fix up gcp/hetzner

berops · Jul 22, 2024 · 42e963e · 42e963e
1 parent 55b35c2
commit 42e963e
Show file tree

Hide file tree

Showing 8 changed files with 167 additions and 116 deletions.
diff --git a/templates/terraformer/gcp/dns.tpl b/templates/terraformer/gcp/dns.tpl
@@ -1,30 +1,35 @@
+{{- $specName          := .Data.Provider.SpecName }}
+{{- $gcpProject        := .Data.Provider.GcpProject }}
+{{- $uniqueFingerPrint := .Fingerprint }}
+{{- $resourceSuffix    := printf "%s_%s" $specName $uniqueFingerPrint }}
+
 provider "google" {
-    credentials = "${file("{{ .Provider.SpecName }}")}"
-    project     = "{{ .Provider.GcpProject }}"
-    alias       = "dns_gcp"
+    credentials = "${file("{{ $specName }}")}"
+    project     = "{{ $gcpProject }}"
+    alias       = "dns_gcp_{{ $resourceSuffix }}"
 }
 
-data "google_dns_managed_zone" "gcp_zone" {
-  provider  = google.dns_gcp
-  name      = "{{ .DNSZone }}"
+data "google_dns_managed_zone" "gcp_zone_{{ $resourceSuffix }}" {
+  provider  = google.dns_gcp_{{ $resourceSuffix }}
+  name      = "{{ .Data.DNSZone }}"
 }
 
-resource "google_dns_record_set" "record" {
-  provider = google.dns_gcp
+resource "google_dns_record_set" "record_{{ $resourceSuffix }}" {
+  provider = google.dns_gcp_{{ $resourceSuffix }}
 
-  name = "{{ .HostnameHash }}.${data.google_dns_managed_zone.gcp_zone.dns_name}"
+  name = "{{ .Data.HostnameHash }}.${data.google_dns_managed_zone.gcp_zone_{{ $resourceSuffix }}.dns_name}"
   type = "A"
   ttl  = 300
 
-  managed_zone = data.google_dns_managed_zone.gcp_zone.name
+  managed_zone = data.google_dns_managed_zone.gcp_zone_{{ $resourceSuffix }}.name
 
   rrdatas = [
-      {{- range $IP := .NodeIPs }}
-      "{{ $IP }}",
+      {{- range $ip := .Data.RecordData.IP }}
+          "{{ $ip.V4 }}",
       {{- end }}
     ]
 }
 
-output "{{.ClusterName}}-{{.ClusterHash}}" {
-  value = { "{{.ClusterName}}-{{.ClusterHash}}-endpoint" = google_dns_record_set.record.name }
+output "{{.Data.ClusterName}}-{{.Data.ClusterHash}}-{{ $uniqueFingerPrint }}" {
+  value = { "{{.Data.ClusterName}}-{{.Data.ClusterHash}}-endpoint" = google_dns_record_set.record_{{ $resourceSuffix }}.name }
 }
diff --git a/templates/terraformer/gcp/networking.tpl b/templates/terraformer/gcp/networking.tpl
@@ -4,6 +4,8 @@
 {{- $uniqueFingerPrint     := .Fingerprint }}
 {{- $isKubernetesCluster   := eq .Data.ClusterData.ClusterType "K8s" }}
 {{- $isLoadbalancerCluster := eq .Data.ClusterData.ClusterType "LB" }}
+{{- $LoadBalancerRoles     := .Data.LBData.Roles }}
+{{- $K8sHasAPIServer       := .Data.K8sData.HasAPIServer }}
 
 {{- range $_, $region := .Data.Regions}}
 
@@ -29,8 +31,7 @@ resource "google_compute_network" "{{ $computeNetworkResourceName }}" {
 
 {{- $computeFirewallResourceName     := printf "firewall_%s"  $resourceSuffix }}
 {{- $computeFirewallName             := printf "fwl-%s-%s-%s" $clusterHash $region $specName}}
-{{- $LoadBalancerRoles               := index $.Data.Metadata "roles" }}
-{{- $LoadBalancerHasNotApiServerRole := index $.Data.Metadata "loadBalancers" | targetPorts | isMissing 6443 }}
+
 
 resource "google_compute_firewall" "{{ $computeFirewallResourceName }}" {
   provider     = google.nodepool_{{ $resourceSuffix }}
@@ -48,7 +49,7 @@ resource "google_compute_firewall" "{{ $computeFirewallResourceName }}" {
 {{- end }}
 
 {{- if $isKubernetesCluster }}
-  {{- if $LoadBalancerHasNotApiServerRole }}
+  {{- if $K8sHasAPIServer }}
   allow {
       protocol = "TCP"
       ports    = ["6443"]

diff --git a/templates/terraformer/gcp/node.tpl b/templates/terraformer/gcp/node.tpl
@@ -7,8 +7,8 @@
 
 {{- range $_, $nodepool := .Data.NodePools }}
 
-{{- $region         := $nodepool.NodePool.Region }}
-{{- $specName       := $nodepool.NodePool.Provider.SpecName }}
+{{- $region         := $nodepool.Details.Region }}
+{{- $specName       := $nodepool.Details.Provider.SpecName }}
 {{- $resourceSuffix := printf "%s_%s_%s" $region $specName $uniqueFingerPrint }}
 
     {{- range $node := $nodepool.Nodes }}
@@ -17,13 +17,13 @@
         {{- $computeInstanceName          := printf "snt-%s-%s-%s" $clusterHash $region $nodepool.Name }}
         {{- $computeSubnetResourceName    := printf "%s_%s_subnet" $nodepool.Name $resourceSuffix }}
         {{- $varStorageDiskName           := printf "gcp_storage_disk_name_%s" $resourceSuffix }}
-        {{- $isWorkerNodeWithDiskAttached := and (not $nodepool.IsControl) (gt $nodepool.NodePool.StorageDiskSize 0) }}
+        {{- $isWorkerNodeWithDiskAttached := and (not $nodepool.IsControl) (gt $nodepool.Details.StorageDiskSize 0) }}
 
         resource "google_compute_instance" "{{ $computeInstanceResourceName}}" {
           provider                  = google.nodepool_{{ $resourceSuffix }}
-          zone                      = "{{ $nodepool.NodePool.Zone }}"
+          zone                      = "{{ $nodepool.Details.Zone }}"
           name                      = "{{ $node.Name }}"
-          machine_type              = "{{ $nodepool.NodePool.ServerType }}"
+          machine_type              = "{{ $nodepool.Details.ServerType }}"
           description   = "Managed by Claudie for cluster {{ $clusterName }}-{{ $clusterHash }}"
           allow_stopping_for_update = true
 
@@ -45,7 +45,7 @@
             boot_disk {
               initialize_params {
                 size = "50"
-                image = "{{ $nodepool.NodePool.Image }}"
+                image = "{{ $nodepool.Details.Image }}"
               }
             }
             metadata_startup_script = "echo 'PermitRootLogin without-password' >> /etc/ssh/sshd_config && echo 'PubkeyAuthentication yes' >> /etc/ssh/sshd_config && service sshd restart"
@@ -55,7 +55,7 @@
             boot_disk {
               initialize_params {
                 size = "100"
-                image = "{{ $nodepool.NodePool.Image }}"
+                image = "{{ $nodepool.Details.Image }}"
               }
             }
 
@@ -107,8 +107,8 @@ EOF
               # suffix 'd' as otherwise the creation of the VM instance and attachment of the disk will fail, if having the same name as the node.
               name     = "{{ $computeDiskName }}"
               type     = "pd-ssd"
-              zone     = "{{ $nodepool.NodePool.Zone }}"
-              size     = {{ $nodepool.NodePool.StorageDiskSize }}
+              zone     = "{{ $nodepool.Details.Zone }}"
+              size     = {{ $nodepool.Details.StorageDiskSize }}
 
               labels = {
                 managed-by = "claudie"
@@ -120,7 +120,7 @@ EOF
               provider    = google.nodepool_{{ $resourceSuffix }}
               disk        = google_compute_disk.{{ $computeDiskResourceName }}.id
               instance    = google_compute_instance.{{ $computeInstanceResourceName }}.id
-              zone        = "{{ $nodepool.NodePool.Zone }}"
+              zone        = "{{ $nodepool.Details.Zone }}"
               device_name = var.{{ $varStorageDiskName }}
             }
             {{- end }}

diff --git a/templates/terraformer/gcp/node_networking.tpl b/templates/terraformer/gcp/node_networking.tpl
@@ -4,13 +4,13 @@
 
 {{- range $_, $nodepool := .Data.NodePools }}
 
-{{- $region                     := $nodepool.NodePool.Region }}
-{{- $specName                   := $nodepool.NodePool.Provider.SpecName }}
+{{- $region                     := $nodepool.Details.Region }}
+{{- $specName                   := $nodepool.Details.Provider.SpecName }}
 {{- $resourceSuffix             := printf "%s_%s_%s" $region $specName $uniqueFingerPrint }}
 
 {{- $computeSubnetResourceName  := printf "%s_%s_subnet" $nodepool.Name $resourceSuffix }}
 {{- $computeSubnetName          := printf "snt-%s-%s-%s" $clusterHash $region $nodepool.Name }}
-{{- $computeSubnetCIDR          := index $.Data.Metadata (printf "%s-subnet-cidr" $nodepool.Name ) }}
+{{- $computeSubnetCIDR          := $nodepool.Details.Cidr }}
 
 resource "google_compute_subnetwork" "{{ $computeSubnetResourceName }}" {
   provider      = google.nodepool_{{ $resourceSuffix }}

diff --git a/templates/terraformer/hetzner/networking.tpl b/templates/terraformer/hetzner/networking.tpl
@@ -1,11 +1,19 @@
-{{- $clusterName := .ClusterData.ClusterName }}
-{{- $clusterHash := .ClusterData.ClusterHash }}
+{{- $clusterName           := .Data.ClusterData.ClusterName}}
+{{- $clusterHash           := .Data.ClusterData.ClusterHash}}
+{{- $specName              := .Data.Provider.SpecName }}
+{{- $uniqueFingerPrint     := .Fingerprint }}
+{{- $isKubernetesCluster   := eq .Data.ClusterData.ClusterType "K8s" }}
+{{- $isLoadbalancerCluster := eq .Data.ClusterData.ClusterType "LB" }}
+{{- $LoadBalancerRoles     := .Data.LBData.Roles }}
+{{- $K8sHasAPIServer       := .Data.K8sData.HasAPIServer }}
+{{- $resourceSuffix        := printf "%s_%s" $specName $uniqueFingerPrint }}
 
-{{- $specName := $.Provider.SpecName }}
+{{- $firewallResourceName  := printf "firewall_%s" $resourceSuffix }}
+{{- $firewallName  := printf "fwl-%s-%s" $clusterHash $specName }}
 
-resource "hcloud_firewall" "firewall_{{ $specName }}" {
-  provider = hcloud.nodepool_{{ $specName }}
-  name     = "fwl-{{ $clusterHash }}-{{ $specName }}"
+resource "hcloud_firewall" "{{ $firewallResourceName }}" {
+  provider = hcloud.nodepool_{{ $resourceSuffix }}
+  name     = "{{ $firewallName }}"
   rule {
     direction  = "in"
     protocol   = "icmp"
@@ -35,8 +43,8 @@ resource "hcloud_firewall" "firewall_{{ $specName }}" {
     ]
   }
 
-{{- if eq $.ClusterData.ClusterType "LB" }}
-  {{- range $role := index $.Metadata "roles" }}
+{{- if $isLoadbalancerCluster }}
+  {{- range $role := $LoadBalancerRoles }}
   rule {
     direction  = "in"
     protocol   = "{{ $role.Protocol }}"
@@ -49,8 +57,8 @@ resource "hcloud_firewall" "firewall_{{ $specName }}" {
   {{- end }}
 {{- end }}
 
-{{- if eq $.ClusterData.ClusterType "K8s" }}
-  {{- if index $.Metadata "loadBalancers" | targetPorts | isMissing 6443 }}
+{{- if $isKubernetesCluster }}
+  {{- if $K8sHasAPIServer }}
   rule {
     direction  = "in"
     protocol   = "tcp"

diff --git a/templates/terraformer/hetzner/node.tpl b/templates/terraformer/hetzner/node.tpl
@@ -1,88 +1,113 @@
-{{- $clusterName := .ClusterData.ClusterName }}
-{{- $clusterHash := .ClusterData.ClusterHash }}
+{{- $clusterName           := .Data.ClusterData.ClusterName}}
+{{- $clusterHash           := .Data.ClusterData.ClusterHash}}
+{{- $uniqueFingerPrint     := .Fingerprint }}
+{{- $isKubernetesCluster   := eq .Data.ClusterData.ClusterType "K8s" }}
+{{- $isLoadbalancerCluster := eq .Data.ClusterData.ClusterType "LB" }}
+
 
 {{- range $nodepool := .NodePools }}
 
-{{- $specName := $nodepool.NodePool.Provider.SpecName }}
+{{- $specName       := $nodepool.Details.Provider.SpecName }}
+{{- $resourceSuffix := printf "%s_%s" $specName $uniqueFingerPrint }}
 
-resource "hcloud_ssh_key" "{{ $nodepool.Name }}_key_{{ $specName }}" {
-  provider   = hcloud.nodepool_{{ $specName }}
-  name       = "{{ $nodepool.Name }}-key-{{ $clusterHash }}-{{ $specName }}"
-  public_key = file("./{{ $nodepool.Name }}")
+{{- $sshKeyResourceName := printf "key_%s_%s" $nodepool.Name $resourceSuffix }}
+{{- $sshKeyName         := printf "key-%s-%s-%s" $nodepool.Name $clusterHash $specName }}
 
-  labels = {
-    "managed-by"      : "Claudie"
-    "claudie-cluster" : "{{ $clusterName }}-{{ $clusterHash }}"
-  }
-}
+    resource "hcloud_ssh_key" "{{ $sshKeyResourceName }}" {
+      provider   = hcloud.nodepool_{{ $specName }}
+      name       = "{{ $sshKeyName }}"
+      public_key = file("./{{ $nodepool.Name }}")
 
-{{- range $node := $nodepool.Nodes }}
-resource "hcloud_server" "{{ $node.Name }}_{{ $specName }}" {
-  provider      = hcloud.nodepool_{{ $specName }}
-  name          = "{{ $node.Name }}"
-  server_type   = "{{ $nodepool.NodePool.ServerType }}"
-  image         = "{{ $nodepool.NodePool.Image }}"
-  firewall_ids  = [hcloud_firewall.firewall_{{ $specName }}.id]
-  datacenter    = "{{ $nodepool.NodePool.Zone }}"
-  public_net {
-     ipv6_enabled = false
-  }
-  ssh_keys = [
-    hcloud_ssh_key.{{ $nodepool.Name }}_key_{{ $specName }}.id,
-  ]
-  labels = {
-    "managed-by"      : "Claudie"
-    "claudie-cluster" : "{{ $clusterName }}-{{ $clusterHash }}"
-  }
+      labels = {
+        "managed-by"      : "Claudie"
+        "claudie-cluster" : "{{ $clusterName }}-{{ $clusterHash }}"
+      }
+    }
+
+    {{- range $node := $nodepool.Nodes }}
 
-{{- if eq $.ClusterData.ClusterType "K8s" }}
-  user_data = <<EOF
+        {{- $serverResourceName           := printf "%s_%s" $node.Name $resourceSuffix }}
+        {{- $firewallResourceName         := printf "firewall_%s" $resourceSuffix }}
+        {{- $isWorkerNodeWithDiskAttached := and (not $nodepool.IsControl) (gt $nodepool.Details.StorageDiskSize 0) }}
+        {{- $volumeResourceName           := printf "%s_%s_volume" %node.Name $resourceSuffix }}
+
+        resource "hcloud_server" "{{ $serverResourceName }}" {
+          provider      = hcloud.nodepool_{{ $resourceSuffix }}
+          name          = "{{ $node.Name }}"
+          server_type   = "{{ $nodepool.NodePool.ServerType }}"
+          image         = "{{ $nodepool.NodePool.Image }}"
+          firewall_ids  = [ hcloud_firewall.{{ $firewallResourceName }}.id ]
+          datacenter    = "{{ $nodepool.NodePool.Zone }}"
+          public_net {
+             ipv6_enabled = false
+          }
+          ssh_keys = [
+            hcloud_ssh_key.{{ $sshKeyResourceName }}.id,
+          ]
+          labels = {
+            "managed-by"      : "Claudie"
+            "claudie-cluster" : "{{ $clusterName }}-{{ $clusterHash }}"
+          }
+
+        {{- if $isKubernetesCluster }}
+          user_data = <<EOF
 #!/bin/bash
 # Create longhorn volume directory
 mkdir -p /opt/claudie/data
-    {{- if and (not $nodepool.IsControl) (gt $nodepool.NodePool.StorageDiskSize 0) }}
+
+            {{- /* Only Mount disk for Worker nodes that have a non-zero requested disk size */}}
+            {{- if $isWorkerNodeWithDiskAttached }}
+
 # Mount volume only when not mounted yet
 sleep 50
-disk=$(ls -l /dev/disk/by-id | grep "${hcloud_volume.{{ $node.Name }}_{{ $specName }}_volume.id}" | awk '{print $NF}')
+disk=$(ls -l /dev/disk/by-id | grep "${hcloud_volume.{{ $volumeResourceName }}.id}" | awk '{print $NF}')
 disk=$(basename "$disk")
 if ! grep -qs "/dev/$disk" /proc/mounts; then
-  
+
   if ! blkid /dev/$disk | grep -q "TYPE=\"xfs\""; then
     mkfs.xfs /dev/$disk
   fi
   mount /dev/$disk /opt/claudie/data
   echo "/dev/$disk /opt/claudie/data xfs defaults 0 0" >> /etc/fstab
 fi
-    {{- end }}
+
+            {{- end }}
 EOF
-{{- end }}
-}
 
-{{- if eq $.ClusterData.ClusterType "K8s" }}
-    {{- if and (not $nodepool.IsControl) (gt $nodepool.NodePool.StorageDiskSize 0) }}
-resource "hcloud_volume" "{{ $node.Name }}_{{ $specName }}_volume" {
-  provider  = hcloud.nodepool_{{ $specName }}
-  name      = "{{ $node.Name }}d"
-  size      = {{ $nodepool.NodePool.StorageDiskSize }}
-  format    = "xfs"
-  location = "{{ $nodepool.NodePool.Region }}"
-}
+        {{- end }}
+        }
 
-resource "hcloud_volume_attachment" "{{ $node.Name }}_{{ $specName }}_volume_att" {
-  provider  = hcloud.nodepool_{{ $specName }}
-  volume_id = hcloud_volume.{{ $node.Name }}_{{ $specName }}_volume.id
-  server_id = hcloud_server.{{ $node.Name }}_{{ $specName }}.id
-  automount = false
-}
-    {{- end }}
-{{- end }}
+        {{- if $isKubernetesCluster }}
+            {{- if $isWorkerNodeWithDiskAttached }}
 
-{{- end }}
+            {{- $volumeName                   := printf "%sd" $node.Name }}
+            {{- $volumeAttachmentResourceName := printf "%s_att" $volumeResourceName }}
+
+            resource "hcloud_volume" "{{ $volumeResourceName }}" {
+              provider  = hcloud.nodepool_{{ $resourceSuffix }}
+              name      = "{{ $volumeName }}"
+              size      = {{ $nodepool.NodePool.StorageDiskSize }}
+              format    = "xfs"
+              location = "{{ $nodepool.NodePool.Region }}"
+            }
+
+            resource "hcloud_volume_attachment" "{{ $volumeResourceName }}_att" {
+              provider  = hcloud.nodepool_{{ $resourceSuffix }}
+              volume_id = hcloud_volume.{{ $volumeResourceName }}.id
+              server_id = hcloud_server.{{ $serverResourceName }}.id
+              automount = false
+            }
+
+            {{- end }}
+        {{- end }}
+
+    {{- end }}
 
-output "{{ $nodepool.Name }}" {
+output "{{ $nodepool.Name }}_{{ $uniqueFingerPrint }}" {
   value = {
     {{- range $node := $nodepool.Nodes }}
-    "${hcloud_server.{{ $node.Name }}_{{ $specName }}.name}" = hcloud_server.{{ $node.Name }}_{{ $specName }}.ipv4_address
+        {{- $serverResourceName := printf "%s_%s" $node.Name $resourceSuffix }}
+        "${hcloud_server.{{ $serverResourceName }}}" = hcloud_server.{{ $serverResourceName }}.ipv4_address
     {{- end }}
   }
 }

diff --git a/templates/terraformer/hetzner/provider.tpl b/templates/terraformer/hetzner/provider.tpl
@@ -1,4 +1,8 @@
+{{- $specName          := .Data.Provider.SpecName }}
+{{- $uniqueFingerPrint := .Fingerprint }}
+{{- $resourceSuffix    := printf "%s_%s" $specName $uniqueFingerPrint }}
+
 provider "hcloud" {
-  token = "{{ $.Provider.Credentials }}"
-  alias = "nodepool_{{ $.Provider.SpecName }}"
+  token = "${file("{{ $specName }}")}"
+  alias = "nodepool_{{ $resourceSuffix }}"
 }