Skip to content

mrsimonemms/terraform-module-k3s

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
.devcontainer
.devcontainer
 
 
.github/workflows
.github/workflows
 
 
.vscode
.vscode
 
 
examples/hetzner
examples/hetzner
 
 
.commitlintrc.yaml
.commitlintrc.yaml
 
 
.cruft.json
.cruft.json
 
 
.editorconfig
.editorconfig
 
 
.gitignore
.gitignore
 
 
.licenserc.yaml
.licenserc.yaml
 
 
.markdownlint.json
.markdownlint.json
 
 
.pre-commit-config.yaml
.pre-commit-config.yaml
 
 
.terraform.lock.hcl
.terraform.lock.hcl
 
 
.tflint.hcl
.tflint.hcl
 
 
CODE_OF_CONDUCT.md
CODE_OF_CONDUCT.md
 
 
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
locals.tf
locals.tf
 
 
managers.tf
managers.tf
 
 
output.tf
output.tf
 
 
terraform.tf
terraform.tf
 
 
toodaloo.md
toodaloo.md
 
 
variables.tf
variables.tf
 
 
workers.tf
workers.tf
 
 

Repository files navigation

terraform-module-k3s

Build a highly-available k3s cluster with Terraform

Requirements

Name Version
terraform >= 1.0.0
ssh >= 2.7.0, < 3.0.0

Providers

Name Version
ssh 2.7.0

Resources

Name Type
ssh_resource.additional_managers resource
ssh_resource.drain_managers resource
ssh_resource.drain_workers resource
ssh_resource.initial_manager resource
ssh_resource.install_workers resource
ssh_sensitive_resource.join_token resource
ssh_sensitive_resource.kubeconfig resource

Inputs

Name Description Type Default Required
cluster_cidr IPv4/IPv6 network CIDRs to use for pod IPs string "10.42.0.0/16" no
cluster_dns IPv4 Cluster IP for coredns service. Should be in your service-cidr range string "10.43.0.10" no
cluster_domain Cluster's internal domain name string "cluster.local" no
cluster_init Use embedded etcd bool true no
context Name of the kubeconfig context string "default" no
custom_global_config Override configuration for all nodes. This is merged with the generated configuration. any {} no
custom_manager_config Override configuration for the managers. This is merged with the generated configuration. any {} no
custom_worker_config Override configuration for the workers. This is merged with the generated configuration. any {} no
disable_addons Add-ons to be disabled list(string) 
[
  "servicelb",
  "traefik"
]
 no
disable_cloud_controller Disable k3s default cloud controller manager bool true no
drain_timeout Node drain timeout string "30s" no
flannel_backend Flannel backend string "wireguard-native" no
install_workers Install the workers directly bool true no
k3s_channel Download channel to use. Ignored if k3s_version is set string "stable" no
k3s_download_url URL to download K3s from string "https://get.k3s.io" no
k3s_networking CNI plugin to use - can be "flannel", "cilium". Set to null to not use any preconfigured CNI. string "flannel" no
k3s_version Specific k3s version to install string null no
kubelet_args Arguments to pass to kubelet list(string) [] no
kubernetes_https_listen_port Port that the Kubernetes HTTPS API is hosted on number 6443 no
manager_load_balancer_address Load balancer placed in front of manager nodes to provide a highly available manager cluster. This will be added to the TLS SAN list string null no
managers Manager pool configuration 
list(object({
    advertise-address = string           # Node's advertise address - a private IP is recommended. This will be added to the TLS San list
    node-external-ip  = string           # External IP for the node
    node-ip           = string           # Private IP for the node
    name              = optional(string) # Name of the server node - will be "manager-" if left blank

    labels = optional(list(object({
      key   = string
      value = string
    })), [])

    taints = optional(list(object({
      key    = string
      value  = string
      effect = string
    })), [])

    # Node's SSH connection details
    connection = object({
      agent       = optional(bool)
      host        = string
      password    = optional(string)
      private_key = optional(string)
      port        = optional(number)
      timeout     = optional(string, "5m")
      user        = optional(string)

      bastion_host        = optional(string)
      bastion_password    = optional(string)
      bastion_private_key = optional(string)
      bastion_port        = optional(number)
      bastion_user        = optional(string)
    })
  }))
 [] no
network_subnet Host's network subnet. Used to get network interface for the flannel-iface value string n/a yes
schedule_workloads_on_manager_nodes Allow scheduling of workloads of manager nodes. bool true no
service_cidr IPv4/IPv6 network CIDRs to use for service IPs string "10.43.0.0/16" no
sudo Use sudo for local kubectl commands bool true no
tls_san Additional TLS SANs to add to the generated certificate list(string) [] no
workers Worker pool configuration 
map(list(object({
    node-external-ip = string           # External IP for the node
    node-ip          = string           # Private IP for the node
    name             = optional(string) # Name of the server node - will be "-" if left blank

    labels = optional(list(object({
      key   = string
      value = string
    })), [])

    taints = optional(list(object({
      key    = string
      value  = string
      effect = string
    })), [])

    # Node's SSH connection details
    connection = object({
      agent       = optional(bool)
      host        = string
      password    = optional(string)
      private_key = optional(string)
      port        = optional(number)
      timeout     = optional(string, "5m")
      user        = optional(string)

      bastion_host        = optional(string)
      bastion_password    = optional(string)
      bastion_private_key = optional(string)
      bastion_port        = optional(number)
      bastion_user        = optional(string)
    })
  })))
 {} no
write_kubeconfig_mode Write kubeconfig for admin client to this file string "0644" no

Outputs

Name Description
cluster_cidr IPv4/IPv6 network CIDRs to use for pod IPs
k3s_join_token Join token for the k3s cluster
kube_api_server Kubernetes API server address
kubeconfig Kubeconfig

Contributing

Set the Terraform Cloud token to an environment variable called TF_TOKEN_app_terraform_io. By default, this should be set in a file called .envrc

Open in a container

About

Build a highly-available k3s cluster with Terraform

Resources

Readme

License

Apache-2.0 license

Code of conduct

Code of conduct
Activity

Stars

2 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages