From 62dc58209e027a5d5a08c4d24fbbc4b88373608c Mon Sep 17 00:00:00 2001 From: Anant Date: Sat, 24 Sep 2022 01:23:04 -0600 Subject: [PATCH 01/32] added scache: --- .github/workflows/build-deploy.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-deploy.yml b/.github/workflows/build-deploy.yml index 77278cb0..86066674 100644 --- a/.github/workflows/build-deploy.yml +++ b/.github/workflows/build-deploy.yml @@ -314,7 +314,7 @@ jobs: SCCACHE_FILE=sccache-dist-v0.3.0-x86_64-unknown-linux-musl mkdir -p $HOME/.local/bin curl -L "https://github.com/mozilla/sccache/releases/download/v0.3.0/sccache-dist-v0.3.0-x86_64-unknown-linux-musl.tar.gz" | tar xz - wget https://github.com/mozilla/sccache/releases/download/v0.3.0/sccache-dist-v0.3.0-x86_64-unknown-linux-musl.tar.gz && tar -xvf $SCACHE_FILE + wget https://github.com/mozilla/sccache/releases/download/v0.3.0/sccache-dist-v0.3.0-x86_64-unknown-linux-musl.tar.gz && tar -xvf sccache-dist-v0.3.0-x86_64-unknown-linux-musl.tar.gz echo "DIR LISTx" ls -alh mv -f $SCCACHE_FILE/sccache $HOME/.local/bin/sccache From 1cac77eab503b204ad2e5b4463ee67eb12f0168a Mon Sep 17 00:00:00 2001 From: Anant Date: Sat, 24 Sep 2022 01:27:44 -0600 Subject: [PATCH 02/32] added scache: --- .github/workflows/build-deploy.yml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/workflows/build-deploy.yml b/.github/workflows/build-deploy.yml index 86066674..c5e06c0e 100644 --- a/.github/workflows/build-deploy.yml +++ b/.github/workflows/build-deploy.yml @@ -32,8 +32,8 @@ jobs: run: | SCCACHE_FILE=sccache-dist-v0.3.0-x86_64-unknown-linux-musl mkdir -p $HOME/.local/bin - curl -L "https://github.com/mozilla/sccache/releases/download/v0.3.0/sccache-dist-v0.3.0-x86_64-unknown-linux-musl.tar.gz" | tar xz - mv -f $SCCACHE_FILE/sccache $HOME/.local/bin/sccache + wget https://github.com/mozilla/sccache/releases/download/v0.3.0/sccache-dist-v0.3.0-x86_64-unknown-linux-musl.tar.gz && tar -xvf sccache-dist-v0.3.0-x86_64-unknown-linux-musl.tar.gz + mv -f $SCCACHE_FILE/sccache-dist $HOME/.local/bin/sccacheå echo "$HOME/.local/bin" >> $GITHUB_PATH - name: Save sccache uses: actions/cache@v3 @@ -114,8 +114,8 @@ jobs: run: | SCCACHE_FILE=sccache-dist-v0.3.0-x86_64-unknown-linux-musl mkdir -p $HOME/.local/bin - curl -L "https://github.com/mozilla/sccache/releases/download/v0.3.0/sccache-dist-v0.3.0-x86_64-unknown-linux-musl.tar.gz" | tar xz - mv -f $SCCACHE_FILE/sccache $HOME/.local/bin/sccache + wget https://github.com/mozilla/sccache/releases/download/v0.3.0/sccache-dist-v0.3.0-x86_64-unknown-linux-musl.tar.gz && tar -xvf sccache-dist-v0.3.0-x86_64-unknown-linux-musl.tar.gz + mv -f $SCCACHE_FILE/sccache-dist $HOME/.local/bin/sccacheå echo "$HOME/.local/bin" >> $GITHUB_PATH - name: Save sccache uses: actions/cache@v3 @@ -195,8 +195,8 @@ jobs: run: | SCCACHE_FILE=sccache-dist-v0.3.0-x86_64-unknown-linux-musl mkdir -p $HOME/.local/bin - curl -L "https://github.com/mozilla/sccache/releases/download/v0.3.0/sccache-dist-v0.3.0-x86_64-unknown-linux-musl.tar.gz" | tar xz - mv -f $SCCACHE_FILE/sccache $HOME/.local/bin/sccache + wget https://github.com/mozilla/sccache/releases/download/v0.3.0/sccache-dist-v0.3.0-x86_64-unknown-linux-musl.tar.gz && tar -xvf sccache-dist-v0.3.0-x86_64-unknown-linux-musl.tar.gz + mv -f $SCCACHE_FILE/sccache-dist $HOME/.local/bin/sccacheå echo "$HOME/.local/bin" >> $GITHUB_PATH - name: Save sccache uses: actions/cache@v3 @@ -313,11 +313,11 @@ jobs: run: | SCCACHE_FILE=sccache-dist-v0.3.0-x86_64-unknown-linux-musl mkdir -p $HOME/.local/bin - curl -L "https://github.com/mozilla/sccache/releases/download/v0.3.0/sccache-dist-v0.3.0-x86_64-unknown-linux-musl.tar.gz" | tar xz + wget https://github.com/mozilla/sccache/releases/download/v0.3.0/sccache-dist-v0.3.0-x86_64-unknown-linux-musl.tar.gz && tar -xvf sccache-dist-v0.3.0-x86_64-unknown-linux-musl.tar.gz wget https://github.com/mozilla/sccache/releases/download/v0.3.0/sccache-dist-v0.3.0-x86_64-unknown-linux-musl.tar.gz && tar -xvf sccache-dist-v0.3.0-x86_64-unknown-linux-musl.tar.gz echo "DIR LISTx" ls -alh - mv -f $SCCACHE_FILE/sccache $HOME/.local/bin/sccache + mv -f $SCCACHE_FILE/sccache-dist $HOME/.local/bin/sccache echo "$HOME/.local/bin" >> $GITHUB_PATH - name: Save sccache uses: actions/cache@v3 From 34094a3b7eb41dd5cc0794c52aa7c155eacc3362 Mon Sep 17 00:00:00 2001 From: Anant Date: Sat, 24 Sep 2022 01:30:14 -0600 Subject: [PATCH 03/32] added scache: --- .github/workflows/build-deploy.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/build-deploy.yml b/.github/workflows/build-deploy.yml index c5e06c0e..439d4c5c 100644 --- a/.github/workflows/build-deploy.yml +++ b/.github/workflows/build-deploy.yml @@ -39,7 +39,7 @@ jobs: uses: actions/cache@v3 continue-on-error: false with: - path: ${{ matrix.sccache-path }} + path: /home/runner/.cache/sccache key: ${{ runner.os }}-sccache-${{ hashFiles('**/Cargo.lock') }} restore-keys: | ${{ runner.os }}-sccache- @@ -121,7 +121,7 @@ jobs: uses: actions/cache@v3 continue-on-error: false with: - path: ${{ matrix.sccache-path }} + path: /home/runner/.cache/sccache key: ${{ runner.os }}-sccache-${{ hashFiles('**/Cargo.lock') }} restore-keys: | ${{ runner.os }}-sccache- @@ -202,7 +202,7 @@ jobs: uses: actions/cache@v3 continue-on-error: false with: - path: ${{ matrix.sccache-path }} + path: /home/runner/.cache/sccache key: ${{ runner.os }}-sccache-${{ hashFiles('**/Cargo.lock') }} restore-keys: | ${{ runner.os }}-sccache- @@ -323,7 +323,7 @@ jobs: uses: actions/cache@v3 continue-on-error: false with: - path: ${{ matrix.sccache-path }} + path: /home/runner/.cache/sccache key: ${{ runner.os }}-sccache-${{ hashFiles('**/Cargo.lock') }} restore-keys: | ${{ runner.os }}-sccache- From 8ea0b44af172314ada0a0491f9692fbe45393eb8 Mon Sep 17 00:00:00 2001 From: Anant Date: Sat, 24 Sep 2022 01:33:39 -0600 Subject: [PATCH 04/32] added scache: --- .github/workflows/build-deploy.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/build-deploy.yml b/.github/workflows/build-deploy.yml index 439d4c5c..f16e23ae 100644 --- a/.github/workflows/build-deploy.yml +++ b/.github/workflows/build-deploy.yml @@ -33,7 +33,7 @@ jobs: SCCACHE_FILE=sccache-dist-v0.3.0-x86_64-unknown-linux-musl mkdir -p $HOME/.local/bin wget https://github.com/mozilla/sccache/releases/download/v0.3.0/sccache-dist-v0.3.0-x86_64-unknown-linux-musl.tar.gz && tar -xvf sccache-dist-v0.3.0-x86_64-unknown-linux-musl.tar.gz - mv -f $SCCACHE_FILE/sccache-dist $HOME/.local/bin/sccacheå + mv -f $SCCACHE_FILE/sccache-dist $HOME/.local/bin/sccache echo "$HOME/.local/bin" >> $GITHUB_PATH - name: Save sccache uses: actions/cache@v3 @@ -44,7 +44,7 @@ jobs: restore-keys: | ${{ runner.os }}-sccache- - name: Start sccache server - run: sccache --start-server + run: $HOME/.local/bin/sccache --start-server - uses: actions/cache@v3 with: path: | @@ -115,7 +115,7 @@ jobs: SCCACHE_FILE=sccache-dist-v0.3.0-x86_64-unknown-linux-musl mkdir -p $HOME/.local/bin wget https://github.com/mozilla/sccache/releases/download/v0.3.0/sccache-dist-v0.3.0-x86_64-unknown-linux-musl.tar.gz && tar -xvf sccache-dist-v0.3.0-x86_64-unknown-linux-musl.tar.gz - mv -f $SCCACHE_FILE/sccache-dist $HOME/.local/bin/sccacheå + mv -f $SCCACHE_FILE/sccache-dist $HOME/.local/bin/sccache echo "$HOME/.local/bin" >> $GITHUB_PATH - name: Save sccache uses: actions/cache@v3 @@ -126,7 +126,7 @@ jobs: restore-keys: | ${{ runner.os }}-sccache- - name: Start sccache server - run: sccache --start-server + run: $HOME/.local/bin/sccache --start-server - uses: actions/cache@v3 with: path: | @@ -196,7 +196,7 @@ jobs: SCCACHE_FILE=sccache-dist-v0.3.0-x86_64-unknown-linux-musl mkdir -p $HOME/.local/bin wget https://github.com/mozilla/sccache/releases/download/v0.3.0/sccache-dist-v0.3.0-x86_64-unknown-linux-musl.tar.gz && tar -xvf sccache-dist-v0.3.0-x86_64-unknown-linux-musl.tar.gz - mv -f $SCCACHE_FILE/sccache-dist $HOME/.local/bin/sccacheå + mv -f $SCCACHE_FILE/sccache-dist $HOME/.local/bin/sccache echo "$HOME/.local/bin" >> $GITHUB_PATH - name: Save sccache uses: actions/cache@v3 @@ -207,7 +207,7 @@ jobs: restore-keys: | ${{ runner.os }}-sccache- - name: Start sccache server - run: sccache --start-server + run: $HOME/.local/bin/sccache --start-server - uses: actions/cache@v3 with: path: | @@ -328,7 +328,7 @@ jobs: restore-keys: | ${{ runner.os }}-sccache- - name: Start sccache server - run: sccache --start-server + run: $HOME/.local/bin/sccache --start-server - uses: actions/cache@v3 with: path: | From e76ad6f76b0b1a97bb0944c4a0b146f918814206 Mon Sep 17 00:00:00 2001 From: Anant Date: Sat, 24 Sep 2022 01:36:38 -0600 Subject: [PATCH 05/32] added scache: --- .github/workflows/build-deploy.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/build-deploy.yml b/.github/workflows/build-deploy.yml index f16e23ae..8b54855d 100644 --- a/.github/workflows/build-deploy.yml +++ b/.github/workflows/build-deploy.yml @@ -33,7 +33,7 @@ jobs: SCCACHE_FILE=sccache-dist-v0.3.0-x86_64-unknown-linux-musl mkdir -p $HOME/.local/bin wget https://github.com/mozilla/sccache/releases/download/v0.3.0/sccache-dist-v0.3.0-x86_64-unknown-linux-musl.tar.gz && tar -xvf sccache-dist-v0.3.0-x86_64-unknown-linux-musl.tar.gz - mv -f $SCCACHE_FILE/sccache-dist $HOME/.local/bin/sccache + mv -f $SCCACHE_FILE/sccache-dist $HOME/.local/bin/sccache && chmod +x $HOME/.local/bin/sccache echo "$HOME/.local/bin" >> $GITHUB_PATH - name: Save sccache uses: actions/cache@v3 @@ -115,7 +115,7 @@ jobs: SCCACHE_FILE=sccache-dist-v0.3.0-x86_64-unknown-linux-musl mkdir -p $HOME/.local/bin wget https://github.com/mozilla/sccache/releases/download/v0.3.0/sccache-dist-v0.3.0-x86_64-unknown-linux-musl.tar.gz && tar -xvf sccache-dist-v0.3.0-x86_64-unknown-linux-musl.tar.gz - mv -f $SCCACHE_FILE/sccache-dist $HOME/.local/bin/sccache + mv -f $SCCACHE_FILE/sccache-dist $HOME/.local/bin/sccache && chmod +x $HOME/.local/bin/sccache echo "$HOME/.local/bin" >> $GITHUB_PATH - name: Save sccache uses: actions/cache@v3 @@ -196,7 +196,7 @@ jobs: SCCACHE_FILE=sccache-dist-v0.3.0-x86_64-unknown-linux-musl mkdir -p $HOME/.local/bin wget https://github.com/mozilla/sccache/releases/download/v0.3.0/sccache-dist-v0.3.0-x86_64-unknown-linux-musl.tar.gz && tar -xvf sccache-dist-v0.3.0-x86_64-unknown-linux-musl.tar.gz - mv -f $SCCACHE_FILE/sccache-dist $HOME/.local/bin/sccache + mv -f $SCCACHE_FILE/sccache-dist $HOME/.local/bin/sccache && chmod +x $HOME/.local/bin/sccache echo "$HOME/.local/bin" >> $GITHUB_PATH - name: Save sccache uses: actions/cache@v3 @@ -317,7 +317,7 @@ jobs: wget https://github.com/mozilla/sccache/releases/download/v0.3.0/sccache-dist-v0.3.0-x86_64-unknown-linux-musl.tar.gz && tar -xvf sccache-dist-v0.3.0-x86_64-unknown-linux-musl.tar.gz echo "DIR LISTx" ls -alh - mv -f $SCCACHE_FILE/sccache-dist $HOME/.local/bin/sccache + mv -f $SCCACHE_FILE/sccache-dist $HOME/.local/bin/sccache && chmod +x $HOME/.local/bin/sccache echo "$HOME/.local/bin" >> $GITHUB_PATH - name: Save sccache uses: actions/cache@v3 From 942cf48e307291e4daff6d9b86eb05fda43c57ba Mon Sep 17 00:00:00 2001 From: Anant Date: Sat, 24 Sep 2022 16:37:13 -0600 Subject: [PATCH 06/32] added scache: --- .github/workflows/build-deploy.yml | 20 ++++++++------------ 1 file changed, 8 insertions(+), 12 deletions(-) diff --git a/.github/workflows/build-deploy.yml b/.github/workflows/build-deploy.yml index 8b54855d..a1c499bf 100644 --- a/.github/workflows/build-deploy.yml +++ b/.github/workflows/build-deploy.yml @@ -26,14 +26,10 @@ jobs: cancel-in-progress: true steps: - name: Install sccache (ubuntu-latest) - env: - LINK: https://github.com/mozilla/sccache/releases/download - SCCACHE_VERSION: 0.3.0 run: | - SCCACHE_FILE=sccache-dist-v0.3.0-x86_64-unknown-linux-musl mkdir -p $HOME/.local/bin - wget https://github.com/mozilla/sccache/releases/download/v0.3.0/sccache-dist-v0.3.0-x86_64-unknown-linux-musl.tar.gz && tar -xvf sccache-dist-v0.3.0-x86_64-unknown-linux-musl.tar.gz - mv -f $SCCACHE_FILE/sccache-dist $HOME/.local/bin/sccache && chmod +x $HOME/.local/bin/sccache + wget https://github.com/mozilla/sccache/releases/download/v0.3.0/sccache-v0.3.0-x86_64-unknown-linux-musl.tar.gz && tar -xvf sccache-v0.3.0-x86_64-unknown-linux-musl.tar.gz + mv -f sccache-v0.3.0-x86_64-unknown-linux-musl/sccache $HOME/.local/bin/sccache && chmod +x $HOME/.local/bin/sccache echo "$HOME/.local/bin" >> $GITHUB_PATH - name: Save sccache uses: actions/cache@v3 @@ -114,8 +110,8 @@ jobs: run: | SCCACHE_FILE=sccache-dist-v0.3.0-x86_64-unknown-linux-musl mkdir -p $HOME/.local/bin - wget https://github.com/mozilla/sccache/releases/download/v0.3.0/sccache-dist-v0.3.0-x86_64-unknown-linux-musl.tar.gz && tar -xvf sccache-dist-v0.3.0-x86_64-unknown-linux-musl.tar.gz - mv -f $SCCACHE_FILE/sccache-dist $HOME/.local/bin/sccache && chmod +x $HOME/.local/bin/sccache + wget https://github.com/mozilla/sccache/releases/download/v0.3.0/sccache-v0.3.0-x86_64-unknown-linux-musl.tar.gz && tar -xvf sccache-v0.3.0-x86_64-unknown-linux-musl.tar.gz + mv -f sccache-v0.3.0-x86_64-unknown-linux-musl/sccache $HOME/.local/bin/sccache && chmod +x $HOME/.local/bin/sccache echo "$HOME/.local/bin" >> $GITHUB_PATH - name: Save sccache uses: actions/cache@v3 @@ -195,8 +191,8 @@ jobs: run: | SCCACHE_FILE=sccache-dist-v0.3.0-x86_64-unknown-linux-musl mkdir -p $HOME/.local/bin - wget https://github.com/mozilla/sccache/releases/download/v0.3.0/sccache-dist-v0.3.0-x86_64-unknown-linux-musl.tar.gz && tar -xvf sccache-dist-v0.3.0-x86_64-unknown-linux-musl.tar.gz - mv -f $SCCACHE_FILE/sccache-dist $HOME/.local/bin/sccache && chmod +x $HOME/.local/bin/sccache + wget https://github.com/mozilla/sccache/releases/download/v0.3.0/sccache-v0.3.0-x86_64-unknown-linux-musl.tar.gz && tar -xvf sccache-v0.3.0-x86_64-unknown-linux-musl.tar.gz + mv -f sccache-v0.3.0-x86_64-unknown-linux-musl/sccache $HOME/.local/bin/sccache && chmod +x $HOME/.local/bin/sccache echo "$HOME/.local/bin" >> $GITHUB_PATH - name: Save sccache uses: actions/cache@v3 @@ -313,8 +309,8 @@ jobs: run: | SCCACHE_FILE=sccache-dist-v0.3.0-x86_64-unknown-linux-musl mkdir -p $HOME/.local/bin - wget https://github.com/mozilla/sccache/releases/download/v0.3.0/sccache-dist-v0.3.0-x86_64-unknown-linux-musl.tar.gz && tar -xvf sccache-dist-v0.3.0-x86_64-unknown-linux-musl.tar.gz - wget https://github.com/mozilla/sccache/releases/download/v0.3.0/sccache-dist-v0.3.0-x86_64-unknown-linux-musl.tar.gz && tar -xvf sccache-dist-v0.3.0-x86_64-unknown-linux-musl.tar.gz + wget https://github.com/mozilla/sccache/releases/download/v0.3.0/sccache-v0.3.0-x86_64-unknown-linux-musl.tar.gz && tar -xvf sccache-v0.3.0-x86_64-unknown-linux-musl.tar.gz + mv -f sccache-v0.3.0-x86_64-unknown-linux-musl/sccache $HOME/.local/bin/sccache && chmod +x $HOME/.local/bin/sccache echo "DIR LISTx" ls -alh mv -f $SCCACHE_FILE/sccache-dist $HOME/.local/bin/sccache && chmod +x $HOME/.local/bin/sccache From ba04f4ede0e0c20f07403b154e0adfe68c443680 Mon Sep 17 00:00:00 2001 From: Anant Date: Tue, 27 Sep 2022 07:08:18 -0600 Subject: [PATCH 07/32] Added terraform step --- .github/workflows/build-deploy.yml | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/.github/workflows/build-deploy.yml b/.github/workflows/build-deploy.yml index a1c499bf..051e0ede 100644 --- a/.github/workflows/build-deploy.yml +++ b/.github/workflows/build-deploy.yml @@ -1,3 +1,6 @@ +# Using sccache guidance from +# https://www.infinyon.com/blog/2021/04/github-actions-best-practices/ +xs name: Ci-test-and-build on: push: @@ -511,3 +514,19 @@ jobs: username: ${{ secrets.SSH_USER}} key: ${{ secrets.SSH_PRIV }} script: ls ~/conf && cp /root/conf/rococo-local-cfde.json ~/ && supervisorctl reload + - name: terraform apply + terraform: + runs-on: ubuntu-latest + concurrency: + group: ${{ github.head_ref || github.run_id }}-deploy + cancel-in-progress: true + needs: [] + steps: + - name: Checkout code + uses: actions/checkout@v3 + - name: terraform hetzner + uses: dflook/terraform-apply@v1 + with: + path: scripts/kube.tf + variables: | + hcloud_token: ${{ secrets.HETZNER_KEY }} From 2471cb34a7421bc3bbcf324d69ef450e5f870cc8 Mon Sep 17 00:00:00 2001 From: Anant Date: Tue, 27 Sep 2022 10:13:28 -0600 Subject: [PATCH 08/32] Added terraform step --- .github/workflows/build-deploy.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-deploy.yml b/.github/workflows/build-deploy.yml index 051e0ede..c42c9fbf 100644 --- a/.github/workflows/build-deploy.yml +++ b/.github/workflows/build-deploy.yml @@ -1,6 +1,6 @@ # Using sccache guidance from # https://www.infinyon.com/blog/2021/04/github-actions-best-practices/ -xs + name: Ci-test-and-build on: push: From 0a93ff3970fb220e9d34a8300305694fd17ab89e Mon Sep 17 00:00:00 2001 From: Anant Date: Tue, 4 Oct 2022 20:08:55 -0600 Subject: [PATCH 09/32] added terraform for kube --- .github/workflows/build-deploy.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-deploy.yml b/.github/workflows/build-deploy.yml index c42c9fbf..83db7236 100644 --- a/.github/workflows/build-deploy.yml +++ b/.github/workflows/build-deploy.yml @@ -514,7 +514,7 @@ jobs: username: ${{ secrets.SSH_USER}} key: ${{ secrets.SSH_PRIV }} script: ls ~/conf && cp /root/conf/rococo-local-cfde.json ~/ && supervisorctl reload - - name: terraform apply + terraform: runs-on: ubuntu-latest concurrency: From c67691e6a92f5f8a881464d1a8ec069e185cb466 Mon Sep 17 00:00:00 2001 From: Anant Date: Tue, 4 Oct 2022 20:21:09 -0600 Subject: [PATCH 10/32] added terraform for kube --- .github/workflows/build-deploy.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-deploy.yml b/.github/workflows/build-deploy.yml index 83db7236..b0b259aa 100644 --- a/.github/workflows/build-deploy.yml +++ b/.github/workflows/build-deploy.yml @@ -527,6 +527,6 @@ jobs: - name: terraform hetzner uses: dflook/terraform-apply@v1 with: - path: scripts/kube.tf + path: bitgreen-node/scripts/kube.tf variables: | hcloud_token: ${{ secrets.HETZNER_KEY }} From d235a1274f074c71a3debb4507a531c3a1e6a4c2 Mon Sep 17 00:00:00 2001 From: Anant Date: Tue, 4 Oct 2022 20:23:46 -0600 Subject: [PATCH 11/32] added terraform for kube --- .github/workflows/build-deploy.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-deploy.yml b/.github/workflows/build-deploy.yml index b0b259aa..a48f350b 100644 --- a/.github/workflows/build-deploy.yml +++ b/.github/workflows/build-deploy.yml @@ -527,6 +527,6 @@ jobs: - name: terraform hetzner uses: dflook/terraform-apply@v1 with: - path: bitgreen-node/scripts/kube.tf + path: /home/runner/work/bitgreen-node/bitgreen-node/scripts/kube.tf variables: | hcloud_token: ${{ secrets.HETZNER_KEY }} From 9c22beb623d0e2d729245c3378b3b96b1cde0ce4 Mon Sep 17 00:00:00 2001 From: Anant Date: Tue, 4 Oct 2022 20:25:08 -0600 Subject: [PATCH 12/32] added terraform for kube --- .github/workflows/build-deploy.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-deploy.yml b/.github/workflows/build-deploy.yml index a48f350b..b6fb789d 100644 --- a/.github/workflows/build-deploy.yml +++ b/.github/workflows/build-deploy.yml @@ -527,6 +527,6 @@ jobs: - name: terraform hetzner uses: dflook/terraform-apply@v1 with: - path: /home/runner/work/bitgreen-node/bitgreen-node/scripts/kube.tf + path: /home/runner/work/bitgreen-node/bitgreen-node/scripts/kube.tf variables: | hcloud_token: ${{ secrets.HETZNER_KEY }} From 036f90b302d27c8a6f7350b47cb471f2d9069b14 Mon Sep 17 00:00:00 2001 From: Anant Date: Tue, 4 Oct 2022 20:26:47 -0600 Subject: [PATCH 13/32] added terraform for kube --- .github/workflows/build-deploy.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-deploy.yml b/.github/workflows/build-deploy.yml index b6fb789d..a48f350b 100644 --- a/.github/workflows/build-deploy.yml +++ b/.github/workflows/build-deploy.yml @@ -527,6 +527,6 @@ jobs: - name: terraform hetzner uses: dflook/terraform-apply@v1 with: - path: /home/runner/work/bitgreen-node/bitgreen-node/scripts/kube.tf + path: /home/runner/work/bitgreen-node/bitgreen-node/scripts/kube.tf variables: | hcloud_token: ${{ secrets.HETZNER_KEY }} From f626811c03b0f13d1e7fc4e6fb8382e6dd412493 Mon Sep 17 00:00:00 2001 From: Anant Date: Tue, 4 Oct 2022 21:10:10 -0600 Subject: [PATCH 14/32] added terraform --- .github/workflows/build-deploy.yml | 6 +- scripts/terraform/main.tf | 321 +++++++++++++++++++++++++++++ 2 files changed, 325 insertions(+), 2 deletions(-) create mode 100644 scripts/terraform/main.tf diff --git a/.github/workflows/build-deploy.yml b/.github/workflows/build-deploy.yml index a48f350b..c08a2f3d 100644 --- a/.github/workflows/build-deploy.yml +++ b/.github/workflows/build-deploy.yml @@ -523,10 +523,12 @@ jobs: needs: [] steps: - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v3 + - name: export keys + run: mkdir /home/runner/.ssh && echo $ {{ secrets.SSH_PUB}} >> /home/runner/.ssh/id_rsa.pub && echo $ {{ secrets.SSH_PRIV}} >> /home/runner/.ssh/id_rsa - name: terraform hetzner uses: dflook/terraform-apply@v1 with: - path: /home/runner/work/bitgreen-node/bitgreen-node/scripts/kube.tf + path: /home/runner/work/bitgreen-node/bitgreen-node/scripts/terraform variables: | hcloud_token: ${{ secrets.HETZNER_KEY }} diff --git a/scripts/terraform/main.tf b/scripts/terraform/main.tf new file mode 100644 index 00000000..7ffc6d0b --- /dev/null +++ b/scripts/terraform/main.tf @@ -0,0 +1,321 @@ +locals { + # Fill first and foremost your Hetzner API token, found in your project, Security, API Token, of type Read & Write. + hcloud_token = "xxxxxxxxxxxxxxxxYYYYYYYYYYzzzzzzzzzzzzzzzzz" +} + +variable "hcloud_token" { + type = string +} + +module "kube-hetzner" { + providers = { + hcloud = hcloud + } + hcloud_token = var.hcloud_token + + # Then fill or edit the below values. Only the first values starting with a * are obligatory; the rest can remain with their default values, or you + # could adapt them to your needs. + + # * For local dev, path to the git repo + # source = "../../kube-hetzner/" + # For normal use, this is the path to the terraform registry + source = "kube-hetzner/kube-hetzner/hcloud" + # you can optionally specify a version number + # version = "1.2.0" + + # Note that some values, notably "location" and "public_key" have no effect after initializing the cluster. + # This is to keep Terraform from re-provisioning all nodes at once, which would lose data. If you want to update + # those, you should instead change the value here and manually re-provision each node. Grep for "lifecycle". + + # Customize the SSH port (by default 22) + # ssh_port = 2222 + + # * Your ssh public key + ssh_public_key = file("/home/runner/.ssh/id_rsa.pub") + # * Your private key must be "ssh_private_key = null" when you want to use ssh-agent for a Yubikey-like device authentification or an SSH key-pair with a passphrase. + # For more details on SSH see https://github.com/kube-hetzner/kube-hetzner/blob/master/docs/ssh.md + ssh_private_key = file("/home/runner/.ssh/id_rsa") + # You can add additional SSH public Keys to grant other team members root access to your cluster nodes. + # ssh_additional_public_keys = [] + + # If you want to use an ssh key that is already registered within hetzner cloud, you can pass its id. + # If no id is passed, a new ssh key will be registered within hetzner cloud. + # It is important that exactly this key is passed via `ssh_public_key` & `ssh_private_key` vars. + # hcloud_ssh_key_id = "" + + # These can be customized, or left with the default values + # * For Hetzner locations see https://docs.hetzner.com/general/others/data-centers-and-connection/ + network_region = "eu-central" # change to `us-east` if location is ash + + # For the control planes, at least three nodes are the minimum for HA. Otherwise, you need to turn off the automatic upgrade (see ReadMe). + # As per Rancher docs, it must always be an odd number, never even! See https://rancher.com/docs/k3s/latest/en/installation/ha-embedded/ + # For instance, one is ok (non-HA), two is not ok, and three is ok (becomes HA). It does not matter if they are in the same nodepool or not! So they can be in different locations and of various types. + + # Of course, you can choose any number of nodepools you want, with the location you want. The only constraint on the location is that you need to stay in the same network region, Europe, or the US. + # For the server type, the minimum instance supported is cpx11 (just a few cents more than cx11); see https://www.hetzner.com/cloud. + + # IMPORTANT: Before you create your cluster, you can do anything you want with the nodepools, but you need at least one of each control plane and agent. + # Once the cluster is up and running, you can change nodepool count and even set it to 0 (in the case of the first control-plane nodepool, the minimum is 1), + # you can also rename it (if the count is 0), but do not remove a nodepool from the list. + + # The only nodepools that are safe to remove from the list when you edit it are at the end of the lists. That is due to how subnets and IPs get allocated (FILO). + # You can, however, freely add other nodepools at the end of each list if you want! The maximum number of nodepools you can create combined for both lists is 255. + # Also, before decreasing the count of any nodepools to 0, it's essential to drain and cordon the nodes in question. Otherwise, it will leave your cluster in a bad state. + + # Before initializing the cluster, you can change all parameters and add or remove any nodepools. You need at least one nodepool of each kind, control plane, and agent. + # The nodepool names are entirely arbitrary, you can choose whatever you want, but no special characters or underscore, and they must be unique; only alphanumeric characters and dashes are allowed. + + # If you want to have a single node cluster, have one control plane nodepools with a count of 1, and one agent nodepool with a count of 0. + + # Please note that changing labels and taints after the first run will have no effect. If needed, you will need to do that through Kubernetes directly. + + # * Example below: + + control_plane_nodepools = [ + { + name = "control-plane-fsn1", + server_type = "cpx11", + location = "fsn1", + labels = [], + taints = [], + count = 1 + }, + { + name = "control-plane-nbg1", + server_type = "cpx11", + location = "nbg1", + labels = [], + taints = [], + count = 1 + }, + { + name = "control-plane-hel1", + server_type = "cpx11", + location = "hel1", + labels = [], + taints = [], + count = 1 + } + ] + + agent_nodepools = [ + { + name = "agent-small", + server_type = "cpx11", + location = "fsn1", + labels = [], + taints = [], + count = 1 + }, + { + name = "agent-large", + server_type = "cpx21", + location = "nbg1", + labels = [], + taints = [], + count = 1 + }, + { + name = "storage", + server_type = "cpx21", + location = "fsn1", + # Fully optional, just a demo + labels = [ + "node.kubernetes.io/server-usage=storage" + ], + taints = [ + "server-usage=storage:NoSchedule" + ], + count = 1 + # In the case of using Longhorn, you can use Hetzner volumes instead of using the node's own storage by specifying a value from 10 to 10000 (in GB) + # It will create one volume per node in the nodepool, and configure Longhorn to use them. + # longhorn_volume_size = 20 + } + ] + + # * LB location and type, the latter will depend on how much load you want it to handle, see https://www.hetzner.com/cloud/load-balancer + load_balancer_type = "lb11" + load_balancer_location = "fsn1" + + ### The following values are entirely optional (and can be removed from this if unused) + + # You can refine a base domain name to be use in this form of nodename.base_domain for setting the reserve dns inside Hetzner + # base_domain = "mycluster.example.com" + + # To use local storage on the nodes, you can enable Longhorn, default is "false". + # enable_longhorn = true + + # The file system type for Longhorn, if enabled (ext4 is the default, otherwise you can choose xfs) + # longhorn_fstype = "xfs" + + # how many replica volumes should longhorn create (default is 3) + # longhorn_replica_count = 1 + + # When you enable Longhorn, you can go with the default settings and just modify the above two variables OR you can copy the longhorn_values.yaml.example + # file to longhorn_value.yaml and put it at the base of your own module, next to your kube.tf, this is Longhorn's own helm values file. + # If that file is present, the system will use it during the deploy, if not it will use the default values with the two variable above that can be customized. + # After the cluster is deployed, you can always use HelmChartConfig definition to tweak the configuration. + + # Also, you choose to create a hetzner volume to be used with Longhorn. By default, it will use the nodes own storage space, BUT if you an attribute of + # longhorn_volume_size (⚠️ not a variable, just a possible agent nodepool attribute) with a value of 10 to 10000 GB to your agent nodepool definition, it will create and use the volume in question. + # See the agent nodepool section for an example of how to do that. + + # To disable Hetzner CSI storage, you can set the following to true, default is "false". + # disable_hetzner_csi = true + + # If you want to use a specific Hetzner CCM and CSI version, set them below; otherwise, leave them as-is for the latest versions. + # hetzner_ccm_version = "" + # hetzner_csi_version = "" + + # If you want to specify the Kured version, set it below - otherwise it'll use the latest version available. + # kured_version = "" + + # If you want to enable the Nginx ingress controller (https://kubernetes.github.io/ingress-nginx/) instead of Traefik, you can set this to "true". Default is "false". + # FOR THIS TO NOT BE IGNORED, you also need to set "enable_traefik = false". + # By the default we load an optimal Nginx ingress controller config for Hetzner, however you may need to tweak it to your needs, so to do, + # we allow you to add a nginx_ingress_values.yaml file to the root of your module, next to the kube.tf file, it is simply a helm values config file. + # See the nginx_ingress_values.yaml.example located at the root of this project. + # After the cluster is deployed, you can always use HelmChartConfig definition to tweak the configuration. + # enable_nginx = true + + # If you want to disable the Traefik ingress controller, to use the Nginx ingress controller for instance, you can can set this to "false". Default is "true". + # enable_traefik = false + + # Use the klipper LB, instead of the default Hetzner one, that has an advantage of dropping the cost of the setup, + # Automatically "true" in the case of single node cluster. + # It can work with any ingress controller that you choose to deploy. + # enable_klipper_metal_lb = "true" + + # We give you the possibility to use letsencrypt directly with Traefik because it's an easy setup, however it's not optimal, + # as the free version of Traefik causes a little bit of downtime when when the certificates get renewed. For proper SSL management, + # we instead recommend you to use cert-manager, that you can easily deploy with helm; see https://cert-manager.io/. + # traefik_acme_tls = true + # traefik_acme_email = "mail@example.com" + + # If you want to configure additional Arguments for traefik, enter them here as a list and in the form of traefik CLI arguments; see https://doc.traefik.io/traefik/reference/static-configuration/cli/ + # They are the options that go into the additionalArguments section of the Traefik helm values file. + # Example: traefik_additional_options = ["--log.level=DEBUG", "--tracing=true"] + # traefik_additional_options = [] + + # If you want to disable the metric server, you can! Default is "true". + # enable_metrics_server = false + + # If you want to allow non-control-plane workloads to run on the control-plane nodes, set "true" below. The default is "false". + # True by default for single node clusters. + # IMPORTANT: For the time being, this requires you to also set hetzner_ccm_version="v1.12.1", see issue #311 + # Hopefully it's just a temporary measure, as we are seeking solutions at the source. + # allow_scheduling_on_control_plane = true + + # If you want to disable the automatic upgrade of k3s, you can set this to false. The default is "true". + # automatically_upgrade_k3s = false + + # Allows you to specify either stable, latest, testing or supported minor versions (defaults to stable) + # see https://rancher.com/docs/k3s/latest/en/upgrades/basic/ and https://update.k3s.io/v1-release/channels + # initial_k3s_channel = "latest" + + # The cluster name, by default "k3s" + # cluster_name = "" + + # Whether to use the cluster name in the node name, in the form of {cluster_name}-{nodepool_name}, the default is "true". + # use_cluster_name_in_node_name = false + + # Adding extra firewall rules, like opening a port + # More info on the format here https://registry.terraform.io/providers/hetznercloud/hcloud/latest/docs/resources/firewall + # extra_firewall_rules = [ + # # For Postgres + # { + # direction = "in" + # protocol = "tcp" + # port = "5432" + # source_ips = ["0.0.0.0/0", "::/0"] + # destination_ips = [] # Won't be used for this rule + # }, + # # To Allow ArgoCD access to resources via SSH + # { + # direction = "out" + # protocol = "tcp" + # port = "22" + # source_ips = [] # Won't be used for this rule + # destination_ips = ["0.0.0.0/0", "::/0"] + # } + # ] + + # If you want to configure a different CNI for k3s, use this flag + # possible values: flannel (Default), calico, and cilium + # CAVEATS: Calico is not supported when not using the Hetzner LB (like when enable_klipper_metal_lb is set to true or when using a single node cluster), + # because of the following issue https://github.com/k3s-io/klipper-lb/issues/6. + # As for Cilium, we allow infinite configurations, please check the CNI section of the readme over at https://github.com/kube-hetzner/terraform-hcloud-kube-hetzner/#cni. + # cni_plugin = "cilium" + + # If you want to disable the k3s default network policy controller, use this flag! + # Both Calico and Ciliun cni_plugin values override this value to true automatically, the default is "false". + # disable_network_policy = true + + # If you want to disable the automatic use of placement group "spread". See https://docs.hetzner.com/cloud/placement-groups/overview/ + # That may be useful if you need to deploy more than 500 nodes! The default is "false". + # placement_group_disable = true + + # By default, we allow ICMP ping in to the nodes, to check for liveness for instance. If you do not want to allow that, you can. Just set this flag to true (false by default). + # block_icmp_ping_in = true + + # You can enable cert-manager (installed by Helm behind the scenes) with the following flag, the default is "false". + # enable_cert_manager = true + + # IP Addresses to use for the DNS Servers, set to an empty list to use the ones provided by Hetzner, defaults to ["1.1.1.1", " 1.0.0.1", "8.8.8.8"]. + # For rancher installs, best to leave it as default. + # dns_servers = [] + + # When this is enabled, rather than the first node, all external traffic will be routed via a control-plane loadbalancer, allowing for high availability. + # The default is false. + # use_control_plane_lb = true + + # You can enable Rancher (installed by Helm behind the scenes) with the following flag, the default is "false". + # When Rancher is enabled, it automatically installs cert-manager too, and it uses rancher's own self-signed certificates. + # See for options https://rancher.com/docs/rancher/v2.0-v2.4/en/installation/resources/advanced/helm2/helm-rancher/#choose-your-ssl-configuration + # The easiest thing is to leave everything as is (using the default rancher self-signed certificate) and put Cloudflare in front of it. + # As for the number of replicas, by default it is set to the numbe of control plane nodes. + # You can customized all of the above by adding a rancher_values.yaml file at the root of your module, which is just a helm values file. + # See the rancher_values.yaml.example file located at the root of the project. + # After the cluster is deployed, you can always use HelmChartConfig definition to tweak the configuration. + # IMPORTANT: Rancher's install is quite memory intensive, you will require at least 4GB if RAM, meaning cx21 server type (for your control plane). + # ALSO, in order for Rancher to successfully deploy, you have to set the "rancher_hostname". + # enable_rancher = true + + # If using Rancher you can set the Rancher hostname, it must be unique hostname even if you do not use it. + # If not pointing the DNS, you can just port-forward locally via kubectl to get access to the dashboard. + # rancher_hostname = "rancher.xyz.dev" + + # When Rancher is deployed, by default is uses the "latest" channel. But this can be customized. + # The allowed values are "stable" or "latest". + # rancher_install_channel = "stable" + + # Finally, you can specify a bootstrap-password for your rancher instance. Minimum 48 characters long! + # If you leave empty, one will be generated for you. + # (Can be used by another rancher2 provider to continue setup of rancher outside this module.) + # rancher_bootstrap_password = "" + + # Separate from the above Rancher config (only use one or the other). You can import this cluster directly on an + # an already active Rancher install. By clicking "import cluster" choosing "generic", giving it a name and pasting + # the cluster registration url below. However, you can also ignore that and apply the url via kubectl as instructed + # by Rancher in the wizard, and that would register your cluster too. + # More information about the registration can be found here https://rancher.com/docs/rancher/v2.6/en/cluster-provisioning/registered-clusters/ + # rancher_registration_manifest_url = "https://rancher.xyz.dev/v3/import/xxxxxxxxxxxxxxxxxxYYYYYYYYYYYYYYYYYYYzzzzzzzzzzzzzzzzzzzzz.yaml" + + + # Extra values that will be passed to the `extra-manifests/kustomization.yaml.tpl` if its present. + # extra_kustomize_parameters={} +} + +provider "hcloud" { + token = var.hcloud_token +} + +terraform { + required_version = ">= 1.2.0" + required_providers { + hcloud = { + source = "hetznercloud/hcloud" + version = ">= 1.35.1" + } + } +} From 1fed7075baeee1f55929ad407d4a3d1ffc8c2e27 Mon Sep 17 00:00:00 2001 From: Anant Date: Tue, 4 Oct 2022 21:13:21 -0600 Subject: [PATCH 15/32] formatted terraform file --- scripts/terraform/main.tf | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/scripts/terraform/main.tf b/scripts/terraform/main.tf index 7ffc6d0b..0aafeeb0 100644 --- a/scripts/terraform/main.tf +++ b/scripts/terraform/main.tf @@ -37,7 +37,7 @@ module "kube-hetzner" { ssh_private_key = file("/home/runner/.ssh/id_rsa") # You can add additional SSH public Keys to grant other team members root access to your cluster nodes. # ssh_additional_public_keys = [] - + # If you want to use an ssh key that is already registered within hetzner cloud, you can pass its id. # If no id is passed, a new ssh key will be registered within hetzner cloud. # It is important that exactly this key is passed via `ssh_public_key` & `ssh_private_key` vars. @@ -66,7 +66,7 @@ module "kube-hetzner" { # The nodepool names are entirely arbitrary, you can choose whatever you want, but no special characters or underscore, and they must be unique; only alphanumeric characters and dashes are allowed. # If you want to have a single node cluster, have one control plane nodepools with a count of 1, and one agent nodepool with a count of 0. - + # Please note that changing labels and taints after the first run will have no effect. If needed, you will need to do that through Kubernetes directly. # * Example below: @@ -180,7 +180,7 @@ module "kube-hetzner" { # If you want to disable the Traefik ingress controller, to use the Nginx ingress controller for instance, you can can set this to "false". Default is "true". # enable_traefik = false - + # Use the klipper LB, instead of the default Hetzner one, that has an advantage of dropping the cost of the setup, # Automatically "true" in the case of single node cluster. # It can work with any ingress controller that you choose to deploy. From 2eea7b6cb8936bd62e6cce7d6088c57353f5dd56 Mon Sep 17 00:00:00 2001 From: Anant Date: Tue, 4 Oct 2022 21:18:31 -0600 Subject: [PATCH 16/32] Added quotes --- .github/workflows/build-deploy.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-deploy.yml b/.github/workflows/build-deploy.yml index c08a2f3d..d41945bb 100644 --- a/.github/workflows/build-deploy.yml +++ b/.github/workflows/build-deploy.yml @@ -531,4 +531,4 @@ jobs: with: path: /home/runner/work/bitgreen-node/bitgreen-node/scripts/terraform variables: | - hcloud_token: ${{ secrets.HETZNER_KEY }} + hcloud_token: "${{ secrets.HETZNER_KEY }}" From 085b8f5101b637491d1481067d4b2c7ef04b649a Mon Sep 17 00:00:00 2001 From: Anant Date: Tue, 4 Oct 2022 21:20:28 -0600 Subject: [PATCH 17/32] Added quotes --- .github/workflows/build-deploy.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-deploy.yml b/.github/workflows/build-deploy.yml index d41945bb..e66f7fb0 100644 --- a/.github/workflows/build-deploy.yml +++ b/.github/workflows/build-deploy.yml @@ -531,4 +531,4 @@ jobs: with: path: /home/runner/work/bitgreen-node/bitgreen-node/scripts/terraform variables: | - hcloud_token: "${{ secrets.HETZNER_KEY }}" + hcloud_token = "${{ secrets.HETZNER_KEY }}" From b99e1794ae0528037de87d8c18f2e4614bf2cd71 Mon Sep 17 00:00:00 2001 From: Anant Date: Tue, 4 Oct 2022 21:26:27 -0600 Subject: [PATCH 18/32] Added quotes --- .github/workflows/build-deploy.yml | 3 +++ scripts/terraform/main.tf | 16 ++++++++++------ 2 files changed, 13 insertions(+), 6 deletions(-) diff --git a/.github/workflows/build-deploy.yml b/.github/workflows/build-deploy.yml index e66f7fb0..bacdefbe 100644 --- a/.github/workflows/build-deploy.yml +++ b/.github/workflows/build-deploy.yml @@ -532,3 +532,6 @@ jobs: path: /home/runner/work/bitgreen-node/bitgreen-node/scripts/terraform variables: | hcloud_token = "${{ secrets.HETZNER_KEY }}" + pubkey = "{{ secrets.SSH_PUB }}" + privatekey = "{{ secrets.SSH_PRIV }}" + diff --git a/scripts/terraform/main.tf b/scripts/terraform/main.tf index 0aafeeb0..9aa26817 100644 --- a/scripts/terraform/main.tf +++ b/scripts/terraform/main.tf @@ -1,12 +1,16 @@ -locals { - # Fill first and foremost your Hetzner API token, found in your project, Security, API Token, of type Read & Write. - hcloud_token = "xxxxxxxxxxxxxxxxYYYYYYYYYYzzzzzzzzzzzzzzzzz" -} variable "hcloud_token" { type = string } +variable "pubkey" { + type = string +} + +variable "privatekey" { + type = "string" +} + module "kube-hetzner" { providers = { hcloud = hcloud @@ -31,10 +35,10 @@ module "kube-hetzner" { # ssh_port = 2222 # * Your ssh public key - ssh_public_key = file("/home/runner/.ssh/id_rsa.pub") + ssh_public_key = var.pubkey # * Your private key must be "ssh_private_key = null" when you want to use ssh-agent for a Yubikey-like device authentification or an SSH key-pair with a passphrase. # For more details on SSH see https://github.com/kube-hetzner/kube-hetzner/blob/master/docs/ssh.md - ssh_private_key = file("/home/runner/.ssh/id_rsa") + ssh_private_key = var.privatekey # You can add additional SSH public Keys to grant other team members root access to your cluster nodes. # ssh_additional_public_keys = [] From fa7d234bafc814a02f98a9fb283d0cca016ff06d Mon Sep 17 00:00:00 2001 From: Anant Date: Tue, 4 Oct 2022 21:27:50 -0600 Subject: [PATCH 19/32] Added quotes --- scripts/terraform/main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/terraform/main.tf b/scripts/terraform/main.tf index 9aa26817..caa7f86b 100644 --- a/scripts/terraform/main.tf +++ b/scripts/terraform/main.tf @@ -8,7 +8,7 @@ variable "pubkey" { } variable "privatekey" { - type = "string" + type = string } module "kube-hetzner" { From e6dd2f96113f98a89da0fec5ec9d93ea6c8b6d61 Mon Sep 17 00:00:00 2001 From: Anant Date: Tue, 4 Oct 2022 21:30:16 -0600 Subject: [PATCH 20/32] Added quotes --- .github/workflows/build-deploy.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/build-deploy.yml b/.github/workflows/build-deploy.yml index bacdefbe..1e67f15d 100644 --- a/.github/workflows/build-deploy.yml +++ b/.github/workflows/build-deploy.yml @@ -530,6 +530,7 @@ jobs: uses: dflook/terraform-apply@v1 with: path: /home/runner/work/bitgreen-node/bitgreen-node/scripts/terraform + auto_approve: true variables: | hcloud_token = "${{ secrets.HETZNER_KEY }}" pubkey = "{{ secrets.SSH_PUB }}" From 5eac580a3eb20b0905672776e0b65e4121cb22e0 Mon Sep 17 00:00:00 2001 From: Anant Date: Tue, 4 Oct 2022 21:43:07 -0600 Subject: [PATCH 21/32] Added quotes --- .github/workflows/build-deploy.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-deploy.yml b/.github/workflows/build-deploy.yml index 1e67f15d..6badd18f 100644 --- a/.github/workflows/build-deploy.yml +++ b/.github/workflows/build-deploy.yml @@ -525,7 +525,7 @@ jobs: - name: Checkout code uses: actions/checkout@v3 - name: export keys - run: mkdir /home/runner/.ssh && echo $ {{ secrets.SSH_PUB}} >> /home/runner/.ssh/id_rsa.pub && echo $ {{ secrets.SSH_PRIV}} >> /home/runner/.ssh/id_rsa + run: mkdir /home/runner/.ssh && echo $ {{ secrets.SSH_PUB}} >> /home/runner/.ssh/id_rsa.pub && echo $ {{ secrets.SSH_PRIV}} >> /home/runner/.ssh/id_rsa && cat /home/runner/.ssh/id_rsa.pub - name: terraform hetzner uses: dflook/terraform-apply@v1 with: From 253c9d40fbf8b068d3089e624cc10460b873caa5 Mon Sep 17 00:00:00 2001 From: Anant Date: Tue, 4 Oct 2022 21:44:30 -0600 Subject: [PATCH 22/32] Added quotes --- .github/workflows/build-deploy.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build-deploy.yml b/.github/workflows/build-deploy.yml index 6badd18f..99f7e071 100644 --- a/.github/workflows/build-deploy.yml +++ b/.github/workflows/build-deploy.yml @@ -525,7 +525,7 @@ jobs: - name: Checkout code uses: actions/checkout@v3 - name: export keys - run: mkdir /home/runner/.ssh && echo $ {{ secrets.SSH_PUB}} >> /home/runner/.ssh/id_rsa.pub && echo $ {{ secrets.SSH_PRIV}} >> /home/runner/.ssh/id_rsa && cat /home/runner/.ssh/id_rsa.pub + run: mkdir /home/runner/.ssh && echo ${{ secrets.SSH_PUB}} >> /home/runner/.ssh/id_rsa.pub && echo ${{ secrets.SSH_PRIV}} >> /home/runner/.ssh/id_rsa && cat /home/runner/.ssh/id_rsa.pub - name: terraform hetzner uses: dflook/terraform-apply@v1 with: @@ -533,6 +533,6 @@ jobs: auto_approve: true variables: | hcloud_token = "${{ secrets.HETZNER_KEY }}" - pubkey = "{{ secrets.SSH_PUB }}" - privatekey = "{{ secrets.SSH_PRIV }}" + pubkey = "${{ secrets.SSH_PUB }}" + privatekey = "${{ secrets.SSH_PRIV }}" From 5c83e815b0882eedf8f71b7bb2406c994c6d0a81 Mon Sep 17 00:00:00 2001 From: Anant Date: Tue, 4 Oct 2022 21:45:36 -0600 Subject: [PATCH 23/32] Added quotes --- .github/workflows/build-deploy.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-deploy.yml b/.github/workflows/build-deploy.yml index 99f7e071..6a1129d1 100644 --- a/.github/workflows/build-deploy.yml +++ b/.github/workflows/build-deploy.yml @@ -525,7 +525,7 @@ jobs: - name: Checkout code uses: actions/checkout@v3 - name: export keys - run: mkdir /home/runner/.ssh && echo ${{ secrets.SSH_PUB}} >> /home/runner/.ssh/id_rsa.pub && echo ${{ secrets.SSH_PRIV}} >> /home/runner/.ssh/id_rsa && cat /home/runner/.ssh/id_rsa.pub + run: mkdir /home/runner/.ssh && echo "${{ secrets.SSH_PUB}}"" >> /home/runner/.ssh/id_rsa.pub && echo "${{ secrets.SSH_PRIV}}"" >> /home/runner/.ssh/id_rsa - name: terraform hetzner uses: dflook/terraform-apply@v1 with: From aab75bea3bbdcf0b2685a0594ea0c52632f72e97 Mon Sep 17 00:00:00 2001 From: Anant Date: Tue, 4 Oct 2022 21:46:46 -0600 Subject: [PATCH 24/32] Added quotes --- .github/workflows/build-deploy.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/build-deploy.yml b/.github/workflows/build-deploy.yml index 6a1129d1..d9809286 100644 --- a/.github/workflows/build-deploy.yml +++ b/.github/workflows/build-deploy.yml @@ -524,8 +524,6 @@ jobs: steps: - name: Checkout code uses: actions/checkout@v3 - - name: export keys - run: mkdir /home/runner/.ssh && echo "${{ secrets.SSH_PUB}}"" >> /home/runner/.ssh/id_rsa.pub && echo "${{ secrets.SSH_PRIV}}"" >> /home/runner/.ssh/id_rsa - name: terraform hetzner uses: dflook/terraform-apply@v1 with: From 14313cec19b12bc0d3cc3098dc3418aa43e6304b Mon Sep 17 00:00:00 2001 From: Anant Date: Tue, 4 Oct 2022 21:52:26 -0600 Subject: [PATCH 25/32] Added quotes --- .github/workflows/build-deploy.yml | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build-deploy.yml b/.github/workflows/build-deploy.yml index d9809286..f512f7d2 100644 --- a/.github/workflows/build-deploy.yml +++ b/.github/workflows/build-deploy.yml @@ -524,6 +524,7 @@ jobs: steps: - name: Checkout code uses: actions/checkout@v3 + run: mkdir /home/runner/.ssh && echo "${{ secrets.SSH_PUB}}"" >> /home/runner/.ssh/id_rsa.pub && echo "${{ secrets.SSH_PRIV}}"" >> /home/runner/.ssh/id_rsa - name: terraform hetzner uses: dflook/terraform-apply@v1 with: @@ -531,6 +532,10 @@ jobs: auto_approve: true variables: | hcloud_token = "${{ secrets.HETZNER_KEY }}" - pubkey = "${{ secrets.SSH_PUB }}" - privatekey = "${{ secrets.SSH_PRIV }}" + pubkey = < Date: Tue, 4 Oct 2022 21:53:16 -0600 Subject: [PATCH 26/32] Added quotes --- .github/workflows/build-deploy.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/build-deploy.yml b/.github/workflows/build-deploy.yml index f512f7d2..12dec44c 100644 --- a/.github/workflows/build-deploy.yml +++ b/.github/workflows/build-deploy.yml @@ -524,7 +524,6 @@ jobs: steps: - name: Checkout code uses: actions/checkout@v3 - run: mkdir /home/runner/.ssh && echo "${{ secrets.SSH_PUB}}"" >> /home/runner/.ssh/id_rsa.pub && echo "${{ secrets.SSH_PRIV}}"" >> /home/runner/.ssh/id_rsa - name: terraform hetzner uses: dflook/terraform-apply@v1 with: From aeab4d9c2709a44d6f48854462275285019acab0 Mon Sep 17 00:00:00 2001 From: Anant Date: Tue, 4 Oct 2022 22:20:15 -0600 Subject: [PATCH 27/32] Added quotes --- .github/workflows/build-deploy.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build-deploy.yml b/.github/workflows/build-deploy.yml index 12dec44c..f5775279 100644 --- a/.github/workflows/build-deploy.yml +++ b/.github/workflows/build-deploy.yml @@ -532,9 +532,9 @@ jobs: variables: | hcloud_token = "${{ secrets.HETZNER_KEY }}" pubkey = < Date: Tue, 4 Oct 2022 22:26:10 -0600 Subject: [PATCH 28/32] Cleaned up tf file --- scripts/terraform/main.tf | 138 +------------------------------------- 1 file changed, 1 insertion(+), 137 deletions(-) diff --git a/scripts/terraform/main.tf b/scripts/terraform/main.tf index caa7f86b..0e92486e 100644 --- a/scripts/terraform/main.tf +++ b/scripts/terraform/main.tf @@ -16,65 +16,10 @@ module "kube-hetzner" { hcloud = hcloud } hcloud_token = var.hcloud_token - - # Then fill or edit the below values. Only the first values starting with a * are obligatory; the rest can remain with their default values, or you - # could adapt them to your needs. - - # * For local dev, path to the git repo - # source = "../../kube-hetzner/" - # For normal use, this is the path to the terraform registry - source = "kube-hetzner/kube-hetzner/hcloud" - # you can optionally specify a version number - # version = "1.2.0" - - # Note that some values, notably "location" and "public_key" have no effect after initializing the cluster. - # This is to keep Terraform from re-provisioning all nodes at once, which would lose data. If you want to update - # those, you should instead change the value here and manually re-provision each node. Grep for "lifecycle". - - # Customize the SSH port (by default 22) - # ssh_port = 2222 - - # * Your ssh public key ssh_public_key = var.pubkey - # * Your private key must be "ssh_private_key = null" when you want to use ssh-agent for a Yubikey-like device authentification or an SSH key-pair with a passphrase. - # For more details on SSH see https://github.com/kube-hetzner/kube-hetzner/blob/master/docs/ssh.md ssh_private_key = var.privatekey - # You can add additional SSH public Keys to grant other team members root access to your cluster nodes. - # ssh_additional_public_keys = [] - - # If you want to use an ssh key that is already registered within hetzner cloud, you can pass its id. - # If no id is passed, a new ssh key will be registered within hetzner cloud. - # It is important that exactly this key is passed via `ssh_public_key` & `ssh_private_key` vars. - # hcloud_ssh_key_id = "" - - # These can be customized, or left with the default values - # * For Hetzner locations see https://docs.hetzner.com/general/others/data-centers-and-connection/ network_region = "eu-central" # change to `us-east` if location is ash - # For the control planes, at least three nodes are the minimum for HA. Otherwise, you need to turn off the automatic upgrade (see ReadMe). - # As per Rancher docs, it must always be an odd number, never even! See https://rancher.com/docs/k3s/latest/en/installation/ha-embedded/ - # For instance, one is ok (non-HA), two is not ok, and three is ok (becomes HA). It does not matter if they are in the same nodepool or not! So they can be in different locations and of various types. - - # Of course, you can choose any number of nodepools you want, with the location you want. The only constraint on the location is that you need to stay in the same network region, Europe, or the US. - # For the server type, the minimum instance supported is cpx11 (just a few cents more than cx11); see https://www.hetzner.com/cloud. - - # IMPORTANT: Before you create your cluster, you can do anything you want with the nodepools, but you need at least one of each control plane and agent. - # Once the cluster is up and running, you can change nodepool count and even set it to 0 (in the case of the first control-plane nodepool, the minimum is 1), - # you can also rename it (if the count is 0), but do not remove a nodepool from the list. - - # The only nodepools that are safe to remove from the list when you edit it are at the end of the lists. That is due to how subnets and IPs get allocated (FILO). - # You can, however, freely add other nodepools at the end of each list if you want! The maximum number of nodepools you can create combined for both lists is 255. - # Also, before decreasing the count of any nodepools to 0, it's essential to drain and cordon the nodes in question. Otherwise, it will leave your cluster in a bad state. - - # Before initializing the cluster, you can change all parameters and add or remove any nodepools. You need at least one nodepool of each kind, control plane, and agent. - # The nodepool names are entirely arbitrary, you can choose whatever you want, but no special characters or underscore, and they must be unique; only alphanumeric characters and dashes are allowed. - - # If you want to have a single node cluster, have one control plane nodepools with a count of 1, and one agent nodepool with a count of 0. - - # Please note that changing labels and taints after the first run will have no effect. If needed, you will need to do that through Kubernetes directly. - - # * Example below: - control_plane_nodepools = [ { name = "control-plane-fsn1", @@ -131,94 +76,13 @@ module "kube-hetzner" { "server-usage=storage:NoSchedule" ], count = 1 - # In the case of using Longhorn, you can use Hetzner volumes instead of using the node's own storage by specifying a value from 10 to 10000 (in GB) - # It will create one volume per node in the nodepool, and configure Longhorn to use them. - # longhorn_volume_size = 20 } ] - # * LB location and type, the latter will depend on how much load you want it to handle, see https://www.hetzner.com/cloud/load-balancer load_balancer_type = "lb11" load_balancer_location = "fsn1" - ### The following values are entirely optional (and can be removed from this if unused) - - # You can refine a base domain name to be use in this form of nodename.base_domain for setting the reserve dns inside Hetzner - # base_domain = "mycluster.example.com" - - # To use local storage on the nodes, you can enable Longhorn, default is "false". - # enable_longhorn = true - - # The file system type for Longhorn, if enabled (ext4 is the default, otherwise you can choose xfs) - # longhorn_fstype = "xfs" - - # how many replica volumes should longhorn create (default is 3) - # longhorn_replica_count = 1 - - # When you enable Longhorn, you can go with the default settings and just modify the above two variables OR you can copy the longhorn_values.yaml.example - # file to longhorn_value.yaml and put it at the base of your own module, next to your kube.tf, this is Longhorn's own helm values file. - # If that file is present, the system will use it during the deploy, if not it will use the default values with the two variable above that can be customized. - # After the cluster is deployed, you can always use HelmChartConfig definition to tweak the configuration. - - # Also, you choose to create a hetzner volume to be used with Longhorn. By default, it will use the nodes own storage space, BUT if you an attribute of - # longhorn_volume_size (⚠️ not a variable, just a possible agent nodepool attribute) with a value of 10 to 10000 GB to your agent nodepool definition, it will create and use the volume in question. - # See the agent nodepool section for an example of how to do that. - - # To disable Hetzner CSI storage, you can set the following to true, default is "false". - # disable_hetzner_csi = true - - # If you want to use a specific Hetzner CCM and CSI version, set them below; otherwise, leave them as-is for the latest versions. - # hetzner_ccm_version = "" - # hetzner_csi_version = "" - - # If you want to specify the Kured version, set it below - otherwise it'll use the latest version available. - # kured_version = "" - - # If you want to enable the Nginx ingress controller (https://kubernetes.github.io/ingress-nginx/) instead of Traefik, you can set this to "true". Default is "false". - # FOR THIS TO NOT BE IGNORED, you also need to set "enable_traefik = false". - # By the default we load an optimal Nginx ingress controller config for Hetzner, however you may need to tweak it to your needs, so to do, - # we allow you to add a nginx_ingress_values.yaml file to the root of your module, next to the kube.tf file, it is simply a helm values config file. - # See the nginx_ingress_values.yaml.example located at the root of this project. - # After the cluster is deployed, you can always use HelmChartConfig definition to tweak the configuration. - # enable_nginx = true - - # If you want to disable the Traefik ingress controller, to use the Nginx ingress controller for instance, you can can set this to "false". Default is "true". - # enable_traefik = false - - # Use the klipper LB, instead of the default Hetzner one, that has an advantage of dropping the cost of the setup, - # Automatically "true" in the case of single node cluster. - # It can work with any ingress controller that you choose to deploy. - # enable_klipper_metal_lb = "true" - - # We give you the possibility to use letsencrypt directly with Traefik because it's an easy setup, however it's not optimal, - # as the free version of Traefik causes a little bit of downtime when when the certificates get renewed. For proper SSL management, - # we instead recommend you to use cert-manager, that you can easily deploy with helm; see https://cert-manager.io/. - # traefik_acme_tls = true - # traefik_acme_email = "mail@example.com" - - # If you want to configure additional Arguments for traefik, enter them here as a list and in the form of traefik CLI arguments; see https://doc.traefik.io/traefik/reference/static-configuration/cli/ - # They are the options that go into the additionalArguments section of the Traefik helm values file. - # Example: traefik_additional_options = ["--log.level=DEBUG", "--tracing=true"] - # traefik_additional_options = [] - - # If you want to disable the metric server, you can! Default is "true". - # enable_metrics_server = false - - # If you want to allow non-control-plane workloads to run on the control-plane nodes, set "true" below. The default is "false". - # True by default for single node clusters. - # IMPORTANT: For the time being, this requires you to also set hetzner_ccm_version="v1.12.1", see issue #311 - # Hopefully it's just a temporary measure, as we are seeking solutions at the source. - # allow_scheduling_on_control_plane = true - - # If you want to disable the automatic upgrade of k3s, you can set this to false. The default is "true". - # automatically_upgrade_k3s = false - - # Allows you to specify either stable, latest, testing or supported minor versions (defaults to stable) - # see https://rancher.com/docs/k3s/latest/en/upgrades/basic/ and https://update.k3s.io/v1-release/channels - # initial_k3s_channel = "latest" - - # The cluster name, by default "k3s" - # cluster_name = "" + cluster_name = "bitgreen" # Whether to use the cluster name in the node name, in the form of {cluster_name}-{nodepool_name}, the default is "true". # use_cluster_name_in_node_name = false From 69c1f7e2c5b41d8342e89a67ea499f5ca75c8d36 Mon Sep 17 00:00:00 2001 From: Anant Date: Tue, 4 Oct 2022 22:37:26 -0600 Subject: [PATCH 29/32] Cleaned up tf file --- scripts/terraform/main.tf | 138 +++++++++++++++++++++++++++++++++++++- 1 file changed, 137 insertions(+), 1 deletion(-) diff --git a/scripts/terraform/main.tf b/scripts/terraform/main.tf index 0e92486e..caa7f86b 100644 --- a/scripts/terraform/main.tf +++ b/scripts/terraform/main.tf @@ -16,10 +16,65 @@ module "kube-hetzner" { hcloud = hcloud } hcloud_token = var.hcloud_token + + # Then fill or edit the below values. Only the first values starting with a * are obligatory; the rest can remain with their default values, or you + # could adapt them to your needs. + + # * For local dev, path to the git repo + # source = "../../kube-hetzner/" + # For normal use, this is the path to the terraform registry + source = "kube-hetzner/kube-hetzner/hcloud" + # you can optionally specify a version number + # version = "1.2.0" + + # Note that some values, notably "location" and "public_key" have no effect after initializing the cluster. + # This is to keep Terraform from re-provisioning all nodes at once, which would lose data. If you want to update + # those, you should instead change the value here and manually re-provision each node. Grep for "lifecycle". + + # Customize the SSH port (by default 22) + # ssh_port = 2222 + + # * Your ssh public key ssh_public_key = var.pubkey + # * Your private key must be "ssh_private_key = null" when you want to use ssh-agent for a Yubikey-like device authentification or an SSH key-pair with a passphrase. + # For more details on SSH see https://github.com/kube-hetzner/kube-hetzner/blob/master/docs/ssh.md ssh_private_key = var.privatekey + # You can add additional SSH public Keys to grant other team members root access to your cluster nodes. + # ssh_additional_public_keys = [] + + # If you want to use an ssh key that is already registered within hetzner cloud, you can pass its id. + # If no id is passed, a new ssh key will be registered within hetzner cloud. + # It is important that exactly this key is passed via `ssh_public_key` & `ssh_private_key` vars. + # hcloud_ssh_key_id = "" + + # These can be customized, or left with the default values + # * For Hetzner locations see https://docs.hetzner.com/general/others/data-centers-and-connection/ network_region = "eu-central" # change to `us-east` if location is ash + # For the control planes, at least three nodes are the minimum for HA. Otherwise, you need to turn off the automatic upgrade (see ReadMe). + # As per Rancher docs, it must always be an odd number, never even! See https://rancher.com/docs/k3s/latest/en/installation/ha-embedded/ + # For instance, one is ok (non-HA), two is not ok, and three is ok (becomes HA). It does not matter if they are in the same nodepool or not! So they can be in different locations and of various types. + + # Of course, you can choose any number of nodepools you want, with the location you want. The only constraint on the location is that you need to stay in the same network region, Europe, or the US. + # For the server type, the minimum instance supported is cpx11 (just a few cents more than cx11); see https://www.hetzner.com/cloud. + + # IMPORTANT: Before you create your cluster, you can do anything you want with the nodepools, but you need at least one of each control plane and agent. + # Once the cluster is up and running, you can change nodepool count and even set it to 0 (in the case of the first control-plane nodepool, the minimum is 1), + # you can also rename it (if the count is 0), but do not remove a nodepool from the list. + + # The only nodepools that are safe to remove from the list when you edit it are at the end of the lists. That is due to how subnets and IPs get allocated (FILO). + # You can, however, freely add other nodepools at the end of each list if you want! The maximum number of nodepools you can create combined for both lists is 255. + # Also, before decreasing the count of any nodepools to 0, it's essential to drain and cordon the nodes in question. Otherwise, it will leave your cluster in a bad state. + + # Before initializing the cluster, you can change all parameters and add or remove any nodepools. You need at least one nodepool of each kind, control plane, and agent. + # The nodepool names are entirely arbitrary, you can choose whatever you want, but no special characters or underscore, and they must be unique; only alphanumeric characters and dashes are allowed. + + # If you want to have a single node cluster, have one control plane nodepools with a count of 1, and one agent nodepool with a count of 0. + + # Please note that changing labels and taints after the first run will have no effect. If needed, you will need to do that through Kubernetes directly. + + # * Example below: + control_plane_nodepools = [ { name = "control-plane-fsn1", @@ -76,13 +131,94 @@ module "kube-hetzner" { "server-usage=storage:NoSchedule" ], count = 1 + # In the case of using Longhorn, you can use Hetzner volumes instead of using the node's own storage by specifying a value from 10 to 10000 (in GB) + # It will create one volume per node in the nodepool, and configure Longhorn to use them. + # longhorn_volume_size = 20 } ] + # * LB location and type, the latter will depend on how much load you want it to handle, see https://www.hetzner.com/cloud/load-balancer load_balancer_type = "lb11" load_balancer_location = "fsn1" - cluster_name = "bitgreen" + ### The following values are entirely optional (and can be removed from this if unused) + + # You can refine a base domain name to be use in this form of nodename.base_domain for setting the reserve dns inside Hetzner + # base_domain = "mycluster.example.com" + + # To use local storage on the nodes, you can enable Longhorn, default is "false". + # enable_longhorn = true + + # The file system type for Longhorn, if enabled (ext4 is the default, otherwise you can choose xfs) + # longhorn_fstype = "xfs" + + # how many replica volumes should longhorn create (default is 3) + # longhorn_replica_count = 1 + + # When you enable Longhorn, you can go with the default settings and just modify the above two variables OR you can copy the longhorn_values.yaml.example + # file to longhorn_value.yaml and put it at the base of your own module, next to your kube.tf, this is Longhorn's own helm values file. + # If that file is present, the system will use it during the deploy, if not it will use the default values with the two variable above that can be customized. + # After the cluster is deployed, you can always use HelmChartConfig definition to tweak the configuration. + + # Also, you choose to create a hetzner volume to be used with Longhorn. By default, it will use the nodes own storage space, BUT if you an attribute of + # longhorn_volume_size (⚠️ not a variable, just a possible agent nodepool attribute) with a value of 10 to 10000 GB to your agent nodepool definition, it will create and use the volume in question. + # See the agent nodepool section for an example of how to do that. + + # To disable Hetzner CSI storage, you can set the following to true, default is "false". + # disable_hetzner_csi = true + + # If you want to use a specific Hetzner CCM and CSI version, set them below; otherwise, leave them as-is for the latest versions. + # hetzner_ccm_version = "" + # hetzner_csi_version = "" + + # If you want to specify the Kured version, set it below - otherwise it'll use the latest version available. + # kured_version = "" + + # If you want to enable the Nginx ingress controller (https://kubernetes.github.io/ingress-nginx/) instead of Traefik, you can set this to "true". Default is "false". + # FOR THIS TO NOT BE IGNORED, you also need to set "enable_traefik = false". + # By the default we load an optimal Nginx ingress controller config for Hetzner, however you may need to tweak it to your needs, so to do, + # we allow you to add a nginx_ingress_values.yaml file to the root of your module, next to the kube.tf file, it is simply a helm values config file. + # See the nginx_ingress_values.yaml.example located at the root of this project. + # After the cluster is deployed, you can always use HelmChartConfig definition to tweak the configuration. + # enable_nginx = true + + # If you want to disable the Traefik ingress controller, to use the Nginx ingress controller for instance, you can can set this to "false". Default is "true". + # enable_traefik = false + + # Use the klipper LB, instead of the default Hetzner one, that has an advantage of dropping the cost of the setup, + # Automatically "true" in the case of single node cluster. + # It can work with any ingress controller that you choose to deploy. + # enable_klipper_metal_lb = "true" + + # We give you the possibility to use letsencrypt directly with Traefik because it's an easy setup, however it's not optimal, + # as the free version of Traefik causes a little bit of downtime when when the certificates get renewed. For proper SSL management, + # we instead recommend you to use cert-manager, that you can easily deploy with helm; see https://cert-manager.io/. + # traefik_acme_tls = true + # traefik_acme_email = "mail@example.com" + + # If you want to configure additional Arguments for traefik, enter them here as a list and in the form of traefik CLI arguments; see https://doc.traefik.io/traefik/reference/static-configuration/cli/ + # They are the options that go into the additionalArguments section of the Traefik helm values file. + # Example: traefik_additional_options = ["--log.level=DEBUG", "--tracing=true"] + # traefik_additional_options = [] + + # If you want to disable the metric server, you can! Default is "true". + # enable_metrics_server = false + + # If you want to allow non-control-plane workloads to run on the control-plane nodes, set "true" below. The default is "false". + # True by default for single node clusters. + # IMPORTANT: For the time being, this requires you to also set hetzner_ccm_version="v1.12.1", see issue #311 + # Hopefully it's just a temporary measure, as we are seeking solutions at the source. + # allow_scheduling_on_control_plane = true + + # If you want to disable the automatic upgrade of k3s, you can set this to false. The default is "true". + # automatically_upgrade_k3s = false + + # Allows you to specify either stable, latest, testing or supported minor versions (defaults to stable) + # see https://rancher.com/docs/k3s/latest/en/upgrades/basic/ and https://update.k3s.io/v1-release/channels + # initial_k3s_channel = "latest" + + # The cluster name, by default "k3s" + # cluster_name = "" # Whether to use the cluster name in the node name, in the form of {cluster_name}-{nodepool_name}, the default is "true". # use_cluster_name_in_node_name = false From f043c62f0266eeca3e19f2b93cb9e9338dbb9fc6 Mon Sep 17 00:00:00 2001 From: Anant Date: Tue, 4 Oct 2022 22:52:47 -0600 Subject: [PATCH 30/32] Cleaned up tf file --- scripts/terraform/main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/terraform/main.tf b/scripts/terraform/main.tf index caa7f86b..2056d70d 100644 --- a/scripts/terraform/main.tf +++ b/scripts/terraform/main.tf @@ -218,7 +218,7 @@ module "kube-hetzner" { # initial_k3s_channel = "latest" # The cluster name, by default "k3s" - # cluster_name = "" + cluster_name = "bitgreen" # Whether to use the cluster name in the node name, in the form of {cluster_name}-{nodepool_name}, the default is "true". # use_cluster_name_in_node_name = false From b8e63fab48e3cfc52346796427d1e7ce1d9e066a Mon Sep 17 00:00:00 2001 From: Anant Date: Tue, 4 Oct 2022 23:17:02 -0600 Subject: [PATCH 31/32] Cleaned up tf file --- scripts/terraform/main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/terraform/main.tf b/scripts/terraform/main.tf index 2056d70d..7da0cd3c 100644 --- a/scripts/terraform/main.tf +++ b/scripts/terraform/main.tf @@ -218,7 +218,7 @@ module "kube-hetzner" { # initial_k3s_channel = "latest" # The cluster name, by default "k3s" - cluster_name = "bitgreen" + cluster_name = "bitgreen-kube # Whether to use the cluster name in the node name, in the form of {cluster_name}-{nodepool_name}, the default is "true". # use_cluster_name_in_node_name = false From 64afb3f5bfb07f1f913ced4fe6fee65c764bfb0d Mon Sep 17 00:00:00 2001 From: Anant Date: Tue, 4 Oct 2022 23:19:23 -0600 Subject: [PATCH 32/32] Cleaned up tf file --- scripts/terraform/main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/terraform/main.tf b/scripts/terraform/main.tf index 7da0cd3c..7d9b1da8 100644 --- a/scripts/terraform/main.tf +++ b/scripts/terraform/main.tf @@ -218,7 +218,7 @@ module "kube-hetzner" { # initial_k3s_channel = "latest" # The cluster name, by default "k3s" - cluster_name = "bitgreen-kube + cluster_name = "bitgreen-kube" # Whether to use the cluster name in the node name, in the form of {cluster_name}-{nodepool_name}, the default is "true". # use_cluster_name_in_node_name = false