blob: ffb63c9054049c5d59a71408f744b9335ffdec1d (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
|
hetznertool - create VMs in the Hetzner Cloud for QvarnLabs Ab
=============================================================================
`hetznertool` is a little utility to make it easier to manage VMs in
the Hetzner Cloud. It's inspired by the OpenStack Heat tooling we've
used before. The utility can:
* list all servers in all hcloud contexts
* create servers in a context based on a YAML specification file
* also, update DNS (`CONTEXT-PROJECT.h.qvarnlabs.eu`)
* also, write Ansible inventory files
* delete all servers in a named context
Requirements
=============================================================================
* Python 3
* `hcloud` from <https://github.com/hetznercloud/cli/releases>
* Download, unpack tarball from above URL.
* Move `bin/hcloud` into a location on the PATH.
* Create one or more contexts by going adding projects, ssh keys,
and access tokens via the Hetzner Cloud console. (See below.)
* Get `hetznertool` with git clone from
`ssh://git@git.qvarnlabs.net/hetznertool`
Preparation: Hetzner project creation
-----------------------------------------------------------------------------
Log into
https://console.hetzner.cloud/projects
Create projects as needed, add ssh keys to them, and create access
tokens for each. Use the access tokens to create "contexts" for
`hcloud` (run `hcloud context create FOO`, it will ask for the access
token).
Use the ssh token at once when creating it: it cannot be recovered
later (but a new one can be created at will). Not that it's not
necessary to store the access token elsewhere, but do guard the
`.config/hcloud/cli.toml` file, which is where `hcloud` stores the
access tokens. `hcloud` does not seem to have a way to store that in
`pass` or similar. Avoid sharing `cli.toml` with anyone.
This only needs to be done once per project.
Use
=============================================================================
All `hetznertool` invocations should be done in the directory to where
you cloned it.
Config
-----------------------------------------------------------------------------
Create `~/.config/hetznertool/hetznertool.yaml`:
ssh-key: liw-openpgp
ansible-inventory-dir: /home/liw/qvarnlabs/code/qvarn-prov/ansible
(edit values as suits you).
List
-----------------------------------------------------------------------------
List all servers:
./hetznercloud list
Create
-----------------------------------------------------------------------------
Create a server specification file (`qvarn.servers`):
defaults:
type: cx11
image: debian-9
hosts:
- name: haproxy
type: cx51
- name: qvarn1
- name: qvarn2
- name: qvarn3
- name: qvarn4
- name: postgres
type: cx51
- name: qvisvqe
Values from `defaults` are used if a dict in the list in `hosts`
doesn't specify a value.
Create servers (may take a minute per server):
./hetznertool create mydev qvarn.server
(where `mydev` is the name of a context). This will write inventory
files and update DNS, creating names like
`mydev-haproxy.h.qvarnlabs.eu`.
Delete
-----------------------------------------------------------------------------
Delete sll servers in a context:
./hetznertool delete mydev
This will also rewrite zone and inventory files to update them to any
remaining servers.
To run Ansible
-----------------------------------------------------------------------------
ansible-playbook -i hosts.mydev playbook.yml
Problems?
=============================================================================
Ask in the company Matrix room.
|
