Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/yevgen-grytsay/kbot-tf-flux
Конфігурація Terraform для розгортання тестового додатку kbot на GKE за допомогою Flux
https://github.com/yevgen-grytsay/kbot-tf-flux
fluxcd google-cloud iac kubernetes terraform
Last synced: 4 days ago
JSON representation
Конфігурація Terraform для розгортання тестового додатку kbot на GKE за допомогою Flux
- Host: GitHub
- URL: https://github.com/yevgen-grytsay/kbot-tf-flux
- Owner: yevgen-grytsay
- Created: 2024-05-03T08:51:24.000Z (9 months ago)
- Default Branch: main
- Last Pushed: 2024-05-05T14:19:14.000Z (9 months ago)
- Last Synced: 2024-11-22T07:18:39.757Z (2 months ago)
- Topics: fluxcd, google-cloud, iac, kubernetes, terraform
- Language: HCL
- Homepage:
- Size: 69.3 KB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
## Components
- Google Cloud Provider (GCP)
- Terraform (flux, google)
- Flux (CRD: GitRepository, HelmRelease)
- Kubernetes (Google Kubernetes Engine)
- application repository (contains helm chart, code and CI/CD configuration) (github.com)
- infrastructure repository (contains terraform config and flux config) (github.com)
- CI/CD (GitHub Actions)
- Container Registry (ghcr.io)
## Flux
### Deployment
```mermaid
graph LR
User -- 1. push --> AppRepository
Flux -- 2. poll --> AppRepository
%%Terraform -- use --> InfraRepository
Flux -- 3. deploy --> App
%%Terraform -- apply --> Flux
%%Terraform -- save state --> GoogleCloudStorage
kubelet -- 4. download --> ContainerRegistry
subgraph GitHub
AppRepository
%%InfraRepository
ContainerRegistry
end
subgraph KubernetesCluster
Flux
subgraph kubelet
App
end
end
```
### App Infrastructure Sync
```mermaid
graph LR
User -- 1. push --> InfraRepository
Flux -- 2. poll --> InfraRepository
Flux -- 3. reconcile --> AppNamespace
subgraph GitHub
InfraRepository
end
subgraph KubernetesCluster
Flux
subgraph AppNamespace
App
end
end
```
## Setup
```sh
gcloud auth application-default login --project=PROJECT_ID
# OR
# gcloud auth application-default login
# gcloud config set project PROJECT_ID
```
```sh
read -s TELE_TOKEN_RAW
export TELE_TOKEN_RAW
TELE_TOKEN=$(echo $TELE_TOKEN_RAW | tr -d '\n' | base64)
export TELE_TOKEN
envsubst '$TELE_TOKEN' < helm-values.tpl.yaml > helm-values.yaml
kubectl create secret generic kbot-helm-values \
--namespace=kbot-tf-flux \
--from-file=values.yaml=./helm-values.yaml
terraform apply -var-file="vars.tfvars"
# gcloud container clusters get-credentials kbot --location=
```
## Resources
- [Flux | Core Concepts](https://fluxcd.io/flux/concepts/)
- [flux create source git](https://fluxcd.io/flux/cmd/flux_create_source_git/)
- [flux create helmrelease](https://fluxcd.io/flux/cmd/flux_create_helmrelease/)
- [Kubernetes | Managing Secrets using kubectl](https://kubernetes.io/docs/tasks/configmap-secret/managing-secret-using-kubectl/)
- [Terraform | google | kubernetes-engine/auth](https://registry.terraform.io/modules/terraform-google-modules/kubernetes-engine/google/latest/submodules/auth)
- [Terraform | google | Authentication](https://registry.terraform.io/providers/hashicorp/google/latest/docs/guides/provider_reference#authentication)
- [Terraform | Modules](https://developer.hashicorp.com/terraform/language/modules)