Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Example of Kubernetes cluster on DigitalOcean #7

Open
wants to merge 5 commits into
base: main
Choose a base branch
from
Open

Example of Kubernetes cluster on DigitalOcean #7

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
e99076c
Remove experiments = [module_variable_optional_attrs], because it's n…
NinaDen Sep 8, 2023
7c49423
Upgrade DigitalOcean provider version from 2.17.0 to 2.29.0
NinaDen Sep 8, 2023
1640f08
Add variable for registry name because it should be unique
NinaDen Sep 8, 2023
1b4cc4b
Add example of DigitalOcean config
NinaDen Sep 8, 2023
6f9f9e6
Store terraform state on DO space to hide sensitive information
NinaDen Sep 8, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,2 +1,3 @@
.terraform
.terraform.lock.hcl
terraform.tfstate*
4 changes: 2 additions & 2 deletions do/k8s/main.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ terraform {
required_providers {
digitalocean = {
source = "digitalocean/digitalocean"
version = "~> 2.17.0"
version = "~> 2.29.0"
}
}
}
Expand All @@ -30,7 +30,7 @@ resource "digitalocean_kubernetes_cluster" "k8s_cluster" {
}

resource "digitalocean_container_registry" "container_registry" {
name = var.project
name = var.registry
subscription_tier_slug = var.container_registry_plan
}

Expand Down
4 changes: 4 additions & 0 deletions do/k8s/variables.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,10 @@ variable "region" {
type = string
}

variable "registry" {
type = string
}

variable "k8s" {
type = object({
node_size = string
Expand Down
22 changes: 22 additions & 0 deletions examples/do-cluster/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
# DigitalOcean cluster

1. Generate personal access tokens for DigitalOcean API and save it to `DIGITALOCEAN_TOKEN` environment variable.

2. Create DO space for storing terraform state.

3. Generate Spaces access key and secret key.

4. Initialize the Terraform configuration with your Spaces access key and secret key:

```
terraform init -backend-config "access_key=SPACES_ACCESS_KEY" -backend-config "secret_key=SPACES_SECRET_KEY"
```

5. Due to limitations of kubernetes-alpha provider we have to apply configuration in multiple steps:

```
terraform apply -target module.eks
terraform apply -target module.database
terraform apply -target module.kubernetes.module.dependencies
terraform apply
```
91 changes: 91 additions & 0 deletions examples/do-cluster/app.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,91 @@
terraform {
backend "s3" {
key = "terraform.tfstate"
bucket = "first-project-test"
region = "tor1"
endpoint = "fra1.digitaloceanspaces.com"
skip_region_validation = true
skip_credentials_validation = true
skip_metadata_api_check = true
}
}

module "digitalocean" {
source = "[email protected]:datarockets/infrastructure.git//do/k8s?ref=example-digital-ocean"

project = "first-project"
registry = "first-project-test"
region = "tor1"

database = {
name = "example"
username = "example"
}
}

provider "kubernetes" {
host = module.digitalocean.k8s_host
token = module.digitalocean.k8s_token
cluster_ca_certificate = module.digitalocean.k8s_ca_certificate
}

provider "kubernetes-alpha" {
host = module.digitalocean.k8s_host
token = module.digitalocean.k8s_token
cluster_ca_certificate = module.digitalocean.k8s_ca_certificate
}

provider "helm" {
kubernetes {
host = module.digitalocean.k8s_host
token = module.digitalocean.k8s_token
cluster_ca_certificate = module.digitalocean.k8s_ca_certificate
}
}

module "kubernetes" {
source = "[email protected]:datarockets/infrastructure.git//k8s/basic?ref=example-digital-ocean"
depends_on = [
module.digitalocean
]

app = "example"
email = "[email protected]"
dcr_credentials = module.digitalocean.dcr_credentials_k8s
services = {
app = {
replicas = 1
image = "nginx:latest"
ports = [80]
env_from_secrets = ["example"]
}
}
web_services = ["app"]
# ingresses = {
# "example.datarockets.com" = {
# annotations = {
# }
# rules = [
# {
# host = "example.datarockets.com"
# paths = [
# {
# path = "/"
# service = "app"
# port = 80
# }
# ]
# }
# ]
# }
# }
secrets = {
example = {
DB_HOST = module.digitalocean.db_host
DB_PORT = module.digitalocean.db_port
DB_USER = module.digitalocean.db_user
DB_PASSWORD = module.digitalocean.db_password
DB_DATABASE = module.digitalocean.db_database
}
}
}
4 changes: 0 additions & 4 deletions k8s/basic/cluster/cluster.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,3 @@
terraform {
experiments = [module_variable_optional_attrs]
}

resource "kubernetes_secret" "secret" {
for_each = var.secrets

Expand Down
4 changes: 0 additions & 4 deletions k8s/basic/ingress/ingress.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,3 @@
terraform {
experiments = [module_variable_optional_attrs]
}

resource "kubernetes_ingress" "ingress" {
metadata {
name = var.name
Expand Down
1 change: 0 additions & 1 deletion k8s/basic/main.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,6 @@ terraform {
version = "~> 2.4.1"
}
}
experiments = [module_variable_optional_attrs]
}

module "dependencies" {
Expand Down