We value your privacy
| Components | |
|---|---|
| DigitalOcean Container Registry | |
| DigitalOcean Kubernetes Cluster | |
| DigitalOcean VPC | |
| Kubernetes ESO | |
| DNS Management |
Cloudflare
|
| Infrastructure CI/CD pipeline |
Drone CI
|
| Ingress Controller |
Traefik
|
| Object Storage | Spaces Buckets |
| SQL Database | MySQL/PostgreSQL |
| Helm Chart | |
| Setup by Corewide team | |
| Post-implementation training | |
| 2-week warranty support | |
| Documentation |
Once you have a Corewide Solutions Portal account, this one-time action will use your browser session to retrieve credentials:
shellterraform login solutions.corewide.com
Download Infrasnap archive from My Library page, unpack it to a new directory and initialize a new project there:
shellcd infrasnap/
git init
git add .
Follow the instructions in README.md:
terraform.tfvars, or using environment variables)
infrasnap.yml parameters based on the reference belowbackend.tf
Initialize the setup, create the environment you configured in infrasnap.yml and
provision
the infrastructure:
shellterraform init
terraform workspace new <environment_name>
terraform workspace select <environment_name>
terraform apply
| Variable | Description | Type | Default | Required | Sensitive |
|---|---|---|---|---|---|
project_name |
Project name to use for resource naming | string |
yes | no | |
config |
Infrasnap configuration data | any |
{} |
no | no |
config_file |
Path to a YAML file with Infrasnap configuration data | string |
./infrasnap.yml |
no | no |
do_api_token |
API token to make programmatic calls to DigitalOcean (can be set as DIGITALOCEAN_TOKEN) |
string |
no | yes | |
do_secret_spaces_key |
Access key to make programmatic calls to DigitalOcean space bucket. This can also be sourced from the SPACES_SECRET_ACCESS_KEY Environment Variable |
string |
no | yes | |
do_spaces_key_id |
ID of access key to make programmatic calls to DigitalOcean space bucket. This can also be sourced from the SPACES_ACCESS_KEY_ID Environment Variable |
string |
no | yes | |
cloudflare_api_token |
Cloudflare API token with DNS management permissions for all DNS zones managed in the setup. This can also be sourced from the CLOUDFLARE_API_TOKEN environment variable |
string |
no | yes |
| Variable | Description | Type | Default |
|---|---|---|---|
region |
DigitalOcean region to place the resources into | string |
nyc1 |
vpc_cidr |
CIDR block for VPC of this environment | string |
10.20.0.0/16 |
container_registry_workspace |
Environment where container registry must be created. Leave blank to not create at all if a third-party registry is used instead | string |
development |
k8s_version |
Kubernetes engine version to deploy the cluster with | string |
1.30 |
k8s_node_pools |
List of Kubernetes node pool definitions | list |
[{'name': 'main', 'labels': {}, 'max_size': 3, 'node_size': 's-2vcpu-4gb'}] |
k8s_node_pools[*].name |
Name of the node pool to create | string |
main |
k8s_node_pools[*].node_size |
Machine type to use for all nodes in this node pool | string |
s-2vcpu-4gb |
k8s_node_pools[*].max_size |
Maximum number of nodes in the node pool (for autoscaling) | number |
3 |
k8s_node_pools[*].labels |
Labels to add to the nodes of this node pool | map |
{} |
k8s_multimaster |
Whether the Kubernetes cluster must be highly available | bool |
true |
dns_zone_create |
Whether to create DNS zone or use the existing one | bool |
false |
dns_zone |
DNS zone in which to create records, disable to reuse the same zone from another workspace | string |
example.com |
dns_records_k8s |
A list of subdomains that must point at Ingress LoadBalancer | list |
|
dns_proxied_records_k8s |
A list of subdomains that must be proxied by Cloudflare and point at Ingress LoadBalancer | list |
|
dns_records |
List of extra records that do not point at Ingress LoadBalancer See module_docs for complete reference | map |
|
dns_records.www |
Name of the DNS record | map |
|
dns_records.www.type |
The type of the record. Possible values are: A, AAAA, CNAME, MX, NS and TXT |
string |
CNAME |
dns_records.www.value |
The content of the record | list |
['test'] |
cloudflare_account_id |
Cloudflare account ID in which to manage the DNS zone resources | NoneType |
|
cert_manager_email |
E-mail that Let's Encrypt cluster issuer will use to request certificates | string |
[email protected] |
buckets |
Buckets definitions to create | map |
|
buckets.my-bucket |
Bucket name | map |
|
buckets.my-bucket.access_mode |
Spaces bucket access mode. Allowed values: private, public-read | string |
private |
buckets.my-bucket.versioning |
Enable versioning for the bucket | bool |
false |
sql_database_engine |
Database engine. Supported values are: mysql for MySQL and pg or postgres for PostreSQL |
string |
postgres |
sql_database_engine_version |
Version for current database engine. If not specified 16 considered as default for pg engine. Not applicable to mysql engine 8 is the only available version for mysql |
number |
16 |
sql_database_machine_size |
Node size for the managed database. Supported values | string |
db-s-1vcpu-1gb |
sql_database_disk_size |
Size of SQL Database instance disk | number |
10 |
sql_databases_list |
List of databases to create | list |
| Output | Description | Type | Sensitive |
|---|---|---|---|
app_namespace |
Kubernetes namespace to deploy the application to | attribute |
no |
cluster_connection_cli |
CLI command to connect to the cluster | computed |
no |
name_servers |
Name servers of DNS zone managed in this workspace | attribute |
no |
bucket_names |
List of bucket names | list(attribute) |
no |
database_k8s_secret_names |
List of K8s secret names containing database connection parameters | list(attribute) |
no |