HomeInfra/HetznerTerra
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Enable Hetzner CCM and CSI for cloud provider integration
Some checks failed
Deploy Cluster / Terraform (push) Successful in 30s
Details
Deploy Cluster / Ansible (push) Failing after 3m21s
Details

Browse Source 
- Enable --kubelet-arg=cloud-provider=external on all nodes (control planes and workers)
- Activate CCM Kustomization with 10m timeout for Hetzner cloud-controller-manager
- Activate CSI Kustomization with dependsOn CCM and 10m timeout for hcloud-csi
- Update deploy workflow to wait for CCM/CSI readiness (600s timeout)
- Add providerID verification to post-deploy health checks

This enables proper cloud provider integration with Hetzner CCM for node
labeling and Hetzner CSI for persistent volume provisioning.
This commit is contained in:
MichaelFisher1997
2026-03-22 22:26:21 +00:00
parent 4eebbca648
commit 561cd67b0c
5 changed files with 12 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
.gitea/workflows/deploy.yml
View File

@@ -290,9 +290,9 @@ jobs:
key: dopplerToken
namespace: external-secrets
EOF
# CCM and CSI are suspended for stable baseline - using k3s embedded cloud provider
# kubectl -n flux-system wait --for=condition=Ready kustomization/addon-ccm --timeout=300s
# kubectl -n flux-system wait --for=condition=Ready kustomization/addon-csi --timeout=300s
# Wait for CCM and CSI (Hetzner cloud integration)
kubectl -n flux-system wait --for=condition=Ready kustomization/addon-ccm --timeout=600s
kubectl -n flux-system wait --for=condition=Ready kustomization/addon-csi --timeout=600s
kubectl -n flux-system wait --for=condition=Ready kustomization/addon-tailscale-operator --timeout=300s
# Observability stack deferred - complex helm release timing out, debug separately
# kubectl -n flux-system wait --for=condition=Ready kustomization/addon-observability --timeout=300s
@@ -302,6 +302,7 @@ jobs:
working-directory: ansible
run: |
ansible -i inventory.ini 'control_plane[0]' -m command -a "kubectl get nodes -o wide"
ansible -i inventory.ini 'control_plane[0]' -m command -a "kubectl describe nodes | grep -E '(Name:|providerID:)'"
ansible -i inventory.ini 'control_plane[0]' -m command -a "kubectl -n flux-system get gitrepositories,kustomizations,helmreleases"
ansible -i inventory.ini 'control_plane[0]' -m command -a "kubectl -n kube-system get pods -o wide"
ansible -i inventory.ini 'control_plane[0]' -m command -a "kubectl get storageclass"

2
ansible/roles/k3s-agent/defaults/main.yml
View File

@@ -3,4 +3,4 @@ k3s_version: latest
k3s_server_url: ""
k3s_token: ""
k3s_node_ip: ""
k3s_kubelet_cloud_provider_external: false
k3s_kubelet_cloud_provider_external: true

2
ansible/roles/k3s-server/defaults/main.yml
View File

@@ -5,4 +5,4 @@ k3s_node_ip: ""
k3s_primary_public_ip: ""
k3s_disable_embedded_ccm: true
k3s_disable_servicelb: true
k3s_kubelet_cloud_provider_external: false
k3s_kubelet_cloud_provider_external: true

4
infrastructure/addons/kustomization-ccm.yaml
View File

@@ -11,5 +11,5 @@ spec:
name: platform
path: ./infrastructure/addons/ccm
wait: true
timeout: 5m
suspend: true
timeout: 10m
suspend: false

8
infrastructure/addons/kustomization-csi.yaml
View File

@@ -10,8 +10,8 @@ spec:
kind: GitRepository
name: platform
path: ./infrastructure/addons/csi
# dependsOn:
# - name: addon-ccm # Deferred - CCM suspended for stable baseline
dependsOn:
- name: addon-ccm
wait: true
timeout: 5m
suspend: true
timeout: 10m
suspend: false