16Mar

Managing Kubernetes using Terraform

Managing Kubernetes using TerraformKubernetes has continued in its strive to influence the tech space with its flexibility and portability in container orchestration. And with its continuous strive, there has been an increasing need to connect, configure and manage Kubernetes with other tools and resources of your choice. This has brought about the creation of more automation products, infrastructure, and features to satisfy this increasing need.

Terraform is one of the tools offering the best way to manage and configure Kubernetes. It is a popular and most commonly used infrastructure-as-code product that includes a connector to Kubernetes, this connector is called Kubernetes provider.

Terraform in comparison with other similar tools stands out because of its ability to provision infrastructure using templates. The templates are created describing the resources that you’ll have as your infrastructure before deploying it. With terraform, you get to describe the details of your infrastructure-as-code, and Terraform does the provisioning.

While Terraform allows you to script your infrastructure, other tools like Ansible are just configuration management that helps to automate the configuration of software and systems on the infrastructure that has already been provisioned

Let’s take a look at why Terraform is a good tool for provisioning Kubernetes cluster:

  • Terraform allows the user to maintain Kubernetes cluster definitions in the code.
  • It uses the same declarative syntax for the lower underlying infrastructure provisioning.
  • With Terraform, you can modify your Kubernetes clusters through variables.
  • It has a dry-run feature for modifications made to a Kubernetes cluster before the changes made are applied.
  • One important benefit of Terraform has to be its ability to use the same configuration language for provisioning Kubernetes and deploying the applications into it.
  • With terraform, only one single command is required to create, update and delete pods and resources without the need to check APIs that’ll identify these resources.
  • Terraform acknowledges the relationships between resources and also modularizes the infrastructure in the code.
  • Terraform shortens the product delivery time as it aids disaster recovery time and release issues.

Having talked about the benefits of Terraform for Kubernetes, let us move on to learning a little about how it works.

It is important to note that the Terraform Kubernetes provider does not build and deploy Kubernetes clusters, that is, it requires the Kubernetes cluster to be running already before it can be used. To know a little bit of how Terraform Kubernetes provider works, we’ll take a look at a use case.

A use case of the Terraform Kubernetes provider

The best way to work with or interact with Terraform Kubernetes provider is to configure the Kubernetes provider by creating a name-space, then deploy the application in a pod and finally expose the pod to the users as a service. Meanwhile, to do all these, you need to have your Kubernetes cluster up and running. We have explained the three steps below:

Step 1: Configure our Kubernetes provider

The first step to using the Terraform Kubernetes provider is to configure our Kubernetes provider. To do that we are going to create a configuration file at ~/.kube/config. To then have the config contained in the Terraform instance, it’ll look like the code block below:

provider "kubernetes" {
   host = "https://0.0.0.0"
}

Step 2: Deploy the pod

Terraform provisions a pod in which Kubernetes manages the containers in it. A pod usually contains one or more containers that are scheduled on cluster nodes based on the memory available.

Here, we use Terraform to create our pod, while we expose port 80 to the users.

resource "kubernetes_pod" "example" {
  metadata {
    name = "example-test"
    labels {
      App = "example"
    }
  }

  spec {
    container {
      image = "example/http-echo:0.1.0"
      name  = "example-test"

      port {
        container_port = 80
      }
    }
  }
}

Step 3: Expose the pod with a service

The next step after our pod is created is to expose it to the users by provisioning a service. Service has the capability of managing the relationship between the load-balancer and the pod.

resource "kubernetes_service" "example" {
  metadata {
    name = "example-test"
  }
  spec {
    selector {
      App = "${kubernetes_pod.example.metadata.0.labels.App}"
    }
    port {
      port        = 80
      target_port = 80
    }
    type = "LoadBalancer"
}
}

output "load_balancer_ip" {
  value = "${kubernetes_service.example.load_balancer_ingress.0.ip}"
}

This Terraform configuration also specifies an output that prints the IP of the load balancer so as to make it easy for the operator to access it. This output comes as an addition to specifying the service function of Terraform.

Step 4: Verify that the application is working

Having done all the necessary configurations, it’s imperative that we verify that all that we did works. We can verify that the application is running by using curl from the terminal.

$ curl -s $(terraform output load_balancer_ip)

Now, open your favorite browser and enter the IP address, if everything worked as it should, you should see your welcome page.

Configurations passed into the container instances use config_map, which is actually not a good way to take care of sensitive things. If at all you need to have sensitive information, such as passwords, in your container instances, and you don’t necessarily want to expose them to the entire cluster, Terraform Kubernetes provider has a tool called kubernetes_secrets.

Kubernetes_secrets creates a secret resource by default and makes the resource available to any pod in that name-space.

Example of the usage of Kubernetes_secret

resource "kubernetes_secret" "example" {
  metadata {
    name = "example-test"
  }

  data = {
    username = "admin"
    password = "GuessPassword"
  }

  type = "kubernetes.io/basic-auth"
}

The secrets can then be imported by running the command below in your terminal:

$ terraform import kubernetes_secret.example default/my-secret

Terraform directly provisions Storage and Persistent Volumes. Meanwhile, provisioning Storage Class using Terraform to all volumes while being managed by Kubernetes is best practice. And it’s important for scalability and control.

Conclusion

Terraform makes it easy to manage Kubernetes clusters and Kubernetes resources effectively. It gives organizations the opportunity to work with infrastructure-as-code, management of cloud platforms and also the opportunity to create modules for self-service infrastructure. Terraform Kubernetes provider gives organizations all the required tools necessary to manage Kubernetes clusters in the environment.

To learn more about Terraform Kubernetes Provider, take a look at this: Managing Kubernetes with Terraform.

Programming Patterns. Introduction

Patterns are the part of programming that needs to be studied regardless of the specific language, so that doesn’t matter what exactly you use: C, C++, C# or JavaScript, each of them uses some of the programming patterns, but there is the most interesting point how to implement the concept according to language specifics.

Leave a Reply