Skip to content

big-bag/Hetzner-Kubernetes

1 Branch0 Tags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

author
big-bag
Deploying resources using Mitogen
Jan 31, 2022
a55b481 · Jan 31, 2022

History

28 Commits
host_vars/localhost
host_vars/localhost
Jan 31, 2022
roles
roles
Jan 31, 2022
submodules
submodules
Jan 31, 2022
.dockerignore
.dockerignore
Jan 31, 2022
.gitignore
.gitignore
Jan 5, 2022
.gitmodules
.gitmodules
Jan 31, 2022
Dockerfile
Dockerfile
Jan 31, 2022
README.md
README.md
Jan 31, 2022
ansible.cfg
ansible.cfg
Jan 31, 2022
site.yml
site.yml
Jan 31, 2022

Repository files navigation

Setting up environment

Initialize submodules

git submodule sync
git submodule update --init

Build image

docker build --rm --file Dockerfile --tag ansible:2.10.15 .

Write secrets to encrypted file

Create Vault password file named .vault_password and add password into it

Create encrypted file

docker run --rm -ti \
    --volume=(pwd):/etc/ansible \
    ansible:2.10.15 \
        ansible-vault create host_vars/localhost/vault.yml

Edit encrypted file

docker run --rm -ti \
    --volume=(pwd):/etc/ansible \
    ansible:2.10.15 \
        ansible-vault edit host_vars/localhost/vault.yml

  1. Generate API token to access Hetzner

    • <Project_name> -> Security -> API TOKENS
    • Permissions: Read & Write
    • Write token to variable vault_hcloud_token

  2. Write domain to variable vault_domain, e.g. domain.com

  3. Write username and comment for technical account to variables:

    • vault_name
    • vault_comment

  4. Write custom SSH port to variable vault_ssh_port

  5. Write creadentials to access 1Password to variables:

    • vault_1password_device_id - can be found in ~/.op/config
    • vault_1password_master_password, e.g. 'S0me P@ssword'
    • vault_1password_subdomain, e.g. my
    • vault_1password_email_address
    • vault_1password_secret_key
    • vault_1password_vault_name - vault to write secrets (will be created if doesn't exist)

  6. Generate token to access GitHub

    • <GitHub_profile> -> Settings -> Developer settings -> Personal access tokens
    • Scopes: public_repo
    • Write username to variable vault_github_username
    • Write token to variable vault_github_password

  7. Generate API token to access Cloudflare

    • My Profile -> API Tokens -> API Tokens
    • Permissions:
      • Zone Zone Read
      • Zone DNS Edit
    • Zone Resources:
      • Include -> Specific zone -> domain from step 2, e.g. domain.com
    • Write token to variable vault_cloudflare_api_token

  8. Write e-mail address for Let's Encrypt to variable vault_letsencrypt_email

Launch installation

Run playbook to install kubernetes cluster

docker run --rm -t \
    --volume=(pwd):/etc/ansible \
    ansible:2.10.15 \
        ansible-playbook site.yml

Run playbook to delete all resources

docker run --rm -t \
    --volume=(pwd):/etc/ansible \
    ansible:2.10.15 \
        ansible-playbook site.yml --tags "destroy"

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages