RubyGems - hetzner-k3s - Versions diffs - 0.5.2 → 0.5.3 - Mend

hetzner-k3s 0.5.2 → 0.5.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 45de69f63ea8c675489cc385a2860c798923f42af6e9fa4af791042ae57aa7dd
-  data.tar.gz: 778c30870784ee1d0f9bcb4b102639bc8f295faa60eca8bb9d0ef7ff56905c9a
+  metadata.gz: 3855e58a70b2b16e6ae421669ad22031bc31a66df36aea8ea31d42b060e7192c
+  data.tar.gz: '09042dc486c0bf330ca9d5df2407ae13fac7f7311c4cb3314651b675ffa8c49c'
 SHA512:
-  metadata.gz: 301590287388f2c512e66504558d88fe7e31237c0525a37f96ca5f090190421a2841c66a59f1be2b5a45c632f5ad6799ecab4894058335387fbdce6927b3c7a3
-  data.tar.gz: 3715433adfe0f43889f33962844d54d30017b1a85c5c9ff0a6c21b70980e3b01dbdb431020441404654845d46044643725b8558dc6c0fff49992ab6297ebed71
+  metadata.gz: 705761dcb4bd361c3f417f44cb3f44d2ae4a8941ce822cec083537f1b24eeb66d15a1e840290b4432d6bd715ccfc5626bf4aa3d811e47772be4775dc9347618f
+  data.tar.gz: c945bc3428e87c465f05a90d7b3b8b8d2ec3ed9f9da55d471a758a287230bbb33074f783bb96a06d36ecc204a41b5b6793044e86df98e2fd1f7c6be0d5549c56

data/Gemfile.lock CHANGED Viewed

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    hetzner-k3s (0.5.0)
+    hetzner-k3s (0.5.3)
       bcrypt_pbkdf
       ed25519
       http

data/README.md CHANGED Viewed

@@ -14,6 +14,7 @@ Using this tool, creating a highly available k3s cluster with 3 masters for the
 - installing the [Hetzner CSI Driver](https://github.com/hetznercloud/csi-driver) to provision persistent volumes using Hetzner's block storage
 - installing the [Rancher System Upgrade Controller](https://github.com/rancher/system-upgrade-controller) to make upgrades to a newer version of k3s easy and quick
+See roadmap [here](https://github.com/vitobotta/hetzner-k3s/projects/1) for the features planned or in progress.
 ## Requirements
@@ -38,7 +39,7 @@ This will install the `hetzner-k3s` executable in your PATH.
 Alternatively, if you don't want to set up a Ruby runtime but have Docker installed, you can use a container. Run the following from inside the directory where you have the config file for the cluster (described in the next section):
 ```bash
-docker run --rm -it -v ${PWD}:/cluster -v ${HOME}/.ssh:/tmp/.ssh vitobotta/hetzner-k3s:v0.5.1 create-cluster --config-file /cluster/test.yaml
+docker run --rm -it -v ${PWD}:/cluster -v ${HOME}/.ssh:/tmp/.ssh vitobotta/hetzner-k3s:v0.5.3 create-cluster --config-file /cluster/test.yaml
 ```
 Replace `test.yaml` with the name of your config file.
@@ -72,7 +73,7 @@ worker_node_pools:
   instance_count: 2
 additional_packages:
 - somepackage
-enable_ipsec_encryption: true
+enable_encryption: true
 ```
 It should hopefully be self explanatory; you can run `hetzner-k3s releases` to see a list of the available releases from the most recent to the oldest available.
@@ -255,98 +256,6 @@ Once the cluster is ready you can create persistent volumes out of the box with
 I recommend that you create a separate Hetzner project for each cluster, because otherwise multiple clusters will attempt to create overlapping routes. I will make the pod cidr configurable in the future to avoid this, but I still recommend keeping clusters separated from each other. This way, if you want to delete a cluster with all the resources created for it, you can just delete the project.
-## changelog
-- 0.5.2
-  - Ensure that in a HA cluster the nodes connect to the load balancer for the API server, instead of the first master
-- 0.5.1
-  - Each node pool gets its own placement group. This is to minimize issues due to the max 10 nodes limitation for a single node group. A validation has also been added to limit pools to 10 nodes each because of this.
-- 0.5.0
-  - Allow installing additional packages when creating the servers
-  - Allow enabling ipsec encryption
-- 0.4.9
-  - Ensure the program always exits with exit code 1 if the config file fails validation
-  - Upgrade System Upgrade Controller to 0.8.1
-  - Remove dependency on unmaintained gem k8s-ruby
-  - Make the gem compatible with Ruby 3.1.0
-- 0.4.8
-  - Increase timeout with API requests to 30 seconds
-  - Limit number of retries for API requests to 3
-  - Ensure all version tags are listed for k3s (thanks @janosmiko)
-- 0.4.7
-  - Made it possible to specify a custom image/snapshot for the servers
-- 0.4.6
-  - Added a check to abort gracefully when for some reason one or more servers are not created, for example due to temporary problems with the Hetzner API.
-- 0.4.5
-  - Fix network creation (bug introduced in the previous version)
-- 0.4.4
-  - Add support for the new Ashburn, Virginia (USA) location
-  - Automatically use a placement group so that the instances are all created on different physical hosts for high availability
-- 0.4.3
-  - Fix an issue with SSH key creation
-- 0.4.2
-  - Update Hetzner CSI driver to v1.6.0
-  - Update System Upgrade Controller to v0.8.0
-- 0.4.1
-  - Allow to optionally specify the path of the private SSH key
-  - Set correct permissions for the kubeconfig file
-  - Retry fetching manifests a few times to allow for temporary network issues
-  - Allow to optionally schedule workloads on masters
-  - Allow clusters with no worker node pools if scheduling is enabled for the masters
-- 0.4.0
-  - Ensure the masters are removed from the API load balancer before deleting the load balancer
-  - Ensure the servers are removed from the firewall before deleting it
-  - Allow using an environment variable to specify the Hetzner token
-  - Allow restricting SSH access to the nodes to specific networks
-  - Do not open the port 6443 on the nodes if a load balancer is created for an HA cluster
-- 0.3.9
-  - Add command "version" to print the version of the tool in use
-- 0.3.8
-  - Fix: added a check on a label to ensure that only servers that belong to the cluster are deleted from the project
-- 0.3.7
-  - Ensure that the cluster name only contains lowercase letters, digits and dashes for compatibility with the cloud controller manager
-- 0.3.6
-  - Retry SSH commands when IO errors occur
-- 0.3.5
-  - Add descriptions for firewall rules
-- 0.3.4
-  - Added Docker support
-- 0.3.3
-  - Add some gems required on Linux
-- 0.3.2
-  - Configure DNS to use Cloudflare's resolver instead of Hetzner's, since Hetzner's resolvers are not always reliable
-- 0.3.1
-  - Allow enabling/disabling the host key verification
-- 0.3.0
-  - Handle case when an SSH key with the given fingerprint already exists in the Hetzner project
-  - Handle a timeout of 5 seconds for requests to the Hetzner API
-  - Retry waiting for server to be up when timeouts/host-unreachable errors occur
-  - Ignore known_hosts entry to prevent errors when recreating servers with IPs that have been used previously
-- 0.2.0
-  - Allow mixing servers of different series Intel/AMD
 ## Contributing and support
 Please create a PR if you want to propose any changes, or open an issue if you are having trouble with the tool - I will do my best to help if I can.

data/bin/build.sh CHANGED Viewed

@@ -6,9 +6,9 @@ set -e
 IMAGE="vitobotta/hetzner-k3s"
-docker build -t ${IMAGE}:v0.5.2 \
+docker build -t ${IMAGE}:v0.5.3 \
   --platform=linux/amd64 \
-  --cache-from ${IMAGE}:v0.5.1 \
+  --cache-from ${IMAGE}:v0.5.2 \
   --build-arg BUILDKIT_INLINE_CACHE=1 .
-docker push vitobotta/hetzner-k3s:v0.5.2
+docker push vitobotta/hetzner-k3s:v0.5.3

data/lib/hetzner/infra/server.rb CHANGED Viewed

@@ -81,7 +81,7 @@ module Hetzner
     end
     def user_data
-      packages = ['fail2ban']
+      packages = ['fail2ban', 'wireguard']
       packages += additional_packages if additional_packages
       packages = "'#{packages.join("', '")}'"

data/lib/hetzner/k3s/cluster.rb CHANGED Viewed

@@ -38,7 +38,7 @@ class Cluster
     @verify_host_key = configuration.fetch('verify_host_key', false)
     @servers = []
     @networks = configuration['ssh_allowed_networks']
-    @enable_ipsec_encryption = configuration.fetch('enable_ipsec_encryption', false)
+    @enable_encryption = configuration.fetch('enable_encryption', false)
     create_resources
@@ -81,7 +81,7 @@ class Cluster
               :location, :public_ssh_key_path,
               :hetzner_token, :new_k3s_version, :configuration,
               :config_file, :verify_host_key, :networks, :private_ssh_key_path,
-              :enable_ipsec_encryption
+              :enable_encryption
   def find_worker_node_pools(configuration)
     configuration.fetch('worker_node_pools', [])
@@ -190,7 +190,7 @@ class Cluster
   def master_script(master)
     server = master == first_master ? ' --cluster-init ' : " --server https://#{api_server_ip}:6443 "
     flannel_interface = find_flannel_interface(master)
-    flannel_ipsec = enable_ipsec_encryption ? ' --flannel-backend=ipsec ' : ' '
+    flannel_wireguard = enable_encryption ? ' --flannel-backend=wireguard ' : ' '
     taint = schedule_workloads_on_masters? ? ' ' : ' --node-taint CriticalAddonsOnly=true:NoExecute '
@@ -205,7 +205,7 @@ class Cluster
         --node-name="$(hostname -f)" \
         --cluster-cidr=10.244.0.0/16 \
         --etcd-expose-metrics=true \
-        #{flannel_ipsec} \
+        #{flannel_wireguard} \
         --kube-controller-manager-arg="address=0.0.0.0" \
         --kube-controller-manager-arg="bind-address=0.0.0.0" \
         --kube-proxy-arg="metrics-bind-address=0.0.0.0" \

data/lib/hetzner/k3s/version.rb CHANGED Viewed

@@ -2,6 +2,6 @@
 module Hetzner
   module K3s
-    VERSION = '0.5.2'
+    VERSION = '0.5.3'
   end
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: hetzner-k3s
 version: !ruby/object:Gem::Version
-  version: 0.5.2
+  version: 0.5.3
 platform: ruby
 authors:
 - Vito Botta
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2022-02-08 00:00:00.000000000 Z
+date: 2022-02-17 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bcrypt_pbkdf