS
apiVersion: v1
kind: Secret
metadata:
name: hcloud-csi
namespace: kube-system
stringData:
token: ${var.hcloud_token}
---
apiVersion: v1
kind: Secret
metadata:
name: hcloud
namespace: kube-system
stringData:
token: ${var.hcloud_token}
ADDONS
addons_include = [
"https://raw.githubusercontent.com/kubernetes/csi-api/release-1.13/pkg/crd/manifests/csidriver.yaml",
"https://raw.githubusercontent.com/kubernetes/csi-api/release-1.13/pkg/crd/manifests/csinodeinfo.yaml",
"https://raw.githubusercontent.com/hetznercloud/csi-driver/master/deploy/kubernetes/hcloud-csi.yml",
"https://raw.githubusercontent.com/hetznercloud/hcloud-cloud-controller-manager/master/deploy/v1.2.0.yaml",
]
}
}
resource "rancher2_node_pool" "control" {
cluster_id = "${rancher2_cluster.sandbox.id}"
name = "control"
hostname_prefix = "control"
node_template_id = "user-x5qrl:nt-mdfr7"
quantity = 1
control_plane = true
etcd = true
worker = false
}
resource "rancher2_node_pool" "compute" {
cluster_id = "${rancher2_cluster.sandbox.id}"
name = "compute"
hostname_prefix = "compute"
node_template_id = "user-x5qrl:nt-mdfr7"
quantity = 1
control_plane = false
etcd = false
worker = true
}

19
terraform_provider_test/nodes.tf
View file

@ -1,19 +0,0 @@
resource rancher2_node_driver hcloud {
active = true
builtin = false
description = "Hetzner Cloud"
external_id = "hcloud"
name = "hetzner"
ui_url = "https://storage.googleapis.com/hcloud-rancher-v2-ui-driver/component.js"
url = "https://github.com/JonasProgrammer/docker-machine-driver-hetzner/releases/download/1.2.2/docker-machine-driver-hetzner_1.2.2_linux_amd64.tar.gz"
whitelist_domains = ["storage.googleapis.com"]
}
resource hcloud_floating_ip cluster {
type = "ipv4"
home_location = "${var.hcloud_location}"
}
output cluster_ip {
value = "${hcloud_floating_ip.cluster.ip_address}"
}

12
terraform_provider_test/provider_hcloud.tf
View file

@ -1,12 +0,0 @@
# Set the variable value in *.tfvars file
# or using -var="hcloud_token=..." CLI option
variable "hcloud_token" {}
variable "hcloud_location" {}
# Configure the Hetzner Cloud Provider
provider "hcloud" {
version = "~> 1.7.0"
token = "${var.hcloud_token}"
}

17
terraform_provider_test/provider_rancher2.tf
View file

@ -1,17 +0,0 @@
variable "rancher2_api_url" {
type = "string"
}
variable "rancher2_access_key" {
type = "string"
}
variable "rancher2_secret_key" {
type = "string"
}
provider "rancher2" {
api_url = "${var.rancher2_api_url}"
access_key = "${var.rancher2_access_key}"
secret_key = "${var.rancher2_secret_key}"
}

3
terraform_provider_test/terraform.tfvars
View file

@ -1,3 +0,0 @@
rancher2_api_url = "https://rancher.apricote.de/v3"
hcloud_location = "nbg1"

1
vars.tf Normal file
View file

@ -0,0 +1 @@
variable hcloud_csi_token {}