terraform-hcloud-k3s-ext
所属分类:网络编程
开发工具:HCL
文件大小:0KB
下载次数:0
上传日期:2021-07-17 07:50:32
上 传 者:
sh-1993
说明: Terraform模块,用于在Hetzner云服务器上安装K3S,包括电池。证书管理器,外部DNS,Nginx入口控制器,Mini...,
(Terraform module to install K3S on Hetzner cloud servers with battery included. Cert-Manger, External-DNS, Nginx-ingress-controller, Minio, Octant Dashboard ...etc)
文件列表:
LICENSE (11357, 2021-07-17)
Makefile (1716, 2021-07-17)
example/ (0, 2021-07-17)
example/main.tf (910, 2021-07-17)
main.tf (2379, 2021-07-17)
modules/ (0, 2021-07-17)
modules/apps/ (0, 2021-07-17)
modules/apps/cert-manager/ (0, 2021-07-17)
modules/apps/cert-manager/hetznerWebhookValues.yaml (2189, 2021-07-17)
modules/apps/cert-manager/main.tf (2605, 2021-07-17)
modules/apps/cert-manager/manifests/ (0, 2021-07-17)
modules/apps/cert-manager/manifests/clusterIssuer.yaml (870, 2021-07-17)
modules/apps/cert-manager/variables.tf (997, 2021-07-17)
modules/apps/cert-manager/versions.tf (404, 2021-07-17)
modules/apps/default-backend/ (0, 2021-07-17)
modules/apps/default-backend/main.tf (509, 2021-07-17)
modules/apps/default-backend/values.yaml (22426, 2021-07-17)
modules/apps/default-backend/variables.tf (529, 2021-07-17)
modules/apps/default-backend/versions.tf (240, 2021-07-17)
modules/apps/external-dns/ (0, 2021-07-17)
modules/apps/external-dns/main.tf (1393, 2021-07-17)
modules/apps/external-dns/values.yaml (7223, 2021-07-17)
modules/apps/external-dns/variables.tf (838, 2021-07-17)
modules/apps/external-dns/versions.tf (326, 2021-07-17)
modules/apps/main.tf (3357, 2021-07-17)
modules/apps/minio-gateway/ (0, 2021-07-17)
modules/apps/minio-gateway/main.tf (608, 2021-07-17)
modules/apps/minio-gateway/values.yaml (21067, 2021-07-17)
modules/apps/minio-gateway/variables.tf (419, 2021-07-17)
modules/apps/minio-gateway/versions.tf (123, 2021-07-17)
modules/apps/minio-ops/ (0, 2021-07-17)
modules/apps/minio-ops/NOTES.txt (659, 2021-07-17)
modules/apps/minio-ops/main.tf (1401, 2021-07-17)
modules/apps/minio-ops/manifests/ (0, 2021-07-17)
modules/apps/minio-ops/manifests/cluster-role.yaml (2038, 2021-07-17)
modules/apps/minio-ops/manifests/issuer-certificate.yaml (704, 2021-07-17)
modules/apps/minio-ops/manifests/tenant-server-version.yaml (4527, 2021-07-17)
modules/apps/minio-ops/manifests/tenant-tiny.yaml (6984, 2021-07-17)
... ...
# Kubernetes K3S Terraform Module
This module is inspired by [cicdteam/terraform-hcloud-k3s](https://github.com/cicdteam/terraform-hcloud-k3s) with extra applications ready to be installed with ``` make apply```. All Applications are using HELM charts, and highly customizable.
Use [Hetzner Cloud link](https://hetzner.cloud/?ref=6PAAEo0epOOA) to get 20
## List of Applications:
- [Cert-Manager](https://cert-manager.io/): 3 ways to choice for issuing certificates [HTTP01, DNS01_CLOUDFLARE, [DNS01_HETZNER](https://github.com/deyaeddin/cert-manager-webhook-hetzner)]
- [default-backend](https://github.com/bitnami/charts/tree/master/bitnami/nginx): default bitnami-nginx chart
- [external-dns](https://github.com/bitnami/charts/tree/master/bitnami/external-dns): external-dns chart with ability to chose between "hetzner or cloudflare"
- [minio-gateway](https://github.com/bitnami/charts/tree/master/bitnami/minio): minio chart to use as gateway bucket for backup.
- [minio-ops](https://github.com/minio/operator): minio Operator chart with Tenant.
- [octant](https://github.com/aleveille/octant-dashboard-turnkey)
- [nginx-ingress-controller](https://github.com/bitnami/charts/tree/master/bitnami/nginx-ingress-controller): default bitnami-nginx-ingress-controller chart, with annotations:
- load-balancer.hetzner.cloud/name: ${lb_name}
- load-balancer.hetzner.cloud/location: ${lb_location}
- load-balancer.hetzner.cloud/use-private-ip: "true"
- load-balancer.hetzner.cloud/disable-private-ingress: "true"
- load-balancer.hetzner.cloud/ipv6-disabled: "true"
- load-balancer.hetzner.cloud/protocol: ${lb_protocol}
***refer to [Inputs](#Inputs) for more options***
## Example
```terraform
module "k3s-ext" {
source = "deyaeddin/k3s-ext/hcloud"
version = "0.0.1"
cloud_flare_api_email = "
"
cloud_flare_api_key = ""
cloud_flare_api_token = ""
default_domain = "example.com"
hcloud_dns_api_token = ""
hcloud_masters_extra_scripts = []
hcloud_node_extra_scripts = []
hcloud_token = ""
issuer_email = "deya@yanax.com"
enable_apps = true
//optional
k3s_version = "v1.21.1+k3s1" //"v1.19.11+k3s1" "v1.20.7+k3s1" "v1.21.1+k3s1"
master_groups_type = "cx21" # 2 vCPU, 4 GB RAM, 40 GB Disk space
master_groups_count = 3 // Odd number for HA enabled
node_groups = { // NOTE: pass emtpy map to use a single master
"cx21" = 4
"cpx11" = 2
}
}
```
## Requirements
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | >= 0.14 |
| [hcloud](#requirement\_hcloud) | >= 1.26.0 |
| [helm](#requirement\_helm) | >= 2.1.1 |
| [kubernetes](#requirement\_kubernetes) | >= 2.2.0 |
| [local](#requirement\_local) | >= 2.1.0 |
| [minio](#requirement\_minio) | >= 1.2.0 |
| [null](#requirement\_null) | >= 3.1.0 |
| [random](#requirement\_random) | >= 3.1.0 |
| [template](#requirement\_template) | >= 2.2.0 |
## Providers
| Name | Version |
|------|---------|
| [hcloud](#provider\_hcloud) | >= 1.26.0 |
## Modules
| Name | Source | Version |
|------|--------|---------|
| [apps](#module\_apps) | ./modules/apps | |
| [hcloud](#module\_hcloud) | ./modules/hcloud | |
## Resources
| Name | Type |
|------|------|
| [hcloud_ssh_key.default](https://registry.terraform.io/providers/hetznercloud/hcloud/latest/docs/resources/ssh_key) | resource |
## Inputs
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| [cert\_manager\_solver\_type](#input\_cert\_manager\_solver\_type) | which solver cert-manger will use, values : HTTP01, DNS01\_CLOUDFLARE, DNS01\_HETZNER | `string` | `"HTTP01"` | no |
| [cloud\_flare\_api\_email](#input\_cloud\_flare\_api\_email) | Cloudflare primary email (login email) | `any` | n/a | yes |
| [cloud\_flare\_api\_key](#input\_cloud\_flare\_api\_key) | Cloudflare api key. Ref: https://dash.cloudflare.com/profile/api-tokens | `any` | n/a | yes |
| [cloud\_flare\_api\_proxied](#input\_cloud\_flare\_api\_proxied) | wither the zone will be proxied on cloudflare | `bool` | `false` | no |
| [cloud\_flare\_api\_token](#input\_cloud\_flare\_api\_token) | Cloudflare api token. Ref: https://dash.cloudflare.com/profile/api-tokens | `any` | n/a | yes |
| [cluster\_issuer\_name](#input\_cluster\_issuer\_name) | name for cert-manager cluster issuer | `string` | `"letsencrypt"` | no |
| [cluster\_name](#input\_cluster\_name) | Cluster name (prefix for all resource names) | `string` | `"my-cluster"` | no |
| [default\_domain](#input\_default\_domain) | root domain for ingress default service | `any` | n/a | yes |
| [default\_namespace](#input\_default\_namespace) | default applications namespace | `string` | `"apps"` | no |
| [dns\_provider](#input\_dns\_provider) | DNS provider to use. Values can be hetzner or cloudflare | `string` | `"hetzner"` | no |
| [enable\_apps](#input\_enable\_apps) | wither to enable deploying cert-manager, nginx-ingress-controller ...etc | `bool` | `false` | no |
| [hcloud\_datacenter](#input\_hcloud\_datacenter) | Hetzner datacenter where resources resides, hel1-dc2 (Helsinki 1 DC 2) or fsn1-dc14 (Falkenstein 1 DC14) | `string` | `"hel1-dc2"` | no |
| [hcloud\_dns\_api\_token](#input\_hcloud\_dns\_api\_token) | hashed Hetzner DNS access token | `any` | n/a | yes |
| [hcloud\_masters\_extra\_scripts](#input\_hcloud\_masters\_extra\_scripts) | Additional list of commands to be added to initial master server creation | `list(string)` | n/a | yes |
| [hcloud\_network\_ip\_range](#input\_hcloud\_network\_ip\_range) | ip\_range of the main network | `string` | `"10.0.0.0/8"` | no |
| [hcloud\_network\_subnet\_ip\_range](#input\_hcloud\_network\_subnet\_ip\_range) | ip\_range of the subnetwork | `string` | `"10.0.0.0/16"` | no |
| [hcloud\_network\_subnet\_type](#input\_hcloud\_network\_subnet\_type) | subnet type | `string` | `"cloud"` | no |
| [hcloud\_network\_subnet\_zone](#input\_hcloud\_network\_subnet\_zone) | Subnet Zon | `string` | `"eu-central"` | no |
| [hcloud\_node\_extra\_scripts](#input\_hcloud\_node\_extra\_scripts) | Additional list of commands to be added to initial node server creation | `list(string)` | n/a | yes |
| [hcloud\_token](#input\_hcloud\_token) | Hetzner cloud auth token | `any` | n/a | yes |
| [image](#input\_image) | Node boot image | `string` | `"ubuntu-20.04"` | no |
| [issuer\_email](#input\_issuer\_email) | email for issuing certificates with LetsEncrypt | `any` | n/a | yes |
| [k3s\_channel](#input\_k3s\_channel) | k3s channel (stable, latest, v1.19 and so on) | `string` | `"latest"` | no |
| [k3s\_config\_file](#input\_k3s\_config\_file) | String path to config file | `string` | `"~/.kubeconfig/hetzner.config"` | no |
| [k3s\_version](#input\_k3s\_version) | k3s version (v1.21.0+k3s1, v1.19.10+k3s1 and so on) | `string` | `"v1.21.1+k3s1"` | no |
| [lb\_hcloud\_location](#input\_lb\_hcloud\_location) | location of the loadbalancer | `string` | `"hel1"` | no |
| [lb\_hcloud\_name](#input\_lb\_hcloud\_name) | name of the loadbalancer | `string` | `"name_cluster_lb"` | no |
| [lb\_hcloud\_protocol](#input\_lb\_hcloud\_protocol) | protocol for the loadbalancer | `string` | `"tcp"` | no |
| [letsencrypt\_is\_prod](#input\_letsencrypt\_is\_prod) | wither to utilize the staging or production for Letsencrypt certificates issuing | `bool` | `false` | no |
| [master\_groups\_count](#input\_master\_groups\_count) | Number of control plane nodes. | `number` | `1` | no |
| [master\_groups\_type](#input\_master\_groups\_type) | Node type (size) | `string` | `"cx21"` | no |
| [nginx\_default\_backend](#input\_nginx\_default\_backend) | nginx ingress controller default backend service name | `string` | `"default-backend"` | no |
| [node\_groups](#input\_node\_groups) | Map of worker node groups, key is server\_type, value is count of nodes in group. NOTE: pass emtpy map to use a single master | `map(string)` | {
"cpx11": 2,
"cx21": 4
} | no |
| [private\_key\_path](#input\_private\_key\_path) | string path to private key which will be used to access all the servers including the nodes | `string` | `"~/.ssh/id_rsa"` | no |
| [public\_key\_path](#input\_public\_key\_path) | string path to public key which will be used to access all the servers including the nodes | `string` | `"~/.ssh/id_rsa.pub"` | no |
| [storage\_class](#input\_storage\_class) | storage class to use with minio drivers | `string` | `"hcloud-volumes"` | no |
## Outputs
| Name | Description |
|------|-------------|
| [master\_internal\_ipv4](#output\_master\_internal\_ipv4) | Private IP Address of the master node |
| [master\_ipv4](#output\_master\_ipv4) | Public IP Address of the master node |
| [master\_nodes\_internal\_ipv4](#output\_master\_nodes\_internal\_ipv4) | Public IP Address of the master nodes in groups |
| [master\_nodes\_ipv4](#output\_master\_nodes\_ipv4) | Public IP Address of the master nodes in groups |
| [nodes\_ipv4](#output\_nodes\_ipv4) | Public IP Address of the worker nodes in groups |
近期下载者:
相关文件:
收藏者: