Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Feature] Add option to use an existing private network. #1000

Merged
merged 5 commits into from
Oct 11, 2023
Merged
Show file tree
Hide file tree
Changes from 1 commit
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion autoscaler-agents.tf
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ locals {
cluster_autoscaler_log_to_stderr = var.cluster_autoscaler_log_to_stderr
cluster_autoscaler_stderr_threshold = var.cluster_autoscaler_stderr_threshold
ssh_key = local.hcloud_ssh_key_id
ipv4_subnet_id = hcloud_network.k3s.id
ipv4_subnet_id = data.hcloud_network.k3s.id
snapshot_id = local.first_nodepool_snapshot_id
firewall_id = hcloud_firewall.k3s.id
cluster_name = local.cluster_prefix
Expand Down
2 changes: 1 addition & 1 deletion init.tf
Original file line number Diff line number Diff line change
Expand Up @@ -250,7 +250,7 @@ resource "null_resource" "kustomization" {
provisioner "remote-exec" {
inline = [
"set -ex",
"kubectl -n kube-system create secret generic hcloud --from-literal=token=${var.hcloud_token} --from-literal=network=${hcloud_network.k3s.name} --dry-run=client -o yaml | kubectl apply -f -",
"kubectl -n kube-system create secret generic hcloud --from-literal=token=${var.hcloud_token} --from-literal=network=${data.hcloud_network.k3s.name} --dry-run=client -o yaml | kubectl apply -f -",
"kubectl -n kube-system create secret generic hcloud-csi --from-literal=token=${var.hcloud_token} --dry-run=client -o yaml | kubectl apply -f -",
local.csi_version != null ? "curl https://raw.githubusercontent.com/hetznercloud/csi-driver/${coalesce(local.csi_version, "v2.4.0")}/deploy/kubernetes/hcloud-csi.yml -o /var/post_install/hcloud-csi.yml" : "echo 'Skipping hetzner csi.'"
]
Expand Down
5 changes: 5 additions & 0 deletions kube.tf.example
Original file line number Diff line number Diff line change
Expand Up @@ -57,6 +57,11 @@ module "kube-hetzner" {
# * For Hetzner locations see https://docs.hetzner.com/general/others/data-centers-and-connection/
network_region = "eu-central" # change to `us-east` if location is ash

# If you want to create the private network before calling this module,
# you can do so and pass its id here. NOTE: make sure to adapt network_ipv4_cidr accordingly
mysticaltech marked this conversation as resolved.
Show resolved Hide resolved
# use_existing_network = true
# existing_network_id = hcloud_network.your_network.id

# If you must change the network CIDR you can do so below, but it is highly advised against.
# network_ipv4_cidr = "10.0.0.0/8"

Expand Down
9 changes: 7 additions & 2 deletions main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -23,16 +23,21 @@ resource "hcloud_ssh_key" "k3s" {
}

resource "hcloud_network" "k3s" {
count = var.use_existing_network ? 0 : 1
mysticaltech marked this conversation as resolved.
Show resolved Hide resolved
name = var.cluster_name
ip_range = var.network_ipv4_cidr
labels = local.labels
}

data "hcloud_network" "k3s" {
id = var.use_existing_network ? var.existing_network_id : hcloud_network.k3s[0].id
mysticaltech marked this conversation as resolved.
Show resolved Hide resolved
}

# We start from the end of the subnets cidr array,
# as we would have fewer control plane nodepools, than agent ones.
resource "hcloud_network_subnet" "control_plane" {
count = length(var.control_plane_nodepools)
network_id = hcloud_network.k3s.id
network_id = data.hcloud_network.k3s.id
type = "cloud"
network_zone = var.network_region
ip_range = local.network_ipv4_subnets[255 - count.index]
Expand All @@ -41,7 +46,7 @@ resource "hcloud_network_subnet" "control_plane" {
# Here we start at the beginning of the subnets cidr array
resource "hcloud_network_subnet" "agent" {
count = length(var.agent_nodepools)
network_id = hcloud_network.k3s.id
network_id = data.hcloud_network.k3s.id
type = "cloud"
network_zone = var.network_region
ip_range = local.network_ipv4_subnets[count.index]
Expand Down
2 changes: 1 addition & 1 deletion output.tf
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ output "cluster_name" {
}

output "network_id" {
value = hcloud_network.k3s.id
value = data.hcloud_network.k3s.id
description = "The ID of the HCloud network."
}

Expand Down
15 changes: 14 additions & 1 deletion variables.tf
Original file line number Diff line number Diff line change
Expand Up @@ -74,7 +74,20 @@ variable "network_region" {
type = string
default = "eu-central"
}

variable "use_existing_network" {
# Unfortunately, we need this extra boolean variable. If we only check that existing_network_id is null,
valkenburg-prevue-ch marked this conversation as resolved.
Show resolved Hide resolved
# terraform will complain that it cannot set `count` variables based on existing_network_id != null, because
# that id is an output value from hcloud_network.your_network.id, which terraform will only know
# after its construction.
description = "If you want to create the private network before calling this module, you can do so and set this value to true. Then you must set existing_network_id, and set network_ipv4_cidr to a range which does not collide with your other nodes."
type = bool
default = false
}
variable "existing_network_id" {
description = "If you want to create the private network before calling this module, you can do so and pass its id here. NOTE: make sure to adapt network_ipv4_cidr accordingly to a range which does not collide with your other nodes. Only used if use_existing_network == true."
type = string
default = null
}
variable "network_ipv4_cidr" {
description = "The main network cidr that all subnets will be created upon."
type = string
Expand Down