Managing a Kubernetes Cluster Using Terraform
Table of Contents
1. Introduction
2. Prerequisites
3. Creating our First GKE Cluster Using Terraform
3.1 Terraform Providers
3.2 Terraform Resources
3.3 Terraform Plan
3.4 Terraform Apply
4. Updating Resources with Terraform
5. Destroying a Cluster Using Terraform
6. Conclusion
1. Introduction
Kubernetes (K8s) is one of the most popular open-source container orchestration and scheduling tools. Google developed it, but it is not the only contributor. Many other independent developers and companies like Red Hat, Huawei, Microsoft, and IBM contribute to the development of this tool.
Kubernetes has a client/server architecture. In a Kubernetes cluster, you will always find a master and worker(s). The master or the Kubernetes Control Plane acts as a controlling node. The master is made of multiple components like kube-scheduler, kube-apiserver, etcd, kube-controller-manager. By default, a Kubernetes cluster has one master, but it is possible to set up a multi-master Kubernetes cluster. In both cases, a master controls worker nodes.
A node, previously known as a minion, is a worker machine, usually a VM, but can also be a bare-metal machine. Each node comprises the required services used by the master to manage pods. e.g., Kubelet, the container runtime, and kube-proxy.
By looking at the Kubernetes architecture, we realize that it’s a complex system. This complexity is somehow required to create such a resilient and abstract system. The complexity is not just functional but lies in the deployment and the maintenance of a Kubernetes cluster.
To create your own Kubernetes cluster, you should provision your own resources and certificates. Generate your own Kubernetes configurations for authentication, manage the data encryption, bootstrap the etcd cluster, control plane, worker nodes, manager pod networking routes, setup the DNS add-on, and smoke-test it. Some open-source tools can help you in doing this, still deploying and managing your own Kubernetes cluster is not an easy task. This is the reason many companies choose the ease of using managed Kubernetes clusters like GKE.
Cloud-managed clusters make using Kubernetes easier since you don’t need to maintain your cluster and its dependencies. With IaC (infrastructure as code), bootstrapping a Kubernetes cluster is even easier. It also has many advantages since it allows you to create and maintain different Kubernetes environments; you can also add your infrastructure to version control and share it across teams and individuals.
One of the pillars of DevOps is the self-service infrastructure. Tools like Terraform allows you to create and validate infrastructure templates to use and reuse for on-demand provisioning. In this blog post, we are going to use Terraform and create an infrastructure template for GKE clusters.
2. Prerequisites
Before starting, you should have a valid Google Cloud account. The second step is activating the Kubernetes Engine API by selecting or creating a project. Make sure that you have a billing account linked to your project.
Once the API is activated, which can take a few minutes, you should install the Google Cloud SDK.
After installing the SDK, we need to set the project using Cloud Shell:
gcloud config set project <project-id>Set a compute zone:
gcloud config set compute/zone <compute-zone>Note that you can get a list of available zones using:
gcloud config set compute/zone compute-zoneNow you can test creating a cluster using:
gcloud container clusters create <cluster_name>Terraform interacts with Google Cloud Platform API. A good practice here is creating a Service Account that will be used by only Terraform. This will give us more control and makes managing security more flexible.
In the Cloud Console, click on “IAM & Admin” -> “Service Accounts”, and click on “Create a Service Account”.
Give the Service Account a name, and give it the role “Project Editor”. You will be asked to generate and download a JSON key for this account, do it and save it to:
<project>/auth/serviceaccount.json<project> is your project folder where you will create the Terraform template. You can also add a .gitignore file to ignore the credentials as well as other unused files:
We additionally need to install Terraform. It’s a binary package, so there is nothing complicated. You need to download the binary and make it executable. To download Terraform, use the official download page, select your OS and download the binary.
3. Creating our First GKE Cluster Using Terraform
3.1 Terraform Providers
Terraform can interact with many cloud providers like AWS, Azure, and GCP. For each cloud, Terraform needs a kind of a driver to interface with the cloud API for authentication and management. This “driver” is called Provider.
Let’s create a provider for GCP. Create “provider.tf” file and paste the following code:
…
To finish reading this article, check out the full post on the MetricFire website.
