The Eclipse ioFog Platform project provides means to spin up and deploy minimal infrastructure. Currently, we demonstrate how to achieve this on GKE (Google Kubernetes Engine), although since we are using Terraform under the covers you can easily extend/contribute to support your preferred cloud infrastructure provider.
In order to setup the infrastructure we will need the following tools:
- Terraform (version 0.12.*, installation instructions)
- GCloud SDK (quickstart guide)
- Kubectl (installation instructions)
To then install a complete EdgeCompute Network (ECN), we will also need iofogctl:
We don't have to install these tools manually now. Later in the process, we will use a script to download those dependencies and initialise terraform variable file.
Provided script ./bootstrap.sh will download those dependencies, see details below.
First, we need to setup gcloud with our project. We can either establish a service account or use a personal account with GCP. In both cases, the minimal set of IAM roles required is:
- Compute Admin
- Kubernetes Engine Admin
- Service Account User
To login with a service account and setup our project, download the service account key file from GCP. Further details on how to setup a service account are available in the GCP documentation.
You can test authenticate gcloud with the newly created service account.
gcloud auth activate-service-account --key-file=service-account-key.jsonIf you no longer have the service account key file, it is possible to generate another key using gcloud or using the GCP console.
The platform tools also supports deployment of agent nodes on packet. This step is entirely optional and is it possible to provide our own machines for ioFog Agents instead.
We will need Packet token to setup packet provider on terraform. First we have to upload out ssh key that will be used by automation to add to newly created instances.
Next, retrieve a Packet auth token and project ID from Packet website and save it for later.
We can then run bootstrap to install all the required tools. It is possible to skip the installation step if we opt to instead provide the tools ourselves, please consult ./bootsrap.sh --help for details.
./bootstrap.sh --gcloud-service-account service-account-key.jsonFirst create a copy of the variables template file.
cp infrastructure/gcp/template.tfvars user.tfvarsNow we have to edit the user.tfvars file according to our credentials and desired infrastructure. There are three main sections in the file: general variables, agents list and packet variables. Let's start by modifying the following general variables:
| Variables | Description |
|---|---|
google_application_credentials |
Path to the service account key file from Google Cloud Platform Setup |
gcp_service_account |
Name of the GCP service account |
project_id |
GCP project ID |
environment |
Name of the infrastructure (to identify the resources on GCP and Packet) |
gcp_region |
Region if GCP infrastructure |
packet_auth_token |
Packet API key from Packet Setup (Optional) (Optional) |
packet_project_id |
Packet project ID (Optional) |
packet_operating_system |
Packet operating system of all agents (Optional) |
packet_facility |
Packet regions (called facilities) (Optional) |
packet_count_x86 |
Packet number of x86 instances (Optional) |
packet_plan_x86 |
Packet plan of x86 instances (Optional) |
packet_count_arm |
Packet number of arm instances (Optional) |
packet_plan_arm |
Packet plan of arm instances (Optional) |
To deploy the new infrastructure, run:
./deploy.sh user.tfvarsOnce the infrastructure is successfully deployed, we should be able to interact with the Kubernetes cluster. Terraform automatically setup our kubeconfig for us. To use the newly created Kubernetes cluster, we need to define KUBECONFIG environment variable to point to a kubeconfig file created by Terraform. The kubeconfig file is always in infrastructure/gcp/<environment>.kubeconfig, where <environemnt> corresponds to the settings passed in our user.tfvars file.
export KUBECONFIG="$PWD/infrastructure/gcp/<environment>.kubeconfig"Should we need to retrieve kubeconfig for our new cluster anytime in the future or from another machine, we can use gcloud container clusters get-credentials environment --region gcp_region, where environment and gcp_region refer to previously described variables.
Terraform generated ecn.yaml file according to iofogctl specification. Most important are kubeconfig and keyfile parameters. The kubeconfig variable is the same as in Interact With Newly Deployed Infrastructure. keyfile refers to a private SSH key to access the given agent. For Packet agents, these must be uploaded to Packet according to Packet Setup (Optional). This is also where we can add additional agents (outside of the new infrastructure).
To destroy the infrastructure (and all deployed ECNs), run:
./destroy.sh user.tfvarsMake sure the tfvars file is the same for both deploy and destroy invocations.
-
Login to gcloud:
gcloud auth login -
Kubeconfig for gke cluster:
gcloud container clusters get-credentials <<CLUSTER_NAME>> --region <<REGION>> -
Delete a particular terraform resource:
terraform destroy -target=null_resource.iofog -var-file=vars.tfvars -auto-approve -
Terraform Output
terraform outputorterraform output -module=packet_edge_nodes