Logo

dev-resources.site

for different kinds of informations.

Terraform - JFrog Deployment in Kubernetes

Published at
8/30/2024
Categories
terraform
kubernetes
Author
Binoy
Categories
2 categories in total
terraform
open
kubernetes
open
Terraform - JFrog Deployment in Kubernetes

This section explains the deployment of JFrog on a Kubernetes cluster using Terraform. The module design principles were previously explained in the Jenkins Section, which covered how to build module design in Terraform. Here, the focus is specifically on configuring JFrog resources and integrating these configurations into the main DevOps module.

“devops.modules.jfrog” module

This module is used to manage Jfrog-related resources, providers and Kubernetes ingress configuration. The Helm JFrog support version 107.90.8.
Script main.tf

#This module is used to manage Artifactory-related resources, providers and Kubernetes ingress configuration. The Helm Artifactory support version 107.90.8.
resource "helm_release" "artifactory-oss" {
    name       = "jfrog-artifactory-oss"
    repository = "https://charts.jfrog.io"
    chart      = "artifactory-oss"
    version    = "107.90.8"
    namespace = var.kubernetes_namespace
    set {
    name  = "artifactory.postgresql.postgresqlPassword"
    value = var.postgresql_password
    }
    set {
    name  = "artifactory.nginx.enabled"
    value = false
    }
    set {
    name  = "artifactory.ingress.enabled"
    value = false
    }
    timeout = 600
    depends_on = [var.kubernetes_namespace]
}
# Artifactory ingress configuration 
resource "kubernetes_ingress_v1" "artifactory-oss-ingress" {
    metadata {
    name      = "artifactory-oss-ingress"
    namespace = var.kubernetes_namespace
    annotations = {
        "nginx.ingress.kubernetes.io/rewrite-target" = "/"
    }
    }
    spec {
    rule {
        host = var.domain_name
        http {
        path {
            path     = "/"
            path_type = "Prefix"
            backend {
            service {
                name = helm_release.artifactory-oss.name
                port {
                number = var.service_port
                }
            }
            }
        }
        }
    }
    }
    depends_on = [helm_release.artifactory-oss]
}

Script variabiles.tf

variable "kubernetes_namespace" {
    description = "Namepace of kubernetes the service need to install"
}
variable "service_port" {
    description = "Jfrog service port"
}
variable "postgresql_password" {
    description = "Postgresql password"
}
variable "domain_name" {
    description = "Jfrog domain name"
}

“devops” module

This is the main module for managing all DevOps-related modules and includes the installation steps for services that need to be deployed on the Kubernetes cluster. In this example, we configure DevOps tools required for the application, such as Kind Cluster, Kind Ingress Controller, Kubernetes provider and namespace, Helm provider, and JFrog.

Script main.tf

#Installing the cluster in Docker
module "kind_cluster" {
    source = "./modules/kind"
    name = var.kind_cluster_name
    http_port = 80
    https_port = 443
}
#Configuring the kubenretes provider based on the cluster information
provider "kubernetes" {
    host                   = module.kind_cluster.endpoint
    client_certificate     = module.kind_cluster.client_certificate
    client_key             = module.kind_cluster.client_key
    cluster_ca_certificate = module.kind_cluster.cluster_ca_certificate
}
#Installing the ingress controller in the cluster, this ingress support by kind. This ingress controller will be different based on the clusters such as AWS, Azure, Etc.
module "kind_ingress" {
    source = "./modules/kind/ingress"
    kube_endpoint = module.kind_cluster.endpoint
    kube_client_key = module.kind_cluster.client_key
    kube_client_certificate = module.kind_cluster.client_certificate
    kube_cluster_ca_certificate = module.kind_cluster.cluster_ca_certificate
    depends_on = [module.kind_cluster]
}
#Configuring the helm provider based on the cluster information
provider "helm" {
    kubernetes {
        host                   = module.kind_cluster.endpoint
        client_certificate     = module.kind_cluster.client_certificate
        client_key             = module.kind_cluster.client_key
        cluster_ca_certificate = module.kind_cluster.cluster_ca_certificate
    }
}
#Installing the namespace in the Kuberenetes cluster
module "kubernetes_namespace" {
    source = "./modules/kubernetes/namespace"
    namespace_name = var.kubernetes_namespace
    depends_on = [module.kind_ingress]
}
#Instaling the Jfrog Artifactory
module "jfrog" {
    source = "./modules/jfrog"

    kubernetes_namespace = module.kubernetes_namespace.namespace
    service_port = var.jfrog_service_port
    domain_name = var.jfrog_domain_name
    postgresql_password = "admin_password_postgress"

    depends_on = [module.kubernetes_namespace]
}

Script variables.tf

variable "kind_cluster_name" {
    description = "Kind cluster name"
}
variable "kind_http_port" {
    description = "Kind cluster http expose port"
}
variable "kind_https_port" {
    description = "Kind cluster https expose port"
}
variable "jfrog_service_port" {
    description = "Jfrog service port"
}
variable "kubernetes_namespace" {
    description = "Resources are installing in the Kubernetes namespace"
}
variable "jfrog_domain_name" {
    description = "Jfrog domain name"
}

Root Main Terraform Script
This is the main root script install the resources of DevOps
Script main.tf

module "devops" {
    source = "./devops"
    kind_cluster_name = var.kind_cluster_name
    kind_http_port = 80
    kind_https_port = 443
    kubernetes_namespace = "devops"
    jfrog_service_port = 8082
    jfrog_domain_name = var.jfrog_domain_name
}

Script variables.tf

#This is variable arguments while running the terraform scripts
variable "kind_cluster_name" {
    type = string
    description = "Kind cluster name"
}
variable "jfrog_domain_name" {
    type = string
    description = "Jfrog domain name"
    default = "jfrog.devops.com"
}

Setup local environment to build DevOps resources

I use docker containers to set up work environments for multiple applications(Setup Environment). This approach ensures fully isolated and maintainable environments for application development, allowing us to easily start and terminate these environments. Below is the Docker command to create the environment.

docker run -it --name test-jfrog-module-envornment-box -v ~/.kube/config:/work/.kube/config -e KUBECONFIG=/work/.kube/config -v ${HOME}/root/ -v ${PWD}/work -w /work --net host developerhelperhub/kub-terr-work-env-box

The container contains Docker, Kubectl, Helm, Terraform, Kind, Git

Setup JFrog on Kubernetes Cluster

I have created all the Terraform scripts, which are available in the GitHub repository. You can download and set up JFrog on a Kubernetes cluster, which runs locally in a Docker container.

Clone the repository onto your local Linux machine to get started.

git clone https://github.com/developerhelperhub/kuberentes-help.git
cd kuberentes-help/terraform/sections/00005/

Run the following commands to install the resources

terraform init

#Create the workspace to keep the separate the terraform state files of dev and production. This helps us to maintain multiple running in local
terraform workspace new devops_testing
terraform workspace select devops_testing

terraform plan
terraform apply  -var="kind_cluster_name=devops-test-cluster"

Note: The Terraform state file should be kept secure and encrypted (using encryption at rest) because it contains sensitive information, such as usernames, passwords, and Kubernetes cluster details etc.

Add our domain to the bottom of the /etc/hosts file on your local machine. This configuration should not be inside our working Linux box “test-jfrog-module-envornment-box”; it should be applied to your personal machine's /etc/hosts file.
(you will need administrator access):

127.0.0.1 jfrog.devops.com

We can open the Jfrog UI in the browser “http://jfrog.devops.com/”
Note: Username and password are “admin” and “password”

References

Featured ones: