University/course_deploying_an_application_with_ske
8
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
course_deploying_an_applica.../module4/tf/README.md

1.6 KiB
Raw Permalink Blame History

Terraform

Create service account

  • Install CLI tool: https://github.com/stackitcloud/stackit-cli/blob/main/INSTALLATION.md

  • stackit auth login

  • stackit project list

  • stackit config set --project-id PROJECTx-IDyy-zzzz-aaaa-DUMMYbbbbbbb

  • stackit service-account create --name terraform

  • stackit service-account list

  • stackit service-account key create --email terraform-vsPzcS7@sa.stackit.cloud > sa_key.json

  • stackit service-account key list --email terraform-vsPzcS7@sa.stackit.cloud

  • stackit project member add terraform-vsPzcS7@sa.stackit.cloud --role editor

S3 Backend for tfstate

stackit object-storage enable

Note: The name must be globally unique. Use only lowercase letters, numbers or hyphens. The name should be at least 3 and at most 63 characters long.

Lets use something kinda random, to have a higher chance of catching an free bucket name:

  • stackit object-storage bucket create tfstate-bucket-g5el

  • stackit object-storage credentials-group create --name terraform-state

  • stackit object-storage credentials create --credentials-group-id CREDGROU-Pxxx-IDzz-aaaa-DUMMYbbbbbbb

  • terraform init --backend-config=./config.s3.tfbackend

Now we can start using Terraform.

Connect to created SKE cluster

  • stackit ske cluster list
  • stackit ske kubeconfig create scrumlr --login
  • --login ensures that authentication is performed with the stackit CLI and very short-lived credentials are used in the background, without this flag the credentials are static and and usually have a longer lifetime. If the credentials are obtained without the --login flag, they must be renewed manually.