Recently I’ve been working on a project for the Buffalo Kubernetes Meetup, we want to provide users with a sandbox environment to hack around in, or perhaps even do some sort of workshop or scavenger hunt.
However, we have a few constraints; predominately cost. Whatever the solution, it needs to be stood up fast, and deleted fast. Once delete there can’t be any leftover resources because those cost money.
We also have users that very interested in using CNCF technologies outside of Kubernetes. Since we need to configure a VPC anyway this was a good time to get some Terraform. automation.
Current Functionality
Keep in mind it’s still a work in progress but so far the feature are:
- Stands up a VPC
- Configures all the networking
- Deploys a highly available control plane
- Adds in Calico CNI for networking and network policy enforcement
- Configures Nginx Ingress as an Ingress resource
Future Functionality
Future plans include adding support for:
- OIDC Authentication with Dex and GitHub Orgs.
- External-DNS with route53
- cert-manager
- monitoring.
Call to Arms
You can find the work here: https://github.com/dmolik/bflo-kube-tf which currently spins this entire deployment in roughly 3 minutes.
I would really appreciate any critical feedback, feature requests, or help you can offer. Also, I’m a terrible speller, feel free to PR those grammer fixes!
Resources Used
There are several existing resources which have been leveraged for this solution: