Real World Infrastructure Setup with Terraform and Kubernetes

Transcript

1. Real World Infrastructure Setup with Terraform and Kubernetes Waldemar Biller

   December, 10th 2019

2. Agenda • Terraforming the cloud • GitOps • Terraform +

   Kubernetes • Blue / Green Clusters • DNS

3. Terraform • Environment to create cloud resources • 100+ Providers

   for almost everything exist ◦ Azure, AWS, GCP, Open Telekom Cloud, PostgreSQL, F5, ... • Uses HCL to describe desired state • Uses a object graph to declare dependencies between resources • Store and share state over backends ◦ AWS S3, Azure Storage Account, GCP Bucket

4. Workflow

5. GitOps • Agent-based way to bring a cluster to a

   desired state • Is driven by changes made to a Git repository • Allows to leverage Pull Requests etc. for cluster management

6. Terraform + Kubernetes • Initialize the cluster • Create required

   secrets ◦ Service Principal for DNS • Deploy Flux CD via Helm

7. Blue / Green Clusters • Switch between clusters ◦ Version

   upgrades ◦ Testing • Leverage possibilities of DNS ◦ Namespace delegation ◦ CNAMEs

8. DNS • Run Kubernetes on specific subdomain e.g. blue.biller.cloud, green.biller.cloud

   • Use CNAMEs to point to actual domain names dashboard.biller.cloud → dashboard.blue.biller.cloud • Ingresses use non-colored domain name • External DNS creates records for colored domain names • Cert Manager operates on non-colored domain names • Subdomains have to be known by Terraform

9. DNS Record Name Value NS @ ns1-04.azure-dns.com. NS blue ns1-05.azure-dns.com.

   CNAME dashboard dashboard.blue.biller.cloud biller.cloud Record Name Value NS @ ns1-05.azure-dns.com. A dashboard 61.10.250.23 blue.biller.cloud

10. Thank you! https://gitlab.com/cloud-native-meetup-ks/terraform-kubernetes [email protected]