The intention is to create a go-to demo from deploying underlying infra environment to deploying Tetrate Service Express and additional addons around the application use-cases.
The Makefile in this directory provides ability to fast-forward to any point of the automated provisioning of the demo
graph TD;
all[make all] --> infra[make deploy_infra]
subgraph infra[make deploy_infra]
infra_aws[make deploy_infra_aws] -->
aws-load-balancer-controller[make deploy_addons_aws-load-balancer-controller] -->
fluxcd[make deploy_addons_fluxcd]
end
infra --> tetrate[make deploy_tetrate]
subgraph tetrate[make deploy_tetrate]
tetrate_managementplane[make deploy_tetrate_managementplane] -->
tetrate_controlplane[make deploy_tetrate_controlplane]
end
tetrate --> apps[make demo_all]
subgraph apps[make demo_all]
deploy-application[make demo_01-deploy-application] -->
mtls[make demo_02-mtls] -->
zero-trust[make demo_03-zero-trust] -->
publish-service[make demo_04-publish-service] -->
publish-api[make demo_05-publish-api]
end
apps --> describe[make describe_demo]
- terraform >= 1.5.0
- k8s >= 1.24
- AWS role configured and assumed for terraform to deploy
- Clone the repo
git clone https://github.com/tetrateio/tetrate-service-express-sandbox.git- Copy
terraform.tfvars.json.sampleto the root directory asterraform.tfvars.json
{
"name_prefix": "<YOUR UNIQUE PREFIX NAME TO BE CREATED>",
"tetrate": {
"version": "1.7.0+tse",
"image_sync_username": "<TETRATE_REPO_USERNAME>",
"image_sync_apikey": "<TETRATE_REPO_APIKEY>"
},
"k8s_clusters": {
"aws": [
{
"name": "demo1",
"region": "us-west-1",
"version": "1.26"
}
]
}
}All Make commands should be executed from root of repo as this is where the Makefile is.
# Build full demo
make all# Setup underlying clusters, registries, jumpboxes
make deploy_infra
# Deploy Tetrate Service Express Management Plane
make deploy_tetrate_managementplane
# Onboard deployed clusters
make deploy_tetrate_controlplane
# Describe the complete demo stack
make describe_demo
# Deploy the demo application
make demo_01-deploy-application
# Lunch the mTLS demo
make demo_02-mtls
# Lunch the Zero Trust demo
make demo_03-zero-trust
# Lunch the Service Publishing demo
make demo_04-publish-service
# Lunch the API Publishing demo
make demo_05-publish-api
# Fast-forward - Setup all demos
make demo_allThe completion of the above steps will result in:
- all the generated outputs will be provided under
./outputsfolder - output kubeconfig files for all the created aks clusters in format of: $cluster_name-kubeconfig
- output IP address and private key for the jumpbox (ssh username: tetrate-admin), using shell scripts login to the jumpbox, for example to reach gcp jumpbox just run the script
ssh-to-gcp-jumpbox.sh
When you are done with the environment, you can destroy it by running:
make destroyFor a quicker destroy for development purposes, you can:
- manually delete the clusters via CLI or web consoles
- run
make destroy_localto delete the terraform data
- Terraform destroys only the resources it created (
make destroy) - Terraform stores the
stateacross workspaces in different folders locally - Cleanup of aws objects created by K8s load balancer services (ELB+SGs) is automated, however based on AWS API timeouts it may require manual cleanup
| Directory | Description |
|---|---|
| infra | Infrastructure deployment modules. Provisioning of networking, jumpboxes and k8s clusters. |
| tetrate | Tetrate terraform modules to deploy Tetrate Service Express. |
| addons | Terraform modules to deploy addons such as FluxCD, etc. |
| modules | Generic and reusable terraform modules. These should not contain any specific configuration. |
| make | Makefile helpers. |
| outputs | Terraform output values for the provisioned modules. |