Developing Infrastructure

Under Construction

This page is still being written

We strive to add or change infrastructure through declarative programming practices, where a desired state is coded into files that are then pushed to manage infrastructure.

Infrastructure Configuration Requirements

Brand New Virtual Machines

Brand new VM's need to be configured with the ansible user before performing configuration changes.

If you are creating or changing infrastructure you will need these tools:

• Ansible
• Helm
• Terraform

Infrastructure Tool Usage

Ansible

Ansible is used to bulk update virtual machines. Ansible connects to VM's via a pre-defined SSH key (certs-keys/ansible/id_rsa), and then runs imperative scripts that are organized into "playbooks", "roles", or "tasks".

The VM's that playbooks connect to are listed in the ansible-node-configuration/inventory/ path. Navigate to this path and run ansible-inventory --graph to see the details and groupings of the LTC's VM's.

To test that you can run a playbook, try running a ping test first:

ansible-playbook -l {vm_name} 00_ping.yaml

If the play fails, check that:

• you're connected to VPN
• the ansible user has been created on the VM
• the path to the ansible user's SSH key is located correctly in the ansible.cfg file. The path should be relative to the playbook's location.

If the ansible user hasn't yet been added to the server, run 00_add_user.yaml with a user already on the system to get going ("ltc-admin" is added to all nodes automatically).

When the ping is successful, decide what the new node is for...

• k8s cluster manager
• k8s cluster worker
• load balancer
• etcd/consul cluster
• other (vault, admin, nomad, testing)

Helm

Helm is a "package manager" for Kubernetes, and it's used to deploy sets of resources to the clusters. Helm is normally run from the command line, which makes it difficult to record a "current state" of the deployment (anyone could login and run some commands and nobody would know what happened). In order to mitigate this, our Helm installs are applied using Terraform (see below), which allows us to record the deployment configuration in GitLab.

Helm chart configuration values are stored in a {service_name}-values.yaml file within the configuration project's repo.

Terraform

Terraform is used to apply Helm charts to Kubernetes clusters in a way that allows us to record configuration settings and versions.

The following projects use Terraform:

• Vault
• Longhorn
• Rancher
• GitLab Runner