Infrastructure as code (IaC) is the process of managing and provisioning computer data centers through machine-readable definition files, rather than physical hardware configuration or interactive configuration tools. The IT infrastructure managed by this process comprises both physical equipment, such as bare-metal servers, as well as virtual machines, and associated configuration resources. The definitions may be in a version control system. The code in the definition files may use either scripts or declarative definitions, rather than maintaining the code through manual processes, but IaC more often employs declarative approaches.
From Wikipedia
In other words: it's easier to manage your infrastructure (physical or virtual components) with code in particular combined with Git.
In this part we will use Terraform from Hashicorp, which is the most popular tool for Cloud IaC, to deploy the infrastructure needed for our Web Application.
🏆 Objective: Deploy the infrastructure needed to deploy our application
⚙️ Exercice 1: Configure and deploy the network
-
If you don't have already install Terraform, it's time to do it
-
We are going to deploy the network layer
-
The code is provided inside the related directory
-
The file
01-locals.tfcontains the configuration that you need to provide to be able to deploy the network layer -
Edit the file and change the variables with a
FIX_MEvalue. For the CIDR provide a/20private CIDR. -
We need to initialize your terraform configuration with the
initcommand. Initialization will download all dependencies. -
Run terraform with the
plancommand to look at what terraform will do (and catch errors ^^) -
Run terraform with the
applycommand to create the network part on AWS -
Once terraform applied, look at the resources created on AWS (with the console or with the CLI)
Network is deployed. Let's move to the next exercice to deploy EKS related things.
Hint 1
Example CIDR: 10.10.0.0/20Hint 2
To run a `init` with Terraform : `terraform init`Hint 3
To run a `plan` with Terraform : `terraform plan`Hint 4
To run a `apply` with Terraform : `terraform apply`Hint 5
It's always a good practice to check what Terraform will do with the plan command before applying. That's allow you to understand the changes that you are going to do. Even if the `apply` command will show you the changes, it's highly recommanded to plan before (to avoid quick answer to the question in the apply without reviewing your changes).Hint 6
You can check your VPC and subnets with the AWS CLI:aws ec2 describe-vpcs
aws ec2 describe-subnets
You could also see all the changes with the AWS Web Console.
⚙️ Exercice 2: Configure and deploy Elastic Kubernetes Service (EKS)
-
Now, we will deploy the Kubernetes cluster that will support our application. We will use a managed service called EKS that allow us to easily deploy (and maintain) a Kubernetes cluster.
-
Rename the file
02-eks.tbdin02-eks.tfto instruct Terraform to execute the instruction in this file -
Uncomment the section related to EKS in the file
01-locals.tf -
Since we added new code to our terraform codebase, run again the
init -upgradecommand to ensure that all dependencies are update to date -
Like in the previous exercice, check the changes before the apply
-
You can look at the creation of the cluster through the AWS Console. This operation take a few minutes (~ > 15 mins)
-
During the creation of EKS ... your can take a look at the Part 4 about the application or eat some pizza and drink some beers !
-
Your EKS cluster is UP and RUNNING ! 🍾
-
You can manage your Kubernetes cluster with
kubectl. If you don't have already install it, it's time to do it** -
Before using
kubectlyou have to configure your environement to point to your EKS cluster. Use the AWS CLI to do that with theaws eks update-kubeconfigcommand -
Now you can look at the pods running in your cluster:
kubectl get pods -A -
You can also look at the nodes started to support your workload:
kubectl get nodes
Your EKS is fully operational. Move to the next exercice to deploy a private Docker Registry with ECR for our application images.
Hint 1
To run a `plan` with Terraform : `terraform plan`Hint 2
To run a `init` with Terraform : `terraform init` To run a `plan` with Terraform : `terraform plan` To run a `apply` with Terraform : `terraform apply`Hint 3
To configure your kubectl environment with your cluster: run the following command :aws eks update-kubeconfig --name REPLACE_WITH_YOUR_CLUSTER_NAME --region eu-west-3
Hint 4
To find your running pods: ``` kubectl get pods -A # -A mean on all namespace ```⚙️ Exercice 3: Deploy a private Docker registry
- We are going to deploy a private Docker registry (ECR - Amazon Container Registry)
- ECR will be use to store the image of our application
- Will will also create some resources for our Gitlab Runner that will allow it to use ECR
- Rename the file
03-ecr.tbdin03-ecr.tfto instruct Terraform to execute the instruction in this file - Check what terraform will demo
- Fix the error by uncomment the missing variable in
01-locals.tf - Like previous exercices, review the change that terraform will apply and then, apply
- Use AWS CLI or the AWS Console to check your repository added
Your ECR is fully operational. Move to the next exercice to finish the deployment of the infrastructure with a S3 bucket for Gitlab runner caching.
Hint 1
Code for add a repository on ECR: ``` ecrs = { "app" = { name = "dojo-padok-${local.owner}" } } ```Hint 2
Get the list of your repository with AWS CLI:
aws ecr describe-repositories
⚙️ Exercice 4: Deploy AWS resources for your Gitlab runner: IAM permissions
-
Last part for the infrastructure. We are going to deploy IAM ressources for your Gitlab Runner. Gitlab need to be able to use our ECR registry
-
Rename the file
04-gitlab.tbdin04-gitlab.tfto instruct Terraform to execute the instruction in this file -
Like previous exercices, review the change that terraform will apply and them, apply
-
Them apply your change with terraform
😻 Our infrastructure is UP and RUNNING, we can move the the next part !