This repository contains a few examples to deploy Scaleway Kapsule clusters:
| Directory | Description |
|---|---|
prd/default |
A basic kapsule cluster |
prd/multi-az |
A production ready multi-az kapsule cluster |
prd/pgw |
A basic kapsule cluster with fully isolated nodes (no public ip) using a public gateway |
- Install the Scaleway CLI and initialize the configuration.
pacman -S scaleway-cliscw init
You may use profiles to differentiate between accounts/orgs/projects.
- Go into any directory depending on which config you want to use (ex:
cd prd/multi-az) - Edit the
terraform.tfvarsfile terraform init- Initializes terraformterraform apply- Deploy the environment
| Config | Isolated Nodes | Nodes with Public IPs | Public Gateway | Multi-AZ | Ingress controller | Cert-Manager |
|---|---|---|---|---|---|---|
default |
✅ | ✅ | ❌ | ❌ | ✅ | ✅ |
multi-az |
✅ | ✅ | ❌ | ✅ | ✅ | ✅ |
pgw |
✅ | ❌ | ✅ | ❌ | ✅ | ✅ |
- CNI:
cilium - Auto Upgrade - Enabled on all
clusterson a weekly basis. - Auto Heal - Enabled on all
pools, will auto-replace failing nodes. - Auto Scale - Enabled on all
pools, from2to3nodes per pool. - Placement group - Enabled to enhance the availability of nodes.
Note: the placement group limits the pools to 20 Instances, you may want to remove the placement groups if you need more nodes per pools.
The ingress controller uses an ingress-nginx deployed as a DaemonSet.
It uses Proxy-Protocol-V2 to expose the client IP in the X-Forwarded-For header.
The multi-az configuration uses multiple LoadBalancer services so that you can use DNS Round Robin to enhance the availability. (failure of an entire AZ)
DNS is not handled by this terraform but could be added too.
A certmanager is deployed in the clusters, allowing you to sign certificate with letsencript.