Everyone can contribute! Let's learn together in a weekly cafe ☕
We love to break things, make mistakes, debug, analyse, fix problems together. Live and unfiltered on Youtube.
Community members and thought leaders regularly join and share their projects and ideas.
"Everyone Can Contribute" is inspired by GitLab's mission.
23. #everyonecancontribute cafe: Automate our Kubernetes setup & deep dive into Hetzner firewall
We are learning how to deploy and secure Kubernetes into Hetzner cloud in this series:
In this session, we automate the setup of the Kubernetes cluster with Max:
- Hetzner Terraform Provider update to 1.26.
- Destroy the resources and re-create them in Hetzner Cloud.
- Terraform destroy might fail - bug report, do it again to solve it.
- Testing is now more reliable as a basis
- Security groups and firewalls as a service in Hetzner Cloud. Announcement tweet.
- terraform taint command manually marks a Terraform-managed resource as tainted, forcing it to be destroyed and recreated on the next apply.
- Terraform lifecycle: Create a new resource e.g. a database, test if it is working, and later destroy the old resource in the lifecycle.
- Firewall changes: ICMP, port 22 (SSH), 6443 (Kubernetes k3s cluster).
- Hetzner Firewall FAQ.
- Commit for the changes today.
In the future, we’ll explore more Kubernetes topics:
- Automate the deployment from the repository with CI/CD
- CI/CD, IaC and GitOps with the GitLab Kubernetes Agent
- Hetzner storage volumes
- Monitoring with Prometheus, GitLab CI/CD deployments and much more :)
Enjoy the session! 🦊