Provider example

Hetzner — NodePool, NodeClass & Workload

Full manifests and kubectl commands for Hetzner Cloud.

Replace placeholders
  • <HOST_TAILSCALE_IP> → Kind control-plane Tailscale IP

Ensure secrets exist: tailscale-auth, hetzner-api-token.

Flow: NodePool, NodeClass, Workload → Pod Pending → CloudBroker → Provision VM → Node Ready → Pod Scheduled
Hetzner provisioning flow: apply manifests → pod pending → CloudBroker recommends → controller provisions VM → node joins → pod schedules.

1. Create secrets

# Tailscale auth key (required by NodeClass)
kubectl create secret generic tailscale-auth --from-literal=authkey="<YOUR_TAILSCALE_AUTHKEY>" -n default

# Hetzner Cloud API token
kubectl create secret generic hetzner-api-token --from-literal=HETZNER_API_TOKEN="<YOUR_HETZNER_API_TOKEN>" -n default

2. NodePool

apiVersion: cloudburst.io/v1alpha1
kind: NodePool
metadata:
  name: hetzner-nodepool
  namespace: default
spec:
  requirements:
    regionConstraint: "EU"
    arch: ["x86_64"]
    maxPriceEurPerHour: 0.15
    allowedProviders: ["hetzner"]
  limits:
    maxNodes: 3
    minNodes: 0
  template:
    labels:
      cloudburst.io/nodepool: "hetzner-nodepool"
      cloudburst.io/provider: "hetzner"
  disruption:
    ttlSecondsAfterEmpty: 60
    ttlSecondsUntilExpired: 3600
  weight: 1

3. NodeClass

apiVersion: cloudburst.io/v1alpha1
kind: NodeClass
metadata:
  name: hetzner-nodeclass
  namespace: default
spec:
  hetzner:
    location: "fsn1"
    image: "ubuntu-22.04"
    apiTokenSecretRef:
      name: hetzner-api-token
      key: HETZNER_API_TOKEN
  join:
    hostApiServer: "https://<HOST_TAILSCALE_IP>:6443"
    kindClusterName: "cloudburst"
    tokenTtlMinutes: 60
  tailscale:
    authKeySecretRef:
      name: tailscale-auth
      key: authkey
  bootstrap:
    kubernetesVersion: "1.34.3"

4. Workload (triggers burst; targets Hetzner nodes)

apiVersion: v1
kind: Pod
metadata:
  name: hetzner-workload
  namespace: default
spec:
  containers:
  - name: workload
    image: busybox:1.36
    command: ["sleep", "infinity"]
    resources:
      requests:
        cpu: "1500m"
        memory: "2Gi"
  affinity:
    nodeAffinity:
      requiredDuringSchedulingIgnoredDuringExecution:
        nodeSelectorTerms:
        - matchExpressions:
          - key: cloudburst.io/provider
            operator: In
            values: ["hetzner"]

5. Apply and verify

# Save the manifests above to hetzner-example.yaml, then:
kubectl apply -f hetzner-example.yaml

# Watch NodeClaim creation
kubectl get nodeclaims -w

# Once node is Ready, verify pod
kubectl get pods -o wide
kubectl get nodes -l cloudburst.io/provider=hetzner

↑ Back to examples