From c4158fea86e8df61cb23e15714750c07f752f909 Mon Sep 17 00:00:00 2001 From: Serge Logvinov Date: Sat, 5 Jun 2021 21:02:43 +0300 Subject: [PATCH] Can redefine IPv6 --- hetzner/Makefile | 8 ++++---- hetzner/instances-master.tf | 7 ++++--- hetzner/modules/worker/main.tf | 2 ++ hetzner/prepare/main.tf | 3 ++- hetzner/prepare/variables.tf | 6 ++++++ hetzner/templates/controlplane.yaml.tpl | 20 +++++++++----------- hetzner/variables.tf | 4 ++-- 7 files changed, 29 insertions(+), 21 deletions(-) diff --git a/hetzner/Makefile b/hetzner/Makefile index e0ebb06..8834e50 100644 --- a/hetzner/Makefile +++ b/hetzner/Makefile @@ -11,8 +11,8 @@ create-config: create-templates: @yq ea -P '. as $$item ireduce ({}; . * $$item )' _cfgs/controlplane.yaml templates/controlplane.yaml.tpl > templates/controlplane.yaml - @echo 'podSubnets: "10.32.0.0/12"' > _cfgs/tfstate.vars - @echo 'serviceSubnets: "10.200.0.0/22"' >> _cfgs/tfstate.vars + @echo 'podSubnets: "10.32.0.0/12,fd00:10:32::/102"' > _cfgs/tfstate.vars + @echo 'serviceSubnets: "10.200.0.0/22,fd40:10:200::/112"' >> _cfgs/tfstate.vars @yq eval '.cluster.network.dnsDomain' _cfgs/init.yaml | awk '{ print "domain: "$$1}' >> _cfgs/tfstate.vars @yq eval '.cluster.clusterName' _cfgs/init.yaml | awk '{ print "cluster_name: "$$1}' >> _cfgs/tfstate.vars @yq eval '.machine.token' _cfgs/init.yaml | awk '{ print "tokenmachine: "$$1}' >> _cfgs/tfstate.vars @@ -22,9 +22,9 @@ create-templates: @yq eval -j '{"kubernetes": .}' _cfgs/tfstate.vars > terraform.tfvars.json create-controlplane: - cd modules/worker && terraform init terraform init - terraform apply -target=null_resource.controlplane_apply + terraform apply -target=null_resource.controlplane create-infrastructure: + cd modules/worker && terraform init terraform apply diff --git a/hetzner/instances-master.tf b/hetzner/instances-master.tf index 9fbea0c..8180a77 100644 --- a/hetzner/instances-master.tf +++ b/hetzner/instances-master.tf @@ -17,6 +17,7 @@ resource "hcloud_server" "controlplane" { lifecycle { ignore_changes = [ + image, server_type, user_data, ssh_keys, @@ -53,10 +54,10 @@ resource "local_file" "controlplane" { depends_on = [hcloud_server.controlplane] } -resource "null_resource" "controlplane_apply" { +resource "null_resource" "controlplane" { count = lookup(var.controlplane, "count", 0) provisioner "local-exec" { - command = "sleep 60 && ./talosctl apply-config --insecure --nodes ${hcloud_server.controlplane[count.index].ipv4_address} --file controlplane-${count.index + 1}.yaml" + command = "sleep 60 && talosctl apply-config --insecure --nodes ${hcloud_server.controlplane[count.index].ipv4_address} --file controlplane-${count.index + 1}.yaml" } - depends_on = [local_file.controlplane] + depends_on = [hcloud_load_balancer_target.api, local_file.controlplane] } diff --git a/hetzner/modules/worker/main.tf b/hetzner/modules/worker/main.tf index bbc3f70..9955f96 100644 --- a/hetzner/modules/worker/main.tf +++ b/hetzner/modules/worker/main.tf @@ -24,6 +24,8 @@ resource "hcloud_server" "worker" { lifecycle { ignore_changes = [ + image, + server_type, user_data, ssh_keys, ] diff --git a/hetzner/prepare/main.tf b/hetzner/prepare/main.tf index 1690480..11d2c60 100644 --- a/hetzner/prepare/main.tf +++ b/hetzner/prepare/main.tf @@ -34,8 +34,9 @@ resource "hcloud_server" "talos" { provisioner "remote-exec" { inline = [ "apt-get install -y wget", - "wget -O /tmp/openstack.tar.gz https://github.com/talos-systems/talos/releases/download/v0.11.0-alpha.0/openstack-amd64.tar.gz", + "wget -O /tmp/openstack.tar.gz https://github.com/talos-systems/talos/releases/download/${var.talos_version}/openstack-amd64.tar.gz", "cd /tmp && tar xzf /tmp/openstack.tar.gz && dd if=/tmp/disk.raw of=/dev/sda && sync", + "mount /dev/sda3 /mnt && sed -i 's/set timeout=3/set timeout=10/g' /mnt/grub/grub.cfg && umount /mnt", "shutdown -h now" ] } diff --git a/hetzner/prepare/variables.tf b/hetzner/prepare/variables.tf index 2111176..d2193ee 100644 --- a/hetzner/prepare/variables.tf +++ b/hetzner/prepare/variables.tf @@ -18,3 +18,9 @@ variable "tags" { environment = "Develop" } } + +variable "talos_version" { + description = "Talos image version" + type = string + default = "v0.10.0" +} diff --git a/hetzner/templates/controlplane.yaml.tpl b/hetzner/templates/controlplane.yaml.tpl index d4e47aa..0edd89b 100644 --- a/hetzner/templates/controlplane.yaml.tpl +++ b/hetzner/templates/controlplane.yaml.tpl @@ -30,15 +30,15 @@ machine: cidr: "169.254.2.53/32" - interface: dummy0 cidr: "fd00::169:254:2:53/128" + install: + disk: /dev/sda + bootloader: true + wipe: false + extraKernelArgs: + - elevator=noop sysctls: net.core.somaxconn: 65535 net.core.netdev_max_backlog: 4096 - install: - disk: /dev/sda - extraKernelArgs: - - elevator=noop - bootloader: true - wipe: false systemDiskEncryption: ephemeral: provider: luks2 @@ -49,15 +49,13 @@ cluster: controlPlane: endpoint: https://${lbv4}:6443 network: + dnsDomain: ${domain} + podSubnets: ${format("[%s]",podSubnets)} + serviceSubnets: ${format("[%s]",serviceSubnets)} cni: name: custom urls: - https://raw.githubusercontent.com/sergelogvinov/terraform-talos/main/hetzner/deployments/cilium_result.yaml - dnsDomain: ${domain} - podSubnets: - - ${podSubnets} - serviceSubnets: - - ${serviceSubnets} proxy: disabled: true mode: ipvs diff --git a/hetzner/variables.tf b/hetzner/variables.tf index 8f41b8d..9a9376e 100644 --- a/hetzner/variables.tf +++ b/hetzner/variables.tf @@ -14,8 +14,8 @@ variable "regions" { variable "kubernetes" { type = map(string) default = { - podSubnets = "10.32.0.0/12" - serviceSubnets = "10.200.0.0/22" + podSubnets = "10.32.0.0/12,f00d:10:32::/64" + serviceSubnets = "10.200.0.0/22,fd40:10:200::/112" domain = "cluster.local" cluster_name = "talos-k8s-hezner" tokenmachine = ""