feat: first draft of hcloud node pool

Signed-off-by: Henrik Gerdes <[email protected]>
hegerdes · Apr 3, 2024 · 2717371 · 2717371
1 parent e2c9741
commit 2717371
Show file tree

Hide file tree

Showing 12 changed files with 457 additions and 97 deletions.
diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
@@ -1,2 +1,2 @@
 # Default owners - required for review/approval
-*   @bryantbiggs
+*   @hegerdes
diff --git a/README.md b/README.md
@@ -1,28 +1,7 @@
-# AWS <TODO_EXPANDED> Terraform module
+# terraform-hcloud-node-pool terraform module
 
-Terraform module which creates AWS <TODO_EXPANDED> resources.
+Terraform module which creates terraform-hcloud-node-pool resources.
 
-<!--START--->
-## 🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥
-
-After creating a new repository from the template and cloning locally:
-
-```bash
-./eject.sh <module-name>
-```
-
-Where `<module-name>` can be extracted from the repository name using the pattern `terraform-aws-<module-name>`.
-
-For example, if the repository name is `terraform-aws-s3-bucket`, then the module name is `s3-bucket` and the associated eject command is:
-
-```bash
-./eject.sh s3-bucket
-```
-
-Note: this message will self destruct upon ejection!
-
-## 🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥
-<!---END--->
 ## Usage
 
 See [`examples`](https://github.com/clowdhaus/terraform-aws-<TODO>/tree/main/examples) directory for working examples to reference:
@@ -50,27 +29,60 @@ Examples codified under the [`examples`](https://github.com/clowdhaus/terraform-
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.0 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 4.0 |
+| <a name="requirement_hcloud"></a> [hcloud](#requirement\_hcloud) | >=1.40 |
+| <a name="requirement_random"></a> [random](#requirement\_random) | >=3.0 |
 
 ## Providers
 
-No providers.
+| Name | Version |
+|------|---------|
+| <a name="provider_hcloud"></a> [hcloud](#provider\_hcloud) | >=1.40 |
+| <a name="provider_random"></a> [random](#provider\_random) | >=3.0 |
 
 ## Modules
 
 No modules.
 
 ## Resources
 
-No resources.
+| Name | Type |
+|------|------|
+| [hcloud_placement_group.this](https://registry.terraform.io/providers/hetznercloud/hcloud/latest/docs/resources/placement_group) | resource |
+| [hcloud_server.this](https://registry.terraform.io/providers/hetznercloud/hcloud/latest/docs/resources/server) | resource |
+| [hcloud_ssh_key.this](https://registry.terraform.io/providers/hetznercloud/hcloud/latest/docs/resources/ssh_key) | resource |
+| [random_string.this](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/string) | resource |
+| [hcloud_image.this](https://registry.terraform.io/providers/hetznercloud/hcloud/latest/docs/data-sources/image) | data source |
+| [hcloud_network.this](https://registry.terraform.io/providers/hetznercloud/hcloud/latest/docs/data-sources/network) | data source |
 
 ## Inputs
 
-No inputs.
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_backups"></a> [backups](#input\_backups) | Backups enabled | `bool` | `false` | no |
+| <a name="input_create_ssh_keys"></a> [create\_ssh\_keys](#input\_create\_ssh\_keys) | Hetzner allows create a ssh key only once. By default you have to create them before. If you set this flag the module will create them. | `bool` | `false` | no |
+| <a name="input_firewall_ids"></a> [firewall\_ids](#input\_firewall\_ids) | Ids of firewall attacted to the server | `list(string)` | `[]` | no |
+| <a name="input_image"></a> [image](#input\_image) | Node image name. | `string` | `"debian-12"` | no |
+| <a name="input_instance_type"></a> [instance\_type](#input\_instance\_type) | Node instance type. | `string` | `"cx11"` | no |
+| <a name="input_location"></a> [location](#input\_location) | Node location. | `string` | n/a | yes |
+| <a name="input_name"></a> [name](#input\_name) | Node name prefix. | `string` | n/a | yes |
+| <a name="input_network_name"></a> [network\_name](#input\_network\_name) | Node network name | `string` | `null` | no |
+| <a name="input_private_ip_addresses"></a> [private\_ip\_addresses](#input\_private\_ip\_addresses) | Node private ips. Network name must be set for this. | `list(string)` | `[]` | no |
+| <a name="input_public_ipv4"></a> [public\_ipv4](#input\_public\_ipv4) | Node public ipv4 ip | `bool` | `true` | no |
+| <a name="input_public_ipv6"></a> [public\_ipv6](#input\_public\_ipv6) | Node public ipv6 ip | `bool` | `true` | no |
+| <a name="input_size"></a> [size](#input\_size) | Nuber of nodes to create. Will only be used if vm\_names is empty. | `number` | `1` | no |
+| <a name="input_snapshot_image"></a> [snapshot\_image](#input\_snapshot\_image) | Node image is snapshot | `bool` | `false` | no |
+| <a name="input_ssh_keys"></a> [ssh\_keys](#input\_ssh\_keys) | Nodes public ssh keys ids or names or the key itself. If its the key you have to set create\_ssh\_keys. | `list(string)` | `[]` | no |
+| <a name="input_tags"></a> [tags](#input\_tags) | Node tags/labels | `any` | `{}` | no |
+| <a name="input_user_data"></a> [user\_data](#input\_user\_data) | Node user data (cloud-init) | `string` | `null` | no |
+| <a name="input_vm_names"></a> [vm\_names](#input\_vm\_names) | List of names for the VMs. to create | `list(string)` | `[]` | no |
 
 ## Outputs
 
-No outputs.
+| Name | Description |
+|------|-------------|
+| <a name="output_ids"></a> [ids](#output\_ids) | List of all ids for every created server. |
+| <a name="output_ips"></a> [ips](#output\_ips) | List of all public ips of every created server. Includes IPv4 & IPv6. |
+| <a name="output_names"></a> [names](#output\_names) | List of all names for every created server. |
 <!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
 
 ## License

diff --git a/eject.sh b/eject.sh
diff --git a/examples/complete/README.md b/examples/complete/README.md
@@ -22,23 +22,32 @@ Note that this example may create resources which will incur monetary charges on
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.0 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 4.0 |
+| <a name="requirement_hcloud"></a> [hcloud](#requirement\_hcloud) | 1.45.0 |
+| <a name="requirement_random"></a> [random](#requirement\_random) | 3.5.1 |
 
 ## Providers
 
-No providers.
+| Name | Version |
+|------|---------|
+| <a name="provider_hcloud"></a> [hcloud](#provider\_hcloud) | 1.45.0 |
 
 ## Modules
 
 | Name | Source | Version |
 |------|--------|---------|
-| <a name="module_<TODO_UNDER>"></a> [<TODO\_UNDER>](#module\_<TODO\_UNDER>) | ../.. | n/a |
-| <a name="module_<TODO_UNDER>_disabled"></a> [<TODO\_UNDER>\_disabled](#module\_<TODO\_UNDER>\_disabled) | ../.. | n/a |
-| <a name="module_vpc"></a> [vpc](#module\_vpc) | terraform-aws-modules/vpc/aws | ~> 4.0 |
+| <a name="module_advanced"></a> [advanced](#module\_advanced) | ../.. | n/a |
+| <a name="module_disabled"></a> [disabled](#module\_disabled) | ../.. | n/a |
+| <a name="module_minimal"></a> [minimal](#module\_minimal) | ../.. | n/a |
+| <a name="module_named"></a> [named](#module\_named) | ../.. | n/a |
 
 ## Resources
 
-No resources.
+| Name | Type |
+|------|------|
+| [hcloud_network.example](https://registry.terraform.io/providers/hetznercloud/hcloud/1.45.0/docs/resources/network) | resource |
+| [hcloud_network_subnet.subnet_1](https://registry.terraform.io/providers/hetznercloud/hcloud/1.45.0/docs/resources/network_subnet) | resource |
+| [hcloud_network_subnet.subnet_n](https://registry.terraform.io/providers/hetznercloud/hcloud/1.45.0/docs/resources/network_subnet) | resource |
+| [hcloud_ssh_key.example](https://registry.terraform.io/providers/hetznercloud/hcloud/1.45.0/docs/resources/ssh_key) | resource |
 
 ## Inputs
 

diff --git a/examples/complete/data/cloud-init-default.yml b/examples/complete/data/cloud-init-default.yml
@@ -0,0 +1,28 @@
+#cloud-config
+
+ssh_pwauth: false
+
+groups:
+  - cloud
+
+users:
+  - name: myuser
+    sudo: ALL=(ALL) NOPASSWD:ALL
+    groups: users, cloud
+    shell: /bin/bash
+    lock_passwd: true
+    ssh_authorized_keys:
+%{ for key in ssh_key ~}
+      - ${key}
+%{ endfor ~}
+
+# Install base packages
+package_update: true
+package_upgrade: true
+package_reboot_if_required: true
+
+power_state:
+ mode: reboot
+ message: Bye Bye
+ timeout: 300
+ condition: True
diff --git a/examples/complete/data/cloud-test.pub b/examples/complete/data/cloud-test.pub
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEy5tYE3kwa+0NFEme99uxwlAyWhRcr3fvf/XsroGS4U [email protected]
diff --git a/examples/complete/main.tf b/examples/complete/main.tf
@@ -1,58 +1,160 @@
-provider "aws" {
-  region = local.region
-}
-
-data "aws_availability_zones" "available" {}
-
 locals {
-  region = "us-east-1"
-  name   = "<TODO>-ex-${basename(path.cwd)}"
-
-  vpc_cidr = "10.0.0.0/16"
-  azs      = slice(data.aws_availability_zones.available.names, 0, 3)
-
+  name            = "hcloud-node-pool-${basename(path.cwd)}"
+  location        = "fsn1"
+  network_name    = "demo-net"
+  ssh_key_paths   = ["~/.ssh/id_rsa.pub", "data/cloud-test.pub"]
+  ssh_keys        = [for key in local.ssh_key_paths : file(key) if fileexists(key)]
+  cloud_init_path = "data/cloud-init-default.yml"
   tags = {
-    Name       = local.name
-    Example    = local.name
-    Repository = "https://github.com/clowdhaus/terraform-aws-<TODO>"
+    name    = local.name
+    example = local.name
+    # repository = "https://github.com/hegerdes/terraform-hcloud-node-pool"
   }
 }
 
 ################################################################################
-# <TODO_EXPANDED> Module
+# hcloud-node-pool Module
 ################################################################################
 
-module "<TODO_UNDER>" {
+module "disabled" {
   source = "../.."
 
-  create = false
+  size     = 0
+  name     = "disabled"
+  location = local.location
+}
 
-  tags = local.tags
+module "minimal" {
+  source = "../.."
+
+  size     = 1
+  name     = "minimal"
+  location = local.location
+  tags     = local.tags
 }
 
-module "<TODO_UNDER>_disabled" {
+module "named" {
   source = "../.."
 
-  create = false
+  size          = 3
+  name          = "named"
+  image         = "ubuntu-22.04"
+  vm_names      = ["vm1", "vm2", "vm3"]
+  location      = local.location
+  instance_type = "cax11"
+  public_ipv4   = false
+  ssh_keys      = local.ssh_keys
+  network_name  = local.network_name
+  # Only works if ssh keys below are not created
+  # create_ssh_keys = true
+
+  # Last vm will auto assign a pvt ip
+  private_ip_addresses = ["10.0.0.5", "10.0.0.6", "10.0.0.7"]
+  tags                 = local.tags
+
+  depends_on = [hcloud_network.example]
+
+}
+
+module "advanced" {
+  source   = "../.."
+  for_each = local.node_pools
+
+  name          = each.value.name
+  size          = each.value.size
+  image         = each.value.image
+  location      = each.value.location
+  instance_type = each.value.instance
+  ssh_keys      = each.value.ssh_keys
+
+  tags                 = each.value.tags
+  user_data            = each.value.user_data
+  network_name         = each.value.network_name
+  private_ip_addresses = each.value.private_ip_addresses
+
+  depends_on = [hcloud_network.example]
+}
+
+# Multiple node_pools
+locals {
+  node_pool_config = [
+    {
+      name     = "controlplane-node-amd64"
+      instance = "cx11"
+      image    = "debian-12"
+      size     = 1
+      tags = {
+        k8s = "control-plane"
+      }
+    },
+    {
+      name     = "worker-node-amd64"
+      instance = "cx11"
+      image    = "debian-12"
+      size     = 1
+      tags = {
+        k8s = "worker"
+      }
+      }, {
+      name     = "worker-node-arm64"
+      instance = "cax11"
+      image    = "debian-12"
+      size     = 1
+      tags = {
+        k8s = "worker"
+      }
+    }
+
+  ]
+
+  node_pools = { for index, pool in local.node_pool_config :
+    pool.name => merge(
+      pool, {
+        user_data = templatefile(local.cloud_init_path, {
+          ssh_key = [for key in local.ssh_keys : key]
+        })
+        tags                 = merge(pool.tags, local.tags)
+        ssh_keys             = [for key in hcloud_ssh_key.example : key.name]
+        network_name         = hcloud_network.example.name
+        location             = local.location
+        private_ip_addresses = try([for i in range(pool.size) : cidrhost("10.0.${index + 1}.0/24", i + 8)], [])
+      }
+    )
+  }
 }
 
 ################################################################################
-# Supporting Resources
+# helper
 ################################################################################
 
-module "vpc" {
-  source  = "terraform-aws-modules/vpc/aws"
-  version = "~> 4.0"
-
-  name = local.name
-  cidr = local.vpc_cidr
+resource "hcloud_network" "example" {
+  name     = local.network_name
+  ip_range = "10.0.0.0/16"
+}
 
-  azs             = local.azs
-  public_subnets  = [for k, v in local.azs : cidrsubnet(local.vpc_cidr, 8, k)]
-  private_subnets = [for k, v in local.azs : cidrsubnet(local.vpc_cidr, 8, k + 10)]
+resource "hcloud_network_subnet" "subnet_1" {
+  type         = "cloud"
+  network_id   = hcloud_network.example.id
+  network_zone = "eu-central"
+  ip_range     = "10.0.0.0/24"
+}
 
-  enable_nat_gateway = true
-  single_nat_gateway = true
+resource "hcloud_ssh_key" "example" {
+  for_each   = toset(local.ssh_keys)
+  name       = sha256(each.key)
+  public_key = each.key
+  lifecycle {
+    create_before_destroy = false
+  }
+}
 
-  tags = local.tags
+resource "hcloud_network_subnet" "subnet_n" {
+  type         = "cloud"
+  network_id   = hcloud_network.example.id
+  network_zone = "eu-central"
+  ip_range     = "10.0.${count.index + 1}.0/24"
+  count        = length(local.node_pools)
+  lifecycle {
+    create_before_destroy = false
+  }
 }
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEy5tYE3kwa+0NFEme99uxwlAyWhRcr3fvf/XsroGS4U [email protected]