This project will help you to up a infrastructure in Google Cloud Platform with just a few commands using Terraform
- Create an account on Google Cloud Platform
- Create a service account by navigating to
Navigation Menu > IAM & Admin > Service Accounts > Create Service Account. Select theCompute Engine Service AgentandKubernetes Engine Service Agentroles for this service account. - After creating a service account, generate credentials. Access your service account, navigate to
KEYS, and create a new key in JSON format.
- Create an account on Cloudflare. Cloudflare offers a free plan.
- Add a new website, to do this, you should have a registered domain. Learn more by watching this video.
- After creating the website, in the overview section, copy the two nameservers. Go to the site where you bought your domain and set up DNS. After completing this step, wait for the settings to take effect.
We will use Terraform Cloud to store terraform state in a remote storage. With centralized state, any person in your team can contribute and modify your infrastructure.
- Create an account on Terraform Cloud.
- In organization page, navigate to
Settings > Variables setsto configure globals variables. Mark optionApply to specific projects and workspacesand choose what project you can grant access to this variables. Set the following variables:GOOGLE_CREDENTIALS: The service account JSON key generated in Google Cloud Platform. This variable must be in uppercase.google_project_id: Your Google Project ID.
- After creating an account, run the following command in your terminal:
terraform login.
A variable
GOOGLE_CREDENTIALSis a JSON file, you should run the command below to get JSON file data and parse to string before you save variable in Terraform Cloud:
cat /path/to/file.json | tr -s '\n' ' 'As you can see, inside the
devdirectory, we have 3 directories (cluster,kubernetes, andintegration).The steps below will be very similar within each of the 3 directories; the only thing that will change is the environment variables.
In the
.env.examplefile, we have comments indicating where the variables are used. After running theterraform initcommand within each folder, a workspace will be created in Terraform Cloud. We should configure the variables only in the corresponding workspace.
- In the project, go to the
/terraform/roots/dev/clusterdirectory and runterraform init. This command will sync with your Terraform Cloud account and create a new workspace. Remember to change the Terraform Cloud organization name in themain.tffile to your organization's name. - Navigate to the Terraform Cloud website, access the created workspace named
gke_cluster_dev, go toSettings, and modify theTerraform Working Directoryoption by setting its value to./terraform/roots/dev/cluster. - Return to the root of your workspace, then go to
Variablesand configure the following variables:google_service_account_email: Your Google Service Account email.
- All set! Finally, you can run
terraform planto preview the resources that will be created and then executeterraform apply. Remembering that command inside directoryclusteronly create GKE with one node. - The
integrationworkspace variables:cloudflare_email: Email of your Cloudflare Accountcloudflare_api_key: Your Cloudflare Account api keycloudflare_zone_id: After created a website, in the overview section you can see in right side the propertyZone IDcert_manager_acme_email: An email to receive alerts about your certificate
In the project root, inside k8s-manifests, you can modify the ingress.yaml file and change all references of the subdomain.domain.com.br value to your desired value. The subdomain can be anything, but not the domain.
Run the kubectl apply command to apply manifests in your cluster. Remember to follow the order of the commands as shown below.
kubectl apply -f secrets.yaml
kubectl apply -f deployment.yaml
kubectl apply -f hpa.yaml
kubectl apply -f service.yaml
kubectl apply -f ingress.yamlGo to your web browser and try to access the domain you set up in ingress.yaml. If the nginx welcome page is displayed, congratulations!!!