FILA3 Voting App Terraform Project
Table of Content
Objectives
The objective is to use only Terraform to deploy the voting app.
The tutorial on Terraform did not give you all elements for this project: it was on purpose. The point is for you to learn how to seek information in providers and other documentations. But most elements in the tutorials can be directly applied.
Different levels are possible, the more advancement you make the better. Part 1 and Part 2 are mandatory.
Part 1 - Local Docker deployment
In this first part, you must write Terraform code that deploys the application with the Docker provider.
The app will thus be deployed locally inside containers on your machine.
Use the given docker-compose.yml
as a reference configuration.
TIP: Recall that a Docker Compose "service" creates a DNS records accessible by other containers.
Terraform does not do that, so you will need to add the relevant host
configurations.
Part 2 - GKE and Kubernetes
In this second part, you must write code that deploys the application onto a Kubernetes cluster provisioned with Terraform on GKE.
Google and Kubernetes providers will be thus be used. Unlike the tutorials and for simplicity, configure the cluster to be in the GCP predefined default
network.
Use the given manifests in k8s-manifests/
.
TIP: Add deletion_protection = true
to the cluster resource so that $ terraform destroy
will be able to delete the cluster.
TIP: You can use the kubernetes_manifest
resource and provide any YAML manifest file directly.
IMPORTANT: Make sure to organize your Terraform code well. Attention will be given to your organization (modules, directories, files)
Part 3 optional - GKE, Kubernetes and offloaded Redis
In this last part, you must deploy with Terraform the Redis
database inside a VM on GCP rather than on the cluster.
To install Redis upon startup of the VM, use the given install-redis.sh.tftpl
template script in the metadata_startup_script
attribute.
This database must be available to the other components of the application located on the GKE cluster.
TIP: You will need a google_compute_firewall
resource to allow port 6379
on source_ranges
0.0.0.0/0
.
Don't forgot to link the firewall rule to the VM through a shared tag.
TIP: vote and worker need to be aware of the Redis host IP and password.
Debugging tips
-
Ping from inside a Deployment's pod:
- Launch bash on a pod, e.g.:
kubectl exec deployments/vote-deplt -it -- bash
then - Install the
ping
command:apt update; apt install iputils-ping
- Check connectivity:
ping redis -p 6379
- Launch bash on a pod, e.g.:
-
Pod for debugging networking: https://hub.docker.com/r/rtsp/net-tools
- Start the pod:
kubectl run net-debug --image rtsp/net-tools
, then - Launch an interactive bash session:
kubectl exec net-debug -it -- bash
or - Launch a single command, e.g.:
kubectl exec net-debug -- nslookup redis
- Start the pod:
-
Pod for debugging Redis:
- Start the pod:
kubectl run redis-debug --image redis:alpine
- Check the connection:
kubectl exec redis-debug -it -- redis-cli -h redis -pass '{yourpassword}'
- Start the pod:
-
Start a SSH connection on the GCP VM:
gcloud compute ssh {VM_NAME}
Destroy everything
Do not forgot to destroy all resources, especially the K8S cluster.
$ terraform destroy
If you forgot to add deletion_protection = true
in the Terraform cluster resource, you can modify the state directly.
This is not good practice.
sed -e '/deletion_protection/s/true/false/' -i terraform.tfstate