Deploying Scaleway Elements Kubernetes Kapsule using Terraform and Gitlab CI

Chabane R. - Jan 18 '21 - - Dev Community

Hello there !

In the part 3, we built our DevOps platform in Google Cloud with GitLab and Kubernetes. We also configured Vault and ArgoCD.

In this part 4, we will deploy the Scaleway Infrastructure using Terraform and Gitlab.

Alt Text

Plan

  • Creating the Kapsule Cluster.
  • Writing the Gitlab pipeline.

Infrastructure as code

Kapsule Cluster

Kapsule is a fully-managed Kubernetes service of Scaleway Elements offering a free managed control plane, high availability and auto-scaling.

The following terraform:

  • Creates Kapsule cluster.
  • Creates a nodepool.

plan/kapsule.tf
resource "scaleway_k8s_cluster_beta" "k8s-cluster-demo" {
  name = "kapsule-cluster-${var.env}-demo"
  description = "K8S Demo ${var.env} Cluster"
  version = "1.19.4"
  cni = "calico"
  enable_dashboard = true
  ingress = "nginx"
  tags = [var.env, "demo"]

  autoscaler_config {
    disable_scale_down = false
    scale_down_delay_after_add = "5m"
    estimator = "binpacking"
    expander = "random"
    ignore_daemonsets_utilization = true
    balance_similar_node_groups = true
    expendable_pods_priority_cutoff = -5
  }
}

resource "scaleway_k8s_pool_beta" "k8s-pool-demo" {
  cluster_id = scaleway_k8s_cluster_beta.k8s-cluster-demo.id
  name = "kapsule-pool-${var.env}-demo"
  node_type = "DEV1-M"
  size = 3
  autoscaling = true
  autohealing = true
  min_size = 1
  max_size = 5
}

Enter fullscreen mode Exit fullscreen mode

Other

plan/provider.tf
provider "scaleway" {
  zone            = var.zone
  region          = var.region
}
Enter fullscreen mode Exit fullscreen mode

plan/backend.tf
terraform {
  backend "gcs" {
  }
}
Enter fullscreen mode Exit fullscreen mode

plan/variables.tf
variable "zone" {
  type = string
}

variable "region" {
  type = string
}

variable "env" {
  type = string
}
Enter fullscreen mode Exit fullscreen mode

envs/dev/terraform.tfvars
zone             = "fr-par-1"
region           = "fr-par"
env              = "dev"
Enter fullscreen mode Exit fullscreen mode

Automation

Let's automate our deployment with Gitlab.

The Gitlab pipeline defines two jobs:

  • Initializing the infrastructure and terraform state.
  • Deploying the infrastructure with terraform apply.

Before each stage:

  • We get the vault token from Google Secret Manager.
  • Getting Scaleway credentials from Vault.

.gitlab-ci.yaml
stages:
  - init
  - deploy

# Get Scaleway credentials from Vault
before_script:
    - export VAULT_TOKEN="$(gcloud secrets versions access latest --secret=vault-token --project ${GCP_PROJECT_ID})"
    - export SCW_ACCESS_KEY="$(vault kv get -field=key scaleway/project/${SW_PROJECT_NAME}/credentials/access)"
    - export SCW_SECRET_KEY="$(vault kv get -field=key scaleway/project/${SW_PROJECT_NAME}/credentials/secret)"
    - export SCW_DEFAULT_ORGANIZATION_ID="$(vault kv get -field=id scaleway/project/${SW_PROJECT_NAME}/config)"

init sw infrastructure 🔬:
  stage: init
  image:
    name: eu.gcr.io/${GCP_PROJECT_ID}/tools
  script:
    - cd envs/dev
    # Init terraform
    - |
       terraform init \
        -backend-config="bucket=bucket-${GCP_PROJECT_ID}-sw-gcp-terraform-backend" \
        -backend-config="prefix=scaleway/terraform/state" \
        ../../plan/
  artifacts:
    paths:
      - envs/dev/.terraform
  tags:
    - k8s-dev-runner
  only:
    - master 

deploy sw infrastructure 🚀:
  stage: deploy
  image:
    name: eu.gcr.io/${GCP_PROJECT_ID}/tools
  script:
    - cd envs/dev
    # Deploy sw ressources
    - terraform apply -auto-approve ../../plan/ 
  tags:
    - k8s-dev-runner
  only:
    - master 
Enter fullscreen mode Exit fullscreen mode

Share the specific runner k8s-dev-runner created previously with this project. You will need Maintainer permission in Gitlab.

Now you can run the Gitlab pipeline with the following Gitlab CI/CD Variables:

GCP_PROJECT_ID=$GCP_PROJECT_ID
SW_PROJECT_NAME=$SW_PROJECT_NAME
VAULT_ADDR=$VAULT_ADDR
ENV=dev
Enter fullscreen mode Exit fullscreen mode

Conclusion

In the last part we will see how to build, publish and deploy Docker images from Gitlab CI to Kubernetes using GitOps practices.

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .