https://github.com/vshatravenko/terraform-vultr-kubespray

Terraform module for vultr.io providing an infra base for Kubernetes cluster setup
https://github.com/vshatravenko/terraform-vultr-kubespray

kubernetes kubespray terraform vultr

Last synced: 6 months ago
JSON representation

Terraform module for vultr.io providing an infra base for Kubernetes cluster setup

• Host: GitHub
• URL: https://github.com/vshatravenko/terraform-vultr-kubespray
• Owner: vshatravenko
• Created: 2023-11-10T22:28:55.000Z (almost 2 years ago)
• Default Branch: master
• Last Pushed: 2023-11-10T22:32:36.000Z (almost 2 years ago)
• Last Synced: 2025-02-12T06:38:06.904Z (8 months ago)
• Topics: kubernetes, kubespray, terraform, vultr
• Language: HCL
• Homepage:
• Size: 5.86 KB
• Stars: 0
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          

# Terraform Vultr Kubespray Base Module

This repository contains a Terraform module for [Vultr](vultr.io) that provides a minimal infra base for [kubespray](https://github.com/kubernetes-sigs/kubespray) to provision a Kubernetes cluster.

## Usage

Before starting, be sure to [create a Vultr API key](https://my.vultr.com/settings/#settingsapi) and export it to your shell session:

``` sh

$ export VULTR_API_KEY=*api_key*

```

Also, make sure there is at least one SSH key created on Vultr prior to infra provisioning.

### Listing available resources

If you'd like to see what's on the menu for available regions, instance types, and beyond, look no further:

* [Regions](https://www.vultr.com/api/#operation/list-regions):

```sh

curl "https://api.vultr.com/v2/regions" \

  -X GET \

  -H "Authorization: Bearer ${VULTR_API_KEY}"

```

* [Instance Types](https://www.vultr.com/api/#tag/plans):

```sh

curl "https://api.vultr.com/v2/plans" \

  -X GET \

  -H "Authorization: Bearer ${VULTR_API_KEY}"

```

* [Operating Systems](https://www.vultr.com/api/#operation/list-os):

```sh

curl "https://api.vultr.com/v2/os" \

  -X GET \

  -H "Authorization: Bearer ${VULTR_API_KEY}"

```

### Provisioning

After that, the workflow is pretty simple:

1. Configure `terraform.tfvars` to your heart's content, available variables are described below

2. Fetch Terraform provider plugins and initialize state - `terraform init`

3. Apply the configuration - `terraform apply`

If you'd like to apply a specific change of the IaC without affecting other resources, use targeting:

```sh

$ terraform apply -target *e.g. vultr_instance.masters*

```

### Cluster Setup

After the infra is provisioned, an Ansible inventory file would be rendered and available at `inventory.ini`

This file can be used as is for the kubespray playbook or customized prior to that.

        Pro tip: Make sure to disable the firewall when using iptables-based firewall rules in kubespray

To disable the default firewall(e.g. `ufw`), you can simply run:

```sh

$ ansible -i inventory.ini -m command -a "ufw disable" -u root all

```

Then, you can copy `inventory.ini` to an existing Ansible workspace, or create a new one by copying the [sample inventory]():

```sh

$ git clone https://github.com/kubernetes-sigs/kubespray -b v2.23.1

$ cp -R kubespray/inventory/sample *ansible_workspace_path*/inventory

$ cp inventory.ini *ansible_workspace_path*/inventory

```

Finally, after setting all the desired values in Kubespray config files, initiate the cluster setup:

```sh

$ ansible-playbook -i *ansible_workspace_path*/inventory.ini --user=root --become --become-user=root cluster.yml -v

```

To connect to the cluster, simply SSH to any master node, copy `/etc/kubernets/admin.conf` to your machine, and run `kubectl get nodes`

## Requirements

| Name | Version |

|------|---------|

|  [vultr](#requirement\_vultr) | 2.17.1 |

## Providers

| Name | Version |

|------|---------|

|  [local](#provider\_local) | 2.4.0 |

|  [random](#provider\_random) | 3.5.1 |

|  [vultr](#provider\_vultr) | 2.17.1 |

## Resources

| Name | Type |

|------|------|

| [local_file.inventory](https://registry.terraform.io/providers/hashicorp/local/latest/docs/resources/file) | resource |

| [random_id.main](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/id) | resource |

| [vultr_instance.masters](https://registry.terraform.io/providers/vultr/vultr/2.17.1/docs/resources/instance) | resource |

| [vultr_instance.workers](https://registry.terraform.io/providers/vultr/vultr/2.17.1/docs/resources/instance) | resource |

| [vultr_vpc2.main](https://registry.terraform.io/providers/vultr/vultr/2.17.1/docs/resources/vpc2) | resource |

| [vultr_os.main](https://registry.terraform.io/providers/vultr/vultr/2.17.1/docs/data-sources/os) | data source |

## Inputs

| Name | Description | Type | Default | Required |

|------|-------------|------|---------|:--------:|

|  [cluster\_pool\_sizes](#input\_cluster\_pool\_sizes) | Configuration for master and worker pool sizes for the K8s cluster | `map(number)` | 
{
  "master": 2,
  "worker": 3
}
 | no |

|  [etcd\_nodes](#input\_etcd\_nodes) | List of nodes to deploy etcd to; used during Ansible inventory rendering | `list(string)` | 
[
  "worker0",
  "worker1",
  "worker2"
]
 | no |

|  [instance\_activation\_email](#input\_instance\_activation\_email) | n/a | `bool` | `false` | no |

|  [instance\_backup\_schedule](#input\_instance\_backup\_schedule) | n/a | `string` | `"daily"` | no |

|  [instance\_backup\_state](#input\_instance\_backup\_state) | n/a | `string` | `"disabled"` | no |

|  [instance\_ddos\_protection](#input\_instance\_ddos\_protection) | n/a | `bool` | `false` | no |

|  [instance\_enable\_ipv6](#input\_instance\_enable\_ipv6) | n/a | `bool` | `false` | no |

|  [instance\_os\_id](#input\_instance\_os\_id) | OS ID to use for the instances | `number` | `0` | no |

|  [instance\_os\_name](#input\_instance\_os\_name) | Name of the OS to use for cluster nodes | `string` | `"Debian 12 x64 (bookworm)"` | no |

|  [instance\_plan](#input\_instance\_plan) | Instance type and size to use | `string` | `"vc2-4c-8gb"` | no |

|  [name\_prefix](#input\_name\_prefix) | n/a | `string` | `"compute"` | no |

|  [region](#input\_region) | n/a | `string` | `"ewr"` | no |

|  [ssh\_key\_ids](#input\_ssh\_key\_ids) | IDs of *existing* Vultr SSH keys | `list(string)` | 
[
  "d5c629be-b141-41a7-8363-71re4022713b"
]
 | no |

|  [vpc\_ip\_block](#input\_vpc\_ip\_block) | n/a | `string` | `"10.0.0.0"` | no |

|  [vpc\_ip\_type](#input\_vpc\_ip\_type) | n/a | `string` | `"v4"` | no |

|  [vpc\_prefix\_length](#input\_vpc\_prefix\_length) | n/a | `number` | `24` | no |

|  [vultr\_rate\_limit](#input\_vultr\_rate\_limit) | n/a | `number` | `100` | no |

|  [vultr\_retry\_limit](#input\_vultr\_retry\_limit) | n/a | `number` | `3` | no |


## Outputs

| Name | Description |

|------|-------------|

|  [master\_private\_ips](#output\_master\_private\_ips) | n/a |

|  [master\_public\_ips](#output\_master\_public\_ips) | n/a |

|  [worker\_private\_ips](#output\_worker\_private\_ips) | n/a |

|  [worker\_public\_ips](#output\_worker\_public\_ips) | n/a |