Rancher Suite K8S Adventure - Chapter 020 - Prepare Terraform for Harvester
A travelogue of converting from OpenStack to Suse's Rancher Suite for K8S including RKE2, Harvester, kubectl, helm.
I don't like manually configuring things. I like IaaC with templates stored in a nice Git repo, it eliminates errors, deployments are faster, fewer human errors, it's just all around better than mousing and typing a virtual infrastructure. So today we prepare Terraform to work with Harvester, but first, some work with multiple cluster kubeconfig files.
Multiple Cluster Kubectl
Start automating by configuring kubectl to talk to multiple clusters.
Reference:
https://kubernetes.io/docs/tasks/access-application-cluster/configure-access-multiple-clusters/
The good news is its pretty easy to configure multiple clusters into separate kubectl contexts. The bad news is its easy to select different contexts at runtime, in fact its so easy to select different contexts, that there have been multiple headline news stories about devops who thought they were permanently erasing their test cluster deployment, only to rapidly discovery they were actually in their production context, resulting in some amazing news headlines about outages and deleted data. So, keep your wits about you and be careful. I will set up multiple contexts some other time.
One of the cultural oddities of the K8S community is they like to call the kubectl config file by the generic phrase "your kubeconfig file". What makes that odd is most installs do not have a file named kubeconfig or dot kubeconfig or kubeconfig.conf or whatever. On my Ubuntu system, kubectl's config file, aka the "kubeconfig file" is configured by a file located at ~/.kube/config
I will usually be working with Harvester, so in my ~/.kube directory I keep yaml files named rancher.yaml and harvester.yaml and I can simply copy them over the ~/.kube/config file.
In summary, make certain that running "kubectl get nodes" displays the correct cluster...
Terraform
https://developer.hashicorp.com/terraform
Terraform is similar in concept to CloudFormation from AWS or HEAT templates from OpenStack. You write your infrastructure as source code, run the template, and terraform makes the cloud gradually closely resemble your template. Not a script, so much as a specification.
Install Terraform
I should have installed Terraform back when I was installing support software like kubectl and helm. Better late than never...
https://developer.hashicorp.com/terraform/downloads
https://www.hashicorp.com/official-packaging-guide
The exact version of the Ubuntu package I'm installing is 1.3.9 as seen at
https://releases.hashicorp.com/terraform/
And I'm doing an "apt hold" on it to make sure its not accidentally upgraded.
Here is a link to the Gitlab repo directory for the Ansible helm role:
https://gitlab.com/SpringCitySolutionsLLC/ansible/-/tree/master/roles/terraform
If you look at the Ansible task named packages.yml, the task installs some boring required packages first, then deletes the repo key if its too old, then downloads a new copy of the repo key if its not already present, gpg dearmor the key into 'apt' format, add the local copy of the repo key to apt's list of known good keys, install the sources.list file for the repo, does an apt-get update, takes terraform out of "hold" state, installs terraform version 1.3.9, finally places terraform back on "hold" state so its not magically upgraded to the latest version (1.4 or 1.5 or something by now). Glad I don't have to do that manually by hand on every machine on my LAN, LOL.
Simply add "- terraform" to a machine's Ansible playbook, then run "ansible-playbook --tags terraform playbooks/someHostname.yml" and it works. Ansible is super cool!
vince@ubuntu:~$ terraform --version
Terraform v1.3.9
on linux_amd64
vince@ubuntu:~$
References
https://www.suse.com/c/rancher_blog/managing-harvester-with-terraform/
https://docs.harvesterhci.io/v1.1/terraform/
https://github.com/harvester/terraform-provider-harvester
https://registry.terraform.io/providers/harvester/harvester/latest
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.