Go to file

Felix Nehrke dfcdc9797a Setup k3s with the help of ansible after the infra-provisioning

This change is huge! It allows me to manage the k3s installation on the
hetzner-cloud I setup via terraform.

2025-09-15 04:20:22 +02:00

modules/hetzner

Setup k3s with the help of ansible after the infra-provisioning

2025-09-15 04:20:22 +02:00

.gitignore

Setup k3s with the help of ansible after the infra-provisioning

2025-09-15 04:20:22 +02:00

.terraform.lock.hcl

Setup k3s with the help of ansible after the infra-provisioning

2025-09-15 04:20:22 +02:00

download-kube-config.yml

Setup k3s with the help of ansible after the infra-provisioning

2025-09-15 04:20:22 +02:00

inventory.ini.tftpl

Setup k3s with the help of ansible after the infra-provisioning

2025-09-15 04:20:22 +02:00

main.tf

Setup k3s with the help of ansible after the infra-provisioning

2025-09-15 04:20:22 +02:00

README.adoc

Setup k3s with the help of ansible after the infra-provisioning

2025-09-15 04:20:22 +02:00

requirements.yml

Setup k3s with the help of ansible after the infra-provisioning

2025-09-15 04:20:22 +02:00

variables.tf

Setup k3s with the help of ansible after the infra-provisioning

2025-09-15 04:20:22 +02:00

versions.tf

Define a basic but working complete k3s-kubernetes setup

2025-03-10 01:44:56 +01:00

README.adoc

Hetzer Infra

This repository is meant to setup my kubernetes-cluster on Hetzner Cloud. The setup is split into 2 dedicated parts:

Create necessary machines in Hetzner Cloud via terraform.
Install/Upgrade kubernetes-cluster and other software via ansible.

Preparation

Ensure terraform is installed
Ensure ansible is installed
Create config.auto.tfvars with all the needed configuration-secrets (Stored in password-manager)

Setup

In most cases it should be save to follow this guide:

ansible-galaxy install -r requirements.yml (1)
terraform apply (2)
ansible-playbook k3s.orchestration.site -i inventory.ini (3)
ansible-playbook download-kube-config.yml -i inventory.ini (4)
ansible-playbook k3s.orchestration.upgrade -i inventory.ini (5)

1	Install required ansible collections to create a k3s-cluster (can be omitted in subsequent runs)
2	Setup infrastructure and create/update inventory.ini (This might take some time, even after it’s "ready")
3	Install k3s
4	Download the kube-config to .kube/config
5	Update k3s when necessary

Step 4 will override any existing kube config this might destroy any existing settings!

Enlarge / Reduce size of cluster

Increase

Simply adjust the number of agents/servers in your config.auto.tfvars.
Run steps 2 & 3 of the setup again

Decrease

If you want shrink the cluster DO NOT reduce the agent-amount directly! Instead proceed as the following:

Open k9s and go to :nodes
Select the highest agent and press r to drain it
Afterward that succeeded delete it with Ctrl-d
Finally reduce the amount of agents in terraform and apply the change

Responsibilities

The terraform scripts are responsible for:

Creation of network for the kubernetes-cluster
- A public subnet exposed to the internet for the kubernetes-servers
- A private subnet for the kubernetes-agents
Routing between the networks
Firewall rules to block everything from the servers except of:
- ping (protocol: icmp)
- kubernetes api (Usually port 6443)
- ssh (I prefer to use a non-standard port since I want to provide a git-server on port 22)
- public services, e.g. http and https (port 80 and 443)
Creating the kubernetes-servers in the public subnet
Creating the kubernetes-agents in the private subnet
Setting up routing on all servers
Setup SSH-connections
Creating DNS-records in Hetzer Cloud

The ansible scripts are responsible for:

Installing k3s
Keep the software up-to-date

README.adoc Unescape Escape

Hetzer Infra

Preparation

Setup

Enlarge / Reduce size of cluster

Responsibilities

README.adoc