23. #everyonecancontribute cafe: Automate our Kubernetes setup & deep dive into Hetzner firewall
We are learning how to deploy and secure Kubernetes into Hetzner cloud in this series:
In this session, we automate the setup of the Kubernetes cluster with Max:
- Hetzner Terraform Provider update to 1.26.
- Destroy the resources and re-create them in Hetzner Cloud.
- Terraform destroy might fail - bug report, do it again to solve it.
- Testing is now more reliable as a basis
- Security groups and firewalls as a service in Hetzner Cloud. Announcement tweet.
- terraform taint command manually marks a Terraform-managed resource as tainted, forcing it to be destroyed and recreated on the next apply.
- Terraform lifecycle: Create a new resource e.g. a database, test if it is working, and later destroy the old resource in the lifecycle.
- Firewall changes: ICMP, port 22 (SSH), 6443 (Kubernetes k3s cluster).
- Hetzner Firewall FAQ.
- Commit for the changes today.
In the future, we’ll explore more Kubernetes topics:
- Automate the deployment from the repository with CI/CD
- CI/CD, IaC and GitOps with the GitLab Kubernetes Agent
- Hetzner storage volumes
- Monitoring with Prometheus, GitLab CI/CD deployments and much more :)
Enjoy the session! 🦊