Print Site

Plateforme

Architecture

Requirements

• A Contabo subscription contabo
• An account of the Gandi gand

Note: You could easily adapt terraform to use another provider, it just needs to support user_data with a cloud-init compatible syntax.

Applying

Follow the steps in README.md to apply the infrastructure.

Index

• 1. Install
• 2. Help

Install PaaS for debug on a single machine

---

This PaaS solution targets a contabo VPS or a local machine with libvirt. This one will be based on kubernetes for the containerization and dex for the k8S accesses and an oauth proxy for hosted web apps.

The optics of this tooling will follow :

• The principle of immutable infrastructure with the idea of recreating rather than updating. Thus we will use ready linux iso to deploy the kubernetes / waypoint platform directly on a server.

• The principle infrastructure as code (IaC) by keeping all the specification of our infrastructure in configurations and scripts. We will also use basic tests of our configurations.

For this we will use a technical base composed of :

• rke2 A Kubernetes distribution built for production workloads. It is a CNCF-certified Kubernetes distribution that provides a simple and easy-to-use installation process, as well as a number of features that make it well-suited for production environments.
• Nix Os to create iso images of linux machines
• Terraform to control many cloud platforms like Gandi, Contabo, GitHub, kubernetes...

Note : Here we are only using single node mode

Secure ssh connections

After applying infrastructure to terraform you will be able to log in ssh with :

ssh user@device-name

Help

FAQ

I tried several times the vm provision with different configurations forcing me to apply / destroy the stack several times. However, now I can't access the url with a dns error ?

It is probably the dns cache that returns the ip entry of an old vm because the time to live has not yet expired. For that in chrome we must clean this cache to make as if we had never been on the site. In your chrome browser chrome://net-internals/#dns do a "clear host cache" and try again.

Also you can use a global flush cache if it still doesn't work:

• for google dns
• for cloudflare dns

For real world testing, it's best to use different dex_hostname and paas_hostname entries that you don't use for one environment (staging or production).

Kubernetes on Vscode

To consolidate the debugging of our dev ops environment we can integrate our kubernetes cluster into the vscode IDE.

We will fetch the kubeconfig in our container that embeds K3s and the cluster.

Copy the kube config k3s with :

docker cp node-0:/etc/rancher/rke2/rke2.yaml ~/.kube/config

If you don't have kubectl locally:

• For mac
• For Wsl / Linux

Then we check with kubectl cluster-info which should give us the information of the k3s node.

Then on vscode use these user parameters to see and use the cluster

To show the path to home cd ~ && pwd && cd -

.vscode/settings.json

    "vs-kubernetes": {
        "vs-kubernetes.knownKubeconfigs": [
            "<path-to-home>/.kube/config"
        ],
        "vs-kubernetes.kubeconfig": [ "<Path-to-home>/.kube/config"
    }

And there you have access to an interface to control your cluster directly from vscode. Use this json configuration as much as you want in your application repositories to have a production-like experience.

Sources

• packer-kvm
• coredns wildcard