3

GitHub - IBM/automation-ibmcloud-infra-openshift: Automation logic to provision...

 1 year ago
source link: https://github.com/IBM/automation-ibmcloud-infra-openshift
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.

IBM Cloud Reference Architecture - Automation

This collection of IBM Cloud terraform automation bundles has been crafted from a set of Terraform modules created by the IBM Ecosystem Labs team part of the IBM Ecosystem organization. Please contact Matthew Perrins [email protected], Sean Sundberg [email protected], or Andrew Trice [email protected] for more details or raise an issue on the repository for bugs or feature requests.

Three different flavors of the reference architecture are provided with different levels of complexity.

  • QuickStart - minimum to get OpenShift with public endpoints running on basic VPC + Subnet with ROKS
  • Standard - a simple robust architecture that can support a production workload in a single VPC with a VPN+Private Endpoints and a ROKS cluster
  • Advanced - a sophisticated architecture isolating DMZs, Development and Production VPCs for best practices

Reference architectures

This set of automation packages was generated using the open-source isacable tool. This tool enables a Bill of Material yaml file to describe your IBM Cloud architecture, which it then generates the terraform modules into a package of infrastructure as code that you can use to accelerate the configuration of your IBM Cloud environment. Iascable generates standard terraform templates that can be executed from any terraform environment.

The iascable tool is targeted for use by advanced SRE developers. It requires deep knowledge of how the modules plug together into a customized architecture. This repository is a fully tested output from that tool. This makes it ready to consume for projects.

Quick Start

QuickStart

Standard

Advanced

Automation

Prerequisites

  1. Have access to an IBM Cloud Account. An Enterprise account is best for workload isolation but this terraform can be run in a Pay Go account as well.

  2. (Optional) Install and start Colima to run the terraform tools in a local bootstrapped container image.

    brew install docker colima
colima start

Planning

  1. Determine which flavor of reference architecture you will provision: Quick Start, Standard, or Advanced.

  2. View the README in the automation directory for detailed instructions for installation steps and required information:

Setup

  1. Clone this repository to your local SRE laptop or into a secure terminal. Open a shell into the cloned directory.

  2. Copy credentials.template to credentials.properties.

    cp credentials.template credentials.properties

  3. Provide values for the variables in credentials.properties (Note: *.properties has been added to .gitignore to ensure that the file containing the apikey cannot be checked into Git.)

    • TF_VAR_ibmcloud_api_key - The API key for the IBM Cloud account where the infrastructure will be provisioned.
    • TF_VAR_gitops_repo_username - The username on github.com that will be used to provision the gitops repository.
    • TF_VAR_gitops_repo_token - The personal access token that will be used to authenticate to github.com to provision the gitops repository. (The user should have necessary access in the org to create the repository and the token should have delete_repo permission.)
    • TF_VAR_gitops_repo_org - (Optional) The github.com org where the gitops repository will be provisioned. If not provided the org will default to the username.

  4. Run ./launch.sh. This will start a container image with the prompt opened in the /terraform directory, pointed to the repo directory.

  5. Create a working copy of the terraform by running ./setup-workspace.sh. The script makes a copy of the terraform in /workspaces/current and set up a "terraform.tfvars" file populated with default values. The setup-workspace.sh script has a number of optional arguments.

    Usage: setup-workspace.sh [-s STORAGE] [-r REGION] [-n PREFIX_NAME]

where:
  - **STORAGE** - The storage provider. Possible options are `portworx` or `odf`. If not provided as an argument, a prompt will be shown.
  - **REGION** - the IBM Cloud region where the infrastructure will be provided ([available regions](https://cloud.ibm.com/docs/overview?topic=overview-locations#regions)). If not provided the value defaults to `us-east`
  - **PREFIX_NAME** - the name prefix that should be added to all the resources. If not provided a prefix will not be added.

  6. Change the directory to the current workspace where the automation was configured (e.g. /workspaces/current).

  7. Inspect terraform.tfvars to see if there are any variables that should be changed. (The setup-workspace.sh script has generated terraform.tfvars with default values and can be used without updates, if desired.)

    Note: A soft link has been created to the terraform.tfvars in each of the terraform subdirectories so the configuration is shared between all of them.

Run all the terraform layers automatically

From the /workspace/current directory, run the following:

./apply-all.sh

The script will run through each of the terraform layers in sequence to provision the entire infrastructure.

Run all the terraform layers manually

From the /workspace/current directory, run change directory into each of the layer subdirectories and run the following:

terraform init
terraform apply -auto-approve

report

Recommend

About Joyk


Aggregate valuable and interesting links.
Joyk means Joy of geeK