hetzner-k3s 0.5.4 → 0.5.7

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: fb01431c858c8a03b54a66d306f7d8d1422ab83eda6b0a9d144a28be93e5d292
-  data.tar.gz: 3f94c6d0cb6f2e9ad88239842bab4e180910762d78b46e12e19a31cad03ab087
+  metadata.gz: 1d75621e1a64fc2a2cc874811aed89a81086943d4099d1f651ee7193f01d1add
+  data.tar.gz: f6b6845cc0701d771701a3ca4551722da0d8fd4e71eb63001974026a266a6a5d
 SHA512:
-  metadata.gz: 50466a99a13a9388c978b26db83256556106b894ab2c7eb4ce6e119152efbbe16d5e89fc03b1353834ee12ffff8a3c465367eb368352a3cf5c4dcdbccc3f2ff9
-  data.tar.gz: a823f8d1c02f0c54a9343d6cc04ae67e2771eeeab890c537f13999be2937a1a5f3345d757ab8c75abfe85fdd168f86bbf76910d3cefa40ff1d35e90661f52a89
+  metadata.gz: 32925df0b7b2d4af9705d8cc563ed34d8dc181ec37c5c7063504a24f56cc383fdb6871d27daa8fb456979db1f6e2310567a122455a5a53894260ba4bb65b1c92
+  data.tar.gz: d8374b7a45ec03331877c8307297be4fade4237ae2c5fc07545631f112106ed74e068a4605bd8414e3a6cc903838c39cad903df4278ab65f49442705b0460e2a

data/.rubocop.yml

@@ -119,3 +119,17 @@ Metrics/ParameterLists:
 Style/FrozenStringLiteralComment:
   Exclude:
     - exe/hetzner-k3s
+Lint/RefinementImportMethods: # new in 1.27
+  Enabled: true
+Security/CompoundHash: # new in 1.28
+  Enabled: true
+Style/EnvHome: # new in 1.29
+  Enabled: true
+Style/FetchEnvVar: # new in 1.28
+  Enabled: true
+Style/NestedFileDirname: # new in 1.26
+  Enabled: true
+Style/ObjectThen: # new in 1.28
+  Enabled: true
+Style/RedundantInitialize: # new in 1.27
+  Enabled: true

data/.ruby-version

@@ -1 +1 @@
-3.1.0
+ruby-3.1.2

data/Dockerfile

@@ -1,4 +1,4 @@
-FROM ruby:3.1.0-alpine
+FROM ruby:3.1.2-alpine
 
 RUN apk update --no-cache \
   && apk add build-base git openssh-client curl bash

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    hetzner-k3s (0.5.4)
+    hetzner-k3s (0.5.6)
       bcrypt_pbkdf
       ed25519
       http
@@ -87,4 +87,4 @@ DEPENDENCIES
   rubocop
 
 BUNDLED WITH
-   2.3.4
+   2.3.14

data/README.md

@@ -26,7 +26,7 @@ All that is needed to use this tool is
 
 ## Installation
 
-Once you have the Ruby runtime up and running (3.1.0 or newer), you just need to install the gem:
+Once you have the Ruby runtime up and running (3.1.2 or newer), you just need to install the gem:
 
 ```bash
 gem install hetzner-k3s
@@ -39,7 +39,7 @@ This will install the `hetzner-k3s` executable in your PATH.
 Alternatively, if you don't want to set up a Ruby runtime but have Docker installed, you can use a container. Run the following from inside the directory where you have the config file for the cluster (described in the next section):
 
 ```bash
-docker run --rm -it -v ${PWD}:/cluster -v ${HOME}/.ssh:/tmp/.ssh vitobotta/hetzner-k3s:v0.5.4 create-cluster --config-file /cluster/test.yaml
+docker run --rm -it -v ${PWD}:/cluster -v ${HOME}/.ssh:/tmp/.ssh vitobotta/hetzner-k3s:v0.5.7 create-cluster --config-file /cluster/test.yaml
 ```
 
 Replace `test.yaml` with the name of your config file.
@@ -73,6 +73,11 @@ worker_node_pools:
   instance_count: 2
 additional_packages:
 - somepackage
+post_create_commands:
+- apt update
+- apt upgrade -y
+- apt autoremove -y
+- shutdown -r now
 enable_encryption: true
 # kube_api_server_args:
 # - arg1
@@ -109,7 +114,7 @@ If you set `masters.instance_count` to 1 then the tool will create a non highly
 
 You can specify any number of worker node pools for example to have mixed nodes with different specs for different workloads.
 
-At the moment Hetzner Cloud has four locations: two in Germany (`nbg1`, Nuremberg and `fsn1`, Falkensteing), one in Finland (`hel1`, Helsinki) and one in the USA (`ash`, Ashburn, Virginia). Please note that the Ashburn, Virginia location has just
+At the moment Hetzner Cloud has four locations: two in Germany (`nbg1`, Nuremberg and `fsn1`, Falkenstein), one in Finland (`hel1`, Helsinki) and one in the USA (`ash`, Ashburn, Virginia). Please note that the Ashburn, Virginia location has just
 been announced and it's limited to AMD instances for now.
 
 For the available instance types and their specs, either check from inside a project when adding a server manually or run the following with your Hetzner token:
@@ -194,6 +199,15 @@ Note that the API server will briefly be unavailable during the upgrade of the c
 
 To check the upgrade progress, run `watch kubectl get nodes -owide`. You will see the masters being upgraded one per time, followed by the worker nodes.
 
+## Upgrade the OS on nodes
+
+The easiest way to upgrade the OS on existing nodes is actually to replace them, as it happens with managed Kubernetes service. To do this:
+
+- drain one node
+- delete the node from Kubernetes
+- delete the node from the Hetzner console
+- re-run the script to recreate the deleted node with an updated OS
+- proceed with the next node
 
 ### What to do if the upgrade doesn't go smoothly
 

data/bin/build.sh

@@ -2,13 +2,11 @@
 
 set -e
 
-
-
 IMAGE="vitobotta/hetzner-k3s"
 
-docker build -t ${IMAGE}:v0.5.4 \
+docker build -t ${IMAGE}:v0.5.7 \
   --platform=linux/amd64 \
-  --cache-from ${IMAGE}:v0.5.3 \
+  --cache-from ${IMAGE}:v0.5.6 \
   --build-arg BUILDKIT_INLINE_CACHE=1 .
 
-docker push vitobotta/hetzner-k3s:v0.5.4
+docker push vitobotta/hetzner-k3s:v0.5.7

data/hetzner-k3s.gemspec

@@ -12,7 +12,7 @@ Gem::Specification.new do |spec|
   spec.description   = 'A CLI to create a Kubernetes cluster in Hetzner Cloud very quickly using k3s.'
   spec.homepage      = 'https://github.com/vitobotta/hetzner-k3s'
   spec.license       = 'MIT'
-  spec.required_ruby_version = Gem::Requirement.new('>= 3.1.0')
+  spec.required_ruby_version = Gem::Requirement.new('>= 3.1.2')
 
   # spec.metadata["allowed_push_host"] = "TODO: Set to 'http://mygemserver.com'"
 

data/lib/hetzner/infra/server.rb

@@ -7,8 +7,9 @@ module Hetzner
       @cluster_name = cluster_name
     end
 
-    def create(location:, instance_type:, instance_id:, firewall_id:, network_id:, ssh_key_id:, placement_group_id:, image:, additional_packages: [])
+    def create(location:, instance_type:, instance_id:, firewall_id:, network_id:, ssh_key_id:, placement_group_id:, image:, additional_packages: [], additional_post_create_commands: [])
       @additional_packages = additional_packages
+      @additional_post_create_commands = additional_post_create_commands
 
       puts
 
@@ -74,29 +75,42 @@ module Hetzner
 
     private
 
-    attr_reader :hetzner_client, :cluster_name, :additional_packages
+    attr_reader :hetzner_client, :cluster_name, :additional_packages, :additional_post_create_commands
 
     def find_server(server_name)
       hetzner_client.get('/servers?sort=created:desc')['servers'].detect { |network| network['name'] == server_name }
     end
 
     def user_data
-      packages = ['fail2ban', 'wireguard']
+      packages = %w[fail2ban wireguard]
       packages += additional_packages if additional_packages
       packages = "'#{packages.join("', '")}'"
 
+      post_create_commands = [
+        'crontab -l > /etc/cron_bkp',
+        'echo "@reboot echo true > /etc/ready" >> /etc/cron_bkp',
+        'crontab /etc/cron_bkp',
+        'sed -i \'s/[#]*PermitRootLogin yes/PermitRootLogin prohibit-password/g\' /etc/ssh/sshd_config',
+        'sed -i \'s/[#]*PasswordAuthentication yes/PasswordAuthentication no/g\' /etc/ssh/sshd_config',
+        'systemctl restart sshd',
+        'systemctl stop systemd-resolved',
+        'systemctl disable systemd-resolved',
+        'rm /etc/resolv.conf',
+        'echo \'nameserver 1.1.1.1\' > /etc/resolv.conf',
+        'echo \'nameserver 1.0.0.1\' >> /etc/resolv.conf'
+      ]
+
+      post_create_commands += additional_post_create_commands if additional_post_create_commands
+
+      post_create_commands += ['shutdown -r now'] if post_create_commands.grep(/shutdown|reboot/).grep_v(/@reboot/).empty?
+
+      post_create_commands = "  - #{post_create_commands.join("\n  - ")}"
+
       <<~YAML
         #cloud-config
         packages: [#{packages}]
         runcmd:
-          - sed -i 's/[#]*PermitRootLogin yes/PermitRootLogin prohibit-password/g' /etc/ssh/sshd_config
-          - sed -i 's/[#]*PasswordAuthentication yes/PasswordAuthentication no/g' /etc/ssh/sshd_config
-          - systemctl restart sshd
-          - systemctl stop systemd-resolved
-          - systemctl disable systemd-resolved
-          - rm /etc/resolv.conf
-          - echo "nameserver 1.1.1.1" > /etc/resolv.conf
-          - echo "nameserver 1.0.0.1" >> /etc/resolv.conf
+        #{post_create_commands}
       YAML
     end
   end

data/lib/hetzner/k3s/cli.rb

@@ -298,8 +298,8 @@ module Hetzner
       end
 
       def hetzner_token
-        @token = ENV['HCLOUD_TOKEN']
-        return @token if @token
+        @token = ENV.fetch('HCLOUD_TOKEN', nil)
+        return @token unless @token.nil?
 
         @token = configuration['hetzner_token']
       end
@@ -352,6 +352,11 @@ module Hetzner
         errors << 'Invalid additional packages configuration - it should be an array' if additional_packages && !additional_packages.is_a?(Array)
       end
 
+      def validate_post_create_commands
+        post_create_commands = configuration['post_create_commands']
+        errors << 'Invalid post create commands configuration - it should be an array' if post_create_commands && !post_create_commands.is_a?(Array)
+      end
+
       def validate_create
         validate_public_ssh_key
         validate_private_ssh_key
@@ -362,13 +367,13 @@ module Hetzner
         validate_worker_node_pools
         validate_verify_host_key
         validate_additional_packages
+        validate_post_create_commands
         validate_kube_api_server_args
         validate_kube_scheduler_args
         validate_kube_controller_manager_args
         validate_kube_cloud_controller_manager_args
         validate_kubelet_args
         validate_kube_proxy_args
-        validate_network_zone
       end
 
       def validate_upgrade

data/lib/hetzner/k3s/cluster.rb

@@ -450,6 +450,10 @@ class Cluster
     configuration['additional_packages'] || []
   end
 
+  def additional_post_create_commands
+    configuration['post_create_commands'] || []
+  end
+
   def check_kubectl
     return if which('kubectl')
 
@@ -495,7 +499,8 @@ class Cluster
         network_id:,
         ssh_key_id:,
         image:,
-        additional_packages:
+        additional_packages:,
+        additional_post_create_commands:
       }
     end
 
@@ -533,7 +538,8 @@ class Cluster
         network_id:,
         ssh_key_id:,
         image:,
-        additional_packages:
+        additional_packages:,
+        additional_post_create_commands:
       }
     end
 
@@ -541,7 +547,7 @@ class Cluster
   end
 
   def create_load_balancer
-    Hetzner::LoadBalancer.new(hetzner_client:, cluster_name:).create(location:, network_id:)
+    Hetzner::LoadBalancer.new(hetzner_client:, cluster_name:).create(location: masters_location, network_id:)
   end
 
   def server_configs

data/lib/hetzner/k3s/version.rb

@@ -2,6 +2,6 @@
 
 module Hetzner
   module K3s
-    VERSION = '0.5.4'
+    VERSION = '0.5.7'
   end
 end

data/lib/hetzner/utils.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module Utils
   CMD_FILE_PATH = '/tmp/cli.cmd'
 
@@ -32,6 +34,7 @@ module Utils
       at_exit do
         process&.send_signal('SIGTERM')
       rescue Errno::ESRCH, Interrupt
+        # ignore
       end
 
       Subprocess.check_call(['bash', '-c', CMD_FILE_PATH], env:) do |p|
@@ -55,13 +58,13 @@ module Utils
       puts "Waiting for server #{server_name} to be up..."
 
       loop do
-        result = ssh(server, 'echo UP')
-        break if result == 'UP'
+        result = ssh(server, 'cat /etc/ready')
+        break if result == 'true'
       end
 
       puts "...server #{server_name} is now up."
     end
-  rescue Errno::ENETUNREACH, Errno::EHOSTUNREACH, Timeout::Error, IOError
+  rescue Errno::ENETUNREACH, Errno::EHOSTUNREACH, Timeout::Error, IOError, Errno::ECONNRESET
     retries += 1
     retry if retries <= 15
   end
@@ -78,7 +81,7 @@ module Utils
 
     Net::SSH.start(public_ip, 'root', params) do |session|
       session.exec!(command) do |_channel, _stream, data|
-        output << data
+        output = "#{output}#{data}"
         puts data if print_output
       end
     end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: hetzner-k3s
 version: !ruby/object:Gem::Version
-  version: 0.5.4
+  version: 0.5.7
 platform: ruby
 authors:
 - Vito Botta
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2022-02-21 00:00:00.000000000 Z
+date: 2022-05-28 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bcrypt_pbkdf
@@ -179,14 +179,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 3.1.0
+      version: 3.1.2
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.3.3
+rubygems_version: 3.3.7
 signing_key:
 specification_version: 4
 summary: A CLI to create a Kubernetes cluster in Hetzner Cloud very quickly using