gitea-admin
/
terraform
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
collection of terraform modules
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
11 Commits
1 Branch
0 Tags
257 KiB
 
Tag: Branch: Tree: 779e4fe6b2
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '779e4fe6b2'
${ noResults }
terraform/hcloud-k3s-cluster/main.tf

177 lines
3.8 KiB
Raw Blame History

# terraform config
terraform {
required_providers {
hcloud = {
source = "hetznercloud/hcloud"
version = "1.35.2"
}
hetznerdns = {
source = "timohirt/hetznerdns"
version = "2.2.0"
}
}
}
provider "hcloud" {
token = var.hcloud_token
}
provider "hetznerdns" {
apitoken = var.hetznerdns_token
}
# bootstrap ssh key
resource "hcloud_ssh_key" "pubkey" {
name = "bootstrap-ssh"
public_key = file(var.ssh_public_key_path)
}
# server
resource "hcloud_server" "k3s-node" {
count = var.node_count
name = "k3s-node-${count.index + 1}"
image = data.hcloud_image.packer_snapshot.id
server_type = var.server_type
ssh_keys = [ "${hcloud_ssh_key.pubkey.id}" ]
location = var.server_location
firewall_ids = [ hcloud_firewall.fw.id ]
placement_group_id = hcloud_placement_group.k3s-cluster-nodes.id
depends_on = [
hcloud_network_subnet.k3s-net,
hcloud_firewall.fw,
hcloud_placement_group.k3s-cluster-nodes
]
}
# internal network
resource "hcloud_network" "internal_net" {
name = "internal network"
ip_range = "10.0.0.0/8"
}
resource "hcloud_network_subnet" "k3s-net" {
network_id = hcloud_network.internal_net.id
type = "cloud"
network_zone = "eu-central"
ip_range = "10.0.1.0/24"
}
resource "hcloud_server_network" "k3s-node-to-network-allocation" {
count = var.node_count
server_id = hcloud_server.k3s-node[count.index].id
subnet_id = hcloud_network_subnet.k3s-net.id
ip = "10.0.1.${count.index + 1}"
depends_on = [
hcloud_server.k3s-node
]
}
#DNS
data "hetznerdns_zone" "dns_zone" {
name = var.hetznerdns_zone
}
resource "hetznerdns_record" "k3sv4" {
zone_id = data.hetznerdns_zone.dns_zone.id
name = "*.k3s"
value = hcloud_load_balancer.lb.ipv4
type = "A"
ttl= 3400
depends_on = [
hcloud_load_balancer.lb
]
}
resource "hetznerdns_record" "k3sv6" {
zone_id = data.hetznerdns_zone.dns_zone.id
name = "*.k3s"
value = hcloud_load_balancer.lb.ipv6
type = "AAAA"
ttl= 3400
depends_on = [
hcloud_load_balancer.lb
]
}
# loadbalancer
resource "hcloud_load_balancer" "lb" {
name = "k3s-load-balancer"
load_balancer_type = var.loadbalancer_type
location = var.server_location
}
resource "hcloud_load_balancer_target" "load_balancer_target" {
count = var.node_count
type = "server"
load_balancer_id = hcloud_load_balancer.lb.id
server_id = hcloud_server.k3s-node[count.index].id
use_private_ip = true
depends_on = [
hcloud_server.k3s-node,
hcloud_load_balancer.lb,
hcloud_server_network.k3s-node-to-network-allocation
]
}
resource "hcloud_load_balancer_network" "lb_backend_net" {
load_balancer_id = hcloud_load_balancer.lb.id
subnet_id = hcloud_network_subnet.k3s-net.id
ip = "10.0.1.${var.node_count + 1 }"
}
resource "hcloud_load_balancer_service" "load_balancer_tcp_80" {
load_balancer_id = hcloud_load_balancer.lb.id
protocol = "tcp"
listen_port = 80
destination_port = 80
}
resource "hcloud_load_balancer_service" "load_balancer_tcp_443" {
load_balancer_id = hcloud_load_balancer.lb.id
protocol = "tcp"
listen_port = 443
destination_port = 443
}
# firewall
resource "hcloud_firewall" "fw" {
name = "fw"
rule {
direction = "in"
protocol = "icmp"
source_ips = [
"0.0.0.0/0",
"::/0"
]
}
rule {
direction = "in"
protocol = "tcp"
port = "22"
source_ips = [
"0.0.0.0/0",
"::/0"
]
}
}
# placement group
resource "hcloud_placement_group" "k3s-cluster-nodes" {
name = "k3s-cluster-nodes"
type = "spread"
labels = {
key = "value"
}
}
# packer snapshot
data "hcloud_image" "packer_snapshot" {
with_selector = var.snapshot_selector
most_recent = true
}