This module deploys infrastructure and installs RKE2 on that infrastructure. This module combines other modules that we provide to give holistic control of the lifecycle of a single RKE2 node.
Only two of the providers require setup:
We recommend setting the following environment variables for quick personal use:
GITHUB_TOKEN
AWS_REGION
AWS_SECRET_ACCESS_KEY
AWS_ACCESS_KEY_ID
You will need Curl available on the server running Terraform.
You will need write access to the filesystem on the server running Terraform. If downloading the files from GitHub (not setting 'skip_download'), then you will need about 2GB storage space available in the 'local_file_path' location (defaults to ./rke2).
We specify the Terraform version < 1.6 to avoid potential license issues and version > 1.4.1 to enable custom variable validations.
We have a few example implementations to get you started, these examples are tested in our CI before release. When you use them, update the source and version to use the Terraform registry.
The specific use case for the example modules is temporary infrastructure for testing purposes.
With that in mind, it is not expected that we manage the resources as a team, therefore the state files are all stored locally.
If you would like to store the state files remotely, add a terraform backend file (*.name.tfbackend
) to your root module.
https://developer.hashicorp.com/terraform/language/v1.5.x/settings/backends/configuration#file
Please make sure to read terraform.md to understand the paradigms and expectations that this module has for development. This is a "Primary" module, as such it is not allowed to generate resources on its own, it must call on "Core" modules which generate resources.
It is important to us that all collaborators have the ability to develop in similar environments, so we use tools which enable this as much as possible. These tools are not necessary, but they can make it much simpler to collaborate.
- I use nix that I have installed using their recommended script
- I have an RC file that generates the environment for me
- I just source the .envrc in the main directory
- I use the run_tests.sh script in the parent directory to run tests
- I store my credentials in a local file which I source
- eg.
~/.config/github/default/rc
- this will be automatically sourced when you enter the nix environment (and unloaded when you leave)
- see the
.envrc
and.rcs
file for the implementation
- eg.
Our continuous integration tests using the GitHub ubuntu-latest runner which has many different things installed and does not rely on Nix.
It also has special integrations with AWS to allow secure authentication, see https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-amazon-web-services for more information.