Skip to content

Commit

Permalink
added templates for VPC and K8s cluster creation
Browse files Browse the repository at this point in the history
  • Loading branch information
@dprosper
dprosper committed Mar 31, 2020
1 parent cf084c5 commit 183fd0c
Show file tree
Hide file tree
Showing 10 changed files with 611 additions and 1 deletion.
13 changes: 12 additions & 1 deletion README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,17 @@ Use this template to:
- configure Sysdig Teams with IAM integration,
- and monitor the deployed environment with secure access and limited visibility to the data that matters to you as the developer.

This repository features two sample applications that generate metrics that are pushed to an IBM Cloud Monitoring with Sysdig instance. The first application is written in [Node.js®](https://nodejs.org/) and deployed to the [IBM Cloud™](https://cloud.ibm.com/) Kubernetes service. The second application is written in [Go](https://golang.org/) and deployed to the [IBM Cloud™](https://cloud.ibm.com/) Kubernetes service.
## What's in this repo

This repo has the following folder structure:

* [modules](/modules): This folder contains multiple stand alone modules that are relevant to the main template.

* [vpc](/modules/vpc): Create a VPC in IBM Cloud if you do not already have one and intend to deploy in VPC.

* [k8s_cluster](/modules/k8s_cluster): Create a Kubernetes cluster in IBM Cloud, either in the Classic Infrastructure or VPC Infrastructure.

* [samples](/samples): This repository features two sample applications that generate metrics that are pushed to an IBM Cloud Monitoring with Sysdig instance. The first application is written in [Node.js®](https://nodejs.org/) and deployed to the [IBM Cloud™](https://cloud.ibm.com/) Kubernetes service. The second application is written in [Go](https://golang.org/) and deployed to the [IBM Cloud™](https://cloud.ibm.com/) Kubernetes service.

<p align="center">
<img src="docs/images/Architecture.png">
Expand Down Expand Up @@ -221,6 +231,7 @@ Tutorial: [Analyze logs and monitor application health with LogDNA and Sysdig](h
Tutorial: [Plan, create and update deployment environments](https://cloud.ibm.com/docs/tutorials?topic=solution-tutorials-plan-create-update-deployments#plan-create-update-deployments)
## License
See [License.txt](License.txt) for license information.
123 changes: 123 additions & 0 deletions docs/diagrams/Architecture.xml
View file

Large diffs are not rendered by default.

93 changes: 93 additions & 0 deletions modules/k8s_cluster/README.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,93 @@
# IBM Cloud Monitoring with Sysdig Teams

Use this template to:
- provision an IBM Cloud Kubernetes Service cluster in a classic or VPC infrastructure,

## Costs

You must have a Pay-as-You-Go account in IBM Cloud&trade; to follow the steps in this repository to create resources. Since the costs for these resources will vary, use the [Pricing Calculator](https://cloud.ibm.com/estimator/review) to generate a cost estimate based on your projected usage.

Some of the services listed above offer a limited free tier, i.e. IBM Cloud Kubernetes Service in the Classic infrastructure which you can use for testing. Please note the implication of using the free services as some will be deleted automatically after 30 days.

If you deploy paid services, make sure to delete them when they are no longer required in order to not incur charges in your account.

### Prerequisites
Before you start, make sure to have all the items completed below as the template requires them.

Determine which [region](https://cloud.ibm.com/docs/Monitoring-with-Sysdig?topic=Sysdig-endpoints) you want to use. The value we will need is in the Region column and between the parentheses,i.e jp-tok, us-south, etc...

- This template requires an IBM Cloud API Key that will run with your permissions. Either create a new API key for use by this template or provide an existing one. An API key is a unique code that is passed to an API to identify the application or user that is calling it. To prevent malicious use of an API, you can use API keys to track and control how that API is used. For more information about API keys and how to create them, see [Understanding API keys](https://cloud.ibm.com/docs/iam?topic=iam-manapikey) and [Managing user API keys](https://cloud.ibm.com/docs/iam?topic=iam-userapikey).

- [Setup the Terraform CLI and the latest IBM Cloud Provider plug-in](https://cloud.ibm.com/docs/terraform?topic=terraform-tf-provider#install_cli)


## Getting started

1. Clone this repository to your local computer.
1. From a terminal window change to the `monitoring-sysdig-teams\modules\k8s_cluster` directory.
1. Copy the **config-template** directory to a directory called **config**.

### Create the cluster

1. From a terminal window, change to the `monitoring-sysdig-teams\modules\k8s_cluster` directory.
2. Enable tracing (optional):
```sh
export TF_LOG=TRACE
```
3. Save all activities to a log file (optional):
```sh
export TF_LOG_PATH=./config/config.log
```
4. Initialize the Terraform providers and modules:
```sh
terraform init
```
5. Modify the config/config.tfvars to your own values.
```
ibmcloud_api_key = "<your_ibm_cloud_api_key>"

resource_group = "default"

region = "us-south"

resources_prefix = "<used_to_prefix_resources>"

generation = 1

flavor = "c2.2x4"

cluster_infrastructure = "vpc"

vpc_id = "<insert_vpc_id>"

subnets = {
zone-1 = "<insert_subnet_id_zone_1>"
zone-2 = "<insert_subnet_id_zone_2>"
zone-3 = "<insert_subnet_id_zone_3>"
}
```

> Note: By default the template expects the Kubernetes cluster to have been created in a VPC Infrastructure, if you are creating the cluster in the Classic infrastructure set the `cluster_infrastructure` variable to *classic*.

6. Execute terraform plan by specifying the location of variable files, state and plan file:
```sh
terraform plan -var-file=config/config.tfvars -state=config/config.tfstate -out=config/config.plan
```
7. Apply terraform plan by specifying the location of plan file:
```sh
terraform apply -state-out=config/config.tfstate config/config.plan
```

> Note: If you plan on building for multiple environments or regions, you may want to maintain separate state files for each of these environments, you can use a different `config` directory for each environment or region. Another solution is to use Terraform workspaces which is discussed in our [Plan, create and update deployment environments](https://cloud.ibm.com/docs/tutorials?topic=solution-tutorials-plan-create-update-deployments#plan-create-update-deployments) tutorial.


### Delete all resources
1. Destroy resource when done by specifying the location of variable files, and state file:
```sh
terraform destroy -var-file=config/config.tfvars -state=config/config.tfstate
```
> Note: This is not reversible all resources stored in the Terraform state will be removed.

## License

See [License.txt](License.txt) for license information.
21 changes: 21 additions & 0 deletions modules/k8s_cluster/config-template/config.tfvars
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
ibmcloud_api_key = "<your_ibm_cloud_api_key>"

resource_group = "default"

region = "us-south"

resources_prefix = "<used_to_prefix_resources>"

generation = 1

flavor = "c2.2x4"

cluster_infrastructure = "vpc"

vpc_id = "<insert_vpc_id>"

subnets = {
zone-1 = "<insert_subnet_id_zone_1>"
zone-2 = "<insert_subnet_id_zone_2>"
zone-3 = "<insert_subnet_id_zone_3>"
}
73 changes: 73 additions & 0 deletions modules/k8s_cluster/main.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,73 @@
terraform {
required_version = ">= 0.12.23"
}

provider "ibm" {
version = ">= 1.2.4"
ibmcloud_api_key = var.ibmcloud_api_key
region = var.region
ibmcloud_timeout = 300
generation = var.generation
}

data "ibm_resource_group" "group" {
name = var.resource_group
}

resource "ibm_container_vpc_cluster" "cluster" {
count = var.cluster_infrastructure == "vpc" ? 1 : 0

name = "${var.resources_prefix}-cluster"

vpc_id = var.vpc_id
flavor = var.flavor
worker_count = var.worker_count
resource_group_id = data.ibm_resource_group.group.id
kube_version = var.kube_version

zones {
subnet_id = var.subnets["zone-1"]
name = var.vpc_zones["${var.region}-availability-zone-1"]
}
zones {
subnet_id = var.subnets["zone-2"]
name = var.vpc_zones["${var.region}-availability-zone-2"]
}
zones {
subnet_id = var.subnets["zone-3"]
name = var.vpc_zones["${var.region}-availability-zone-3"]
}
}

resource "ibm_container_cluster" "cluster" {
count = var.cluster_infrastructure == "classic" ? 1 : 0

name = "${var.resources_prefix}-cluster"
datacenter = var.datacenter
machine_type = var.flavor
hardware = "shared"
public_vlan_id = var.public_vlan_id
private_vlan_id = var.private_vlan_id
subnet_id = ["1154643"]

default_pool_size = 1
}


# data "ibm_container_vpc_cluster" "cluster" {
# count = var.cluster_infrastructure == "vpc" ? 1 : 0
# cluster_name_id = var.cluster_id
# resource_group_id = data.ibm_resource_group.group.id
# }

# data "ibm_container_cluster" "cluster" {
# count = var.cluster_infrastructure == "classic" ? 1 : 0
# cluster_name_id = var.cluster_id
# resource_group_id = data.ibm_resource_group.group.id
# }

# data "ibm_container_cluster_config" "clusterConfig" {
# cluster_name_id = var.cluster_id
# resource_group_id = data.ibm_resource_group.group.id
# config_dir = "/tmp"
# }
85 changes: 85 additions & 0 deletions modules/k8s_cluster/variables.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,85 @@
variable "ibmcloud_api_key" {
description = "You IAM based API key. https://cloud.ibm.com/docs/iam?topic=iam-userapikey"
}

variable "region" {
description = "The IBM Cloud region to deploy the resources under. "
default = "us-south"
}

variable "resources_prefix" {
description = "Prefix is added to all resources that are created by this template."
}

variable "vpc_id" {
default = ""
}

variable "cluster_infrastructure" {
default = "vpc"
}

variable "generation" {
description = "The VPC generation, currently supports Gen 1. Gen 2 tested in Beta."
default = 1
}

variable "resource_group" {
description = "The resource group for all the resources created."
default = "default"
}

variable "worker_count" {
default = 1
}

variable "flavor" {
default = ""
}

variable "kube_version" {
default = "1.17.4"
}

variable "subnets" {
description = "The availability zone list for the VPC regions."

default = {}
}

variable "vpc_zones" {
description = "The availability zone list for the VPC regions."

default = {
au-syd-availability-zone-1 = "au-syd-1"
au-syd-availability-zone-2 = "au-syd-2"
au-syd-availability-zone-3 = "au-syd-3"
eu-de-availability-zone-1 = "eu-de-1"
eu-de-availability-zone-2 = "eu-de-2"
eu-de-availability-zone-3 = "eu-de-3"
eu-gb-availability-zone-1 = "eu-gb-1"
eu-gb-availability-zone-2 = "eu-gb-2"
eu-gb-availability-zone-3 = "eu-gb-3"
jp-tok-availability-zone-1 = "jp-tok-1"
jp-tok-availability-zone-2 = "jp-tok-2"
jp-tok-availability-zone-3 = "jp-tok-3"
us-south-availability-zone-1 = "us-south-1"
us-south-availability-zone-2 = "us-south-2"
us-south-availability-zone-3 = "us-south-3"
us-east-availability-zone-1 = "us-east-1"
us-east-availability-zone-2 = "us-east-2"
us-east-availability-zone-3 = "us-east-3"
}
}

variable "public_vlan_id" {
default = ""
}

variable "private_vlan_id" {
default = ""
}

variable "datacenter" {
default = ""
}
79 changes: 79 additions & 0 deletions modules/vpc/README.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,79 @@
# IBM Cloud Monitoring with Sysdig Teams

Use this template to:
- provision an IBM Cloud Virtual Proviate Cloud,

## Costs

You must have a Pay-as-You-Go account in IBM Cloud&trade; to follow the steps in this repository to create resources. Since the costs for these resources will vary, use the [Pricing Calculator](https://cloud.ibm.com/estimator/review) to generate a cost estimate based on your projected usage.

If you deploy paid services, make sure to delete them when they are no longer required in order to not incur charges in your account.

### Prerequisites
Before you start, make sure to have all the items completed below as the template requires them.

Determine which [region](https://cloud.ibm.com/docs/Monitoring-with-Sysdig?topic=Sysdig-endpoints) you want to use. The value we will need is in the Region column and between the parentheses,i.e jp-tok, us-south, etc...

- This template requires an IBM Cloud API Key that will run with your permissions. Either create a new API key for use by this template or provide an existing one. An API key is a unique code that is passed to an API to identify the application or user that is calling it. To prevent malicious use of an API, you can use API keys to track and control how that API is used. For more information about API keys and how to create them, see [Understanding API keys](https://cloud.ibm.com/docs/iam?topic=iam-manapikey) and [Managing user API keys](https://cloud.ibm.com/docs/iam?topic=iam-userapikey).

- [Setup the Terraform CLI and the latest IBM Cloud Provider plug-in](https://cloud.ibm.com/docs/terraform?topic=terraform-tf-provider#install_cli)


## Getting started

1. Clone this repository to your local computer.
1. From a terminal window change to the `monitoring-sysdig-teams\modules\vpc` directory.
1. Copy the **config-template** directory to a directory called **config**.

### Create the cluster

1. From a terminal window, change to the `monitoring-sysdig-teams\modules\vpc` directory.
2. Enable tracing (optional):
```sh
export TF_LOG=TRACE
```
3. Save all activities to a log file (optional):
```sh
export TF_LOG_PATH=./config/config.log
```
4. Initialize the Terraform providers and modules:
```sh
terraform init
```
5. Modify the config/config.tfvars to your own values.
```
ibmcloud_api_key = "<your_ibm_cloud_api_key>"

resource_group = "default"

region = "us-south"

resources_prefix = "<used_to_prefix_resources>"

generation = 1
```

> Note: By default the template expects the VPC to be created in VPC generation 1, if you are creating the cluster in the VPC generation 2 infrastructure set the `generation` variable to *2*.

6. Execute terraform plan by specifying the location of variable files, state and plan file:
```sh
terraform plan -var-file=config/config.tfvars -state=config/config.tfstate -out=config/config.plan
```
7. Apply terraform plan by specifying the location of plan file:
```sh
terraform apply -state-out=config/config.tfstate config/config.plan
```

> Note: If you plan on building for multiple environments or regions, you may want to maintain separate state files for each of these environments, you can use a different `config` directory for each environment or region. Another solution is to use Terraform workspaces which is discussed in our [Plan, create and update deployment environments](https://cloud.ibm.com/docs/tutorials?topic=solution-tutorials-plan-create-update-deployments#plan-create-update-deployments) tutorial.


### Delete all resources
1. Destroy resource when done by specifying the location of variable files, and state file:
```sh
terraform destroy -var-file=config/config.tfvars -state=config/config.tfstate
```
> Note: This is not reversible all resources stored in the Terraform state will be removed.

## License

See [License.txt](License.txt) for license information.
9 changes: 9 additions & 0 deletions modules/vpc/config-template/config.tfvars
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
ibmcloud_api_key = "<your_ibm_cloud_api_key>"

resource_group = "default"

region = "us-south"

resources_prefix = "<used_to_prefix_resources>"

generation = 1
Loading

0 comments on commit 183fd0c

Please sign in to comment.