[{"$$mdtype":"Tag","name":"Heading","attributes":{"level":2,"id":["introduction"]},"children":["Introduction"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["Hetzner has two offerings: Hetzner Robot (bare metal) and Hetzner Cloud (virtualized). The Syself Autopilot supports both of them. In case you want to work purely with Hetzner Cloud, you can ignore the bare metal specific preparation."]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":2,"id":["step-1-create-hetzner-project"]},"children":["Step 1: Create Hetzner Project"]},{"$$mdtype":"Tag","name":"Youtube","attributes":{"id":"1TPaZicCzrc"},"children":[]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["We assume that you have an account at ",{"$$mdtype":"Tag","name":"Link","attributes":{"href":"https://www.hetzner.com/"},"children":["Hetzner"]},"."]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["Please create a new project via ",{"$$mdtype":"Tag","name":"Link","attributes":{"href":"https://console.hetzner.cloud/projects"},"children":["Hetzner Cloud Console"]},"."]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":2,"id":["step-2-create-api-token"]},"children":["Step 2: Create API Token"]},{"$$mdtype":"Tag","name":"Youtube","attributes":{"id":"jrIEBbGmjGE"},"children":[]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["Create an API token inside your Hetzner project with read and write permissions. Store it somewhere safe, we'll be using it in later steps."]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":2,"id":["step-3-upload-ssh-key-to-hetzner-cloud"]},"children":["Step 3: Upload SSH key to Hetzner Cloud"]},{"$$mdtype":"Tag","name":"Youtube","attributes":{"id":"NbRkBZc616w"},"children":[]},{"$$mdtype":"Tag","name":"List","attributes":{"ordered":true},"children":[{"$$mdtype":"Tag","name":"Item","attributes":{},"children":[{"$$mdtype":"Tag","name":"p","attributes":{},"children":["Create a new SSH key, for example by using this command:"]},{"$$mdtype":"Tag","name":"Terminal","attributes":{"user":"syself@demo:~$","steps":"[\"ssh-keygen -t ed25519 -C 'autopilot'\"]","height":"5rem","typingSpeed":10},"children":[]}]},{"$$mdtype":"Tag","name":"Item","attributes":{},"children":[{"$$mdtype":"Tag","name":"p","attributes":{},"children":["Upload the public key to the Hetzner project."]}]}]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":2,"id":["optional-setting-up-a-user-for-hetzner-robot-bare-metal"]},"children":["Optional: Setting up a user for Hetzner Robot (bare metal)"]},{"$$mdtype":"Tag","name":"Youtube","attributes":{"id":"tLrJLj6Ag8E"},"children":[]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["The Robot User is needed for managing bare metal machines. You can create one like this:"]},{"$$mdtype":"Tag","name":"List","attributes":{"ordered":true},"children":[{"$$mdtype":"Tag","name":"Item","attributes":{},"children":["Go to ",{"$$mdtype":"Tag","name":"Link","attributes":{"href":"https://robot.hetzner.com/"},"children":["robot.hetzner.com"]}]},{"$$mdtype":"Tag","name":"Item","attributes":{},"children":["Go to \"Settings\" (behind \"👤\")"]},{"$$mdtype":"Tag","name":"Item","attributes":{},"children":["Go to \"Webservice and app settings\""]},{"$$mdtype":"Tag","name":"Item","attributes":{},"children":["Configure \"Webservice/app user\""]}]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":2,"id":["step-4-store-all-values-in-environment-variables"]},"children":["Step 4: Store all values in environment variables"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["Store all values that you gathered during the steps above in environment variables. You can omit the bare metal-related values if you only want to use Hetzner Cloud."]},{"$$mdtype":"Tag","name":"Tabs","attributes":{"id":"hcloud-and-robot"},"children":[{"$$mdtype":"Tag","name":"Tab","attributes":{"title":"Hcloud and Robot"},"children":[{"$$mdtype":"Tag","name":"pre","attributes":{"language":"shell","showCopyButton":true,"persistBlur":false,"content":"export KUBECONFIG=/optional/path/to/your/management/cluster/kubeconfig\nexport HCLOUD_TOKEN=\nexport SSH_KEY_NAME=\nexport HETZNER_SSH_PUB_PATH=/path/to/file/.pub\nexport HETZNER_SSH_PRIV_PATH=/path/to/file/\nexport HETZNER_ROBOT_USER=\nexport HETZNER_ROBOT_PASSWORD=\n"},"children":["export KUBECONFIG=/optional/path/to/your/management/cluster/kubeconfig\nexport HCLOUD_TOKEN=\nexport SSH_KEY_NAME=\nexport HETZNER_SSH_PUB_PATH=/path/to/file/.pub\nexport HETZNER_SSH_PRIV_PATH=/path/to/file/\nexport HETZNER_ROBOT_USER=\nexport HETZNER_ROBOT_PASSWORD=\n"]}]},{"$$mdtype":"Tag","name":"Tab","attributes":{"title":"Hcloud only"},"children":[{"$$mdtype":"Tag","name":"pre","attributes":{"language":"shell","showCopyButton":true,"persistBlur":false,"content":"export KUBECONFIG=/optional/path/to/your/management/cluster/kubeconfig\nexport HCLOUD_TOKEN=\nexport SSH_KEY_NAME=\n"},"children":["export KUBECONFIG=/optional/path/to/your/management/cluster/kubeconfig\nexport HCLOUD_TOKEN=\nexport SSH_KEY_NAME=\n"]}]}]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["You can use \"echo\", for example ",{"$$mdtype":"Tag","name":"Code","attributes":{"content":"echo $SSH_KEY_NAME"},"children":[]},", to ensure that the values are set correctly."]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":2,"id":["step-5-create-secrets-in-management-cluster"]},"children":["Step 5: Create Secrets in Management Cluster"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["To create Kubernetes clusters in your Hetzner account, you need to create secrets in the management cluster."]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":3,"id":["secret-for-accessing-hetzner-api"]},"children":["Secret for accessing Hetzner API"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["Create the secret \"hetzner\" in the following way:"]},{"$$mdtype":"Tag","name":"Tabs","attributes":{"id":"hcloud-and-robot"},"children":[{"$$mdtype":"Tag","name":"Tab","attributes":{"title":"Hcloud and Robot"},"children":[{"$$mdtype":"Tag","name":"Terminal","attributes":{"user":"syself@demo:~$","steps":"[{\"command\":\"kubectl create secret generic hetzner \\\\\\n--from-literal=hcloud=$HCLOUD_TOKEN \\\\\\n--from-literal=robot-user=$HETZNER_ROBOT_USER \\\\\\n--from-literal=robot-password=$HETZNER_ROBOT_PASSWORD \\\\\\n--from-literal=hcloud-ssh-key-name=$SSH_KEY_NAME\",\"output\":\"secret/hetzner created\"},{\"command\":\"kubectl get secrets\",\"output\":\"NAME TYPE DATA AGE\\nhetzner Opaque 4 5s\"}]","height":"17rem","typingSpeed":10},"children":[]}]},{"$$mdtype":"Tag","name":"Tab","attributes":{"title":"Hcloud only"},"children":[{"$$mdtype":"Tag","name":"Terminal","attributes":{"user":"syself@demo:~$","steps":"[{\"command\":\"kubectl create secret generic hetzner \\\\\\n--from-literal=hcloud=$HCLOUD_TOKEN \\\\\\n--from-literal=hcloud-ssh-key-name=$SSH_KEY_NAME\",\"output\":\"secret/hetzner created\"},{\"command\":\"kubectl get secrets\",\"output\":\"NAME TYPE DATA AGE\\nhetzner Opaque 2 5s\"}]","height":"17rem","typingSpeed":10},"children":[]}]}]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":3,"id":["optional-secret-for-bare-metal-servers"]},"children":["Optional: Secret for bare metal servers"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":[{"$$mdtype":"Tag","name":"Image","attributes":{"src":"/images/hetzner-add-robot-ssh-key-management-cluster.png","alt":"Hetzner UI showing how to add Robot SSH to Management Cluster","title":""},"children":[]}]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["Bare metal servers get provisioned with SSH. Therefore, you need to create another secret:"]},{"$$mdtype":"Tag","name":"Terminal","attributes":{"user":"syself@demo:~$","steps":"[\"export SSH_KEY_NAME=autopilot\",\"export HETZNER_SSH_PUB_PATH=~/.ssh/autopilot.pub\",\"export HETZNER_SSH_PRIV_PATH=~/.ssh/autopilot\",{\"command\":\"kubectl create secret generic robot-ssh \\\\\\n--from-literal=sshkey-name=$SSH_KEY_NAME \\\\\\n--from-file=ssh-privatekey=$HETZNER_SSH_PRIV_PATH \\\\\\n--from-file=ssh-publickey=$HETZNER_SSH_PUB_PATH\",\"output\":\"secret/robot-ssh created\"},{\"command\":\"kubectl get secrets\",\"output\":\"NAME TYPE DATA AGE\\nhetzner Opaque 4 4m56s\\nrobot-ssh Opaque 3 5s\"}]","height":"23rem","typingSpeed":10},"children":[]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["Via ",{"$$mdtype":"Tag","name":"Code","attributes":{"content":"kubectl get secrets"},"children":[]}," you can check that the secrets got created as intended."]}]