Merge branch 'staging'

Author: mysticaltech

agents.tf

@@ -40,11 +40,28 @@ module "agents" {
   ]
 }
 
-resource "null_resource" "agents" {
+locals {
+  k3s-agent-config = { for k, v in local.agent_nodes : k => merge(
+    {
+      node-name     = module.agents[k].name
+      server        = "https://${var.use_control_plane_lb ? hcloud_load_balancer_network.control_plane.*.ip[0] : module.control_planes[keys(module.control_planes)[0]].private_ipv4_address}:6443"
+      token         = local.k3s_token
+      kubelet-arg   = local.kubelet_arg
+      flannel-iface = local.flannel_iface
+      node-ip       = module.agents[k].private_ipv4_address
+      node-label    = v.labels
+      node-taint    = v.taints
+      selinux       = true
+    },
+  ) }
+}
+
+resource "null_resource" "agent_config" {
   for_each = local.agent_nodes
 
   triggers = {
     agent_id = module.agents[each.key].id
+    config   = sha1(yamlencode(local.k3s-agent-config[each.key]))
   }
 
   connection {
@@ -57,20 +74,30 @@ resource "null_resource" "agents" {
 
   # Generating k3s agent config file
   provisioner "file" {
-    content = yamlencode({
-      node-name     = module.agents[each.key].name
-      server        = "https://${var.use_control_plane_lb ? hcloud_load_balancer_network.control_plane.*.ip[0] : module.control_planes[keys(module.control_planes)[0]].private_ipv4_address}:6443"
-      token         = local.k3s_token
-      kubelet-arg   = local.kubelet_arg
-      flannel-iface = local.flannel_iface
-      node-ip       = module.agents[each.key].private_ipv4_address
-      node-label    = each.value.labels
-      node-taint    = each.value.taints
-      selinux       = true
-    })
+    content     = yamlencode(local.k3s-agent-config[each.key])
     destination = "/tmp/config.yaml"
   }
 
+  provisioner "remote-exec" {
+    inline = [local.k3s_config_update_script]
+  }
+}
+
+resource "null_resource" "agents" {
+  for_each = local.agent_nodes
+
+  triggers = {
+    agent_id = module.agents[each.key].id
+  }
+
+  connection {
+    user           = "root"
+    private_key    = var.ssh_private_key
+    agent_identity = local.ssh_agent_identity
+    host           = module.agents[each.key].ipv4_address
+    port           = var.ssh_port
+  }
+
   # Install k3s agent
   provisioner "remote-exec" {
     inline = local.install_k3s_agent
@@ -94,6 +121,7 @@ resource "null_resource" "agents" {
 
   depends_on = [
     null_resource.first_control_plane,
+    null_resource.agent_config,
     hcloud_network_subnet.agent
   ]
 }

control_planes.tf

@@ -87,7 +87,7 @@ locals {
         module.control_planes[k].private_ipv4_address == module.control_planes[keys(module.control_planes)[0]].private_ipv4_address ?
         module.control_planes[keys(module.control_planes)[1]].private_ipv4_address :
       module.control_planes[keys(module.control_planes)[0]].private_ipv4_address}:6443"
-      token                       = random_password.k3s_token.result
+      token                       = local.k3s_token
       disable-cloud-controller    = true
       disable                     = local.disable_extras
       kubelet-arg                 = local.kubelet_arg

docs/terraform.md

@@ -13,13 +13,13 @@
 
 | Name | Version |
 |------|---------|
-| <a name="provider_cloudinit"></a> [cloudinit](#provider\_cloudinit) | n/a |
-| <a name="provider_github"></a> [github](#provider\_github) | >= 5.38.0 |
-| <a name="provider_hcloud"></a> [hcloud](#provider\_hcloud) | >= 1.43.0 |
-| <a name="provider_local"></a> [local](#provider\_local) | >= 2.4.0 |
-| <a name="provider_null"></a> [null](#provider\_null) | n/a |
-| <a name="provider_random"></a> [random](#provider\_random) | n/a |
-| <a name="provider_remote"></a> [remote](#provider\_remote) | >= 0.1.2 |
+| <a name="provider_cloudinit"></a> [cloudinit](#provider\_cloudinit) | 2.3.2 |
+| <a name="provider_github"></a> [github](#provider\_github) | 5.38.0 |
+| <a name="provider_hcloud"></a> [hcloud](#provider\_hcloud) | 1.43.0 |
+| <a name="provider_local"></a> [local](#provider\_local) | 2.4.0 |
+| <a name="provider_null"></a> [null](#provider\_null) | 3.2.1 |
+| <a name="provider_random"></a> [random](#provider\_random) | 3.5.1 |
+| <a name="provider_remote"></a> [remote](#provider\_remote) | 0.1.2 |
 
 ### Modules
 
@@ -55,6 +55,7 @@
 | [local_file.nginx_values](https://registry.terraform.io/providers/hashicorp/local/latest/docs/resources/file) | resource |
 | [local_file.traefik_values](https://registry.terraform.io/providers/hashicorp/local/latest/docs/resources/file) | resource |
 | [local_sensitive_file.kubeconfig](https://registry.terraform.io/providers/hashicorp/local/latest/docs/resources/sensitive_file) | resource |
+| [null_resource.agent_config](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource |
 | [null_resource.agents](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource |
 | [null_resource.autoscaled_nodes_registries](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource |
 | [null_resource.configure_autoscaler](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource |

locals.tf

@@ -101,7 +101,7 @@ locals {
   })
 
   apply_k3s_selinux = ["/sbin/semodule -v -i /usr/share/selinux/packages/k3s.pp"]
-  swap_node_label = ["node.kubernetes.io/server-swap=enabled"]
+  swap_node_label   = ["node.kubernetes.io/server-swap=enabled"]
 
   install_k3s_server = concat(local.common_pre_install_k3s_commands, [
     "curl -sfL https://get.k3s.io | INSTALL_K3S_SKIP_START=true INSTALL_K3S_SKIP_SELINUX_RPM=true INSTALL_K3S_CHANNEL=${var.initial_k3s_channel} INSTALL_K3S_EXEC='server ${var.k3s_exec_server_args}' sh -"
@@ -120,7 +120,7 @@ locals {
         labels : concat(local.default_control_plane_labels, nodepool_obj.swap_size != "" ? local.swap_node_label : [], nodepool_obj.labels),
         taints : concat(local.default_control_plane_taints, nodepool_obj.taints),
         backups : nodepool_obj.backups,
-        swap_size: nodepool_obj.swap_size,
+        swap_size : nodepool_obj.swap_size,
         index : node_index
       }
     }
@@ -138,7 +138,7 @@ locals {
         labels : concat(local.default_agent_labels, nodepool_obj.swap_size != "" ? local.swap_node_label : [], nodepool_obj.labels),
         taints : concat(local.default_agent_taints, nodepool_obj.taints),
         backups : lookup(nodepool_obj, "backups", false),
-        swap_size: nodepool_obj.swap_size,
+        swap_size : nodepool_obj.swap_size,
         index : node_index
       }
     }
@@ -632,8 +632,10 @@ DATE=`date +%Y-%m-%d_%H-%M-%S`
 if cmp -s /tmp/config.yaml /etc/rancher/k3s/config.yaml; then
   echo "No update required to the config.yaml file"
 else
-  echo "Backing up /etc/rancher/k3s/config.yaml to /tmp/config_$DATE.yaml"
-  cp /etc/rancher/k3s/config.yaml /tmp/config_$DATE.yaml
+  if [ -f "/etc/rancher/k3s/config.yaml" ]; then
+    echo "Backing up /etc/rancher/k3s/config.yaml to /tmp/config_$DATE.yaml"
+    cp /etc/rancher/k3s/config.yaml /tmp/config_$DATE.yaml
+  fi
   echo "Updated config.yaml detected, restart of k3s service required"
   cp /tmp/config.yaml /etc/rancher/k3s/config.yaml
   if systemctl is-active --quiet k3s; then
@@ -643,7 +645,7 @@ else
   else
     echo "No active k3s or k3s-agent service found"
   fi
-  echo "k3s service or k3s-agent service restarted successfully"
+  echo "k3s service or k3s-agent service (re)started successfully"
 fi
 EOF