diff --git a/templates/cluster-template-hetzner.rc b/templates/cluster-template-hetzner.rc new file mode 100644 index 0000000..0be0dee --- /dev/null +++ b/templates/cluster-template-hetzner.rc @@ -0,0 +1,18 @@ +# Kubernetes cluster configuration +export KUBERNETES_VERSION=1.28.8 +export CONTROL_PLANE_MACHINE_COUNT=1 +export WORKER_MACHINE_COUNT=1 + +# Hetzner Cloud configuration +HCLOUD_SECRET_NAME=hetzner +HCLOUD_CONTROL_PLANE_MACHINE_TYPE=cax11 +HCLOUD_REGION=fsn1 +HCLOUD_SSH_KEY=my-ssh-key +HCLOUD_WORKER_MACHINE_TYPE=cax11 + +# Snap risk level and confinement +SNAP_CONFINEMENT=classic +SNAP_RISKLEVEL=stable + +# Upgrade configuration +export UPGRADE_STRATEGY=SmartUpgrade diff --git a/templates/cluster-template-hetzner.yaml b/templates/cluster-template-hetzner.yaml new file mode 100644 index 0000000..cd1877a --- /dev/null +++ b/templates/cluster-template-hetzner.yaml @@ -0,0 +1,212 @@ +apiVersion: cluster.x-k8s.io/v1beta1 +kind: Cluster +metadata: + name: ${CLUSTER_NAME} +spec: + clusterNetwork: + pods: + cidrBlocks: + - ${CLUSTER_POD_CIDR_BLOCK:=10.0.128.0/17} + services: + cidrBlocks: + - ${CLUSTER_SERVICE_CIDR_BLOCK:=10.0.8.0/21} + controlPlaneRef: + apiVersion: controlplane.cluster.x-k8s.io/v1beta1 + kind: MicroK8sControlPlane + name: ${CLUSTER_NAME}-control-plane + infrastructureRef: + apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 + kind: HetznerCluster + name: ${CLUSTER_NAME} +--- +apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 +kind: HetznerCluster +metadata: + name: ${CLUSTER_NAME} +spec: + controlPlaneEndpoint: + host: "" + port: 443 + controlPlaneLoadBalancer: + enabled: true + region: ${HCLOUD_REGION} + controlPlaneRegions: + - ${HCLOUD_REGION} + hcloudNetwork: + enabled: true + cidrBlock: ${HCLOUD_CIDR_BLOCK:=10.0.0.0/16} + subnetCidrBlock: ${HCLOUD_SUBNET_CIDR_BLOCK:=10.0.0.0/24} + hcloudPlacementGroups: + - name: control-plane + type: spread + - name: md-0 + type: spread + hetznerSecretRef: + key: + hcloudToken: hcloud + hetznerRobotPassword: robot-password + hetznerRobotUser: robot-user + name: ${HCLOUD_SECRET_NAME:=hetzner} + sshKeys: + hcloud: + - name: ${HCLOUD_SSH_KEY} +--- +apiVersion: controlplane.cluster.x-k8s.io/v1beta1 +kind: MicroK8sControlPlane +metadata: + name: "${CLUSTER_NAME}-control-plane" +spec: + controlPlaneConfig: + initConfiguration: + addons: + - dns + - ingress + - cert-manager + - metrics-server + - metallb + riskLevel: "${SNAP_RISKLEVEL:=}" + confinement: "${SNAP_CONFINEMENT:=}" + clusterConfiguration: + portCompatibilityRemap: true + machineTemplate: + infrastructureTemplate: + apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 + kind: HCloudMachineTemplate + name: "${CLUSTER_NAME}-control-plane" + replicas: ${CONTROL_PLANE_MACHINE_COUNT:=1} + version: "v${KUBERNETES_VERSION}" + upgradeStrategy: "${UPGRADE_STRATEGY}" +--- +apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 +kind: HCloudMachineTemplate +metadata: + name: ${CLUSTER_NAME}-control-plane +spec: + template: + spec: + imageName: ubuntu-22.04 + placementGroupName: control-plane + type: ${HCLOUD_CONTROL_PLANE_MACHINE_TYPE} +--- +apiVersion: cluster.x-k8s.io/v1beta1 +kind: MachineDeployment +metadata: + labels: + nodepool: ${CLUSTER_NAME}-md-0 + name: ${CLUSTER_NAME}-md-0 +spec: + clusterName: ${CLUSTER_NAME} + replicas: ${WORKER_MACHINE_COUNT} + selector: + matchLabels: null + template: + metadata: + labels: + nodepool: ${CLUSTER_NAME}-md-0 + spec: + bootstrap: + configRef: + name: "${CLUSTER_NAME}-md-0" + apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 + kind: MicroK8sConfigTemplate + clusterName: ${CLUSTER_NAME} + failureDomain: ${HCLOUD_REGION} + infrastructureRef: + apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 + kind: HCloudMachineTemplate + name: ${CLUSTER_NAME}-md-0 + version: ${KUBERNETES_VERSION} +--- +apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 +kind: HCloudMachineTemplate +metadata: + name: ${CLUSTER_NAME}-md-0 +spec: + template: + spec: + imageName: ubuntu-22.04 + placementGroupName: md-0 + type: ${HCLOUD_WORKER_MACHINE_TYPE} +--- +apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 +kind: MicroK8sConfigTemplate +metadata: + name: "${CLUSTER_NAME}-md-0" +spec: + template: + spec: + clusterConfiguration: + portCompatibilityRemap: true + initConfiguration: + riskLevel: "${SNAP_RISKLEVEL:=}" + confinement: "${SNAP_CONFINEMENT:=}" +--- +apiVersion: cluster.x-k8s.io/v1beta1 +kind: MachineHealthCheck +metadata: + name: ${CLUSTER_NAME}-control-plane-unhealthy-5m +spec: + clusterName: ${CLUSTER_NAME} + maxUnhealthy: 100% + nodeStartupTimeout: 15m + remediationTemplate: + apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 + kind: HCloudRemediationTemplate + name: control-plane-remediation-request + selector: + matchLabels: + cluster.x-k8s.io/control-plane: "" + unhealthyConditions: + - status: Unknown + timeout: 180s + type: Ready + - status: "False" + timeout: 180s + type: Ready +--- +apiVersion: cluster.x-k8s.io/v1beta1 +kind: MachineHealthCheck +metadata: + name: ${CLUSTER_NAME}-md-0-unhealthy-5m +spec: + clusterName: ${CLUSTER_NAME} + maxUnhealthy: 100% + nodeStartupTimeout: 10m + remediationTemplate: + apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 + kind: HCloudRemediationTemplate + name: worker-remediation-request + selector: + matchLabels: + nodepool: ${CLUSTER_NAME}-md-0 + unhealthyConditions: + - status: Unknown + timeout: 180s + type: Ready + - status: "False" + timeout: 180s + type: Ready +--- +apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 +kind: HCloudRemediationTemplate +metadata: + name: control-plane-remediation-request +spec: + template: + spec: + strategy: + retryLimit: 1 + timeout: 180s + type: Reboot +--- +apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 +kind: HCloudRemediationTemplate +metadata: + name: worker-remediation-request +spec: + template: + spec: + strategy: + retryLimit: 1 + timeout: 180s + type: Reboot