DigitalOcean k8s with Terraform

Terraform Plans

Spin up a developer ready Kubernetes cluster in DigitalOcean using Terraform. Protected by CloudFlare; monitored with Datadog.

Prerequisites

A Terraform Cloud API key
DigitalOcean Personal Access Token
DigitalOcean Spaces Access ID and Secret Key
CloudFlare GLOBAL API key (not API token)
Datadog API key
Optional: Terraform installed locally Make sure to install > v0.12.29

Setup

Fork this repo
Store your Terraform Cloud API key as a secret called TF_API_TOKEN in the Github repo
Create a workspace in Terraform Cloud called k8s-prod-us-sfo and connect it to your forked repo
Define the below variables in the Terraform Cloud workspace

Variable	Description
`do_token`	Your DigitalOcean access token
`do_cluster_name`	Name of the Kubernetes cluster
`do_space_name`	DigitalOcean Space Name
`do_access_id`	DigitalOcean Space Access Key
`do_secret_key`	DigitalOcean Space Secret
`dd_api_key`	Datadog API Key
`cloudflare_email`	Cloudflare Account Email
`cloudflare_api_key`	GLOBAL API key for Cloudflare (not token)
`cloudflare_zone_id`	ZoneID used to create DNS record

Trigger intial plan and apply to create the state In the workspace, on app.terraform.io, click 'queue plan' Wait for the plan to complete and click 'confirm' to run the initial apply
Set workspace type to Local In the workspace, on app.terraform.io, click 'settings' -> General Change the Execution Mode to Local. This will change the runs to complete automatically via the github action on future commits.

Deployment

Pre-reqs:

Hashicorp/Vault (optional)

Automatic Deployment

Commit a code change to develop Branch
Watch 'github actions' of repo on github.com to validate the 'Planning' phase
Merge to master branch and watch 'github actions' to validate the 'Apply' phase completed succesfully
Validate on Digital Ocean that cluster has been created

Local/Manual Deployment

Clone this repo and cd into it
Run terraform init to prepare Terraform
Run terraform plan to do a dry-run
run terraform apply to apply the plan
Validate on Digital Ocean that cluster has been created.

Accessing Cluster

Click on the 'actions' of the cluster in Digital Ocean to 'Download Kube Config'
Alternatively: run get-config.sh from this repo

TODO

Allow Terraform workspace to be defined via variable
Rename do_Access_id to 'do_spaces_access_key'
Rename do_secret_key to 'do_spaces_secret_key'
Add 'troubleshooting section' to README
Fix destroy and rebuild workflow

Name		Name	Last commit message	Last commit date
Latest commit History 741 Commits
.github/workflows		.github/workflows
resources		resources
.gitattributes		.gitattributes
.gitignore		.gitignore
.terraform.lock.hcl		.terraform.lock.hcl
.terraformignore		.terraformignore
LICENSE		LICENSE
README.md		README.md
data.tf		data.tf
get-config.sh		get-config.sh
main.tf		main.tf
outputs.tf		outputs.tf
providers.tf		providers.tf
resources.tf		resources.tf
variables.tf		variables.tf

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

DigitalOcean k8s with Terraform

Terraform Plans

Prerequisites

Setup

Deployment

Pre-reqs:

Automatic Deployment

Local/Manual Deployment

Accessing Cluster

TODO

About

Contributors 2

Languages

License

fairbanksio/tf-iac-cluster

Folders and files

Latest commit

History

Repository files navigation

DigitalOcean k8s with Terraform

Terraform Plans

Prerequisites

Setup

Deployment

Pre-reqs:

Automatic Deployment

Local/Manual Deployment

Accessing Cluster

TODO

About

Topics

Resources

License

Stars

Watchers

Forks

Contributors 2

Languages