hetzner-k3s 0.5.6 → 0.5.7

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 59601611401c4cb51de78a2890261cd05a1c026479c3e33fcf351f0b3ffb93d1
-  data.tar.gz: 46c62ab747e5a43e61b271c8de150ef4a29ed496128725cf417d950cd351bc49
+  metadata.gz: 1d75621e1a64fc2a2cc874811aed89a81086943d4099d1f651ee7193f01d1add
+  data.tar.gz: f6b6845cc0701d771701a3ca4551722da0d8fd4e71eb63001974026a266a6a5d
 SHA512:
-  metadata.gz: 5be97d9b3445445a81fd7f5f4387c2503a10acedb3000acb78473ce8a9d8793149a84a2354a24a6de9996a19eb9288c6989a9fa28d81bf5729b753b144c28d07
-  data.tar.gz: 41e54dc8f26485c5c4ed431301a844a727f31bc6672d9e829f3c95b23d687dcae19eb157017a56f72c3ec3d97303034575c5b353d8a82d17b8c8f56deff17366
+  metadata.gz: 32925df0b7b2d4af9705d8cc563ed34d8dc181ec37c5c7063504a24f56cc383fdb6871d27daa8fb456979db1f6e2310567a122455a5a53894260ba4bb65b1c92
+  data.tar.gz: d8374b7a45ec03331877c8307297be4fade4237ae2c5fc07545631f112106ed74e068a4605bd8414e3a6cc903838c39cad903df4278ab65f49442705b0460e2a

data/.rubocop.yml

@@ -119,3 +119,17 @@ Metrics/ParameterLists:
 Style/FrozenStringLiteralComment:
   Exclude:
     - exe/hetzner-k3s
+Lint/RefinementImportMethods: # new in 1.27
+  Enabled: true
+Security/CompoundHash: # new in 1.28
+  Enabled: true
+Style/EnvHome: # new in 1.29
+  Enabled: true
+Style/FetchEnvVar: # new in 1.28
+  Enabled: true
+Style/NestedFileDirname: # new in 1.26
+  Enabled: true
+Style/ObjectThen: # new in 1.28
+  Enabled: true
+Style/RedundantInitialize: # new in 1.27
+  Enabled: true

data/.ruby-version

@@ -1 +1 @@
-3.1.0
+ruby-3.1.2

data/Dockerfile

@@ -1,4 +1,4 @@
-FROM ruby:3.1.0-alpine
+FROM ruby:3.1.2-alpine
 
 RUN apk update --no-cache \
   && apk add build-base git openssh-client curl bash

data/Gemfile.lock

@@ -87,4 +87,4 @@ DEPENDENCIES
   rubocop
 
 BUNDLED WITH
-   2.3.4
+   2.3.14

data/README.md

@@ -26,7 +26,7 @@ All that is needed to use this tool is
 
 ## Installation
 
-Once you have the Ruby runtime up and running (3.1.0 or newer), you just need to install the gem:
+Once you have the Ruby runtime up and running (3.1.2 or newer), you just need to install the gem:
 
 ```bash
 gem install hetzner-k3s
@@ -39,7 +39,7 @@ This will install the `hetzner-k3s` executable in your PATH.
 Alternatively, if you don't want to set up a Ruby runtime but have Docker installed, you can use a container. Run the following from inside the directory where you have the config file for the cluster (described in the next section):
 
 ```bash
-docker run --rm -it -v ${PWD}:/cluster -v ${HOME}/.ssh:/tmp/.ssh vitobotta/hetzner-k3s:v0.5.6 create-cluster --config-file /cluster/test.yaml
+docker run --rm -it -v ${PWD}:/cluster -v ${HOME}/.ssh:/tmp/.ssh vitobotta/hetzner-k3s:v0.5.7 create-cluster --config-file /cluster/test.yaml
 ```
 
 Replace `test.yaml` with the name of your config file.
@@ -73,6 +73,11 @@ worker_node_pools:
   instance_count: 2
 additional_packages:
 - somepackage
+post_create_commands:
+- apt update
+- apt upgrade -y
+- apt autoremove -y
+- shutdown -r now
 enable_encryption: true
 # kube_api_server_args:
 # - arg1
@@ -194,6 +199,15 @@ Note that the API server will briefly be unavailable during the upgrade of the c
 
 To check the upgrade progress, run `watch kubectl get nodes -owide`. You will see the masters being upgraded one per time, followed by the worker nodes.
 
+## Upgrade the OS on nodes
+
+The easiest way to upgrade the OS on existing nodes is actually to replace them, as it happens with managed Kubernetes service. To do this:
+
+- drain one node
+- delete the node from Kubernetes
+- delete the node from the Hetzner console
+- re-run the script to recreate the deleted node with an updated OS
+- proceed with the next node
 
 ### What to do if the upgrade doesn't go smoothly
 

data/bin/build.sh

@@ -2,13 +2,11 @@
 
 set -e
 
-
-
 IMAGE="vitobotta/hetzner-k3s"
 
-docker build -t ${IMAGE}:v0.5.6 \
+docker build -t ${IMAGE}:v0.5.7 \
   --platform=linux/amd64 \
-  --cache-from ${IMAGE}:v0.5.5 \
+  --cache-from ${IMAGE}:v0.5.6 \
   --build-arg BUILDKIT_INLINE_CACHE=1 .
 
-docker push vitobotta/hetzner-k3s:v0.5.6
+docker push vitobotta/hetzner-k3s:v0.5.7

data/hetzner-k3s.gemspec

@@ -12,7 +12,7 @@ Gem::Specification.new do |spec|
   spec.description   = 'A CLI to create a Kubernetes cluster in Hetzner Cloud very quickly using k3s.'
   spec.homepage      = 'https://github.com/vitobotta/hetzner-k3s'
   spec.license       = 'MIT'
-  spec.required_ruby_version = Gem::Requirement.new('>= 3.1.0')
+  spec.required_ruby_version = Gem::Requirement.new('>= 3.1.2')
 
   # spec.metadata["allowed_push_host"] = "TODO: Set to 'http://mygemserver.com'"
 

data/lib/hetzner/infra/server.rb

@@ -7,8 +7,9 @@ module Hetzner
       @cluster_name = cluster_name
     end
 
-    def create(location:, instance_type:, instance_id:, firewall_id:, network_id:, ssh_key_id:, placement_group_id:, image:, additional_packages: [])
+    def create(location:, instance_type:, instance_id:, firewall_id:, network_id:, ssh_key_id:, placement_group_id:, image:, additional_packages: [], additional_post_create_commands: [])
       @additional_packages = additional_packages
+      @additional_post_create_commands = additional_post_create_commands
 
       puts
 
@@ -74,29 +75,42 @@ module Hetzner
 
     private
 
-    attr_reader :hetzner_client, :cluster_name, :additional_packages
+    attr_reader :hetzner_client, :cluster_name, :additional_packages, :additional_post_create_commands
 
     def find_server(server_name)
       hetzner_client.get('/servers?sort=created:desc')['servers'].detect { |network| network['name'] == server_name }
     end
 
     def user_data
-      packages = ['fail2ban', 'wireguard']
+      packages = %w[fail2ban wireguard]
       packages += additional_packages if additional_packages
       packages = "'#{packages.join("', '")}'"
 
+      post_create_commands = [
+        'crontab -l > /etc/cron_bkp',
+        'echo "@reboot echo true > /etc/ready" >> /etc/cron_bkp',
+        'crontab /etc/cron_bkp',
+        'sed -i \'s/[#]*PermitRootLogin yes/PermitRootLogin prohibit-password/g\' /etc/ssh/sshd_config',
+        'sed -i \'s/[#]*PasswordAuthentication yes/PasswordAuthentication no/g\' /etc/ssh/sshd_config',
+        'systemctl restart sshd',
+        'systemctl stop systemd-resolved',
+        'systemctl disable systemd-resolved',
+        'rm /etc/resolv.conf',
+        'echo \'nameserver 1.1.1.1\' > /etc/resolv.conf',
+        'echo \'nameserver 1.0.0.1\' >> /etc/resolv.conf'
+      ]
+
+      post_create_commands += additional_post_create_commands if additional_post_create_commands
+
+      post_create_commands += ['shutdown -r now'] if post_create_commands.grep(/shutdown|reboot/).grep_v(/@reboot/).empty?
+
+      post_create_commands = "  - #{post_create_commands.join("\n  - ")}"
+
       <<~YAML
         #cloud-config
         packages: [#{packages}]
         runcmd:
-          - sed -i 's/[#]*PermitRootLogin yes/PermitRootLogin prohibit-password/g' /etc/ssh/sshd_config
-          - sed -i 's/[#]*PasswordAuthentication yes/PasswordAuthentication no/g' /etc/ssh/sshd_config
-          - systemctl restart sshd
-          - systemctl stop systemd-resolved
-          - systemctl disable systemd-resolved
-          - rm /etc/resolv.conf
-          - echo "nameserver 1.1.1.1" > /etc/resolv.conf
-          - echo "nameserver 1.0.0.1" >> /etc/resolv.conf
+        #{post_create_commands}
       YAML
     end
   end

data/lib/hetzner/k3s/cli.rb

@@ -298,8 +298,8 @@ module Hetzner
       end
 
       def hetzner_token
-        @token = ENV['HCLOUD_TOKEN']
-        return @token if @token
+        @token = ENV.fetch('HCLOUD_TOKEN', nil)
+        return @token unless @token.nil?
 
         @token = configuration['hetzner_token']
       end
@@ -352,6 +352,11 @@ module Hetzner
         errors << 'Invalid additional packages configuration - it should be an array' if additional_packages && !additional_packages.is_a?(Array)
       end
 
+      def validate_post_create_commands
+        post_create_commands = configuration['post_create_commands']
+        errors << 'Invalid post create commands configuration - it should be an array' if post_create_commands && !post_create_commands.is_a?(Array)
+      end
+
       def validate_create
         validate_public_ssh_key
         validate_private_ssh_key
@@ -362,6 +367,7 @@ module Hetzner
         validate_worker_node_pools
         validate_verify_host_key
         validate_additional_packages
+        validate_post_create_commands
         validate_kube_api_server_args
         validate_kube_scheduler_args
         validate_kube_controller_manager_args

data/lib/hetzner/k3s/cluster.rb

@@ -450,6 +450,10 @@ class Cluster
     configuration['additional_packages'] || []
   end
 
+  def additional_post_create_commands
+    configuration['post_create_commands'] || []
+  end
+
   def check_kubectl
     return if which('kubectl')
 
@@ -495,7 +499,8 @@ class Cluster
         network_id:,
         ssh_key_id:,
         image:,
-        additional_packages:
+        additional_packages:,
+        additional_post_create_commands:
       }
     end
 
@@ -533,7 +538,8 @@ class Cluster
         network_id:,
         ssh_key_id:,
         image:,
-        additional_packages:
+        additional_packages:,
+        additional_post_create_commands:
       }
     end
 

data/lib/hetzner/k3s/version.rb

@@ -2,6 +2,6 @@
 
 module Hetzner
   module K3s
-    VERSION = '0.5.6'
+    VERSION = '0.5.7'
   end
 end

data/lib/hetzner/utils.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module Utils
   CMD_FILE_PATH = '/tmp/cli.cmd'
 
@@ -32,6 +34,7 @@ module Utils
       at_exit do
         process&.send_signal('SIGTERM')
       rescue Errno::ESRCH, Interrupt
+        # ignore
       end
 
       Subprocess.check_call(['bash', '-c', CMD_FILE_PATH], env:) do |p|
@@ -55,13 +58,13 @@ module Utils
       puts "Waiting for server #{server_name} to be up..."
 
       loop do
-        result = ssh(server, 'echo UP')
-        break if result == 'UP'
+        result = ssh(server, 'cat /etc/ready')
+        break if result == 'true'
       end
 
       puts "...server #{server_name} is now up."
     end
-  rescue Errno::ENETUNREACH, Errno::EHOSTUNREACH, Timeout::Error, IOError
+  rescue Errno::ENETUNREACH, Errno::EHOSTUNREACH, Timeout::Error, IOError, Errno::ECONNRESET
     retries += 1
     retry if retries <= 15
   end
@@ -78,7 +81,7 @@ module Utils
 
     Net::SSH.start(public_ip, 'root', params) do |session|
       session.exec!(command) do |_channel, _stream, data|
-        output << data
+        output = "#{output}#{data}"
         puts data if print_output
       end
     end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: hetzner-k3s
 version: !ruby/object:Gem::Version
-  version: 0.5.6
+  version: 0.5.7
 platform: ruby
 authors:
 - Vito Botta
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2022-02-25 00:00:00.000000000 Z
+date: 2022-05-28 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bcrypt_pbkdf
@@ -179,14 +179,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 3.1.0
+      version: 3.1.2
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.3.3
+rubygems_version: 3.3.7
 signing_key:
 specification_version: 4
 summary: A CLI to create a Kubernetes cluster in Hetzner Cloud very quickly using