Shared Code

One of main principles of the the Common Platform project was to provide as homogenous of a service as possible despite any environment differences. This facilitates customers moving between our environments once they are familiar with one.

To facilitate that, the Kubernetes clusters share a common code base where possible, altering only the individual bits of code that need to be changed per environment. This code is executed out of the eks-cluster project by the appropriate gitlab runners for each environment.

For more information about the differences in the environments, please see:

• EKS Anywhere
• EKS

Bash

By leveraging several when statements and includes, we are able to determine which cluster is being run in the pipeline and then use some simple bash commands to organize the correct inventory for terraform to run.

Terraform

The common code base, once setup by the some simple scripts is deployed with Terraform. Terraform has a variety of plug-ins that let us use leverage the objects we are provisioning natively. The cluster-bootstrap folder which Terraform provisions is mainly constituted of helmcharts with templating to allow shared code between the environments and tiers.

Upgrading Terraform

Terraform is a tool built for forward compatibility, so upgrading to new versions is generally trivial. However, to ensure no unexpected inconsistencies, we currently set our terraform version in the codebase.

Plug-ins are generally the most complex part of upgrading Terraform (if they get upgraded) as they can have interdependencies, syntax changes, or default behavior changes.

!!! note "Terraform Version Management If you are not paying attention when testing code manually, it is very easy to accidentally upgrade a Terraform state file to a newer version. For that reason, our team currently heavily relies on a tool called tfswitch allowing us to easily switch between version of Terraform by leaving a file indicating which version of Terraform should be used.

Terraform State

The original AWS Clusters keep their state in Terraform workspaces in an S3 bucket residing in vt-platform-auth, access to this is provided via a role to the runner.

Terraform workspaces did not work with Gitlab at the time of integration, so each state is simply tracked separately in Gitlab under the eks-cluster project.

Links

• Documentation:
  • General Terraform Documentation: https://developer.hashicorp.com/terraform/language
  • Upgrade Terraform Documentation: https://developer.hashicorp.com/terraform/language/v1.5.x/upgrade-guides
  • tfswitch Project: https://github.com/warrensbox/terraform-switcher

Terraform Documentation Version

Be sure to select the version of documentation to the right of the title.

• Implementation:

  • Kubernetes Cluster: Main cluster implementation

  https://code.vt.edu/it-common-platform/infrastructure/eks-cluster

• Upgrade Concerns:

  • Plugins: Although Terraform is generally compatible between versions, the underlying plug-ins are likely not and will have various requirements, dependencies, and changes in default behavior.