kubevela
/
kubevela.github.io
mirror of https://github.com/kubevela/kubevela.github.io.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
kubevela.github.io/versioned_docs/version-v1.4/reference/addons/terraform.md

4.9 KiB
Raw Blame History

title
Terraform

To provision cloud resources, you can use terraform along with related cloud provider addons.

Enable Terraform addon

vela addon enable terraform

After terraform addon enabled, you will have a basic capability to create cloud resource in CRD ways. Then you can enable a terraform provider addon for specific cloud.s

Enable Terraform Provider addon

KubeVela can support following cloud providers by enabling the Terraform provider addons.

$ vela addon list | grep terraform-
terraform-alibaba        	KubeVela	Kubernetes Terraform Controller for Alibaba Cloud                                                    	[1.0.2, 1.0.1]                      	enabled (1.0.2)
terraform-tencent        	KubeVela	Kubernetes Terraform Controller Provider for Tencent Cloud                                           	[1.0.0, 1.0.1]                      	enabled (1.0.0)
terraform-aws            	KubeVela	Kubernetes Terraform Controller for AWS                                                              	[1.0.0, 1.0.1]                      	enabled (1.0.0)
terraform-azure          	KubeVela	Kubernetes Terraform Controller for Azure                                                            	[1.0.0, 1.0.1]                      	enabled (1.0.0)
terraform-baidu          	KubeVela	Kubernetes Terraform Controller Provider for Baidu Cloud                                             	[1.0.0, 1.0.1]                      	enabled (1.0.0)
terraform-gcp            	KubeVela	Kubernetes Terraform Controller Provider for Google Cloud Platform                                   	[1.0.0, 1.0.1]                      	enabled (1.0.0)
terraform-ucloud         	KubeVela	Kubernetes Terraform Controller Provider for UCloud                                                  	[1.0.1, 1.0.0]                      	enabled (1.0.1)

To enable one of them, use the following command:

$ vela addon enable terraform-<provider-name>

You can also disable, upgrade, check status of an addon by command vela addon.

Authenticate Terraform Provider

After any of the terraform provider addon enabled, you can create credential for them by vela provider command.

Add Credential

Each Terraform provider can be authenticated by the command as below.

$ vela provider add -h
Authenticate Terraform Cloud Provider by creating a credential secret and a Terraform Controller Provider

Usage:
  vela provider add [flags]
  vela provider add [command]

Examples:
vela provider add <provider-type>

Available Commands:
  terraform-alibaba Authenticate Terraform Cloud Provider terraform-alibaba
  terraform-aws     Authenticate Terraform Cloud Provider terraform-aws
  terraform-azure   Authenticate Terraform Cloud Provider terraform-azure
  terraform-baidu   Authenticate Terraform Cloud Provider terraform-baidu
  terraform-gcp     Authenticate Terraform Cloud Provider terraform-gcp
  terraform-tencent Authenticate Terraform Cloud Provider terraform-tencent
  terraform-ucloud  Authenticate Terraform Cloud Provider terraform-ucloud

For example, let's authenticate the Terraform provider terraform-aws.

Here is the help message for authenticate the terraform-aws.

$ vela provider add terraform-aws -h
Authenticate Terraform Cloud Provider terraform-aws by creating a credential secret and a Terraform Controller Provider

Usage:
  vela provider add terraform-aws [flags]

Examples:
vela provider add terraform-aws

Flags:
      --AWS_ACCESS_KEY_ID string       Get AWS_ACCESS_KEY_ID per https://aws.amazon.com/blogs/security/wheres-my-secret-access-key/
      --AWS_DEFAULT_REGION string      Choose one of Code form region list https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html#concepts-available-regions
      --AWS_SECRET_ACCESS_KEY string   Get AWS_SECRET_ACCESS_KEY per https://aws.amazon.com/blogs/security/wheres-my-secret-access-key/
      --AWS_SESSION_TOKEN string       Get AWS_SESSION_TOKEN per https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_use-resources.html
  -h, --help                           help for terraform-aws
      --name default                   The name of Terraform Provider for AWS, default is default (default "aws")

Global Flags:
  -y, --yes   Assume yes for all user prompts

Authenticate a Terraform provider

$ vela provider add terraform-aws --AWS_ACCESS_KEY_ID=xxx --AWS_SECRET_ACCESS_KEY=yyy --AWS_DEFAULT_REGION=us-east-1

Without setting a provider name by --name, an AWS Terraform provider named aws will be created.

You also create multiple providers by specifying the --name flag.

$ vela provider add terraform-aws --name aws-dev --AWS_ACCESS_KEY_ID=xxx --AWS_SECRET_ACCESS_KEY=yyy --AWS_DEFAULT_REGION=us-east-1

Provision cloud resources

After a Terraform provider is authenticated, you can provision and/or consume cloud resources.