-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathresources_hetzner.tf
117 lines (99 loc) · 3.2 KB
/
resources_hetzner.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
provider "hcloud" {
token = var.hcloud_secret
}
#-----------------------------
# Creating Networks and Nodes
#-----------------------------
resource "hcloud_network" "kubernetes_internal_network" {
name = var.private_network_name
ip_range = "172.16.0.0/12"
labels = {
automated = true
}
}
resource "hcloud_ssh_key" "rke_ssh_key" {
name = "${var.instance_prefix}-rke-management-key"
public_key = local.public_key
labels = {
automated = true
}
}
resource "hcloud_server" "rke_nodes" {
count = var.instance_count
name = "${var.instance_prefix}-${count.index + 1}"
image = "ubuntu-20.04"
server_type = var.instance_type
location = element(var.instance_zones, count.index) # Modulo is performed by element function
user_data = file("${path.module}/scripts/rke_init.sh")
# This is necessary to wait for all installation tasks to finish
provisioner "remote-exec" {
inline = ["cloud-init status --wait > /dev/null"]
connection {
type = "ssh"
user = "root"
private_key = local.private_key
host = self.ipv4_address
}
}
ssh_keys = [
hcloud_ssh_key.rke_ssh_key.id
]
labels = {
automated = true
}
}
resource "hcloud_network_subnet" "rke_subnet" {
network_id = hcloud_network.kubernetes_internal_network.id
type = "cloud"
network_zone = "eu-central"
ip_range = "172.16.1.0/24"
}
resource "hcloud_server_network" "rancher_node_subnet_registration" {
count = var.instance_count
server_id = hcloud_server.rke_nodes[count.index].id
subnet_id = hcloud_network_subnet.rke_subnet.id
}
#--------------------------
# Creating the LoadBalancer
#--------------------------
resource "hcloud_load_balancer" "rke_lb" {
name = var.lb_name
load_balancer_type = var.lb_type
location = var.lb_location
}
resource "hcloud_load_balancer_network" "rke_lb_network_registration" {
load_balancer_id = hcloud_load_balancer.rke_lb.id
subnet_id = hcloud_network_subnet.rke_subnet.id
}
resource "hcloud_load_balancer_target" "rke_lb_targets" {
count = var.instance_count
type = "server"
load_balancer_id = hcloud_load_balancer.rke_lb.id
server_id = hcloud_server.rke_nodes[count.index].id
use_private_ip = true
depends_on = [
hcloud_load_balancer_network.rke_lb_network_registration,
hcloud_server_network.rancher_node_subnet_registration
]
}
resource "hcloud_load_balancer_service" "rke_lb_k8s_service" {
load_balancer_id = hcloud_load_balancer.rke_lb.id
protocol = "tcp"
listen_port = 6443
destination_port = 6443
depends_on = [hcloud_load_balancer_target.rke_lb_targets]
}
resource "hcloud_load_balancer_service" "rke_lb_http_service" {
load_balancer_id = hcloud_load_balancer.rke_lb.id
protocol = "tcp"
listen_port = 80
destination_port = 80
depends_on = [hcloud_load_balancer_target.rke_lb_targets]
}
resource "hcloud_load_balancer_service" "rke_lb_https_service" {
load_balancer_id = hcloud_load_balancer.rke_lb.id
protocol = "tcp"
listen_port = 443
destination_port = 443
depends_on = [hcloud_load_balancer_target.rke_lb_targets]
}