From eeb4b25267438d1fb2ec7580558ff2e3dd790cd4 Mon Sep 17 00:00:00 2001 From: Max Rosin Date: Wed, 18 May 2022 13:40:16 +0200 Subject: [PATCH] Adapt for 2022 demo --- LICENSE | 2 +- README.md | 10 +- ansible/inventory/group_vars/all.yml | 2 +- ansible/requirements.yml | 2 +- ansible/roles/k3s/defaults/main.yml | 2 +- ansible/roles/k3s/templates/demo.yaml | 4 +- .../roles/k3s/templates/hcloud-ccm.yaml.j2 | 6 +- .../roles/k3s/templates/hcloud-csi.yaml.j2 | 621 ++++++++++-------- terraform/.terraform.lock.hcl | 32 +- terraform/hcloud.tf | 10 +- 10 files changed, 373 insertions(+), 318 deletions(-) diff --git a/LICENSE b/LICENSE index c0e82d6..be954df 100644 --- a/LICENSE +++ b/LICENSE @@ -1,6 +1,6 @@ MIT License -Copyright (c) 2021 Hetzner Cloud GmbH +Copyright (c) 2022 Hetzner Cloud GmbH Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/README.md b/README.md index 420e7cf..edac531 100644 --- a/README.md +++ b/README.md @@ -1,8 +1,8 @@ -# KubeCon Europe 2021 +# KubeCon Europe 2022 -This repository is part of a live demo at KubeCon Europe 2021 that shows how different official integrations can be used to deploy a Kubernetes (k3s) cluster at Hetzner Cloud. +This repository is part of a live demo at KubeCon Europe 2022 that shows how different official integrations can be used to deploy a Kubernetes (k3s) cluster at Hetzner Cloud. -The code in this repository creates chargeable resources (three servers and a load balancer) in your hcloud account. Please make sure to delete the resources afterwards to avoid unintended costs. If you attended KubeCon you received a coupon for some cloud credits which you can use to cover the costs to get started. +The code in this repository creates chargeable resources (three servers, a volume and a load balancer) in your hcloud account. Please make sure to delete the resources afterwards to avoid unintended costs. If you attended KubeCon you received a coupon for some cloud credits which you can use to cover the costs to get started. After the KubeCon this repository will not be updated or officially supported. If you think there is a bug with one of the integrations please feel free to open an issue in the corresponding GitHub repository or a customer ticket. @@ -19,8 +19,8 @@ After the KubeCon this repository will not be updated or officially supported. I 7. Clone the repository ``` -git clone https://github.com/hetznercloud/kubecon-europe-2021.git -cd kubecon-europe-2021 +git clone https://github.com/hetznercloud/kubecon-europe-2022.git +cd kubecon-europe-2022 ``` ### 2. Terraform diff --git a/ansible/inventory/group_vars/all.yml b/ansible/inventory/group_vars/all.yml index 15a5854..50c859e 100644 --- a/ansible/inventory/group_vars/all.yml +++ b/ansible/inventory/group_vars/all.yml @@ -1 +1 @@ -ansible_ssh_private_key_file: "~/.ssh/kubecon" +ansible_ssh_private_key_file: "~/.ssh/kubecon-2022" diff --git a/ansible/requirements.yml b/ansible/requirements.yml index 9aba70f..aa7311a 100644 --- a/ansible/requirements.yml +++ b/ansible/requirements.yml @@ -1,4 +1,4 @@ --- collections: - name: hetzner.hcloud - version: "1.4.3" + version: "1.6.0" diff --git a/ansible/roles/k3s/defaults/main.yml b/ansible/roles/k3s/defaults/main.yml index 70e980d..e22ca88 100644 --- a/ansible/roles/k3s/defaults/main.yml +++ b/ansible/roles/k3s/defaults/main.yml @@ -1,2 +1,2 @@ -k3s_version: v1.21.0+k3s1 +k3s_version: v1.23.6+k3s1 k3s_cluster_cidr: 10.92.0.0/16 diff --git a/ansible/roles/k3s/templates/demo.yaml b/ansible/roles/k3s/templates/demo.yaml index 52f2907..6ac6d18 100644 --- a/ansible/roles/k3s/templates/demo.yaml +++ b/ansible/roles/k3s/templates/demo.yaml @@ -16,12 +16,12 @@ spec: spec: containers: - name: hello-kubernetes - image: paulbouwer/hello-kubernetes:1.10.0 + image: paulbouwer/hello-kubernetes:1.10.1 ports: - containerPort: 8080 env: - name: MESSAGE - value: "Hetzner Cloud says hello from KubeCon 2021" + value: "Hetzner Cloud says hello from KubeCon 2022" - name: KUBERNETES_NAMESPACE valueFrom: fieldRef: diff --git a/ansible/roles/k3s/templates/hcloud-ccm.yaml.j2 b/ansible/roles/k3s/templates/hcloud-ccm.yaml.j2 index f79bd28..65277de 100644 --- a/ansible/roles/k3s/templates/hcloud-ccm.yaml.j2 +++ b/ansible/roles/k3s/templates/hcloud-ccm.yaml.j2 @@ -49,11 +49,15 @@ spec: # cloud controller manages should be able to run on masters - key: "node-role.kubernetes.io/master" effect: NoSchedule + operator: Exists + - key: "node-role.kubernetes.io/control-plane" + effect: NoSchedule + operator: Exists - key: "node.kubernetes.io/not-ready" effect: "NoSchedule" hostNetwork: true containers: - - image: hetznercloud/hcloud-cloud-controller-manager:v1.9.1 + - image: hetznercloud/hcloud-cloud-controller-manager:v1.12.1 name: hcloud-cloud-controller-manager command: - "/bin/hcloud-cloud-controller-manager" diff --git a/ansible/roles/k3s/templates/hcloud-csi.yaml.j2 b/ansible/roles/k3s/templates/hcloud-csi.yaml.j2 index b4ccd48..87ff3ec 100644 --- a/ansible/roles/k3s/templates/hcloud-csi.yaml.j2 +++ b/ansible/roles/k3s/templates/hcloud-csi.yaml.j2 @@ -1,210 +1,290 @@ ---- +allowVolumeExpansion: true apiVersion: storage.k8s.io/v1 -kind: CSIDriver -metadata: - name: csi.hetzner.cloud -spec: - attachRequired: true - podInfoOnMount: true - volumeLifecycleModes: - - Persistent ---- kind: StorageClass -apiVersion: storage.k8s.io/v1 metadata: - namespace: kube-system - name: hcloud-volumes annotations: storageclass.kubernetes.io/is-default-class: "true" + name: hcloud-volumes + namespace: kube-system provisioner: csi.hetzner.cloud volumeBindingMode: WaitForFirstConsumer -allowVolumeExpansion: true --- apiVersion: v1 kind: ServiceAccount metadata: - name: hcloud-csi + name: hcloud-csi-controller namespace: kube-system --- -kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole metadata: - name: hcloud-csi + name: hcloud-csi-controller rules: - # attacher - - apiGroups: [""] - resources: ["persistentvolumes"] - verbs: ["get", "list", "watch", "update", "patch"] - - apiGroups: [""] - resources: ["nodes"] - verbs: ["get", "list", "watch"] - - apiGroups: ["csi.storage.k8s.io"] - resources: ["csinodeinfos"] - verbs: ["get", "list", "watch"] - - apiGroups: ["storage.k8s.io"] - resources: ["csinodes"] - verbs: ["get", "list", "watch"] - - apiGroups: ["storage.k8s.io"] - resources: ["volumeattachments"] - verbs: ["get", "list", "watch", "update", "patch"] - # provisioner - - apiGroups: [""] - resources: ["secrets"] - verbs: ["get", "list"] - - apiGroups: [""] - resources: ["persistentvolumes"] - verbs: ["get", "list", "watch", "create", "delete", "patch"] - - apiGroups: [""] - resources: ["persistentvolumeclaims", "persistentvolumeclaims/status"] - verbs: ["get", "list", "watch", "update", "patch"] - - apiGroups: ["storage.k8s.io"] - resources: ["storageclasses"] - verbs: ["get", "list", "watch"] - - apiGroups: [""] - resources: ["events"] - verbs: ["list", "watch", "create", "update", "patch"] - - apiGroups: ["snapshot.storage.k8s.io"] - resources: ["volumesnapshots"] - verbs: ["get", "list"] - - apiGroups: ["snapshot.storage.k8s.io"] - resources: ["volumesnapshotcontents"] - verbs: ["get", "list"] - # node - - apiGroups: [""] - resources: ["events"] - verbs: ["get", "list", "watch", "create", "update", "patch"] +- apiGroups: + - "" + resources: + - persistentvolumes + verbs: + - get + - list + - watch + - update + - patch +- apiGroups: + - "" + resources: + - nodes + verbs: + - get + - list + - watch +- apiGroups: + - csi.storage.k8s.io + resources: + - csinodeinfos + verbs: + - get + - list + - watch +- apiGroups: + - storage.k8s.io + resources: + - csinodes + verbs: + - get + - list + - watch +- apiGroups: + - storage.k8s.io + resources: + - volumeattachments + verbs: + - get + - list + - watch + - update + - patch +- apiGroups: + - storage.k8s.io + resources: + - volumeattachments/status + verbs: + - patch +- apiGroups: + - "" + resources: + - secrets + verbs: + - get + - list +- apiGroups: + - "" + resources: + - persistentvolumes + verbs: + - get + - list + - watch + - create + - delete + - patch +- apiGroups: + - "" + resources: + - persistentvolumeclaims + - persistentvolumeclaims/status + verbs: + - get + - list + - watch + - update + - patch +- apiGroups: + - storage.k8s.io + resources: + - storageclasses + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - events + verbs: + - list + - watch + - create + - update + - patch +- apiGroups: + - snapshot.storage.k8s.io + resources: + - volumesnapshots + verbs: + - get + - list +- apiGroups: + - snapshot.storage.k8s.io + resources: + - volumesnapshotcontents + verbs: + - get + - list +- apiGroups: + - "" + resources: + - pods + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - create + - update + - patch --- -kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding metadata: - name: hcloud-csi -subjects: - - kind: ServiceAccount - name: hcloud-csi - namespace: kube-system + name: hcloud-csi-controller roleRef: - kind: ClusterRole - name: hcloud-csi apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: hcloud-csi-controller +subjects: +- kind: ServiceAccount + name: hcloud-csi-controller + namespace: kube-system +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app: hcloud-csi + name: hcloud-csi-controller-metrics + namespace: kube-system +spec: + ports: + - name: metrics + port: 9189 + targetPort: metrics + selector: + app: hcloud-csi-controller +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app: hcloud-csi + name: hcloud-csi-node-metrics + namespace: kube-system +spec: + ports: + - name: metrics + port: 9189 + targetPort: metrics + selector: + app: hcloud-csi --- -kind: StatefulSet apiVersion: apps/v1 +kind: Deployment metadata: name: hcloud-csi-controller namespace: kube-system spec: + replicas: 1 selector: matchLabels: app: hcloud-csi-controller - serviceName: hcloud-csi-controller - replicas: 1 template: metadata: labels: app: hcloud-csi-controller spec: - serviceAccount: hcloud-csi containers: - - name: csi-attacher - image: quay.io/k8scsi/csi-attacher:v2.2.0 - args: - - --csi-address=/var/lib/csi/sockets/pluginproxy/csi.sock - - --v=5 - volumeMounts: - - name: socket-dir - mountPath: /var/lib/csi/sockets/pluginproxy/ - securityContext: - privileged: true - capabilities: - add: ["SYS_ADMIN"] - allowPrivilegeEscalation: true - - name: csi-resizer - image: quay.io/k8scsi/csi-resizer:v0.3.0 - args: - - --csi-address=/var/lib/csi/sockets/pluginproxy/csi.sock - - --v=5 - volumeMounts: - - name: socket-dir - mountPath: /var/lib/csi/sockets/pluginproxy/ - securityContext: - privileged: true - capabilities: - add: ["SYS_ADMIN"] - allowPrivilegeEscalation: true - - name: csi-provisioner - image: quay.io/k8scsi/csi-provisioner:v1.6.0 - args: - - --provisioner=csi.hetzner.cloud - - --csi-address=/var/lib/csi/sockets/pluginproxy/csi.sock - - --feature-gates=Topology=true - - --v=5 - volumeMounts: - - name: socket-dir - mountPath: /var/lib/csi/sockets/pluginproxy/ - securityContext: - privileged: true - capabilities: - add: ["SYS_ADMIN"] - allowPrivilegeEscalation: true - - name: hcloud-csi-driver - image: hetznercloud/hcloud-csi-driver:1.5.3 - imagePullPolicy: Always - env: - - name: CSI_ENDPOINT - value: unix:///var/lib/csi/sockets/pluginproxy/csi.sock - - name: METRICS_ENDPOINT - value: 0.0.0.0:9189 - - name: KUBE_NODE_NAME - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: spec.nodeName - - name: HCLOUD_TOKEN - valueFrom: - secretKeyRef: - name: hcloud-csi - key: token - volumeMounts: - - name: socket-dir - mountPath: /var/lib/csi/sockets/pluginproxy/ - ports: - - containerPort: 9189 - name: metrics - - name: healthz - containerPort: 9808 - protocol: TCP - livenessProbe: - failureThreshold: 5 - httpGet: - path: /healthz - port: healthz - initialDelaySeconds: 10 - timeoutSeconds: 3 - periodSeconds: 2 - securityContext: - privileged: true - capabilities: - add: ["SYS_ADMIN"] - allowPrivilegeEscalation: true - - name: liveness-probe - imagePullPolicy: Always - image: quay.io/k8scsi/livenessprobe:v1.1.0 - args: - - --csi-address=/var/lib/csi/sockets/pluginproxy/csi.sock - volumeMounts: - - mountPath: /var/lib/csi/sockets/pluginproxy/ - name: socket-dir + - image: k8s.gcr.io/sig-storage/csi-attacher:v3.2.1 + name: csi-attacher + volumeMounts: + - mountPath: /run/csi + name: socket-dir + - image: k8s.gcr.io/sig-storage/csi-resizer:v1.2.0 + name: csi-resizer + volumeMounts: + - mountPath: /run/csi + name: socket-dir + - args: + - --feature-gates=Topology=true + - --default-fstype=ext4 + image: k8s.gcr.io/sig-storage/csi-provisioner:v2.2.2 + name: csi-provisioner + volumeMounts: + - mountPath: /run/csi + name: socket-dir + - command: + - /bin/hcloud-csi-driver-controller + env: + - name: CSI_ENDPOINT + value: unix:///run/csi/socket + - name: METRICS_ENDPOINT + value: 0.0.0.0:9189 + - name: ENABLE_METRICS + value: "true" + - name: KUBE_NODE_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: spec.nodeName + - name: HCLOUD_TOKEN + valueFrom: + secretKeyRef: + key: token + name: hcloud + image: hetznercloud/hcloud-csi-driver:latest + imagePullPolicy: Always + livenessProbe: + failureThreshold: 5 + httpGet: + path: /healthz + port: healthz + initialDelaySeconds: 10 + periodSeconds: 2 + timeoutSeconds: 3 + name: hcloud-csi-driver + ports: + - containerPort: 9189 + name: metrics + - containerPort: 9808 + name: healthz + protocol: TCP + volumeMounts: + - mountPath: /run/csi + name: socket-dir + - image: k8s.gcr.io/sig-storage/livenessprobe:v2.3.0 + imagePullPolicy: Always + name: liveness-probe + volumeMounts: + - mountPath: /run/csi + name: socket-dir + serviceAccountName: hcloud-csi-controller volumes: - - name: socket-dir - emptyDir: {} + - emptyDir: {} + name: socket-dir --- -kind: DaemonSet apiVersion: apps/v1 +kind: DaemonSet metadata: - name: hcloud-csi-node - namespace: kube-system labels: app: hcloud-csi + name: hcloud-csi-node + namespace: kube-system spec: selector: matchLabels: @@ -214,129 +294,98 @@ spec: labels: app: hcloud-csi spec: - tolerations: - - effect: NoExecute - operator: Exists - - effect: NoSchedule - operator: Exists - - key: CriticalAddonsOnly - operator: Exists - serviceAccount: hcloud-csi + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: instance.hetzner.cloud/is-root-server + operator: NotIn + values: + - "true" containers: - - name: csi-node-driver-registrar - image: quay.io/k8scsi/csi-node-driver-registrar:v1.3.0 - args: - - --v=5 - - --csi-address=/csi/csi.sock - - --kubelet-registration-path=/var/lib/kubelet/plugins/csi.hetzner.cloud/csi.sock - env: - - name: KUBE_NODE_NAME - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: spec.nodeName - volumeMounts: - - name: plugin-dir - mountPath: /csi - - name: registration-dir - mountPath: /registration - securityContext: - privileged: true - - name: hcloud-csi-driver - image: hetznercloud/hcloud-csi-driver:1.5.3 - imagePullPolicy: Always - env: - - name: CSI_ENDPOINT - value: unix:///csi/csi.sock - - name: METRICS_ENDPOINT - value: 0.0.0.0:9189 - - name: HCLOUD_TOKEN - valueFrom: - secretKeyRef: - name: hcloud-csi - key: token - - name: KUBE_NODE_NAME - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: spec.nodeName - volumeMounts: - - name: kubelet-dir - mountPath: /var/lib/kubelet - mountPropagation: "Bidirectional" - - name: plugin-dir - mountPath: /csi - - name: device-dir - mountPath: /dev - securityContext: - privileged: true - ports: - - containerPort: 9189 - name: metrics - - name: healthz - containerPort: 9808 - protocol: TCP - livenessProbe: - failureThreshold: 5 - httpGet: - path: /healthz - port: healthz - initialDelaySeconds: 10 - timeoutSeconds: 3 - periodSeconds: 2 - - name: liveness-probe - imagePullPolicy: Always - image: quay.io/k8scsi/livenessprobe:v1.1.0 - args: - - --csi-address=/csi/csi.sock - volumeMounts: - - mountPath: /csi - name: plugin-dir + - args: + - --kubelet-registration-path=/var/lib/kubelet/plugins/csi.hetzner.cloud/socket + image: k8s.gcr.io/sig-storage/csi-node-driver-registrar:v2.2.0 + name: csi-node-driver-registrar + volumeMounts: + - mountPath: /run/csi + name: plugin-dir + - mountPath: /registration + name: registration-dir + - command: + - /bin/hcloud-csi-driver-node + env: + - name: CSI_ENDPOINT + value: unix:///run/csi/socket + - name: METRICS_ENDPOINT + value: 0.0.0.0:9189 + - name: ENABLE_METRICS + value: "true" + image: hetznercloud/hcloud-csi-driver:latest + imagePullPolicy: Always + livenessProbe: + failureThreshold: 5 + httpGet: + path: /healthz + port: healthz + initialDelaySeconds: 10 + periodSeconds: 2 + timeoutSeconds: 3 + name: hcloud-csi-driver + ports: + - containerPort: 9189 + name: metrics + - containerPort: 9808 + name: healthz + protocol: TCP + securityContext: + privileged: true + volumeMounts: + - mountPath: /var/lib/kubelet + mountPropagation: Bidirectional + name: kubelet-dir + - mountPath: /run/csi + name: plugin-dir + - mountPath: /dev + name: device-dir + - image: k8s.gcr.io/sig-storage/livenessprobe:v2.3.0 + imagePullPolicy: Always + name: liveness-probe + volumeMounts: + - mountPath: /run/csi + name: plugin-dir + tolerations: + - effect: NoExecute + operator: Exists + - effect: NoSchedule + operator: Exists + - key: CriticalAddonsOnly + operator: Exists volumes: - - name: kubelet-dir - hostPath: - path: /var/lib/kubelet - type: Directory - - name: plugin-dir - hostPath: - path: /var/lib/kubelet/plugins/csi.hetzner.cloud/ - type: DirectoryOrCreate - - name: registration-dir - hostPath: - path: /var/lib/kubelet/plugins_registry/ - type: Directory - - name: device-dir - hostPath: - path: /dev - type: Directory + - hostPath: + path: /var/lib/kubelet + type: Directory + name: kubelet-dir + - hostPath: + path: /var/lib/kubelet/plugins/csi.hetzner.cloud/ + type: DirectoryOrCreate + name: plugin-dir + - hostPath: + path: /var/lib/kubelet/plugins_registry/ + type: Directory + name: registration-dir + - hostPath: + path: /dev + type: Directory + name: device-dir --- -apiVersion: v1 -kind: Service -metadata: - name: hcloud-csi-controller-metrics - namespace: kube-system - labels: - app: hcloud-csi -spec: - selector: - app: hcloud-csi-controller - ports: - - port: 9189 - name: metrics - targetPort: metrics - ---- -apiVersion: v1 -kind: Service +apiVersion: storage.k8s.io/v1 +kind: CSIDriver metadata: - name: hcloud-csi-node-metrics - namespace: kube-system - labels: - app: hcloud-csi + name: csi.hetzner.cloud spec: - selector: - app: hcloud-csi - ports: - - port: 9189 - name: metrics - targetPort: metrics + attachRequired: true + podInfoOnMount: true + volumeLifecycleModes: + - Persistent diff --git a/terraform/.terraform.lock.hcl b/terraform/.terraform.lock.hcl index 2c0caa3..251a3bb 100644 --- a/terraform/.terraform.lock.hcl +++ b/terraform/.terraform.lock.hcl @@ -2,21 +2,23 @@ # Manual edits may be lost in future updates. provider "registry.terraform.io/hetznercloud/hcloud" { - version = "1.26.0" - constraints = "1.26.0" + version = "1.33.2" + constraints = "1.33.2" hashes = [ - "h1:Jaa0n0KSR/kq4RZbtOBSQLsZGQTK1yqxvS9H2JKe+SQ=", - "zh:03d7eb722a4ee25774949baace0125392060d0369d4cb9257d7d298ab6ece3ff", - "zh:0fed2e63ac4cb6fe6b2a5b6891abf973cb7c1716e487fbabc09216e0ec05e866", - "zh:1a84c8c1c8e2d6607de5aa09aa3f9254183cde75a5acc666cca5f4b02a1d290e", - "zh:23ac426aa3a0001fb20045dc35569978864f139732f45ab671c64e80123c91a1", - "zh:23b78348b24ae3e4679bd90989c999346efd71ee228d17368d5f556f63e5fd06", - "zh:2503fe28ac87661af96e7755a7404307000822104ac1abc571271eee46c95ab5", - "zh:3fe859b2611d20ed5cd65cc2ec812acf73c7dfb39f2fee45ef99a3896c2662a8", - "zh:51ef869ed35d0d8aada35f587c4a64802f1140dc93c40a4e7c9800560143bb1a", - "zh:69b93cf4adca465b89da08e4e3b4aaf831821f1fbae68e526c0a292b3cfa463d", - "zh:6a4e23c6aa86e3d30240e6e4c97daef3af9ad217be2c6f35300fe1839fdbf8b2", - "zh:97a513459692a981a62b4a566c1d736c4a67622d2fbbee3771ec3ea8d576d484", - "zh:fec6c07731e23d1dd45015b44747b89c4fee58b5b2560f96d24c7da5a8ecb2ad", + "h1:Mg5XSUHd/9nMXjFfAkobU9UEl+q1Dssuq0AE1cGEbX0=", + "zh:0a5d0f332d7dfe77fa27301094af98a185aabfb9f56d71b81936e03211e4d66f", + "zh:0e047859ee7296f335881933ccf8ce8c07aa47bef56d5449a81b85a2d9dac93a", + "zh:1d3d0896f518df9e245c3207ed231e528f5dcfe628508e7c3ceba4a2bfefaa7a", + "zh:1d7a31c8c490512896ce327ab220e950f1a2e30ee83cc2e58e69bbbfbbb87e72", + "zh:67cbb2492683cb22f6c54f26bee72aec140c8dd2d0881b2815d2ef80959fc751", + "zh:771062815e662979204ac2dc91c34c893f27670d67e02370e48124483d3c9838", + "zh:957ebb146898cd059c0cc8b4c32e574b61041d8b6a11cd854b3cc1d3baaeb3a9", + "zh:95dbd8634000b979213cb97b5d869cad78299ac994d0665d150c8dafc1390429", + "zh:a21b22b2e9d835e1b8b3b7e0b41a4d199171d62e9e9be78c444c700e96b31316", + "zh:aead1ba50640a51f20d574374f2c6065d9bfa4eea5ef044d1475873c33e58239", + "zh:cefabd0a78af40ea5cd08e1ca436c753df9b1c6496eb27281b755a2de1f167ab", + "zh:d98cffc5206b9a7550a23e13031a6f53566bd1ed3bf65314bc55ef12404d49ce", + "zh:dddaaf95b6aba701153659feff12c7bce6acc78362cb5ff8321a1a1cbf780cd9", + "zh:fd662b483250326a1bfbe5684c22c5083955a43e0773347eea35cd4c2cfe700e", ] } diff --git a/terraform/hcloud.tf b/terraform/hcloud.tf index 61c0285..64e01a8 100644 --- a/terraform/hcloud.tf +++ b/terraform/hcloud.tf @@ -2,7 +2,7 @@ terraform { required_providers { hcloud = { source = "hetznercloud/hcloud" - version = "1.26.0" + version = "1.33.2" } } } @@ -10,8 +10,8 @@ terraform { provider "hcloud" {} resource "hcloud_ssh_key" "kubecon" { - name = "KubeCon 2021" - public_key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKtQfpA5hgiFC1b3uVfC/d1qbqmly2qwHkl8BLavzTcg kubecon@europe" + name = "KubeCon 2022" + public_key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHrd/TSz+cnZXrKUSmcQw1gy6AV7OSARz9/A2N02mfui kubecon@europe" } resource "hcloud_network" "k3s" { @@ -54,7 +54,7 @@ resource "hcloud_firewall" "k3s-server" { resource "hcloud_server" "server" { count = 1 name = "server-${count.index}" - image = "ubuntu-20.04" + image = "ubuntu-22.04" server_type = "cx21" location = "nbg1" ssh_keys = [hcloud_ssh_key.kubecon.id] @@ -68,7 +68,7 @@ resource "hcloud_server" "server" { resource "hcloud_server" "agent-cx21" { count = 2 name = "agent-cx21-${count.index}" - image = "ubuntu-20.04" + image = "ubuntu-22.04" server_type = "cx21" location = "nbg1" ssh_keys = [hcloud_ssh_key.kubecon.id]