/cloud-migration

Primary LanguageHCLMozilla Public License 2.0MPL-2.0

Cloud Migration with Network Automation & Service Mesh

Pre-requisites

Check out the AWS ALB Listener Rule Terraform module, which is use by Consul Terraform Sync configuration.

Usage

  1. Go into datacenter and run terraform apply.

  2. Go into cloud and run terraform apply.

  3. Go into datacenter and update the variable for enable_peering = true. Run terraform apply to accept the peering connection from cloud.

  4. Set kubectl to the AWS EKS cluster in cloud.

    aws eks --region us-west-2 update-kubeconfig --name cloud

  5. Change directory into cloud-deployments.

    cd cloud-deployments

  6. Copy credentials.example to credentials.

    cp credentials.example credentials

  7. In credentials, add the AWS role ARN and the Kubernetes context for EKS clusters.

  8. Deploy Consul Helm chart, ingress gateway configuration, and application to Kubernetes.

    terraform apply -var-file=credentials

  9. Change directory into datacenter.

    cd datacenter

  10. Get the Terraform outputs, including the load balancer, target groups, and VPC ID. Copy the values, you will need them for canary/datacenter.module.tfvars.

    terraform output

  11. Go into canary.

    cd canary

  12. Copy datacenter.module.tfvars.example to datacenter.module.tfvars.

    cp datacenter.module.tfvars.example datacenter.module.tfvars

  13. Paste the Terraform outputs, including load balancer, target groups, and VPC ID.

  14. Copy credentials.example to credentials.

    cp credentials.example credentials

  15. In credentials, add the AWS secrets and role assumption information.

  16. Deploy Consul Terraform Sync to Kubernetes.

    terraform apply -var-file=credentials

  17. To verify everything is working, get the load balancer's DNS and issue an HTTP GET request with the Host header set to my-application.my-company.net.

    curl -H 'Host:my-application.my-company.net' my-application-1971614036.us-east-2.elb.amazonaws.com

Caveats

  • In this demo, the "cloud" application is hosted on Kubernetes (for ease of deployment).

  • The ALB mimics a datacenter load balancer.

  • The configuration peers two VPCs in two different regions.

  • You would ideally configure your Kubernetes pod with an AWS IAM role for configuring a load balancer. To abstract away as many AWS constructs as possible, this demo passes the credentials to CTS directly to mimic the passing of any provider credentials.

  • Consul Terraform Sync is deployed to Kubernetes so that the daemon continuously runs. It uses a Docker image built by canary/Dockerfile.