RubyGems - hetzner-k3s - Versions diffs - 0.3.1 → 0.3.5 - Mend

hetzner-k3s 0.3.1 → 0.3.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

checksums.yaml +4 -4
data/Dockerfile +11 -0
data/Gemfile.lock +5 -1
data/README.md +26 -1
data/entrypoint.sh +12 -0
data/hetzner-k3s.gemspec +2 -0
data/lib/hetzner/infra/firewall.rb +5 -0
data/lib/hetzner/infra/server.rb +6 -1
data/lib/hetzner/k3s/version.rb +1 -1
metadata +32 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 7702216e981cea045d5c8fc09087a233a41ed06fa1a812e2aab008db8375e953
-  data.tar.gz: 43d606e2517b62bd27ba040305b67c9a84f07d6e55a84ea5ed1a0d92ba501af9
+  metadata.gz: 59252c55a4a701b664c992d568121caaef5766cc28809e79484071ca018763ed
+  data.tar.gz: 5101372e1ce68608087529423fb7f3f61fc31bcf0966398ab4116545011c39f9
 SHA512:
-  metadata.gz: 1b7286180209083562f31e07b6227e47c04db0fdc3eadbb9fbd8506cf63bbd59bf449f8d99a48f6d9647e03214a84c04ef2c364c9d2a004b71777557607dd9d1
-  data.tar.gz: 6fa33623fb8dccbf06395aa5fbb14d74ad2a4581954c7a425b839eef1ccb04888ed7abe1025b245fcade8dac18be6864c702c240d5c5fdfc87370a884735bfd9
+  metadata.gz: ddc9b31b733f73d3e62c74b3b023d29009abb6c4e83a3504818d9bcb39657b379911dc3a00bac96c27e7c71477730e76ff42de5a09f68ab9a67f47920eac0018
+  data.tar.gz: dcd457cecdb1643b516448c922678ff36c46f283cdc2889befda796ccde6d42cbf6e54d74609105cef62eb7523a255a392871f1d6853cc32f86a83f1e5abcb45

data/Dockerfile ADDED Viewed

@@ -0,0 +1,11 @@
+FROM ruby:2.7.4-alpine
+RUN apk update --no-cache \
+  && apk add build-base git openssh-client
+RUN gem install hetzner-k3s
+COPY entrypoint.sh /entrypoint.sh
+ENTRYPOINT ["/entrypoint.sh"]

data/Gemfile.lock CHANGED Viewed

@@ -1,7 +1,9 @@
 PATH
   remote: .
   specs:
-    hetzner-k3s (0.3.0)
+    hetzner-k3s (0.3.5)
+      bcrypt_pbkdf
+      ed25519
       http
       k8s-ruby
       net-ssh
@@ -13,6 +15,7 @@ GEM
   specs:
     addressable (2.8.0)
       public_suffix (>= 2.0.2, < 5.0)
+    bcrypt_pbkdf (1.1.0)
     concurrent-ruby (1.1.9)
     diff-lcs (1.4.4)
     domain_name (0.5.20190701)
@@ -43,6 +46,7 @@ GEM
       dry-equalizer (~> 0.2)
       dry-inflector (~> 0.1, >= 0.1.2)
       dry-logic (~> 0.4, >= 0.4.2)
+    ed25519 (1.2.4)
     excon (0.85.0)
     ffi (1.15.3)
     ffi-compiler (1.0.1)

data/README.md CHANGED Viewed

@@ -33,6 +33,16 @@ gem install hetzner-k3s
 This will install the `hetzner-k3s` executable in your PATH.
+### With Docker
+Alternatively, if you don't want to set up a Ruby runtime but have Docker installed, you can use a container. Run the following from inside the directory where you have the config file for the cluster (described in the next section):
+```bash
+docker run --rm -it -v ${PWD}:/cluster -v ${HOME}/.ssh:/tmp/.ssh vitobotta/hetzner-k3s create-cluster --config-file /cluster/test.yaml
+```
+Replace `test.yaml` with the name of your config file.
 ## Creating a cluster
 The tool requires a simple configuration file in order to create/upgrade/delete clusters, in the YAML format like in the example below:
@@ -60,6 +70,9 @@ worker_node_pools:
 It should hopefully be self explanatory; you can run `hetzner-k3s releases` to see a list of the available releases from the most recent to the oldest available.
+If you are using Docker, then set `kubeconfig_path` to `/cluster/kubeconfig` so that the kubeconfig is created in the same directory where your config file is.
 If you set `masters.instance_count` to 1 then the tool will create a non highly available control plane; for production clusters you may want to set it to a number greater than 1. This number must be odd to avoid split brain issues with etcd and the recommended number is 3.
 You can specify any number of worker node pools for example to have mixed nodes with different specs for different workloads.
@@ -214,6 +227,18 @@ Once the cluster is ready you can create persistent volumes out of the box with
 ## changelog
+- 0.3.5
+  - Add descriptions for firewall rules
+- 0.3.4
+  - Added Docker support
+- 0.3.3
+  - Add some gems required on Linux
+- 0.3.2
+  - Configure DNS to use Cloudflare's resolver instead of Hetzner's, since Hetzner's resolvers are not always reliable
 - 0.3.1
   - Allow enabling/disabling the host key verification
@@ -235,4 +260,4 @@ The gem is available as open source under the terms of the [MIT License](https:/
 ## Code of Conduct
-Everyone interacting in the hetzner-k3s project's codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/vitobotta/k3s/blob/master/CODE_OF_CONDUCT.md).
+Everyone interacting in the hetzner-k3s project's codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/vitobotta/hetzner-k3s/blob/main/CODE_OF_CONDUCT.md).

data/entrypoint.sh ADDED Viewed

@@ -0,0 +1,12 @@
+#!/bin/sh
+cp -R /tmp/.ssh /root/.ssh
+chmod 700 /root/.ssh
+chmod 600 /root/.ssh/*
+chmod 644 /root/.ssh/*.pub
+eval $(ssh-agent -s) 2&>1  > /dev/null
+ssh-add ~/.ssh/* 2&>1  > /dev/null
+hetzner-k3s "$@"

data/hetzner-k3s.gemspec CHANGED Viewed

@@ -23,6 +23,8 @@ Gem::Specification.new do |spec|
   spec.add_dependency "net-ssh"
   spec.add_dependency "k8s-ruby"
   spec.add_dependency "sshkey"
+  spec.add_dependency "ed25519"
+  spec.add_dependency "bcrypt_pbkdf"
   # Specify which files should be added to the gem when it is released.
   # The `git ls-files -z` loads the files in the RubyGem that have been added into git.

data/lib/hetzner/infra/firewall.rb CHANGED Viewed

@@ -44,6 +44,7 @@ module Hetzner
           name: cluster_name,
           rules: [
             {
+              "description": "Allow port 22 (SSH)",
               "direction": "in",
               "protocol": "tcp",
               "port": "22",
@@ -54,6 +55,7 @@ module Hetzner
               "destination_ips": []
             },
             {
+              "description": "Allow ICMP (ping)",
               "direction": "in",
               "protocol": "icmp",
               "port": nil,
@@ -64,6 +66,7 @@ module Hetzner
               "destination_ips": []
             },
             {
+              "description": "Allow port 6443 (Kubernetes API server)",
               "direction": "in",
               "protocol": "tcp",
               "port": "6443",
@@ -74,6 +77,7 @@ module Hetzner
               "destination_ips": []
             },
             {
+              "description": "Allow all TCP traffic between nodes on the private network",
               "direction": "in",
               "protocol": "tcp",
               "port": "any",
@@ -83,6 +87,7 @@ module Hetzner
               "destination_ips": []
             },
             {
+              "description": "Allow all UDP traffic between nodes on the private network",
               "direction": "in",
               "protocol": "udp",
               "port": "any",

data/lib/hetzner/infra/server.rb CHANGED Viewed

@@ -74,7 +74,12 @@ module Hetzner
             - sed -i 's/[#]*PermitRootLogin yes/PermitRootLogin prohibit-password/g' /etc/ssh/sshd_config
             - sed -i 's/[#]*PasswordAuthentication yes/PasswordAuthentication no/g' /etc/ssh/sshd_config
             - systemctl restart sshd
-        EOS
+            - systemctl stop systemd-resolved
+            - systemctl disable systemd-resolved
+            - rm /etc/resolv.conf
+            - echo "nameserver 1.1.1.1" > /etc/resolv.conf
+            - echo "nameserver 1.0.0.1" >> /etc/resolv.conf
+            EOS
       end
   end

data/lib/hetzner/k3s/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 module Hetzner
   module K3s
-    VERSION = "0.3.1"
+    VERSION = "0.3.5"
   end
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: hetzner-k3s
 version: !ruby/object:Gem::Version
-  version: 0.3.1
+  version: 0.3.5
 platform: ruby
 authors:
 - Vito Botta
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2021-08-09 00:00:00.000000000 Z
+date: 2021-08-17 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: thor
@@ -80,6 +80,34 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: ed25519
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: bcrypt_pbkdf
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 description: A CLI to create a Kubernetes cluster in Hetzner Cloud very quickly using
   k3s.
 email:
@@ -93,6 +121,7 @@ files:
 - ".rspec"
 - ".travis.yml"
 - CODE_OF_CONDUCT.md
+- Dockerfile
 - Gemfile
 - Gemfile.lock
 - LICENSE.txt
@@ -101,6 +130,7 @@ files:
 - bin/console
 - bin/setup
 - cluster_config.yaml.example
+- entrypoint.sh
 - exe/hetzner-k3s
 - hetzner-k3s.gemspec
 - lib/hetzner.rb