Leveraging Terraform, which is an infrastructure-as-code [IaC] provider, with Shipa, which is an application-as-code [AaC] platform, is a great match. Using both technologies together is becoming more mature and there have been some great pieces around the art of the possible between the two platforms. Though if you are unfamiliar with both, this guide will get you up and started with both Terraform and Shipa together. In this example will be using Terraform to create all of the necessary Shipa resources to deploy to a Kubernetes cluster.
Getting Started with Terraform and Shipa
This example will require Terraform, Shipa Cloud, and a Kubernetes cluster. If using a Mac and you don’t have Terraform installed, you can simply use Homebrew.
brew install terraform terraform version
Next will be Shipa Cloud. You can sign up from the Shipa website. In our latest cloud release, you can now use an OAuth provider to sign up with e.g Github or Google or just use an email address.
Next you can download and wire the Shipa CLI to your Shipa Cloud Instance.
curl -s https://storage.googleapis.com/shipa-client/install.sh | bash shipa target add shipa-cloud target.shipa.cloud --set-current shipa login shipa version
Lastly you will need a Kubernetes cluster. Any of the major cloud vendors’ Kubernetes offerings such as EKS will work or you can leverage a local cluster like k3d or minikube. Assuming you have a cluster that is spun up and kubectl wired to that cluster, Shipa does use a service account to perform actions on your behalf. The Shipa Documentation has the Kubernetes manifest for this.
Then just apply the manifest.
kubectl apply -f shipa-admin-service-account.yaml
With that out of the way, you are now ready to create some Shipa Objects with Terraform.
Terraform and Shipa Wiring
All the prerequisites are there so now you are ready to leverage Terraform to create Shipa Objects. To deploy using Shipa, you will need to create a Framework, Cluster, and Application.
Creating a Cluster requires the Kubernetes API address, an authentication token based off the service account, and a certificate.
A great place to start is with this archetype project from one of our software engineers, Daniel. You can also take a look at the Shipa Documentation around Terraform for some more templates. Assuming that you start with Daniel’s archetype, I made a few tweaks for this example to leverage Shipa Cloud defaults, which you can clone here.
You can download or clone the files and run them by hand if you are comfortable with an IDE like Visual Studio Code, can import the project and wire in the needed variables.
If using Visual Studio, clone https://github.com/ravilach/tprovider.git
Once imported, can work on wiring up the environmental variables [<local_folder>env/dist.tfvars] and fill out required pieces. We will be deploying the WordPress image as an example.
Since this Terraform module will create a Shipa Framework for us, we can immediately wire in the Framework name and go ahead and wire in the Application Name and Image.
framework_name=”wordpressdev”
app_name=”wordpress”
app_image=”docker.io/wordpress”
The next piece to wire in is a Shipa Cloud Authentication token.
shipa token show
Now you can wire that into env/dist.tfvars.
The last piece needed will be the Kubernetes specific pieces. The cluster name will be how the cluster appears in Shipa, So you can wire in a name immediately.
cluster_name=”mightykubernetes”
Here are the kubectl commands to get the Kubernetes API Endpoint [cluster_ip], token, and certificate.
#cluster_ip kubectl cluster-info | grep 'Kubernetes' | awk '/http/ {print $NF}'
#cluster_token kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep shipa-admin | awk '{print $1}')
#cluster_cacert kubectl get secret $(kubectl get secret | grep default-token | awk '{print $1}') -o jsonpath='{.data.ca.crt}' | base64 --decode
Note: If using the GitHub archetype project, you don’t need to copy in the “-BEGIN-” and “-END-” lines Terraform will append these for you.
Wire these into env/dist.tfvars.
Your environmental/input variables should look something like this when wired.
Now you are ready to run some Terraform.
Execute your Terraform
Now you are ready to run some Terraform. In three commands, you will be on your way.
In Terminal if you have not, CD into the directory with the “00-deploy,tf” file or your main.tf if writing by hand.
The first item is to install the Shipa Terraform Provider.
terraform init
Now you are ready to do a dry-run with Terraform.
terraform plan -var-file="env/dist.tfvars”
Once that looks good, you are ready to execute/apply Terraform.
terraform apply -var-file="env/dist.tfvars" -auto-approve
You can watch the progress on in Terraform CLI and Shipa UI.
And in the UI.
Now you can navigate back in the Shipa UI and get an endpoint address for your newly deployed WordPress Image.
Shipa Cloud -> Applications -> wordpress
Click on or copy the endpoint
And ta-da! You are all set with Terraform and Shipa.
Learn More From Your Friends at Shipa
Using an IaC and Shipa together is a powerful combination. Recently Shipa was invited to talk at an HashiCorp event where we showed off the integration and art of the possible. Also hope to catch you and one of our upcoming webinars where we dive a little deeper into IaC and AaC [Application-as-Code] concepts.
Cheers,
-Ravi