Everyone can contribute! Learn DevOps and Cloud Native in our cafe ☕

Technology is moving fast in the DevOps and Cloud Native community.

Join the conversation and add your thoughts, tips, experiences, stories.

"Everyone Can Contribute" is inspired by GitLab's mission.

23. #everyonecancontribute cafe: Automate our Kubernetes setup & deep dive into Hetzner firewall

We are learning how to deploy and secure Kubernetes into Hetzner cloud in this series:

In this session, we automate the setup of the Kubernetes cluster with Max:

Hetzner Terraform Provider update to 1.26.
Destroy the resources and re-create them in Hetzner Cloud.
- Terraform destroy might fail - bug report, do it again to solve it.
Testing is now more reliable as a basis
Security groups and firewalls as a service in Hetzner Cloud. Announcement tweet.
- Shoud I block ICMP?
terraform taint command manually marks a Terraform-managed resource as tainted, forcing it to be destroyed and recreated on the next apply.
Terraform lifecycle: Create a new resource e.g. a database, test if it is working, and later destroy the old resource in the lifecycle.
Firewall changes: ICMP, port 22 (SSH), 6443 (Kubernetes k3s cluster).
Hetzner Firewall FAQ.
Commit for the changes today.

In the future, we’ll explore more Kubernetes topics:

Enjoy the session! 🦊

Written by: Michael Friedrich

Date published: March 31, 2021

Tags: Gitlab, Hetzner, Cloud, Terraform, Ansible, Kubernetes, Security, Kiosk, Multi tenancy