kubevela
/
kubevela.github.io
mirror of https://github.com/kubevela/kubevela.github.io.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Refine cloud resources landing page and add Crossplane example 

- Added usage doc for cloud resources orchestrated by Crossplane
- Refine cloud resources landing page and database usages

Signed-off-by: Zheng Xi Zhou <zhengxi.zzx@alibaba-inc.com>
Co-authored-by: Jianbo Sun <jianbo.sjb@alibaba-inc.com>

fix link issues

Signed-off-by: Zheng Xi Zhou <zhengxi.zzx@alibaba-inc.com>

fix CI

Signed-off-by: Zheng Xi Zhou <zhengxi.zzx@alibaba-inc.com>

fix CI

Signed-off-by: Zheng Xi Zhou <zhengxi.zzx@alibaba-inc.com>

fix CI

Signed-off-by: Zheng Xi Zhou <zhengxi.zzx@alibaba-inc.com>

fix CI

Signed-off-by: Zheng Xi Zhou <zhengxi.zzx@alibaba-inc.com>

update cloud resources

Signed-off-by: Jianbo Sun <jianbo.sjb@alibaba-inc.com>
This commit is contained in:
Zheng Xi Zhou 2022-06-17 17:55:24 +08:00 committed by Jianbo Sun
parent a05a46478e
commit 01ac28b1c2
42 changed files with 1062 additions and 694 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
docs/end-user/components/cloud-services/cloud-resource-scenarios.md Normal file
View File

@ -0,0 +1,18 @@
---
title: Overview
description: This section introduces some scenarios of cloud resources management
---
Here're the scenarios KubeVela already supported by Using Terraform.
## Provision ECS
- [Provision ECS with EIP for proxy Intranet Service](https://kubevela.io/blog/2022/06/27/terraform-integrate-with-vela#part-2-fixing-the-developer-experience-of-kubernetes-port-forwarding).
## Provision and use databases
- [Provision and Binding Cloud Resources](../../../tutorials/consume-cloud-services).
- [Secure your Database Connection](./secure-your-database-connection).
- [Provision an RDS instance with more than one database](./provision-an-RDS-instance-with-more-than-one-database).
- [Provision a Database and Import a SQL File for initialization](./provision-and-initiate-database).

2
docs/end-user/components/cloud-services/provision-an-RDS-instance-with-more-than-one-database.md
View File

@ -2,7 +2,7 @@
title: Provision an RDS instance with more than one database
---
In the guide [Provision and Binding Cloud Resources](./provision-and-consume-cloud-services) and [Provision a Database and Import a SQL File for initialization](./provision-and-initiate-database),
In the guide [Provision and Binding Cloud Resources](../../../tutorials/consume-cloud-services) and [Provision a Database and Import a SQL File for initialization](./provision-and-initiate-database),
only one database will be created in an RDS instance. This tutorial will show you how to create more than one database in an RDS instance.
In the [reference doc for Alibaba Cloud RDS](./terraform/alibaba-rds), set `database_name` if you want to create one database.

141
docs/end-user/components/cloud-services/provision-and-consume-cloud-services.md
View File

@ -1,141 +0,0 @@
---
title: Provision and Binding Cloud Resources
---
Cloud-oriented development is now becoming the norm, there is an urgent need to integrate cloud resources from different
sources and types. Whether it is the most basic object storage, cloud database, or load balancing, it is all faced with
the challenges of hybrid cloud, multi-cloud and other complex environments. KubeVela is perfect to satisfy the needs.
KubeVela efficiently and securely integrates different types of cloud resources through resource binding capabilities in
cloud resource Components and Traits. At present, you can directly use the default components of those cloud resources below.
At the same time, more new cloud resources will gradually become the default option under the support of the community in the future.
You can use cloud resources of various manufacturers in a standardized and unified way.
This tutorial will talk about how to provision and consume Cloud Resources by Terraform.
> ⚠️ This section requires your platform engineers have already enabled [cloud resources addon](../../../reference/addons/terraform).
## Terraform
All supported Terraform cloud resources can be seen in the [list](./cloud-resources-list). You can also filter them by command by `vela components --label type=terraform`.
### Provision cloud resources
Use the following Application to provision an OSS bucket:
```yaml
apiVersion: core.oam.dev/v1beta1
kind: Application
metadata:
name: provision-cloud-resource-sample
spec:
components:
- name: sample-oss
type: alibaba-oss
properties:
bucket: vela-website-0911
acl: private
writeConnectionSecretToRef:
name: oss-conn
```
The above `alibaba-oss` component will create an OSS bucket named `vela-website-0911`, with private acl, with connection information stored in a secreted named `oss-conn`.
description, whether it's compulsory, and default value.
Apply the above application, then check the status:
```shell
$ vela ls
APP COMPONENT TYPE TRAITS PHASE HEALTHY STATUS CREATED-TIME
provision-cloud-resource-sample sample-oss alibaba-oss running healthy Cloud resources are deployed and ready to use 2021-09-11 12:55:57 +0800 CST
```
After the phase becomes `running` and `healthy`, you can then check the OSS bucket in Alibaba Cloud console or by [ossutil](https://partners-intl.aliyun.com/help/doc-detail/50452.htm)
command.
```shell
$ ossutil ls oss://
CreationTime Region StorageClass BucketName
2021-09-11 12:56:17 +0800 CST oss-cn-beijing Standard oss://vela-website-0911
```
### Bind cloud resources
Let's deploy
the [application](https://github.com/kubevela/kubevela/tree/master/docs/examples/terraform/cloud-resource-provision-and-consume/application.yaml)
below to provision Alibaba Cloud OSS and RDS cloud resources, and consume them by the web component.
```yaml
apiVersion: core.oam.dev/v1beta1
kind: Application
metadata:
name: webapp
spec:
components:
- name: express-server
type: webservice
properties:
image: zzxwill/flask-web-application:v0.3.1-crossplane
port: 80
traits:
- type: service-binding
properties:
envMappings:
# environments refer to db-conn secret
DB_PASSWORD:
secret: db-conn # 1) If the env name is the same as the secret key, secret key can be omitted.
endpoint:
secret: db-conn
key: DB_PUBLIC_HOS # 2) If the env name is different from secret key, secret key has to be set.
username:
secret: db-conn
key: DB_USER
# environments refer to oss-conn secret
BUCKET_NAME:
secret: oss-conn
- name: sample-db
type: alibaba-rds
properties:
instance_name: sample-db
account_name: oamtest
password: U34rfwefwefffaked
writeConnectionSecretToRef:
name: db-conn
- name: sample-oss
type: alibaba-oss
properties:
bucket: vela-website-0911
acl: private
writeConnectionSecretToRef:
name: oss-conn
```
The component `sample-db` will generate secret `db-conn` with [these keys](./terraform/alibaba-rds#outputs), and the component
`sample-oss` will generate secret `oss-conn`. These secrets are binded to the Envs of component `express-server` by trait
[Service Binding](../../traits/service-binding). Then the component can consume instances of OSS and RDS.
Deploy and verify the application.
```shell
$ vela ls
APP COMPONENT TYPE TRAITS PHASE HEALTHY STATUS CREATED-TIME
webapp express-server webservice service-binding running healthy 2021-09-08 16:50:41 +0800 CST
├─ sample-db alibaba-rds running healthy 2021-09-08 16:50:41 +0800 CST
└─ sample-oss alibaba-oss running healthy 2021-09-08 16:50:41 +0800 CST
```
```shell
$ vela port-forward webapp
Forwarding from 127.0.0.1:8080 -> 80
Forwarding from [::1]:8080 -> 80
Forward successfully! Opening browser ...
```
![](../../../resources/crossplane-visit-application-v3.jpg)
## Next
- [Provision a Database and Import a SQL File for initialization](./provision-and-initiate-database)

82
docs/end-user/components/cloud-services/provision-and-consume-database.md Normal file
View File

@ -0,0 +1,82 @@
---
title: Provision and Binding Database
---
This tutorial will talk about how to provision and consume Alibaba Cloud RDS (and OSS) by Terraform.
> ⚠️ This section requires your platform engineers have already enabled [cloud resources addon](../../../reference/addons/terraform).
Let's deploy the [application](https://github.com/kubevela/kubevela/tree/master/docs/examples/terraform/cloud-resource-provision-and-consume/application.yaml)
below to provision Alibaba Cloud OSS and RDS cloud resources, and consume them by the web component.
```yaml
apiVersion: core.oam.dev/v1beta1
kind: Application
metadata:
name: webapp
spec:
components:
- name: express-server
type: webservice
properties:
image: zzxwill/flask-web-application:v0.3.1-crossplane
port: 80
traits:
- type: service-binding
properties:
envMappings:
# environments refer to db-conn secret
DB_PASSWORD:
secret: db-conn # 1) If the env name is the same as the secret key, secret key can be omitted.
endpoint:
secret: db-conn
key: DB_PUBLIC_HOS # 2) If the env name is different from secret key, secret key has to be set.
username:
secret: db-conn
key: DB_USER
# environments refer to oss-conn secret
BUCKET_NAME:
secret: oss-conn
- name: sample-db
type: alibaba-rds
properties:
instance_name: sample-db
account_name: oamtest
password: U34rfwefwefffaked
writeConnectionSecretToRef:
name: db-conn
- name: sample-oss
type: alibaba-oss
properties:
bucket: vela-website-0911
acl: private
writeConnectionSecretToRef:
name: oss-conn
```
The component `sample-db` will generate secret `db-conn` with [these keys](./terraform/alibaba-rds#outputs), and the component
`sample-oss` will generate secret `oss-conn`. These secrets are binded to the Envs of component `express-server` by trait
[Service Binding](../../traits/service-binding). Then the component can consume instances of OSS and RDS.
Deploy and verify the application.
```shell
$ vela ls
APP COMPONENT TYPE TRAITS PHASE HEALTHY STATUS CREATED-TIME
webapp express-server webservice service-binding running healthy 2021-09-08 16:50:41 +0800 CST
├─ sample-db alibaba-rds running healthy 2021-09-08 16:50:41 +0800 CST
└─ sample-oss alibaba-oss running healthy 2021-09-08 16:50:41 +0800 CST
```
```shell
$ vela port-forward webapp
Forwarding from 127.0.0.1:8080 -> 80
Forwarding from [::1]:8080 -> 80
Forward successfully! Opening browser ...
```
![](../../../resources/crossplane-visit-application-v3.jpg)

4
docs/end-user/components/cloud-services/provision-and-initiate-database.md
View File

@ -111,7 +111,3 @@ Handling connection for 4000
![](https://kubevela-assets.oss-cn-beijing.aliyuncs.com/gifs/db-import-sql-sample-favorite-links.gif)
## Next
- [Secure your Database Connection](./secure-your-database-connection)
- [Provision an RDS instance with more than one database](./provision-an-RDS-instance-with-more-than-one-database)

72
docs/end-user/components/cloud-services/provision-cloud-resources-by-crossplane.md Normal file
View File

@ -0,0 +1,72 @@
---
title: Crossplane
---
The guide [Deploy Cloud Services](../../../tutorials/consume-cloud-services) shows how to provision cloud resources by Terraform in
CLI and VelaUX. This tutorial will talk about how to provision Cloud Resources by [Crossplane](https://crossplane.io/).
Let's take cloud provider AWS as an example.
## Enable addon `crossplane-aws`
```shell
$ vela addon enable crossplane-aws
```
## Authenticate AWS Provider for Crossplane
Apply the application below. You can get AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY per https://aws.amazon.com/blogs/security/wheres-my-secret-access-key/.
```yaml
apiVersion: core.oam.dev/v1beta1
kind: Application
metadata:
name: aws
namespace: vela-system
spec:
components:
- name: aws
type: crossplane-aws
properties:
name: aws
AWS_ACCESS_KEY_ID: xxx
AWS_SECRET_ACCESS_KEY: yyy
```
## Provision cloud resources
Let's provision a S3 bucket. Please apply the application below.
```yaml
apiVersion: core.oam.dev/v1beta1
kind: Application
metadata:
name: s3-poc
spec:
components:
- name: dev
type: crossplane-aws-s3
properties:
name: kubevela-test-0714
acl: private
locationConstraint: us-east-1
```
After the application gets `running`, you can check the bucket by AWS [cli](https://aws.amazon.com/cli/?nc1=h_ls) or console.
```shell
$ vela ls
APP COMPONENT TYPE TRAITS PHASE HEALTHY STATUS CREATED-TIME
s3-poc dev crossplane-aws-s3 running healthy 2022-06-16 15:37:15 +0800 CST
$ aws s3 ls
2022-06-16 15:37:17 kubevela-test-0714
```
## More
All Crossplane cloud resources are defined as [ComponentDefinitions](../../../getting-started/definition) and are about
to be delivered in Crossplane provider addons, like [crossplane-aws](https://github.com/kubevela/catalog/tree/master/experimental/addons/crossplane-aws).
If your requirements are not met by the addons, you can define your own component type per the instructions on
[how to define customized component](../../../platform-engineers/components/custom-component).

5
docs/end-user/components/cloud-services/secure-your-database-connection.md
View File

@ -2,7 +2,7 @@
title: Secure your Database Connection
---
In the guide [Provision and Binding Cloud Resources](./provision-and-consume-cloud-services) and [Provision a Database and Import a SQL File for initialization](./provision-and-initiate-database),
In the guide [Provision and Binding Cloud Resources](../../../tutorials/consume-cloud-services) and [Provision a Database and Import a SQL File for initialization](./provision-and-initiate-database),
a database's public host `DB_PUBLIC_HOS` is used to connect by business component. It's necessary when you want to have
a try, create a PoC, or use the database outside a cloud provider. But it's not secure for production use of database.
@ -50,6 +50,3 @@ spec:
name: db-conn
```
## Run application
Continue samples in [Provision and Binding Cloud Resources](./provision-and-consume-cloud-services) and [Provision a Database and Import a SQL File for initialization](./provision-and-initiate-database).

2
docs/platform-engineers/addon/terraform.md
View File

@ -4,7 +4,7 @@ title: Extend Terraform Addon
[Terraform Controller](https://github.com/kubevela/terraform-controller) is the core controller to provision and manage
cloud resources for KubeVela. It has supported [some cloud providers](https://github.com/oam-dev/terraform-controller#supported-cloud-providers), including AWS, Azure, GCP, Alibaba Cloud,
Tencent Cloud, etc. But only [a few](https://kubevela.io/docs/tutorials/consume-cloud-services#enabling-cloud-vendor-addons) has been supported as Terraform Addons in KubeVela.
Tencent Cloud, etc. But only [a few](../../tutorials/consume-cloud-services#enabling-a-cloud-provider-addon) has been supported as Terraform Addons in KubeVela.
This guide will show you how to extend a Terraform Addon to support your cloud provider.

6
docs/platform-engineers/components/component-terraform.md
View File

@ -2,9 +2,9 @@
title: Extend Cloud Resources
---
To enable end users to [provision and consume cloud resources](../../end-user/components/cloud-services/provision-and-consume-cloud-services),
To enable end users to [provision and consume cloud resources](../../tutorials/consume-cloud-services),
platform engineers need to prepare ComponentDefinitions for cloud resources if end users' requirements are beyond the
[built-in capabilities](../../end-user/components/cloud-services/provision-and-consume-cloud-services#supported-cloud-resource-list).
[built-in capabilities](../../tutorials/consume-cloud-services#supported-cloud-resource-list).
Here is the guide to create Terraform typed ComponentDefinitions of cloud resources for cloud providers Alibaba Cloud, AWS and Azure.
@ -191,7 +191,7 @@ spec:
Generally, the values in the properties are aligned with the `variables` defined in the terraform module, the terraform controller will help run `terraform init`, `terraform plan` automatically and finally use the parameters defined in the properties of application component to run `terraform apply`.
You can refer to scenario docs such as [Provision cloud resources](../../end-user/components/cloud-services/provision-and-consume-cloud-services#provision-cloud-resources) for more real use cases.
You can refer to scenario docs such as [Provision cloud resources](../../tutorials/consume-cloud-services#provision-cloud-resources) for more real use cases.
## Generate documentation

52
docs/reference/addons/crossplane.md Normal file
View File

@ -0,0 +1,52 @@
---
title: Cloud Resources orchestrated by Crossplane
---
## Crossplane addon
```shell
$ vela addon enable crossplane
```
## Enable a Crossplane Provider addon
KubeVela can support following cloud providers by enabling the Crossplane provider addons.
```shell
$ vela addon list | grep crossplane-
crossplane-aws KubeVela Kubernetes Crossplane Controller for AWS [0.0.1] enabled (1.0.0) enabled (1.0.1)
```
To enable one of them, use the following command:
```shell
$ vela addon enable crossplane-xxx
```
You can also disable, upgrade, check status of an addon by command `vela addon`.
## Authenticate Crossplane Provider
Apply the application below. Let's use aws in this example, you can get `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` per [aws secret docs](https://aws.amazon.com/blogs/security/wheres-my-secret-access-key/).
```yaml
apiVersion: core.oam.dev/v1beta1
kind: Application
metadata:
name: aws
namespace: vela-system
spec:
components:
- name: aws
type: crossplane-aws
properties:
name: aws
AWS_ACCESS_KEY_ID: xxx
AWS_SECRET_ACCESS_KEY: yyy
```
### Provision cloud resources
After a Crossplane provider is authenticated, you can [provision and/or consume cloud resources](../../tutorials/consume-cloud-services).

2
docs/reference/addons/terraform.md
View File

@ -106,4 +106,4 @@ $ vela provider add terraform-aws --name aws-dev --AWS_ACCESS_KEY_ID=xxx --AWS_S
### Provision cloud resources
After a Terraform provider is authenticated, you can [provision and/or consume cloud resources](../../end-user/components/cloud-services/provision-and-consume-cloud-services).
After a Terraform provider is authenticated, you can [provision and/or consume cloud resources](../../tutorials/consume-cloud-services).

163
docs/tutorials/consume-cloud-services.md
View File

@ -1,87 +1,116 @@
---
title: Deploy Cloud Services
description: This section introduces the delivery of services provided by cloud vendors through KubeVela and orchestrating your services in the Kubernetes cluster.
---
Integrating cloud service is the most frequent need in our daily development, varying from the Object storage, Cloud
database to LoadBalancer, Cache, or search engine. Faster to load them save more time, meanwhile, to orchestrate
different resources from multi-cloud is quite a pain point.
KubeVela efficiently and securely integrates different types of cloud resources in hybrid/multi-cloud environments.
In this section, we introduce an example to show you how to deploy cloud services.
You can use the integrated cloud resources as out-of-box components or integrate by Terraform or Crossplane easily.
With the help of KubeVela, you can use cloud resources from various providers in a unified way.
## Before starting
This tutorial will mainly focus on talking about how to provision cloud resources by [Terraform](https://github.com/kubevela/terraform-controller).
If you'd like to know more about cloud resources from [Crossplane](https://crossplane.io/), please refer to [this guide](../end-user/components/cloud-services/provision-cloud-resources-by-crossplane).
- Has a cloud vendor account with proper access to your target cloud resources
## Provision Cloud Resources
- Ensure your account has a sufficient balance
### Prerequisites
- Connect to a Kubernetes cluster on this cloud vendor for hosting your cloud services
* Enable Terraform addon and authenticate the target cloud provider per the [instruction](../reference/addons/terraform).
## Enabling a cloud provider addon
Let's take Alibaba Cloud as an example.
First, visit [VelaUX (KubeVela Dashboard)](../install#2-install-velaux), switch to the tab `Addon`, and click up addon
`terraform-xxx`. `xxx` stands for the cloud provider name. We support the following Addons:
### Familiar with cloud resources specification
- terraform-alibaba
- terraform-aws
- terraform-azure
- terraform-tencent
- terraform-gcp
- terraform-baidu
All supported Terraform cloud resources can be seen in the [list](../end-user/components/cloud-services/cloud-resources-list). You can also filter them by
command `vela components --label type=terraform`.
We can provision cloud resources in Alibaba Cloud, AWS, Azure, Tencent Cloud, Google Cloud Platform and Baidu Cloud respectively.
You can use any of the following ways to check the specification of one cloud resource.
Choose the specific version and enable an addon.
- Using command `vela show <component type name>` .
```console
$ vela show alibaba-oss
### Properties
+----------------------------+-------------------------------------------------------------------------+-----------------------------------------------------------+----------+---------+
| NAME | DESCRIPTION | TYPE | REQUIRED | DEFAULT |
+----------------------------+-------------------------------------------------------------------------+-----------------------------------------------------------+----------+---------+
| acl | OSS bucket ACL, supported 'private', 'public-read', 'public-read-write' | string | false | |
| bucket | OSS bucket name | string | false | |
| writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false | |
+----------------------------+-------------------------------------------------------------------------+-----------------------------------------------------------+----------+---------+
...snip...
```
You can also add flag `--web` to view the usage by a local browser.
- Reading [official docs](../end-user/components/cloud-services/cloud-resources-list).
For example, you can check the specification for Alibaba OSS at [here](../end-user/components/cloud-services/terraform/alibaba-oss).
For different vendors, these parameters update accordingly. All cloud resources have the following common parameters.
- `writeConnectionSecretToRef`: `struct` Type, represents the outputs of Terraform will become key/values in the secret with the name specified here.
- `name`, specifies the name of the secret.
- `namespace`, specifies the namespace of the secret.
- `providerRef`: `struct` Type, represents the Provider which is referenced by a cloud service.
- `name`, specifies the name of the provider.
- `deleteResource`: `bool` Type, specify whether to delete the corresponding cloud service when the app is deleted. By Default it's `true`.
- `customRegion`: `string` Type, specify region for resources, it will override the default region from `providerRef`.
### Provision by Creating Application
Use the following Application to provision an OSS bucket:
```yaml
apiVersion: core.oam.dev/v1beta1
kind: Application
metadata:
name: provision-cloud-resource-sample
spec:
components:
- name: sample-oss
type: alibaba-oss
properties:
bucket: vela-website-0911
acl: private
writeConnectionSecretToRef:
name: oss-conn
```
The above `alibaba-oss` component will create an OSS bucket named `vela-website-0911`, with `private` acl, with connection
information stored in a secreted named `oss-conn`.
Apply the above application, then check the status:
```shell
$ vela ls
APP COMPONENT TYPE TRAITS PHASE HEALTHY STATUS CREATED-TIME
provision-cloud-resource-sample sample-oss alibaba-oss running healthy Cloud resources are deployed and ready to use 2021-09-11 12:55:57 +0800 CST
```
After the phase becomes `running` and `healthy`, you can then check the OSS bucket in Alibaba Cloud console.
## Provision with UI Console
Provision cloud resources from UI Console can be more appropriate.
### Before starting
- Enable [VelaUX](../reference/addons/velaux) addon.
- Enable [Terraform](../reference/addons/terraform) addon, just like the prerequisites in CLI part above. VelaUX can also enable these addons in UI console.
![addon-alibaba](../resources/addon-alibaba.jpg)
## Authenticating the cloud provider
### Creating your cloud service
Click the tab `Platform`, and then `Integrations`. Choose `Terraform Controller Provider` to authenticate a cloud provider.
Follow the instructions on all the properties to authenticate the provider for each cloud provider.
The UI console operations are the same, you can refer to [this guide](../how-to/dashboard/application/create-application).
For example, for Alibaba Cloud, you need to set the following properties:
Firstly, Create an application and choose the type of your cloud service, they will always has a prefix of vendor such as `aws-`, `azure` or `alibaba-`.
> Notice: KubeVela encrypts all the keys, hence no need to worry about its safety.
Set the above parameters according to your needs to complete creating the application, and then deploy the application. The resources will be provisioned after the application become ready.
![](../resources/provider-alibaba.jpg)
Then fill in your ALICLOUD_ACCESS_KEY, ALICLOUD_REGION, and ALICLOUD_SECRET_KEY to enable it。
The creating process of cloud services pulls configuration from GitHub. If your control plane
cluster that runs KubeVela is very hard to connect to GitHub, please open up the `GithubBlocked` option in `terraform`
addon.
All supported Terraform cloud resources can be seen in the [list](../end-user/components/cloud-services/cloud-resources-list).
## Creating your cloud service
First [create an application](../how-to/dashboard/application/create-application). Please choose the type of your cloud service,
which has a prefix of `aws-`, `azure`, `alibaba-` or `tencent-`.
For different vendors, these parameters update accordingly.
For example, `aws-s3` has the following parameters:
![](../resources/aws-s3-parameters.png)
`azure-database-mariadb` has the following parameters:
![](../resources/azure-database-mariadb-parameters.png)
`alibaba-rds` has the following parameters:
![](../resources/alibaba-rds-parameters.png)
All cloud resources have some common parameters.
- DeleteResource: Whether to delete the corresponding cloud service when the app is deleted
- ProviderRef: The Provider which is referenced by a cloud service
- Region: Region is cloud provider's region. It will override `providerRef`.
Set the above parameters according to your needs to complete creating the application, and then [deploy the application](../how-to/dashboard/application/deploy-application).
## Viewing cloud resource creation status
### Viewing cloud resource creation status
- Check the cloud instance list
@ -98,9 +127,7 @@ because the cloud service instance generation takes a certain amount of time, an
You can visit the instance in the console of the cloud provider. For example, you can check the name or console to visit it.
![](../resources/application-console-link.png)
For example, you can check Alibaba Cloud RDS instance in [https://console.aliyun.com](https://console.aliyun.com).
![](../resources/alibaba-cloud-rds-console.png)
It will redirect to the UI Console of the provider, in our example, resources from Alibaba Cloud will go to [https://console.aliyun.com](https://console.aliyun.com).
- Check details and status of the cloud instance
@ -122,3 +149,7 @@ In the last section `Component Status`, the health status and the message of the
- The cloud service is always ProvisioningAndChecking and has no name
> The creation of cloud services generally takes a certain amount of time. Please wait or enter the cloud vendor console to view the creation progress.
## More
For more usages of cloud resources, like how to provision and consume cloud resources, please refer to [Scenarios of Cloud Resources Management](./../end-user/components/cloud-services/cloud-resource-scenarios).

16
i18n/zh/docusaurus-plugin-content-docs/current/end-user/components/cloud-services/cloud-resource-scenarios.md Normal file
View File

@ -0,0 +1,16 @@
---
title: 概览
description: 该部分介绍云资源管理的一些场景
---
## Provision ECS
- [Provision ECS with EIP for proxy Intranet Service](https://kubevela.io/blog/2022/06/27/terraform-integrate-with-vela#part-2-fixing-the-developer-experience-of-kubernetes-port-forwarding).
## 部署和使用数据库
- [创建和使用云资源](../../../tutorials/consume-cloud-services)
- [安全访问数据库](./secure-your-database-connection)
- [RDS 实例创建多数据库](./provision-an-RDS-instance-with-more-than-one-database)
- [数据库创建和初始化](./provision-and-initiate-database)

2
i18n/zh/docusaurus-plugin-content-docs/current/end-user/components/cloud-services/provision-an-RDS-instance-with-more-than-one-database.md
View File

@ -2,7 +2,7 @@
title: RDS 实例创建多数据库
---
指南 [创建和使用云资源](./provision-and-consume-cloud-services)和[数据库创建和初始化](./provision-and-initiate-database)里,在一个
指南 [创建和使用云资源](./provision-and-consume-database)和[数据库创建和初始化](./provision-and-initiate-database)里,在一个
RDS 实例中,只创建了一个数据库。本教程将告诉你如何在一个 RDS 实例中创建多个数据库。
在[阿里云 RDS 参考文档](./terraform/alibaba-rds)中,如果你想创建一个数据库,请设置`database_name`。 如果你想创建多个数据库,

53
i18n/zh/docusaurus-plugin-content-docs/current/end-user/components/cloud-services/provision-and-consume-cloud-services.md → i18n/zh/docusaurus-plugin-content-docs/current/end-user/components/cloud-services/provision-and-consume-database.md
View File

@ -1,60 +1,11 @@
---
title: 创建和使用云资源
title: 创建和使用数据库
---
在面向云开发逐渐成为范式的这个时代,我们希望集成来源不同、类型不同云资源的需求非常迫切。不管是最基本的对象存储、云数据库,还是更多的负载均衡等等,
也面临着混合云、多云等复杂环境所带来的挑战,而 KubeVela 都可以很好满足你的需要。
KubeVela 通过云资源组件Component和运维特征Trait里的资源绑定功能高效安全地完成不同类型云资源的集成工作。目前你可以直接调用下面这些云资源默认组件。
同时在未来,更多新的云资源也会在社区的支撑下逐渐成为默认选项,让你标准化统一地去使用各种厂商的云资源。
本教程将介绍如何通过 Terraform 部署阿里云 RDS (和 OSS)。
> ⚠️ 请确认管理员已经安装了 [云资源插件](../../../reference/addons/terraform)。
## Terraform
KubeVela 支持的所有由 Terraform 编排的云资源请见[列表](./cloud-resources-list),你也可以通过命令 `vela components --label type=terraform` 查看。
### 部署云资源
我们以 OSS bucket 为例展示如何部署云资源。
```yaml
apiVersion: core.oam.dev/v1beta1
kind: Application
metadata:
name: provision-cloud-resource-sample
spec:
components:
- name: sample-oss
type: alibaba-oss
properties:
bucket: vela-website-0911
acl: private
writeConnectionSecretToRef:
name: oss-conn
```
`alibaba-oss` 类型的组件的 properties 在上面文档有清晰的描述,包括每一个 property 的名字、类型、描述、是否必填和默认值。
部署应用程序并检查应用程序的状态。
```shell
$ vela ls
APP COMPONENT TYPE TRAITS PHASE HEALTHY STATUS CREATED-TIME
provision-cloud-resource-sample sample-oss alibaba-oss running healthy Cloud resources are deployed and ready to use 2021-09-11 12:55:57 +0800 CST
```
当应用程序处于 `running``healthy`状态。我们可以在阿里云控制台或通过 [ossutil](https://partners-intl.aliyun.com/help/doc-detail/50452.htm)
检查OSS bucket 是否被创建。
```shell
$ ossutil ls oss://
CreationTime Region StorageClass BucketName
2021-09-11 12:56:17 +0800 CST oss-cn-beijing Standard oss://vela-website-0911
```
### 消费云资源
下面我们以阿里云关系型数据库RDS的例子作为示例进行讲解。
首先请直接复制一个编写好的应用部署计划,在命令行中执行:

71
i18n/zh/docusaurus-plugin-content-docs/current/end-user/components/cloud-services/provision-cloud-resources-by-crossplane.md Normal file
View File

@ -0,0 +1,71 @@
---
title: 通过 Crossplane 部署云资源
---
教程 [部署云服务](../../../tutorials/consume-cloud-services)展示了如何通过 Terraform 在 CLI 和 VelaUX 上部署云服务。
本教程将讨论如何通过 [Crossplane](https://crossplane.io/) 部署云资源。
让我们以云供应商AWS为例。
## 启用插件 `crossplane-aws`
```shell
$ vela addon enable crossplane-aws
```
## 认证 Crossplane AWS Provider
提交下面的应用,你可以根据 https://aws.amazon.com/blogs/security/wheres-my-secret-access-key/ 获得 AWS_ACCESS_KEY_ID 和 AWS_SECRET_ACCESS_KEY。
```yaml
apiVersion: core.oam.dev/v1beta1
kind: Application
metadata:
name: aws
namespace: vela-system
spec:
components:
- name: aws
type: crossplane-aws
properties:
name: aws
AWS_ACCESS_KEY_ID: xxx
AWS_SECRET_ACCESS_KEY: yyy
```
## 部署云资源
我们来配置一个 S3 bucket。请提交下面的应用。
```yaml
apiVersion: core.oam.dev/v1beta1
kind: Application
metadata:
name: s3-poc
spec:
components:
- name: dev
type: crossplane-aws-s3
properties:
name: kubevela-test-0714
acl: private
locationConstraint: us-east-1
```
在应用程序变成 `running` 后,你可以通过 AWS [命令行](https://aws.amazon.com/cli/?nc1=h_ls) 或控制台访问该 bucket。
```shell
$ vela ls
APP COMPONENT TYPE TRAITS PHASE HEALTHY STATUS CREATED-TIME
s3-poc dev crossplane-aws-s3 running healthy 2022-06-16 15:37:15 +0800 CST
$ aws s3 ls
2022-06-16 15:37:17 kubevela-test-0714
```
## 更多
所有的 Crossplane 云资源都被定义为[ComponentDefinitions](../../../getting-started/definition),并且即将在 Crossplane provider
插件中交付,如 [crossplan-aws](https://github.com/kubevela/catalog/tree/master/experimental/addons/crossplane-aws)。
如果已有的插件不满足你的需求,你可以根据以下说明定义自己的组件类型 [how to define customized component](../../../platform-engineers/components/custom-component)。

4
i18n/zh/docusaurus-plugin-content-docs/current/end-user/components/cloud-services/secure-your-database-connection.md
View File

@ -2,7 +2,7 @@
title: 安全访问数据库
---
在指南 [创建和使用云资源](./provision-and-consume-cloud-services)和[数据库创建和初始化](./provision-and-initiate-database),业务组件
在指南 [创建和使用云资源](./provision-and-consume-database)和[数据库创建和初始化](./provision-and-initiate-database),业务组件
使用数据库的公网连接 `DB_PUBLIC_HOS` 来访问数据库。当你想试用,创建 PoC或在云提供商集群之外使用数据库时这是必要的。但是对于数据库的生产使用来说它是不安全的。
本教程将讨论如何安全访问你的数据库。
@ -51,4 +51,4 @@ spec:
## 执行应用
你可以使用[创建和使用云资源](./provision-and-consume-cloud-services)和[数据库创建和初始化](./provision-and-initiate-database)的实例来安全访问数据库。
你可以使用[创建和使用云资源](./provision-and-consume-database)和[数据库创建和初始化](./provision-and-initiate-database)的实例来安全访问数据库。

4
i18n/zh/docusaurus-plugin-content-docs/current/platform-engineers/components/component-terraform.md
View File

@ -6,7 +6,7 @@ title: 扩展云资源
Terraform 是目前业内支持云资源最广泛也最受欢迎的组件KubeVela 对 Terraform 进行了额外的支持,使得用户可以通过 Kubernetes CRD 的方式配合
Terraform 使用任意的云资源。
为了使最终用户能够[部署和消费云资源](../../end-user/components/cloud-services/provision-and-consume-cloud-services),当用户的要求超出了 [内置云资源的能力](../../end-user/components/cloud-services/provision-and-consume-cloud-services)
为了使最终用户能够[部署和消费云资源](../../end-user/components/cloud-services/provision-and-consume-database),当用户的要求超出了 [内置云资源的能力](../../end-user/components/cloud-services/provision-and-consume-database)
管理员需要要为云资源准备 ComponentDefinitions。
以下是为云供应商阿里云、AWS 和 Azure 创建 Terraform 类型的云资源 ComponentDefinitions 的指南。
@ -167,7 +167,7 @@ $ vela show alibaba-eip
+-----------+-----------------------------------------------------------------------------+--------+----------+---------+
```
如果表格能正常出来ComponentDefinition 应该就可以工作了。更进一步,你可以通过文档[部署云资源](../../end-user/components/cloud-services/provision-and-consume-cloud-services)创建一个实际的 EIP 来验证。
如果表格能正常出来ComponentDefinition 应该就可以工作了。更进一步,你可以通过文档[部署云资源](../../end-user/components/cloud-services/provision-and-consume-database)创建一个实际的 EIP 来验证。
## 生成文档

2
i18n/zh/docusaurus-plugin-content-docs/current/reference/addons/terraform.md
View File

@ -100,4 +100,4 @@ $ vela provider add terraform-aws --name aws-dev --AWS_ACCESS_KEY_ID=xxx --AWS_S
### 部署云资源
在 Terraform provider 授权后,您可以[创建和消费云资源](../../end-user/components/cloud-services/provision-and-consume-cloud-services)。
在 Terraform provider 授权后,您可以[创建和消费云资源](../../end-user/components/cloud-services/provision-and-consume-database)。

159
i18n/zh/docusaurus-plugin-content-docs/current/tutorials/consume-cloud-services.md
View File

@ -1,100 +1,125 @@
---
title: 云服务
description: 本文介绍通过 KubeVela 交付云厂商提供的服务,并能够与 Kubernetes 集群中的业务打通。
title: 创建和使用云资源
---
集成云服务是实际开发中最频繁的使用需求之一。从基础的对象存储、云数据库到负载均衡、云缓存,再到基于业务的搜索引擎等等,快速的接入云服务并便捷的使用它们可以大大降低开发成本。与此同时,由于可供选择的云服务厂商非常多,多云交付已成为未来必然形态,如何管理好接入混合云环境时各类资源之间的关系,也成为必须解决的最大挑战
KubeVela 可以帮助开发者集成、编排不同类型的云资源,涵盖混合多云环境,让你用统一地方式去使用不同厂商的云资源
在本文中,我们介绍一个例子,向你展示如何部署云服务
本教程将主要集中在通过 Terraform 插件创建云资源KubeVela 也支持使用 [Crossplane](https://crossplane.io/),你可以参考[这个教程](../end-user/components/cloud-services/provision-cloud-resources-by-crossplane)
## 开始之前
## 通过 Vela CLI 创建云资源
- 拥有一个能适当权限访问你的目标云资源的云供应商账户
请平台工程师启用云资源 Terraform 插件并授权目标云服务商的认证信息。
我们将使用阿里云作为示例。
- 确保云账号具有足够的费用。
### 熟悉云资源的使用参数
- 对接一个处在同一个云上的 Kubernetes 集群,用以验证云服务的正常开通与使用
KubeVela 支持的所有由 Terraform 编排的云资源请见[列表](../end-user/components/cloud-services/cloud-resources-list),你也可以通过命令 `vela components --label type=terraform` 查看
## 开启对应云服务商的插件
你可以使用一下任意方式来检查云资源的使用参数:
首先,访问[VelaUX (KubeVela Dashboard)](../install#3-安装-VelaUX),切换到 "Addon" 标签,并点击 addon
`terraform-xxx`。`xxx`代表云提供商的名称。我们支持以下的插件:
- 通过命令 `vela show <component type name>`
- terraform-alibaba
- terraform-aws
- terraform-azure
- terraform-tencent
- terraform-gcp
- terraform-baidu
```console
$ vela show alibaba-oss
### Properties
+----------------------------+-------------------------------------------------------------------------+-----------------------------------------------------------+----------+---------+
| NAME | DESCRIPTION | TYPE | REQUIRED | DEFAULT |
+----------------------------+-------------------------------------------------------------------------+-----------------------------------------------------------+----------+---------+
| acl | OSS bucket ACL, supported 'private', 'public-read', 'public-read-write' | string | false | |
| bucket | OSS bucket name | string | false | |
| writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false | |
+----------------------------+-------------------------------------------------------------------------+-----------------------------------------------------------+----------+---------+
我们可以分别在阿里云、AWS、Azure、腾讯云、Google Cloud Platform和百度云配置云资源。
...snip...
```
选择对应的插件版本并启用该插件。
你也可以使用 `--web` 参数来在本地浏览器中查看使用说明。
- 阅读 [官网文档](http://kubevela.net/docs/end-user/components/cloud-services/cloud-resources-list).
比如,你可以在[这里](http://kubevela.net/docs/end-user/components/cloud-services/terraform/alibaba-oss)查看阿里云 OSS 的使用参数。
For different vendors, these parameters update accordingly. All cloud resources have the following common parameters.
- `writeConnectionSecretToRef`: `struct` Type, represents the outputs of Terraform will become key/values in the secret with the name specified here.
- `name`, specifies the name of the secret.
- `namespace`, specifies the namespace of the secret.
- `providerRef`: `struct` Type, represents the Provider which is referenced by a cloud service.
- `name`, specifies the name of the provider.
- `deleteResource`: `bool` Type, specify whether to delete the corresponding cloud service when the app is deleted. By Default it's `true`.
- `customRegion`: `string` Type, specify region for resources, it will override the default region from `providerRef`.
### 部署云资源
我们以 OSS bucket 为例展示如何部署云资源。
```yaml
apiVersion: core.oam.dev/v1beta1
kind: Application
metadata:
name: provision-cloud-resource-sample
spec:
components:
- name: sample-oss
type: alibaba-oss
properties:
bucket: vela-website-0911
acl: private
writeConnectionSecretToRef:
name: oss-conn
```
`alibaba-oss` 类型的组件的参数在上面文档有清晰的描述,包括每一个 property 的名字、类型、描述、是否必填和默认值。
部署应用程序并检查应用程序的状态。
```shell
$ vela ls
APP COMPONENT TYPE TRAITS PHASE HEALTHY STATUS CREATED-TIME
provision-cloud-resource-sample sample-oss alibaba-oss running healthy Cloud resources are deployed and ready to use 2021-09-11 12:55:57 +0800 CST
```
当应用程序处于 `running``healthy`状态。你也可以在阿里云控制台查看。
## 通过 UI 控制台查看
除了命令行以外,使用 UI 控制台也可以很方便的创建云资源。
### 开始之前
- Enable [VelaUX](../reference/addons/velaux) addon.
- Enable [Terraform](../reference/addons/terraform) addon, just like the prerequisites in CLI part above. VelaUX can also enable these addons in UI console.
![addon-alibaba](../resources/addon-alibaba.jpg)
## 认证云服务商的插件
### Creating your cloud service
点击菜单 `Platform` 后再点击 `集成配置`,选择 `Terraform Controller Provider` 来认证一个云服务商的插件。
The UI console operations are the same, you can refer to [this guide](../how-to/dashboard/application/create-application).
按照每个云提供商的插件的所有属性上的说明来设置插件并启用它。
Firstly, Create an application and choose the type of your cloud service, they will always has a prefix of vendor such as `aws-`, `azure` or `alibaba-`.
例如,对于阿里巴巴云,你需要设置以下属性:
> 注意。KubeVela对所有的密钥进行了加密因此不必担心它的安全问题。
Set the above parameters according to your needs to complete creating the application, and then deploy the application. The resources will be provisioned after the application become ready.
![](../resources/provider-alibaba.jpg)
然后填写你的ALICLOUD_ACCESS_KEYALICLOUD_REGION和ALICLOUD_SECRET_KEY来启用它。
云服务的创建过程会从GitHub中提取配置。如果你的控制平面 运行KubeVela的集群很难连接到GitHub请在`terraform`插件中打开`GithubBlocked`选项。
KubeVela支持的云资源请见[列表](../end-user/components/cloud-services/cloud-resources-list)。
## 创建你的云服务
首先[创建一个应用程序](../how-to/dashboard/application/create-application)。请选择你的云服务的类型。
其前缀为`aws-`、`azure`、`alibaba-`或 `tencent-`
对于不同的供应商,这些参数会相应更新。
例如,`aws-s3` 有以下参数。
![](../resources/aws-s3-parameters.png)
`azure-database-mariadb` 有以下参数。
![](../resources/azure-database-mariadb-parameters.png)
`alibaba-rds` 有以下参数。
![](../resources/alibaba-rds-parameters.png)
所有的云资源都有一些共同的参数。
- DeleteResource当应用程序被删除时是否要删除相应的云服务
- ProviderRef被云服务引用的提供者。
- RegionRegion是云提供商的区域。它将覆盖`providerRef`。
根据你的需要设置上述参数,完成应用程序的创建,然后[部署应用程序](../how-to/dashboard/application/deploy-application)。
## 查看云资源创建状态
### Viewing cloud resource creation status
- 查看云实例列表
与其他应用程序一样,云服务应用程序也需要切换到相应的环境页面来查看实例信息。 默认情况下,一个环境中有多个目标,云服务会生成相应数量的实例。
与其他应用程序一样,云服务应用程序也需要切换到相应的环境页面来查看实例信息。默认情况下,一个环境中有多个目标,云服务会生成相应数量的实例。
![rds-inststances](../resources/rds-instances.jpg)
![rds-instances](../resources/rds-instances.jpg)
在实例列表中,会显示实例名称、状态、资源类型和位置。在开始时,名称是空的。 因为云服务实例的生成需要一定的时间,当实例正常生成后,名称会出现。
- 在云提供商的控制台中查看云资源
您可以在云提供商的控制台中访问该实例。例如,您可以检查名称或控制台来访问它。
![](../resources/application-console-link.png)
例如,你可以在[https://console.aliyun.com](https://console.aliyun.com)中查看阿里巴巴云RDS实例。
![](../resources/alibaba-cloud-rds-console.png)
创建出的云资源也会自动跳转到云资源的官方网站控制台,例如,这里的云资源会自动跳转到阿里云官网的 RDS 实例控制台。
- 检查云实例的细节和状态
@ -114,3 +139,7 @@ KubeVela支持的云资源请见[列表](../end-user/components/cloud-services/c
- 云服务一直处在 ProvisioningAndChecking 状态,且无名称。
> 云服务的创建一般需要一定时间,请等候或者进入云厂商控制台查看创建进度。
# 更多
更多云资源使用方法,比如如何使用和消费云资源,请参见[云资源管理场景](../end-user/components/cloud-services/cloud-resource-scenarios)。

16
i18n/zh/docusaurus-plugin-content-docs/version-v1.4/end-user/components/cloud-services/cloud-resource-scenarios.md Normal file
View File

@ -0,0 +1,16 @@
---
title: 概览
description: 该部分介绍云资源管理的一些场景
---
## Provision ECS
- [Provision ECS with EIP for proxy Intranet Service](https://kubevela.io/blog/2022/06/27/terraform-integrate-with-vela#part-2-fixing-the-developer-experience-of-kubernetes-port-forwarding).
## 部署和使用数据库
- [创建和使用云资源](../../../tutorials/consume-cloud-services)
- [安全访问数据库](./secure-your-database-connection)
- [RDS 实例创建多数据库](./provision-an-RDS-instance-with-more-than-one-database)
- [数据库创建和初始化](./provision-and-initiate-database)

2
i18n/zh/docusaurus-plugin-content-docs/version-v1.4/end-user/components/cloud-services/provision-an-RDS-instance-with-more-than-one-database.md
View File

@ -2,7 +2,7 @@
title: RDS 实例创建多数据库
---
指南 [创建和使用云资源](./provision-and-consume-cloud-services)和[数据库创建和初始化](./provision-and-initiate-database)里,在一个
指南 [创建和使用云资源](./provision-and-consume-database)和[数据库创建和初始化](./provision-and-initiate-database)里,在一个
RDS 实例中,只创建了一个数据库。本教程将告诉你如何在一个 RDS 实例中创建多个数据库。
在[阿里云 RDS 参考文档](./terraform/alibaba-rds)中,如果你想创建一个数据库,请设置`database_name`。 如果你想创建多个数据库,

53
i18n/zh/docusaurus-plugin-content-docs/version-v1.4/end-user/components/cloud-services/provision-and-consume-cloud-services.md → i18n/zh/docusaurus-plugin-content-docs/version-v1.4/end-user/components/cloud-services/provision-and-consume-database.md
View File

@ -1,60 +1,11 @@
---
title: 创建和使用云资源
title: 创建和使用数据库
---
在面向云开发逐渐成为范式的这个时代,我们希望集成来源不同、类型不同云资源的需求非常迫切。不管是最基本的对象存储、云数据库,还是更多的负载均衡等等,
也面临着混合云、多云等复杂环境所带来的挑战,而 KubeVela 都可以很好满足你的需要。
KubeVela 通过云资源组件Component和运维特征Trait里的资源绑定功能高效安全地完成不同类型云资源的集成工作。目前你可以直接调用下面这些云资源默认组件。
同时在未来,更多新的云资源也会在社区的支撑下逐渐成为默认选项,让你标准化统一地去使用各种厂商的云资源。
本教程将介绍如何通过 Terraform 部署阿里云 RDS (和 OSS)。
> ⚠️ 请确认管理员已经安装了 [云资源插件](../../../reference/addons/terraform)。
## Terraform
KubeVela 支持的所有由 Terraform 编排的云资源请见[列表](./cloud-resources-list),你也可以通过命令 `vela components --label type=terraform` 查看。
### 部署云资源
我们以 OSS bucket 为例展示如何部署云资源。
```yaml
apiVersion: core.oam.dev/v1beta1
kind: Application
metadata:
name: provision-cloud-resource-sample
spec:
components:
- name: sample-oss
type: alibaba-oss
properties:
bucket: vela-website-0911
acl: private
writeConnectionSecretToRef:
name: oss-conn
```
`alibaba-oss` 类型的组件的 properties 在上面文档有清晰的描述,包括每一个 property 的名字、类型、描述、是否必填和默认值。
部署应用程序并检查应用程序的状态。
```shell
$ vela ls
APP COMPONENT TYPE TRAITS PHASE HEALTHY STATUS CREATED-TIME
provision-cloud-resource-sample sample-oss alibaba-oss running healthy Cloud resources are deployed and ready to use 2021-09-11 12:55:57 +0800 CST
```
当应用程序处于 `running``healthy`状态。我们可以在阿里云控制台或通过 [ossutil](https://partners-intl.aliyun.com/help/doc-detail/50452.htm)
检查OSS bucket 是否被创建。
```shell
$ ossutil ls oss://
CreationTime Region StorageClass BucketName
2021-09-11 12:56:17 +0800 CST oss-cn-beijing Standard oss://vela-website-0911
```
### 消费云资源
下面我们以阿里云关系型数据库RDS的例子作为示例进行讲解。
首先请直接复制一个编写好的应用部署计划,在命令行中执行:

71
i18n/zh/docusaurus-plugin-content-docs/version-v1.4/end-user/components/cloud-services/provision-cloud-resources-by-crossplane.md Normal file
View File

@ -0,0 +1,71 @@
---
title: 通过 Crossplane 部署云资源
---
教程 [部署云服务](../../../tutorials/consume-cloud-services)展示了如何通过 Terraform 在 CLI 和 VelaUX 上部署云服务。
本教程将讨论如何通过 [Crossplane](https://crossplane.io/) 部署云资源。
让我们以云供应商AWS为例。
## 启用插件 `crossplane-aws`
```shell
$ vela addon enable crossplane-aws
```
## 认证 Crossplane AWS Provider
提交下面的应用,你可以根据 https://aws.amazon.com/blogs/security/wheres-my-secret-access-key/ 获得 AWS_ACCESS_KEY_ID 和 AWS_SECRET_ACCESS_KEY。
```yaml
apiVersion: core.oam.dev/v1beta1
kind: Application
metadata:
name: aws
namespace: vela-system
spec:
components:
- name: aws
type: crossplane-aws
properties:
name: aws
AWS_ACCESS_KEY_ID: xxx
AWS_SECRET_ACCESS_KEY: yyy
```
## 部署云资源
我们来配置一个 S3 bucket。请提交下面的应用。
```yaml
apiVersion: core.oam.dev/v1beta1
kind: Application
metadata:
name: s3-poc
spec:
components:
- name: dev
type: crossplane-aws-s3
properties:
name: kubevela-test-0714
acl: private
locationConstraint: us-east-1
```
在应用程序变成 `running` 后,你可以通过 AWS [命令行](https://aws.amazon.com/cli/?nc1=h_ls) 或控制台访问该 bucket。
```shell
$ vela ls
APP COMPONENT TYPE TRAITS PHASE HEALTHY STATUS CREATED-TIME
s3-poc dev crossplane-aws-s3 running healthy 2022-06-16 15:37:15 +0800 CST
$ aws s3 ls
2022-06-16 15:37:17 kubevela-test-0714
```
## 更多
所有的 Crossplane 云资源都被定义为[ComponentDefinitions](../../../getting-started/definition),并且即将在 Crossplane provider
插件中交付,如 [crossplan-aws](https://github.com/kubevela/catalog/tree/master/experimental/addons/crossplane-aws)。
如果已有的插件不满足你的需求,你可以根据以下说明定义自己的组件类型 [how to define customized component](../../../platform-engineers/components/custom-component)。

4
i18n/zh/docusaurus-plugin-content-docs/version-v1.4/end-user/components/cloud-services/secure-your-database-connection.md
View File

@ -2,7 +2,7 @@
title: 安全访问数据库
---
在指南 [创建和使用云资源](./provision-and-consume-cloud-services)和[数据库创建和初始化](./provision-and-initiate-database),业务组件
在指南 [创建和使用云资源](./provision-and-consume-database)和[数据库创建和初始化](./provision-and-initiate-database),业务组件
使用数据库的公网连接 `DB_PUBLIC_HOS` 来访问数据库。当你想试用,创建 PoC或在云提供商集群之外使用数据库时这是必要的。但是对于数据库的生产使用来说它是不安全的。
本教程将讨论如何安全访问你的数据库。
@ -51,4 +51,4 @@ spec:
## 执行应用
你可以使用[创建和使用云资源](./provision-and-consume-cloud-services)和[数据库创建和初始化](./provision-and-initiate-database)的实例来安全访问数据库。
你可以使用[创建和使用云资源](./provision-and-consume-database)和[数据库创建和初始化](./provision-and-initiate-database)的实例来安全访问数据库。

4
i18n/zh/docusaurus-plugin-content-docs/version-v1.4/platform-engineers/components/component-terraform.md
View File

@ -6,7 +6,7 @@ title: 扩展云资源
Terraform 是目前业内支持云资源最广泛也最受欢迎的组件KubeVela 对 Terraform 进行了额外的支持,使得用户可以通过 Kubernetes CRD 的方式配合
Terraform 使用任意的云资源。
为了使最终用户能够[部署和消费云资源](../../end-user/components/cloud-services/provision-and-consume-cloud-services),当用户的要求超出了 [内置云资源的能力](../../end-user/components/cloud-services/provision-and-consume-cloud-services)
为了使最终用户能够[部署和消费云资源](../../end-user/components/cloud-services/provision-and-consume-database),当用户的要求超出了 [内置云资源的能力](../../end-user/components/cloud-services/provision-and-consume-database)
管理员需要要为云资源准备 ComponentDefinitions。
以下是为云供应商阿里云、AWS 和 Azure 创建 Terraform 类型的云资源 ComponentDefinitions 的指南。
@ -167,7 +167,7 @@ $ vela show alibaba-eip
+-----------+-----------------------------------------------------------------------------+--------+----------+---------+
```
如果表格能正常出来ComponentDefinition 应该就可以工作了。更进一步,你可以通过文档[部署云资源](../../end-user/components/cloud-services/provision-and-consume-cloud-services)创建一个实际的 EIP 来验证。
如果表格能正常出来ComponentDefinition 应该就可以工作了。更进一步,你可以通过文档[部署云资源](../../end-user/components/cloud-services/provision-and-consume-database)创建一个实际的 EIP 来验证。
## 生成文档

2
i18n/zh/docusaurus-plugin-content-docs/version-v1.4/reference/addons/terraform.md
View File

@ -100,4 +100,4 @@ $ vela provider add terraform-aws --name aws-dev --AWS_ACCESS_KEY_ID=xxx --AWS_S
### 部署云资源
在 Terraform provider 授权后,您可以[创建和消费云资源](../../end-user/components/cloud-services/provision-and-consume-cloud-services)。
在 Terraform provider 授权后,您可以[创建和消费云资源](../../end-user/components/cloud-services/provision-and-consume-database)。

159
i18n/zh/docusaurus-plugin-content-docs/version-v1.4/tutorials/consume-cloud-services.md
View File

@ -1,100 +1,125 @@
---
title: 云服务
description: 本文介绍通过 KubeVela 交付云厂商提供的服务,并能够与 Kubernetes 集群中的业务打通。
title: 创建和使用云资源
---
集成云服务是实际开发中最频繁的使用需求之一。从基础的对象存储、云数据库到负载均衡、云缓存,再到基于业务的搜索引擎等等,快速的接入云服务并便捷的使用它们可以大大降低开发成本。与此同时,由于可供选择的云服务厂商非常多,多云交付已成为未来必然形态,如何管理好接入混合云环境时各类资源之间的关系,也成为必须解决的最大挑战
KubeVela 可以帮助开发者集成、编排不同类型的云资源,涵盖混合多云环境,让你用统一地方式去使用不同厂商的云资源
在本文中,我们介绍一个例子,向你展示如何部署云服务
本教程将主要集中在通过 Terraform 插件创建云资源KubeVela 也支持使用 [Crossplane](https://crossplane.io/),你可以参考[这个教程](../end-user/components/cloud-services/provision-cloud-resources-by-crossplane)
## 开始之前
## 通过 Vela CLI 创建云资源
- 拥有一个能适当权限访问你的目标云资源的云供应商账户
请平台工程师启用云资源 Terraform 插件并授权目标云服务商的认证信息。
我们将使用阿里云作为示例。
- 确保云账号具有足够的费用。
### 熟悉云资源的使用参数
- 对接一个处在同一个云上的 Kubernetes 集群,用以验证云服务的正常开通与使用
KubeVela 支持的所有由 Terraform 编排的云资源请见[列表](../end-user/components/cloud-services/cloud-resources-list),你也可以通过命令 `vela components --label type=terraform` 查看
## 开启对应云服务商的插件
你可以使用一下任意方式来检查云资源的使用参数:
首先,访问[VelaUX (KubeVela Dashboard)](../install#3-安装-VelaUX),切换到 "Addon" 标签,并点击 addon
`terraform-xxx`。`xxx`代表云提供商的名称。我们支持以下的插件:
- 通过命令 `vela show <component type name>`
- terraform-alibaba
- terraform-aws
- terraform-azure
- terraform-tencent
- terraform-gcp
- terraform-baidu
```console
$ vela show alibaba-oss
### Properties
+----------------------------+-------------------------------------------------------------------------+-----------------------------------------------------------+----------+---------+
| NAME | DESCRIPTION | TYPE | REQUIRED | DEFAULT |
+----------------------------+-------------------------------------------------------------------------+-----------------------------------------------------------+----------+---------+
| acl | OSS bucket ACL, supported 'private', 'public-read', 'public-read-write' | string | false | |
| bucket | OSS bucket name | string | false | |
| writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false | |
+----------------------------+-------------------------------------------------------------------------+-----------------------------------------------------------+----------+---------+
我们可以分别在阿里云、AWS、Azure、腾讯云、Google Cloud Platform和百度云配置云资源。
...snip...
```
选择对应的插件版本并启用该插件。
你也可以使用 `--web` 参数来在本地浏览器中查看使用说明。
- 阅读 [官网文档](http://kubevela.net/docs/end-user/components/cloud-services/cloud-resources-list).
比如,你可以在[这里](http://kubevela.net/docs/end-user/components/cloud-services/terraform/alibaba-oss)查看阿里云 OSS 的使用参数。
For different vendors, these parameters update accordingly. All cloud resources have the following common parameters.
- `writeConnectionSecretToRef`: `struct` Type, represents the outputs of Terraform will become key/values in the secret with the name specified here.
- `name`, specifies the name of the secret.
- `namespace`, specifies the namespace of the secret.
- `providerRef`: `struct` Type, represents the Provider which is referenced by a cloud service.
- `name`, specifies the name of the provider.
- `deleteResource`: `bool` Type, specify whether to delete the corresponding cloud service when the app is deleted. By Default it's `true`.
- `customRegion`: `string` Type, specify region for resources, it will override the default region from `providerRef`.
### 部署云资源
我们以 OSS bucket 为例展示如何部署云资源。
```yaml
apiVersion: core.oam.dev/v1beta1
kind: Application
metadata:
name: provision-cloud-resource-sample
spec:
components:
- name: sample-oss
type: alibaba-oss
properties:
bucket: vela-website-0911
acl: private
writeConnectionSecretToRef:
name: oss-conn
```
`alibaba-oss` 类型的组件的参数在上面文档有清晰的描述,包括每一个 property 的名字、类型、描述、是否必填和默认值。
部署应用程序并检查应用程序的状态。
```shell
$ vela ls
APP COMPONENT TYPE TRAITS PHASE HEALTHY STATUS CREATED-TIME
provision-cloud-resource-sample sample-oss alibaba-oss running healthy Cloud resources are deployed and ready to use 2021-09-11 12:55:57 +0800 CST
```
当应用程序处于 `running``healthy`状态。你也可以在阿里云控制台查看。
## 通过 UI 控制台查看
除了命令行以外,使用 UI 控制台也可以很方便的创建云资源。
### 开始之前
- Enable [VelaUX](../reference/addons/velaux) addon.
- Enable [Terraform](../reference/addons/terraform) addon, just like the prerequisites in CLI part above. VelaUX can also enable these addons in UI console.
![addon-alibaba](../resources/addon-alibaba.jpg)
## 认证云服务商的插件
### Creating your cloud service
点击菜单 `Platform` 后再点击 `集成配置`,选择 `Terraform Controller Provider` 来认证一个云服务商的插件。
The UI console operations are the same, you can refer to [this guide](../how-to/dashboard/application/create-application).
按照每个云提供商的插件的所有属性上的说明来设置插件并启用它。
Firstly, Create an application and choose the type of your cloud service, they will always has a prefix of vendor such as `aws-`, `azure` or `alibaba-`.
例如,对于阿里巴巴云,你需要设置以下属性:
> 注意。KubeVela对所有的密钥进行了加密因此不必担心它的安全问题。
Set the above parameters according to your needs to complete creating the application, and then deploy the application. The resources will be provisioned after the application become ready.
![](../resources/provider-alibaba.jpg)
然后填写你的ALICLOUD_ACCESS_KEYALICLOUD_REGION和ALICLOUD_SECRET_KEY来启用它。
云服务的创建过程会从GitHub中提取配置。如果你的控制平面 运行KubeVela的集群很难连接到GitHub请在`terraform`插件中打开`GithubBlocked`选项。
KubeVela支持的云资源请见[列表](../end-user/components/cloud-services/cloud-resources-list)。
## 创建你的云服务
首先[创建一个应用程序](../how-to/dashboard/application/create-application)。请选择你的云服务的类型。
其前缀为`aws-`、`azure`、`alibaba-`或 `tencent-`
对于不同的供应商,这些参数会相应更新。
例如,`aws-s3` 有以下参数。
![](../resources/aws-s3-parameters.png)
`azure-database-mariadb` 有以下参数。
![](../resources/azure-database-mariadb-parameters.png)
`alibaba-rds` 有以下参数。
![](../resources/alibaba-rds-parameters.png)
所有的云资源都有一些共同的参数。
- DeleteResource当应用程序被删除时是否要删除相应的云服务
- ProviderRef被云服务引用的提供者。
- RegionRegion是云提供商的区域。它将覆盖`providerRef`。
根据你的需要设置上述参数,完成应用程序的创建,然后[部署应用程序](../how-to/dashboard/application/deploy-application)。
## 查看云资源创建状态
### Viewing cloud resource creation status
- 查看云实例列表
与其他应用程序一样,云服务应用程序也需要切换到相应的环境页面来查看实例信息。 默认情况下,一个环境中有多个目标,云服务会生成相应数量的实例。
与其他应用程序一样,云服务应用程序也需要切换到相应的环境页面来查看实例信息。默认情况下,一个环境中有多个目标,云服务会生成相应数量的实例。
![rds-inststances](../resources/rds-instances.jpg)
![rds-instances](../resources/rds-instances.jpg)
在实例列表中,会显示实例名称、状态、资源类型和位置。在开始时,名称是空的。 因为云服务实例的生成需要一定的时间,当实例正常生成后,名称会出现。
- 在云提供商的控制台中查看云资源
您可以在云提供商的控制台中访问该实例。例如,您可以检查名称或控制台来访问它。
![](../resources/application-console-link.png)
例如,你可以在[https://console.aliyun.com](https://console.aliyun.com)中查看阿里巴巴云RDS实例。
![](../resources/alibaba-cloud-rds-console.png)
创建出的云资源也会自动跳转到云资源的官方网站控制台,例如,这里的云资源会自动跳转到阿里云官网的 RDS 实例控制台。
- 检查云实例的细节和状态
@ -114,3 +139,7 @@ KubeVela支持的云资源请见[列表](../end-user/components/cloud-services/c
- 云服务一直处在 ProvisioningAndChecking 状态,且无名称。
> 云服务的创建一般需要一定时间,请等候或者进入云厂商控制台查看创建进度。
# 更多
更多云资源使用方法,比如如何使用和消费云资源,请参见[云资源管理场景](../end-user/components/cloud-services/cloud-resource-scenarios)。

18
sidebars.js
View File

@ -52,13 +52,18 @@ module.exports = {
items: [
'tutorials/consume-cloud-services',
{
'Manage Database': [
'end-user/components/cloud-services/provision-and-consume-cloud-services',
type: 'category',
label: 'Terraform',
collapsed: false,
items: [
'end-user/components/cloud-services/cloud-resource-scenarios',
'end-user/components/cloud-services/provision-and-consume-database',
'end-user/components/cloud-services/provision-and-initiate-database',
'end-user/components/cloud-services/secure-your-database-connection',
'end-user/components/cloud-services/provision-an-RDS-instance-with-more-than-one-database',
'end-user/components/cloud-services/provision-an-RDS-instance-with-more-than-one-database'
],
},
"end-user/components/cloud-services/provision-cloud-resources-by-crossplane",
],
},
{
@ -249,7 +254,12 @@ module.exports = {
'reference/addons/velaux',
'reference/addons/rollout',
'reference/addons/fluxcd',
'reference/addons/terraform',
{
"Cloud Resources": [
'reference/addons/terraform',
'reference/addons/crossplane',
]
},
'reference/addons/ai',
'reference/addons/traefik',
'reference/addons/cert-manager',

18
versioned_docs/version-v1.4/end-user/components/cloud-services/cloud-resource-scenarios.md Normal file
View File

@ -0,0 +1,18 @@
---
title: Overview
description: This section introduces some scenarios of cloud resources management
---
Here're the scenarios KubeVela already supported by Using Terraform.
## Provision ECS
- [Provision ECS with EIP for proxy Intranet Service](https://kubevela.io/blog/2022/06/27/terraform-integrate-with-vela#part-2-fixing-the-developer-experience-of-kubernetes-port-forwarding).
## Provision and use databases
- [Provision and Binding Cloud Resources](../../../tutorials/consume-cloud-services).
- [Secure your Database Connection](./secure-your-database-connection).
- [Provision an RDS instance with more than one database](./provision-an-RDS-instance-with-more-than-one-database).
- [Provision a Database and Import a SQL File for initialization](./provision-and-initiate-database).

2
versioned_docs/version-v1.4/end-user/components/cloud-services/provision-an-RDS-instance-with-more-than-one-database.md
View File

@ -2,7 +2,7 @@
title: Provision an RDS instance with more than one database
---
In the guide [Provision and Binding Cloud Resources](./provision-and-consume-cloud-services) and [Provision a Database and Import a SQL File for initialization](./provision-and-initiate-database),
In the guide [Provision and Binding Cloud Resources](../../../tutorials/consume-cloud-services) and [Provision a Database and Import a SQL File for initialization](./provision-and-initiate-database),
only one database will be created in an RDS instance. This tutorial will show you how to create more than one database in an RDS instance.
In the [reference doc for Alibaba Cloud RDS](./terraform/alibaba-rds), set `database_name` if you want to create one database.

141
versioned_docs/version-v1.4/end-user/components/cloud-services/provision-and-consume-cloud-services.md
View File

@ -1,141 +0,0 @@
---
title: Provision and Binding Cloud Resources
---
Cloud-oriented development is now becoming the norm, there is an urgent need to integrate cloud resources from different
sources and types. Whether it is the most basic object storage, cloud database, or load balancing, it is all faced with
the challenges of hybrid cloud, multi-cloud and other complex environments. KubeVela is perfect to satisfy the needs.
KubeVela efficiently and securely integrates different types of cloud resources through resource binding capabilities in
cloud resource Components and Traits. At present, you can directly use the default components of those cloud resources below.
At the same time, more new cloud resources will gradually become the default option under the support of the community in the future.
You can use cloud resources of various manufacturers in a standardized and unified way.
This tutorial will talk about how to provision and consume Cloud Resources by Terraform.
> ⚠️ This section requires your platform engineers have already enabled [cloud resources addon](../../../reference/addons/terraform).
## Terraform
All supported Terraform cloud resources can be seen in the [list](./cloud-resources-list). You can also filter them by command by `vela components --label type=terraform`.
### Provision cloud resources
Use the following Application to provision an OSS bucket:
```yaml
apiVersion: core.oam.dev/v1beta1
kind: Application
metadata:
name: provision-cloud-resource-sample
spec:
components:
- name: sample-oss
type: alibaba-oss
properties:
bucket: vela-website-0911
acl: private
writeConnectionSecretToRef:
name: oss-conn
```
The above `alibaba-oss` component will create an OSS bucket named `vela-website-0911`, with private acl, with connection information stored in a secreted named `oss-conn`.
description, whether it's compulsory, and default value.
Apply the above application, then check the status:
```shell
$ vela ls
APP COMPONENT TYPE TRAITS PHASE HEALTHY STATUS CREATED-TIME
provision-cloud-resource-sample sample-oss alibaba-oss running healthy Cloud resources are deployed and ready to use 2021-09-11 12:55:57 +0800 CST
```
After the phase becomes `running` and `healthy`, you can then check the OSS bucket in Alibaba Cloud console or by [ossutil](https://partners-intl.aliyun.com/help/doc-detail/50452.htm)
command.
```shell
$ ossutil ls oss://
CreationTime Region StorageClass BucketName
2021-09-11 12:56:17 +0800 CST oss-cn-beijing Standard oss://vela-website-0911
```
### Bind cloud resources
Let's deploy
the [application](https://github.com/kubevela/kubevela/tree/master/docs/examples/terraform/cloud-resource-provision-and-consume/application.yaml)
below to provision Alibaba Cloud OSS and RDS cloud resources, and consume them by the web component.
```yaml
apiVersion: core.oam.dev/v1beta1
kind: Application
metadata:
name: webapp
spec:
components:
- name: express-server
type: webservice
properties:
image: zzxwill/flask-web-application:v0.3.1-crossplane
port: 80
traits:
- type: service-binding
properties:
envMappings:
# environments refer to db-conn secret
DB_PASSWORD:
secret: db-conn # 1) If the env name is the same as the secret key, secret key can be omitted.
endpoint:
secret: db-conn
key: DB_PUBLIC_HOS # 2) If the env name is different from secret key, secret key has to be set.
username:
secret: db-conn
key: DB_USER
# environments refer to oss-conn secret
BUCKET_NAME:
secret: oss-conn
- name: sample-db
type: alibaba-rds
properties:
instance_name: sample-db
account_name: oamtest
password: U34rfwefwefffaked
writeConnectionSecretToRef:
name: db-conn
- name: sample-oss
type: alibaba-oss
properties:
bucket: vela-website-0911
acl: private
writeConnectionSecretToRef:
name: oss-conn
```
The component `sample-db` will generate secret `db-conn` with [these keys](./terraform/alibaba-rds#outputs), and the component
`sample-oss` will generate secret `oss-conn`. These secrets are binded to the Envs of component `express-server` by trait
[Service Binding](../../traits/service-binding). Then the component can consume instances of OSS and RDS.
Deploy and verify the application.
```shell
$ vela ls
APP COMPONENT TYPE TRAITS PHASE HEALTHY STATUS CREATED-TIME
webapp express-server webservice service-binding running healthy 2021-09-08 16:50:41 +0800 CST
├─ sample-db alibaba-rds running healthy 2021-09-08 16:50:41 +0800 CST
└─ sample-oss alibaba-oss running healthy 2021-09-08 16:50:41 +0800 CST
```
```shell
$ vela port-forward webapp
Forwarding from 127.0.0.1:8080 -> 80
Forwarding from [::1]:8080 -> 80
Forward successfully! Opening browser ...
```
![](../../../resources/crossplane-visit-application-v3.jpg)
## Next
- [Provision a Database and Import a SQL File for initialization](./provision-and-initiate-database)

82
versioned_docs/version-v1.4/end-user/components/cloud-services/provision-and-consume-database.md Normal file
View File

@ -0,0 +1,82 @@
---
title: Provision and Binding Database
---
This tutorial will talk about how to provision and consume Alibaba Cloud RDS (and OSS) by Terraform.
> ⚠️ This section requires your platform engineers have already enabled [cloud resources addon](../../../reference/addons/terraform).
Let's deploy the [application](https://github.com/kubevela/kubevela/tree/master/docs/examples/terraform/cloud-resource-provision-and-consume/application.yaml)
below to provision Alibaba Cloud OSS and RDS cloud resources, and consume them by the web component.
```yaml
apiVersion: core.oam.dev/v1beta1
kind: Application
metadata:
name: webapp
spec:
components:
- name: express-server
type: webservice
properties:
image: zzxwill/flask-web-application:v0.3.1-crossplane
port: 80
traits:
- type: service-binding
properties:
envMappings:
# environments refer to db-conn secret
DB_PASSWORD:
secret: db-conn # 1) If the env name is the same as the secret key, secret key can be omitted.
endpoint:
secret: db-conn
key: DB_PUBLIC_HOS # 2) If the env name is different from secret key, secret key has to be set.
username:
secret: db-conn
key: DB_USER
# environments refer to oss-conn secret
BUCKET_NAME:
secret: oss-conn
- name: sample-db
type: alibaba-rds
properties:
instance_name: sample-db
account_name: oamtest
password: U34rfwefwefffaked
writeConnectionSecretToRef:
name: db-conn
- name: sample-oss
type: alibaba-oss
properties:
bucket: vela-website-0911
acl: private
writeConnectionSecretToRef:
name: oss-conn
```
The component `sample-db` will generate secret `db-conn` with [these keys](./terraform/alibaba-rds#outputs), and the component
`sample-oss` will generate secret `oss-conn`. These secrets are binded to the Envs of component `express-server` by trait
[Service Binding](../../traits/service-binding). Then the component can consume instances of OSS and RDS.
Deploy and verify the application.
```shell
$ vela ls
APP COMPONENT TYPE TRAITS PHASE HEALTHY STATUS CREATED-TIME
webapp express-server webservice service-binding running healthy 2021-09-08 16:50:41 +0800 CST
├─ sample-db alibaba-rds running healthy 2021-09-08 16:50:41 +0800 CST
└─ sample-oss alibaba-oss running healthy 2021-09-08 16:50:41 +0800 CST
```
```shell
$ vela port-forward webapp
Forwarding from 127.0.0.1:8080 -> 80
Forwarding from [::1]:8080 -> 80
Forward successfully! Opening browser ...
```
![](../../../resources/crossplane-visit-application-v3.jpg)

4
versioned_docs/version-v1.4/end-user/components/cloud-services/provision-and-initiate-database.md
View File

@ -111,7 +111,3 @@ Handling connection for 4000
![](https://kubevela-assets.oss-cn-beijing.aliyuncs.com/gifs/db-import-sql-sample-favorite-links.gif)
## Next
- [Secure your Database Connection](./secure-your-database-connection)
- [Provision an RDS instance with more than one database](./provision-an-RDS-instance-with-more-than-one-database)

72
versioned_docs/version-v1.4/end-user/components/cloud-services/provision-cloud-resources-by-crossplane.md Normal file
View File

@ -0,0 +1,72 @@
---
title: Crossplane
---
The guide [Deploy Cloud Services](../../../tutorials/consume-cloud-services) shows how to provision cloud resources by Terraform in
CLI and VelaUX. This tutorial will talk about how to provision Cloud Resources by [Crossplane](https://crossplane.io/).
Let's take cloud provider AWS as an example.
## Enable addon `crossplane-aws`
```shell
$ vela addon enable crossplane-aws
```
## Authenticate AWS Provider for Crossplane
Apply the application below. You can get AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY per https://aws.amazon.com/blogs/security/wheres-my-secret-access-key/.
```yaml
apiVersion: core.oam.dev/v1beta1
kind: Application
metadata:
name: aws
namespace: vela-system
spec:
components:
- name: aws
type: crossplane-aws
properties:
name: aws
AWS_ACCESS_KEY_ID: xxx
AWS_SECRET_ACCESS_KEY: yyy
```
## Provision cloud resources
Let's provision a S3 bucket. Please apply the application below.
```yaml
apiVersion: core.oam.dev/v1beta1
kind: Application
metadata:
name: s3-poc
spec:
components:
- name: dev
type: crossplane-aws-s3
properties:
name: kubevela-test-0714
acl: private
locationConstraint: us-east-1
```
After the application gets `running`, you can check the bucket by AWS [cli](https://aws.amazon.com/cli/?nc1=h_ls) or console.
```shell
$ vela ls
APP COMPONENT TYPE TRAITS PHASE HEALTHY STATUS CREATED-TIME
s3-poc dev crossplane-aws-s3 running healthy 2022-06-16 15:37:15 +0800 CST
$ aws s3 ls
2022-06-16 15:37:17 kubevela-test-0714
```
## More
All Crossplane cloud resources are defined as [ComponentDefinitions](../../../getting-started/definition) and are about
to be delivered in Crossplane provider addons, like [crossplane-aws](https://github.com/kubevela/catalog/tree/master/experimental/addons/crossplane-aws).
If your requirements are not met by the addons, you can define your own component type per the instructions on
[how to define customized component](../../../platform-engineers/components/custom-component).

5
versioned_docs/version-v1.4/end-user/components/cloud-services/secure-your-database-connection.md
View File

@ -2,7 +2,7 @@
title: Secure your Database Connection
---
In the guide [Provision and Binding Cloud Resources](./provision-and-consume-cloud-services) and [Provision a Database and Import a SQL File for initialization](./provision-and-initiate-database),
In the guide [Provision and Binding Cloud Resources](../../../tutorials/consume-cloud-services) and [Provision a Database and Import a SQL File for initialization](./provision-and-initiate-database),
a database's public host `DB_PUBLIC_HOS` is used to connect by business component. It's necessary when you want to have
a try, create a PoC, or use the database outside a cloud provider. But it's not secure for production use of database.
@ -50,6 +50,3 @@ spec:
name: db-conn
```
## Run application
Continue samples in [Provision and Binding Cloud Resources](./provision-and-consume-cloud-services) and [Provision a Database and Import a SQL File for initialization](./provision-and-initiate-database).

2
versioned_docs/version-v1.4/platform-engineers/addon/terraform.md
View File

@ -4,7 +4,7 @@ title: Extend Terraform Addon
[Terraform Controller](https://github.com/kubevela/terraform-controller) is the core controller to provision and manage
cloud resources for KubeVela. It has supported [some cloud providers](https://github.com/oam-dev/terraform-controller#supported-cloud-providers), including AWS, Azure, GCP, Alibaba Cloud,
Tencent Cloud, etc. But only [a few](https://kubevela.io/docs/tutorials/consume-cloud-services#enabling-cloud-vendor-addons) has been supported as Terraform Addons in KubeVela.
Tencent Cloud, etc. But only [a few](../../tutorials/consume-cloud-services#enabling-a-cloud-provider-addon) has been supported as Terraform Addons in KubeVela.
This guide will show you how to extend a Terraform Addon to support your cloud provider.

6
versioned_docs/version-v1.4/platform-engineers/components/component-terraform.md
View File

@ -2,9 +2,9 @@
title: Extend Cloud Resources
---
To enable end users to [provision and consume cloud resources](../../end-user/components/cloud-services/provision-and-consume-cloud-services),
To enable end users to [provision and consume cloud resources](../../tutorials/consume-cloud-services),
platform engineers need to prepare ComponentDefinitions for cloud resources if end users' requirements are beyond the
[built-in capabilities](../../end-user/components/cloud-services/provision-and-consume-cloud-services#supported-cloud-resource-list).
[built-in capabilities](../../tutorials/consume-cloud-services#supported-cloud-resource-list).
Here is the guide to create Terraform typed ComponentDefinitions of cloud resources for cloud providers Alibaba Cloud, AWS and Azure.
@ -191,7 +191,7 @@ spec:
Generally, the values in the properties are aligned with the `variables` defined in the terraform module, the terraform controller will help run `terraform init`, `terraform plan` automatically and finally use the parameters defined in the properties of application component to run `terraform apply`.
You can refer to scenario docs such as [Provision cloud resources](../../end-user/components/cloud-services/provision-and-consume-cloud-services#provision-cloud-resources) for more real use cases.
You can refer to scenario docs such as [Provision cloud resources](../../tutorials/consume-cloud-services#provision-cloud-resources) for more real use cases.
## Generate documentation

52
versioned_docs/version-v1.4/reference/addons/crossplane.md Normal file
View File

@ -0,0 +1,52 @@
---
title: Cloud Resources orchestrated by Crossplane
---
## Crossplane addon
```shell
$ vela addon enable crossplane
```
## Enable a Crossplane Provider addon
KubeVela can support following cloud providers by enabling the Crossplane provider addons.
```shell
$ vela addon list | grep crossplane-
crossplane-aws KubeVela Kubernetes Crossplane Controller for AWS [0.0.1] enabled (1.0.0) enabled (1.0.1)
```
To enable one of them, use the following command:
```shell
$ vela addon enable crossplane-xxx
```
You can also disable, upgrade, check status of an addon by command `vela addon`.
## Authenticate Crossplane Provider
Apply the application below. Let's use aws in this example, you can get `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` per [aws secret docs](https://aws.amazon.com/blogs/security/wheres-my-secret-access-key/).
```yaml
apiVersion: core.oam.dev/v1beta1
kind: Application
metadata:
name: aws
namespace: vela-system
spec:
components:
- name: aws
type: crossplane-aws
properties:
name: aws
AWS_ACCESS_KEY_ID: xxx
AWS_SECRET_ACCESS_KEY: yyy
```
### Provision cloud resources
After a Crossplane provider is authenticated, you can [provision and/or consume cloud resources](../../tutorials/consume-cloud-services).

2
versioned_docs/version-v1.4/reference/addons/terraform.md
View File

@ -106,4 +106,4 @@ $ vela provider add terraform-aws --name aws-dev --AWS_ACCESS_KEY_ID=xxx --AWS_S
### Provision cloud resources
After a Terraform provider is authenticated, you can [provision and/or consume cloud resources](../../end-user/components/cloud-services/provision-and-consume-cloud-services).
After a Terraform provider is authenticated, you can [provision and/or consume cloud resources](../../tutorials/consume-cloud-services).

163
versioned_docs/version-v1.4/tutorials/consume-cloud-services.md
View File

@ -1,87 +1,116 @@
---
title: Deploy Cloud Services
description: This section introduces the delivery of services provided by cloud vendors through KubeVela and orchestrating your services in the Kubernetes cluster.
---
Integrating cloud service is the most frequent need in our daily development, varying from the Object storage, Cloud
database to LoadBalancer, Cache, or search engine. Faster to load them save more time, meanwhile, to orchestrate
different resources from multi-cloud is quite a pain point.
KubeVela efficiently and securely integrates different types of cloud resources in hybrid/multi-cloud environments.
In this section, we introduce an example to show you how to deploy cloud services.
You can use the integrated cloud resources as out-of-box components or integrate by Terraform or Crossplane easily.
With the help of KubeVela, you can use cloud resources from various providers in a unified way.
## Before starting
This tutorial will mainly focus on talking about how to provision cloud resources by [Terraform](https://github.com/kubevela/terraform-controller).
If you'd like to know more about cloud resources from [Crossplane](https://crossplane.io/), please refer to [this guide](../end-user/components/cloud-services/provision-cloud-resources-by-crossplane).
- Has a cloud vendor account with proper access to your target cloud resources
## Provision Cloud Resources
- Ensure your account has a sufficient balance
### Prerequisites
- Connect to a Kubernetes cluster on this cloud vendor for hosting your cloud services
* Enable Terraform addon and authenticate the target cloud provider per the [instruction](../reference/addons/terraform).
## Enabling a cloud provider addon
Let's take Alibaba Cloud as an example.
First, visit [VelaUX (KubeVela Dashboard)](../install#2-install-velaux), switch to the tab `Addon`, and click up addon
`terraform-xxx`. `xxx` stands for the cloud provider name. We support the following Addons:
### Familiar with cloud resources specification
- terraform-alibaba
- terraform-aws
- terraform-azure
- terraform-tencent
- terraform-gcp
- terraform-baidu
All supported Terraform cloud resources can be seen in the [list](../end-user/components/cloud-services/cloud-resources-list). You can also filter them by
command `vela components --label type=terraform`.
We can provision cloud resources in Alibaba Cloud, AWS, Azure, Tencent Cloud, Google Cloud Platform and Baidu Cloud respectively.
You can use any of the following ways to check the specification of one cloud resource.
Choose the specific version and enable an addon.
- Using command `vela show <component type name>` .
```console
$ vela show alibaba-oss
### Properties
+----------------------------+-------------------------------------------------------------------------+-----------------------------------------------------------+----------+---------+
| NAME | DESCRIPTION | TYPE | REQUIRED | DEFAULT |
+----------------------------+-------------------------------------------------------------------------+-----------------------------------------------------------+----------+---------+
| acl | OSS bucket ACL, supported 'private', 'public-read', 'public-read-write' | string | false | |
| bucket | OSS bucket name | string | false | |
| writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false | |
+----------------------------+-------------------------------------------------------------------------+-----------------------------------------------------------+----------+---------+
...snip...
```
You can also add flag `--web` to view the usage by a local browser.
- Reading [official docs](../end-user/components/cloud-services/cloud-resources-list).
For example, you can check the specification for Alibaba OSS at [here](../end-user/components/cloud-services/terraform/alibaba-oss).
For different vendors, these parameters update accordingly. All cloud resources have the following common parameters.
- `writeConnectionSecretToRef`: `struct` Type, represents the outputs of Terraform will become key/values in the secret with the name specified here.
- `name`, specifies the name of the secret.
- `namespace`, specifies the namespace of the secret.
- `providerRef`: `struct` Type, represents the Provider which is referenced by a cloud service.
- `name`, specifies the name of the provider.
- `deleteResource`: `bool` Type, specify whether to delete the corresponding cloud service when the app is deleted. By Default it's `true`.
- `customRegion`: `string` Type, specify region for resources, it will override the default region from `providerRef`.
### Provision by Creating Application
Use the following Application to provision an OSS bucket:
```yaml
apiVersion: core.oam.dev/v1beta1
kind: Application
metadata:
name: provision-cloud-resource-sample
spec:
components:
- name: sample-oss
type: alibaba-oss
properties:
bucket: vela-website-0911
acl: private
writeConnectionSecretToRef:
name: oss-conn
```
The above `alibaba-oss` component will create an OSS bucket named `vela-website-0911`, with `private` acl, with connection
information stored in a secreted named `oss-conn`.
Apply the above application, then check the status:
```shell
$ vela ls
APP COMPONENT TYPE TRAITS PHASE HEALTHY STATUS CREATED-TIME
provision-cloud-resource-sample sample-oss alibaba-oss running healthy Cloud resources are deployed and ready to use 2021-09-11 12:55:57 +0800 CST
```
After the phase becomes `running` and `healthy`, you can then check the OSS bucket in Alibaba Cloud console.
## Provision with UI Console
Provision cloud resources from UI Console can be more appropriate.
### Before starting
- Enable [VelaUX](../reference/addons/velaux) addon.
- Enable [Terraform](../reference/addons/terraform) addon, just like the prerequisites in CLI part above. VelaUX can also enable these addons in UI console.
![addon-alibaba](../resources/addon-alibaba.jpg)
## Authenticating the cloud provider
### Creating your cloud service
Click the tab `Platform`, and then `Integrations`. Choose `Terraform Controller Provider` to authenticate a cloud provider.
Follow the instructions on all the properties to authenticate the provider for each cloud provider.
The UI console operations are the same, you can refer to [this guide](../how-to/dashboard/application/create-application).
For example, for Alibaba Cloud, you need to set the following properties:
Firstly, Create an application and choose the type of your cloud service, they will always has a prefix of vendor such as `aws-`, `azure` or `alibaba-`.
> Notice: KubeVela encrypts all the keys, hence no need to worry about its safety.
Set the above parameters according to your needs to complete creating the application, and then deploy the application. The resources will be provisioned after the application become ready.
![](../resources/provider-alibaba.jpg)
Then fill in your ALICLOUD_ACCESS_KEY, ALICLOUD_REGION, and ALICLOUD_SECRET_KEY to enable it。
The creating process of cloud services pulls configuration from GitHub. If your control plane
cluster that runs KubeVela is very hard to connect to GitHub, please open up the `GithubBlocked` option in `terraform`
addon.
All supported Terraform cloud resources can be seen in the [list](../end-user/components/cloud-services/cloud-resources-list).
## Creating your cloud service
First [create an application](../how-to/dashboard/application/create-application). Please choose the type of your cloud service,
which has a prefix of `aws-`, `azure`, `alibaba-` or `tencent-`.
For different vendors, these parameters update accordingly.
For example, `aws-s3` has the following parameters:
![](../resources/aws-s3-parameters.png)
`azure-database-mariadb` has the following parameters:
![](../resources/azure-database-mariadb-parameters.png)
`alibaba-rds` has the following parameters:
![](../resources/alibaba-rds-parameters.png)
All cloud resources have some common parameters.
- DeleteResource: Whether to delete the corresponding cloud service when the app is deleted
- ProviderRef: The Provider which is referenced by a cloud service
- Region: Region is cloud provider's region. It will override `providerRef`.
Set the above parameters according to your needs to complete creating the application, and then [deploy the application](../how-to/dashboard/application/deploy-application).
## Viewing cloud resource creation status
### Viewing cloud resource creation status
- Check the cloud instance list
@ -98,9 +127,7 @@ because the cloud service instance generation takes a certain amount of time, an
You can visit the instance in the console of the cloud provider. For example, you can check the name or console to visit it.
![](../resources/application-console-link.png)
For example, you can check Alibaba Cloud RDS instance in [https://console.aliyun.com](https://console.aliyun.com).
![](../resources/alibaba-cloud-rds-console.png)
It will redirect to the UI Console of the provider, in our example, resources from Alibaba Cloud will go to [https://console.aliyun.com](https://console.aliyun.com).
- Check details and status of the cloud instance
@ -122,3 +149,7 @@ In the last section `Component Status`, the health status and the message of the
- The cloud service is always ProvisioningAndChecking and has no name
> The creation of cloud services generally takes a certain amount of time. Please wait or enter the cloud vendor console to view the creation progress.
## More
For more usages of cloud resources, like how to provision and consume cloud resources, please refer to [Scenarios of Cloud Resources Management](./../end-user/components/cloud-services/cloud-resource-scenarios).

18
versioned_sidebars/version-v1.4-sidebars.json
View File

@ -54,13 +54,18 @@
"items": [
"tutorials/consume-cloud-services",
{
"Manage Database": [
"end-user/components/cloud-services/provision-and-consume-cloud-services",
"type": "category",
"label": "Terraform",
"collapsed": false,
"items": [
"end-user/components/cloud-services/cloud-resource-scenarios",
"end-user/components/cloud-services/provision-and-consume-database",
"end-user/components/cloud-services/provision-and-initiate-database",
"end-user/components/cloud-services/secure-your-database-connection",
"end-user/components/cloud-services/provision-an-RDS-instance-with-more-than-one-database"
]
}
},
"end-user/components/cloud-services/provision-cloud-resources-by-crossplane"
]
},
{
@ -257,7 +262,12 @@
"reference/addons/velaux",
"reference/addons/rollout",
"reference/addons/fluxcd",
"reference/addons/terraform",
{
"Cloud Resources": [
"reference/addons/terraform",
"reference/addons/crossplane"
]
},
"reference/addons/ai",
"reference/addons/traefik",
"reference/addons/cert-manager",