Everyone can contribute! Learn DevOps and Cloud Native in our cafe ☕
Technology is moving fast in the DevOps and Cloud Native community.
Join the conversation and add your thoughts, tips, experiences, stories.
"Everyone Can Contribute" is inspired by GitLab's mission.
24. #everyonecancontribute cafe: Automate Kubernetes deployment with Terraform and GitLab CI/CD
Highlights
We are learning how to deploy and secure Kubernetes into Hetzner cloud in this series:
-
- cafe: Provisioned the server and agent VMs with Terraform and Ansible in the first session with Max.
-
- cafe: Deployed k3s as Kubernetes distribution with Max.
-
- cafe: Learned about pods and the Hetzner load balancer with Max.
-
- cafe: Ingress controller for load balancer cost savings with Max.
-
- cafe: Break into Kubernetes Security with Philip Welz.
-
- cafe: Securing Kubernetes with Kyverno with Philip Welz.
-
- cafe: Secure Kubernetes with OpenID with Niclas Mietz.
-
- cafe: Multi-tenancy with Kiosk in Kubernetes with Niclas Mietz.
In this session, we automate the deployment of the Kubernetes cluster with Max inside GitLab CI/CD:
- Automate the deployment from the repository with GitLab CI/CD
- Preparations in GitLab: Add CI/CD variables and update settings.
- Variable
hcloud_token
. - File
SSH_KEY
- GitLab reads the file. - Disable
public pipeline
to avoid leaking credentials in artifacts.
- Variable
- Define GitLab CI/CD pipeline stages:
- test
- terraform-diff
- terraform
- ansible-diff
- ansible
- kubeconfig
- CI/CD rule with the pre-defined variable CI_PIPELINE_SOURCE to only allow triggers from
web
- single click deployments from the GitLab web interface. - Create a template job, starting with a dot and later imported with extends.
- Import the
.terraform
job template into new Terraform jobs:TF Validate
withgitlab-terraform init
andgitlab-terraform validate
.gitlab-terraform
is a wrapper which sets config automatically. Infrastructure as Code with Terraform and GitLab docs. - Example worflow from the GitLab Terraform template.
- Add more jobs:
TF Plan
andTF Apply
. - Navigate into
CI/CD > Pipelines
and clickRun pipeline
for themain
branch.
In the future, we’ll explore more Kubernetes topics:
- Use Renovate to keep deployments updated with GitLab CI/CD.
- CI/CD, IaC and GitOps with the GitLab Kubernetes Agent
- Hetzner storage volumes
- Monitoring with Prometheus, GitLab CI/CD deployments and much more :)
Insights
Recording
Enjoy the session! 🦊
Written by: Michael Friedrich