OpenTofu – Single Control-Plane
OpenTofu ist der Open-Source-Fork von Terraform und ermöglicht Infrastructure as Code für Cloud-Anbieter wie Hetzner, AWS, Azure, GCP u.a.
Installation
curl --proto '=https' --tlsv1.2 -fsSL https://get.opentofu.org/install-opentofu.sh -o install-opentofu.sh
chmod +x install-opentofu.sh
./install-opentofu.sh --install-method deb
rm -f install-opentofu.sh
tofu --version
Single Control-Plane auf Hetzner
main.tf – erstellt einen k3s Control-Plane Node bei Hetzner:
terraform {
required_providers {
hcloud = {
source = "hetznercloud/hcloud"
version = "1.60.1"
}
}
}
data "hcloud_ssh_key" "schulung" {
name = "schulung"
}
resource "hcloud_server" "k3s-single-control-plane" {
name = "k3s-single-control-plane"
image = "debian-13"
server_type = "cx23"
location = "nbg1"
public_net {
ipv4_enabled = true
ipv6_enabled = false
}
ssh_keys = [data.hcloud_ssh_key.schulung.name]
provisioner "remote-exec" {
inline = [
"curl -sfL https://get.k3s.io | sh -"
]
connection {
type = "ssh"
host = self.ipv4_address
user = "root"
private_key = file("../../${data.hcloud_ssh_key.schulung.name}")
}
}
}
Befehle
export HCLOUD_TOKEN=[your-hetzner-cloud-api-token]
cd ~/kubernetes-tutorial/src/opentofu/k3s-installation/k3s-installation-single
tofu init
tofu plan
tofu apply
tofu state list
tofu state show hcloud_server.k3s-single-control-plane
tofu state show hcloud_server.k3s-single-control-plane | grep "ipv4_address"
ssh -i ../../schulung root@[ip-control-plane]
kubectl get nodes
exit
mkdir -p ~/.kube
scp -i ../../schulung root@[ip-control-plane]:/etc/rancher/k3s/k3s.yaml ~/.kube/config
vim ~/.kube/config # server: https://[ip-control-plane]:6443 eintragen
kubectl get nodes
tofu destroy
Hetzner API Token erstellen unter: https://console.hetzner.cloud → Projekt → Security → API Tokens