heidloff.net - Building is my Passion
Post
Cancel

Configuring the TechZone Toolkit

With the TechZone Toolkit software like OpenShift can be set up in the cloud including custom applications by using automation via Terraform and Argo CD. This article describes how to configure the toolkit or more precisely the solution definitions.

In an earlier blog I explained the toolkit: Introducing IBM’s Toolkit to handle Everything as Code. The toolkit leverages Terrafrom and GitOps and is based on best practices based on IBM experiences in partner and clients projects.

The toolkit module catalog provides 200+ modules to install IBM Software and open source components which can be deployed on clouds like AWS, Azure and IBM Cloud. Solutions are defined in yaml files. The bill of materials contain lists of modules, in this example OpenShift in the IBM Cloud, Argo CD including a GitOps repo, the Watson NLP (natural language processing) container and a custom application.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
apiVersion: cloudnativetoolkit.dev/v1alpha1
kind: BillOfMaterial
metadata:
  name: cluster-with-watson-nlp
spec:
  modules:
    - name: ibm-ocp-vpc
      version: v1.16.0
    - name: argocd-bootstrap
      version: v1.12.0
    - name: gitops-repo
      alias: gitops_repo
      version: v1.22.2
    - name: terraform-gitops-ubi
      alias: terraform_gitops_ubi
      version: v0.0.8
    - name: terraform-gitops-watson-nlp
      alias: terraform_gitops_watson_nlp
      version: v0.0.80

Bill of materials can be and should be shared for different scenarios. To customize them two files are used.

  1. output/credentials.properties: Contains credentials
  2. output/bom-name/variables.yaml: Contains all other variables

The following sample shows how to define variables like regions, resource group names, size of the cluster, etc.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
variables:
  # overall
  - name: region
    description: The IBM Cloud region where the instance should be provisioned
    value: xxx
  - name: resource_group_name
    description: The name of the IBM Cloud resource group where the resources should be provisioned
    value: xxx
  # ocp
  - name: worker_count
    description: The number of workers that should be provisioned per subnet
    value: 2
  - name: cluster_flavor
    description: The flavor of the worker nodes that will be provisioned
    value: bx2.4x16

When ArgoCD is used, a Git token is needed to access the GitOps repo which is stored in credentials.properties. The same mechanism applies for tokens to pull container images from protected registries as well as other credentials.

1
2
3
export TF_VAR_gitops_repo_token=xxx
export TF_VAR_ibmcloud_api_key=xxx
export TF_VAR_terraform_gitops_watson_nlp_registry_credentials=xxx,xxx,xxx

With the toolkit’s CLI the bill of material, the variables and the credentials are converted to Terraform assets in the ‘output/bom-name/terraform’ folder. Be careful when managing this folder with Git to prevent your credentials to be exposed. Note that the generated files are usually not touched.

image

When the variables and credentials are not predefined, CLI users will get prompted to define them when invoking ‘iascable build’.

image

To find out more about the toolkit, check out the documentation and the sample which deploys OpenShift and Watson NLP.

Featured Blog Posts
Disclaimer
The postings on this site are my own and don’t necessarily represent IBM’s positions, strategies or opinions.
Trending Tags