cloud-init template updates for kubernetes nodes
This commit is contained in:
parent
7f87798f08
commit
1443395084
|
@ -1,6 +1,6 @@
|
|||
resource "hcloud_network" "kube-network" {
|
||||
name = "kube-network"
|
||||
ip_range = "10.0.0.0/8"
|
||||
ip_range = "10.0.0.0/16"
|
||||
}
|
||||
|
||||
resource "hcloud_network_subnet" "kube-subnet" {
|
||||
|
@ -10,22 +10,53 @@ resource "hcloud_network_subnet" "kube-subnet" {
|
|||
ip_range = "10.0.1.0/24"
|
||||
}
|
||||
|
||||
# resource "hcloud_server" "server" {
|
||||
# name = "control-plane"
|
||||
# server_type = "cx21"
|
||||
# image = "ubuntu-22.04"
|
||||
# location = "nbg1"
|
||||
resource "hcloud_ssh_key" "default" {
|
||||
name = "YubiKey"
|
||||
public_key = file("~/.ssh/id_ed25519_sk.pub")
|
||||
}
|
||||
|
||||
# network {
|
||||
# network_id = hcloud_network.kube-network.id
|
||||
# ip = "10.0.1.1"
|
||||
# }
|
||||
resource "hcloud_server" "control-plane" {
|
||||
count = 0
|
||||
name = "control-plane"
|
||||
server_type = "cx21"
|
||||
image = "ubuntu-22.04"
|
||||
location = "nbg1"
|
||||
|
||||
# depends_on = [
|
||||
# hcloud_network_subnet.kube-subnet
|
||||
# ]
|
||||
network {
|
||||
network_id = hcloud_network.kube-network.id
|
||||
ip = "10.0.1.1"
|
||||
}
|
||||
|
||||
# user_data = templatefile("${path.module}/templates/cloud-init-tailscale.tpl", {
|
||||
# tailscale_key = var.tailscale_key
|
||||
# })
|
||||
# }
|
||||
depends_on = [
|
||||
hcloud_network_subnet.kube-subnet
|
||||
]
|
||||
|
||||
user_data = templatefile("${path.module}/templates/tailscale-kube-control-plane.yaml.tpl", {
|
||||
tailscale_key = var.tailscale_key
|
||||
})
|
||||
|
||||
ssh_keys = [hcloud_ssh_key.default.id]
|
||||
}
|
||||
|
||||
resource "hcloud_server" "worker-node" {
|
||||
count = 0
|
||||
name = "worker-node-${count.index+1}"
|
||||
server_type = "cx21"
|
||||
image = "ubuntu-22.04"
|
||||
location = "nbg1"
|
||||
|
||||
network {
|
||||
network_id = hcloud_network.kube-network.id
|
||||
ip = "10.0.1.${count.index+2}"
|
||||
}
|
||||
|
||||
depends_on = [
|
||||
hcloud_network_subnet.kube-subnet
|
||||
]
|
||||
|
||||
user_data = templatefile("${path.module}/templates/tailscale-kube-worker.yaml.tpl", {
|
||||
tailscale_key = var.tailscale_key
|
||||
})
|
||||
|
||||
ssh_keys = [hcloud_ssh_key.default.id]
|
||||
}
|
||||
|
|
|
@ -1,11 +0,0 @@
|
|||
#cloud-config
|
||||
---
|
||||
apt:
|
||||
sources:
|
||||
tailscale.list:
|
||||
source: deb https://pkgs.tailscale.com/stable/ubuntu jammy main
|
||||
keyid: 2596A99EAAB33821893C0A79458CA832957F5868
|
||||
packages:
|
||||
- tailscale
|
||||
runcmd:
|
||||
- [ tailscale, up, -auth-key, ${tailscale_key}, -ssh ]
|
48
terraform/templates/tailscale-kube-control-plane.yaml.tpl
Normal file
48
terraform/templates/tailscale-kube-control-plane.yaml.tpl
Normal file
|
@ -0,0 +1,48 @@
|
|||
#cloud-config
|
||||
---
|
||||
apt:
|
||||
sources:
|
||||
tailscale.list:
|
||||
source: deb https://pkgs.tailscale.com/stable/ubuntu jammy main
|
||||
keyid: 2596A99EAAB33821893C0A79458CA832957F5868
|
||||
kubernetes.list:
|
||||
source: deb https://apt.kubernetes.io/ kubernetes-xenial main
|
||||
keyid: A362B822F6DEDC652817EA46B53DC80D13EDEF05
|
||||
docker.list:
|
||||
source: deb https://download.docker.com/linux/ubuntu jammy stable
|
||||
keyid: 9DC858229FC7DD38854AE2D88D81803C0EBFCD88
|
||||
write_files:
|
||||
- path: /etc/sysctl.d/k8s.conf
|
||||
content: |
|
||||
net.bridge.bridge-nf-call-iptables = 1
|
||||
net.bridge.bridge-nf-call-ip6tables = 1
|
||||
net.ipv4.ip_forward = 1
|
||||
- path: /etc/modules-load.d/k8s.conf
|
||||
content: |
|
||||
overlay
|
||||
br_netfilter
|
||||
- path: /etc/containerd/config.toml
|
||||
content: |
|
||||
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options]
|
||||
SystemdCgroup = true
|
||||
disabled_plugins = []
|
||||
- path: /root/k8s.yaml
|
||||
content: |
|
||||
apiVersion: kubelet.config.k8s.io/v1beta1
|
||||
kind: KubeletConfiguration
|
||||
cgroupDriver: systemd
|
||||
packages:
|
||||
- tailscale
|
||||
- apt-transport-https
|
||||
- ca-certificates
|
||||
- curl
|
||||
- kubelet
|
||||
- kubeadm
|
||||
- kubectl
|
||||
- containerd.io
|
||||
runcmd:
|
||||
- [ modprobe, overlay ]
|
||||
- [ modprobe, br_netfilter ]
|
||||
- [ sysctl, --system ]
|
||||
- [ tailscale, up, -auth-key, ${tailscale_key}, -ssh ]
|
||||
- [ apt-mark, hold, kubelet, kubeadm, kubectl ]
|
48
terraform/templates/tailscale-kube-worker.yaml.tpl
Normal file
48
terraform/templates/tailscale-kube-worker.yaml.tpl
Normal file
|
@ -0,0 +1,48 @@
|
|||
#cloud-config
|
||||
---
|
||||
apt:
|
||||
sources:
|
||||
tailscale.list:
|
||||
source: deb https://pkgs.tailscale.com/stable/ubuntu jammy main
|
||||
keyid: 2596A99EAAB33821893C0A79458CA832957F5868
|
||||
kubernetes.list:
|
||||
source: deb https://apt.kubernetes.io/ kubernetes-xenial main
|
||||
keyid: A362B822F6DEDC652817EA46B53DC80D13EDEF05
|
||||
docker.list:
|
||||
source: deb https://download.docker.com/linux/ubuntu jammy stable
|
||||
keyid: 9DC858229FC7DD38854AE2D88D81803C0EBFCD88
|
||||
write_files:
|
||||
- path: /etc/sysctl.d/k8s.conf
|
||||
content: |
|
||||
net.bridge.bridge-nf-call-iptables = 1
|
||||
net.bridge.bridge-nf-call-ip6tables = 1
|
||||
net.ipv4.ip_forward = 1
|
||||
- path: /etc/modules-load.d/k8s.conf
|
||||
content: |
|
||||
overlay
|
||||
br_netfilter
|
||||
- path: /etc/containerd/config.toml
|
||||
content: |
|
||||
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options]
|
||||
SystemdCgroup = true
|
||||
disabled_plugins = []
|
||||
- path: /root/k8s.yaml
|
||||
content: |
|
||||
apiVersion: kubelet.config.k8s.io/v1beta1
|
||||
kind: KubeletConfiguration
|
||||
cgroupDriver: systemd
|
||||
packages:
|
||||
- tailscale
|
||||
- apt-transport-https
|
||||
- ca-certificates
|
||||
- curl
|
||||
- kubelet
|
||||
- kubeadm
|
||||
- kubectl
|
||||
- containerd.io
|
||||
runcmd:
|
||||
- [ modprobe, overlay ]
|
||||
- [ modprobe, br_netfilter ]
|
||||
- [ sysctl, --system ]
|
||||
- [ tailscale, up, -auth-key, ${tailscale_key}, -ssh ]
|
||||
- [ apt-mark, hold, kubelet, kubeadm, kubectl ]
|
Loading…
Reference in a new issue