Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/felipecruz91/k8s-hetzner

A Kubernetes cluster provisioned with Terraform, running in Hetzner Cloud
https://github.com/felipecruz91/k8s-hetzner

hetzner hetzner-cloud kubernetes terraform

Last synced: about 2 months ago
JSON representation

A Kubernetes cluster provisioned with Terraform, running in Hetzner Cloud

Host: GitHub
URL: https://github.com/felipecruz91/k8s-hetzner
Owner: felipecruz91
Created: 2020-12-11T20:13:20.000Z (about 4 years ago)
Default Branch: main
Last Pushed: 2022-11-26T09:57:47.000Z (about 2 years ago)
Last Synced: 2024-10-31T06:51:35.592Z (about 2 months ago)
Topics: hetzner, hetzner-cloud, kubernetes, terraform
Language: HCL
Homepage:
Size: 55.7 KB
Stars: 29
Watchers: 3
Forks: 10
Open Issues: 0
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

README

        # k8s-hetzner-cloud

Kubernetes Terraform installer for Hetzner bare-metal.

![k8s-cluster](docs/images/k8s-cluster.PNG)

### Initial setup

Clone the repository and install the dependencies:

```bash

$ git clone https://github.com/felipecruz91/k8s-hetzner.git

$ cd k8s-hetzner

$ terraform init

```

Note that you'll need Terraform v0.13 or newer to run this project.

Note that, before running the project, you'll have to create an access token for Terraform to connect to the Hetzner Cloud API.

Once you have the token, create the `hetzner-api-token.txt` file and paste it in there.

Using the token, create the `TF_VAR_hcloud_token` environment variable:

```bash

$ export TF_VAR_hcloud_token=$(cat hetzner-api-token.txt)

```

### Building the Kubernetes VM image with Packer

Prepare snapshot image, so the terraform will use it to create and up nodes of the cluster.

Run once the command below:

```cli

$ cd images && \

    packer build image-master.json

```

For containerd image use command `packer build image-master-containerd.json`.

Now we have a snapshot and we need to know it's ID.

To do this run:

```cli

$ curl -H "Authorization: Bearer $TF_VAR_hcloud_token" 'https://api.hetzner.cloud/v1/images'

```

and find the image's ID with the name described in the `image-master-containerd.json` and/or `image-master.json` files.

Put pointed ID in the `variables.tf` config file.

### Usage

Create a bare-metal Kubernetes cluster with one master and 3 worker nodes:

```bash

$ terraform apply \

 -var master_location=nbg1 \

 -var master_server_type=cpx11 \

 -var worker_nodes_count=3 \

 -var worker_server_type=cx11 \

 -var worker_location=nbg1

```

This will do the following:

- provisions three bare-metal servers with Ubuntu 18.04 LTS (the size of the `master` and the `node` may be different but must remain in the same type of architecture)

- connects to the master server via SSH and installs Docker CE and kubeadm apt packages

- runs kubeadm init on the master server and configures kubectl

- downloads the kubectl admin config file on your local machine and replaces the private IP with the public one

- (obsolete) creates a Kubernetes secret with the Weave Net password

- (obsolete) installs Weave Net with encrypted overlay

- installs calico CNI

- starts the nodes in parallel and installs Docker CE and kubeadm

- joins the nodes in the cluster using the kubeadm token obtained from the master

Scale up by increasing the number of nodes:

```bash

$ terraform apply \

 -var worker_nodes_count=4

```

There are two useful scripts which can be used to create and destroy a cluster:

```cli

upcl.sh

docl.sh

```

Tear down the whole infrastructure with:

```bash

terraform destroy -force

```

### Remote control

After applying the Terraform plan you'll see several output variables like the master public IP,

the kubeadm join command and the current workspace admin config.

In order to run `kubectl` commands against the Hetzner cluster you can use the `kubectl_config` output variable:

```bash

$ export KUBECONFIG="$(pwd)/$(terraform output --raw kubectl_config)"

```

```bash

$ kubectl --insecure-skip-tls-verify get nodes -o wide

NAME       STATUS   ROLES    AGE     VERSION   INTERNAL-IP     EXTERNAL-IP   OS-IMAGE             KERNEL-VERSION       CONTAINER-RUNTIME

master     Ready    master   3m45s   v1.24.5   78.47.249.188           Ubuntu 18.04.5 LTS   4.15.0-124-generic   docker://19.3.6

worker-0   Ready       3m28s   v1.24.5   94.130.73.91            Ubuntu 18.04.5 LTS   4.15.0-124-generic   docker://19.3.6

worker-1   Ready       3m23s   v1.24.5   157.90.17.247           Ubuntu 18.04.5 LTS   4.15.0-124-generic   docker://19.3.6

worker-2   Ready       3m26s   v1.24.5   157.90.24.227           Ubuntu 18.04.5 LTS   4.15.0-124-generic   docker://19.3.6

```