This Terraform project provides Infrastructure as Code (IaC) for managing the core services and metrics deployed on VKE. It automates the provisioning and management of infrastructure resources required to deploy and maintain core services, applications, and associated monitoring infrastructure.
These instructions will help you set up and deploy the Terraform project.
- Terraform installed on your local machine.
- Vultr Cloud Provider
- Google Cloud Platform (Optional, for unsealing Vault)
- Clone this repository.
- Navigate to the project directory.
- Run
terraform initto initialize the project.
Set the following environment variable before running Terraform commands:
TF_VAR_vultr_api_key: Your Vultr API key.TERRAFORM_VAULT_PASSWORD: Your Vault Password.TF_VAR_oidc_argo{ clientId: "", clientSecret: "" }: (Dex -> Github clientId/secret for ArgoCD)TF_VAR_oidc_vault{ clientId: "", clientSecret: "" }: (Dex -> Github clientId/secret for Vault)TF_VAR_oidc_tailscale{ clientId: "", clientSecret: "" }: (Kubernetes -> Tailscale VPN clientId/secret)
- Make desired changes to the Terraform configuration.
- Run
terraform planto see the execution plan. - If the plan looks good, run
terraform applyto apply the changes.
gcp-key-secretkey.json should be set to a GCP Service Account key for Vault auto-sealing.
- A userpass with username
Terraformwill need to be created manually with policy inconfig/vault/terraform_policy_manual.hclfor the env varTERRAFORM_VAULT_PASSWORD
To tear down the infrastructure created by Terraform:
- Run
terraform destroy. - Confirm the action.