Added OVHCloud support (#12)

ElliotG · web-flow · commit 6c2a04e6b056 · 2023-01-10T12:05:21.000-07:00
diff --git a/Readme.md b/Readme.md
@@ -13,3 +13,4 @@ Each subfolder in this repo is for a different platform.
 * AWS EKS
 * Digital Ocean K8s
 * IBMCloud K8s
+* OVHCloud K8s
diff --git a/ibmcloud-k8s/Readme.md b/ibmcloud-k8s/Readme.md
@@ -3,7 +3,7 @@
 1. Fork this repo and set it up with [spacelift.io](https://spacelift.io/) or equivalent
 2. Create an [API Key](https://cloud.ibm.com/docs/account?topic=account-userapikey&interface=ui) and set it as IC_API_KEY
 3. Make sure to set the root directory to ibmcloud-k8s/
-4. Run and apply the Terraform (took me 10 minutes)
+4. Run and apply the Terraform (took me 75 minutes)
 
 ## Coder setup Instructions
 
diff --git a/ovhcloud-k8s/Readme.md b/ovhcloud-k8s/Readme.md
@@ -0,0 +1,39 @@
+## Getting Coder Installed
+
+1. Create an OVH Cloud account, order a public cloud, and then set up a project (copy the ID)
+2. Fork this repo and set it up with [spacelift.io](https://spacelift.io/) or equivalent
+3. Set OVH_CLOUD_PROJECT_SERVICE to the project id from (1)
+4. For US, I went to https://api.us.ovhcloud.com/createToken/?GET=/*&POST=/*&PUT=/*&DELETE=/* to generate API keys
+5. Set OVH_APPLICATION_KEY, OVH_APPLICATION_SECRET, OVH_CONSUMER_KEY to the values from (4)
+6. Make sure to set the root directory to ovhcloud-k8s/
+7. Run and apply the Terraform (took me 10 minutes)
+
+If you run into any auth issues, see the end of the Readme.
+
+## Coder setup Instructions
+
+1. In the OVHCloud Console, go to Public Cloud --> Load Balancer and copy the IP address on the far right.
+2. Create the initial username and password.
+3. Go to Templates, click Develop in Kubernetes, and click use template
+4. Click create template (it will refresh and prompt for 3 more template inputs)
+5. Set var.use_kubeconfig to false 
+6. Set var.namespace to coder
+7. Click create template
+
+With the admin user created and the template imported, we are ready to launch a workspace based on that template.
+
+1. Click create workspace from the kubernetes template (templates/kubernetes/workspace)
+2. Give it a name and click create
+3. Within three minutes, the workspace should launch.
+
+From there, you can click the Terminal button to get an interactive session in the k8s container, or you can click code-server to open up a VSCode window and start coding!
+
+## kubernetes or helm provider is erroring during authentiation
+I'm purposefully using an [anti-pattern](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs) for the k8s provider in which I am both deploying the cluster and the helm charts in 1 repo for demo purposes only. If you run into an issue where the k8s or helm providers can't authenticate, you can fix it this way:
+
+1. Go to OVHCloud --> Kubernetes --> Service, and in the Access and security panel you can download the kubeconfig file.
+2. Go to your Spacelift stack --> Environment, and click Edit.
+3. Change the type to "Mounted File", and upload the kubeconfig file from (1)
+4. Create an environment variable: "TF_VAR_kubeconfig_path" where the value is the path above.
+
+This will enable you to update or delete the stack safely. See [this thread](https://github.com/terraform-aws-modules/terraform-aws-eks/issues/1234) for more details as to why this is necessary.
diff --git a/ovhcloud-k8s/main.tf b/ovhcloud-k8s/main.tf
@@ -0,0 +1,132 @@
+terraform {
+  required_providers {
+    ovh = {
+      source = "ovh/ovh"
+    }
+  }
+}
+
+# The first time this TF file is run, the kubeconfig file can be
+# generated directly from the ovh_cloud_project_kube_nodepool resource.
+# However the second time, it won't load properly. Instead, you need
+# to mount a new kubeconfig and set the value here.
+variable "kubeconfig_path" {
+  default = ""
+}
+
+variable "coder_version" {
+  default = "0.13.6"
+}
+
+# Change this password away from the default if you are doing
+# anything more than a testing stack.
+variable "db_password" {
+  default = "coder"
+}
+
+###############################################################
+# K8s configuration
+###############################################################
+# Set OVH_APPLICATION_KEY, OVH_APPLICATION_SECRET, OVH_CONSUMER_KEY
+# https://api.us.ovhcloud.com/createToken/?GET=/*&POST=/*&PUT=/*&DELETE=/*
+# Set OVH_CLOUD_PROJECT_SERVICE to your Project ID
+provider "ovh" {
+  endpoint = "ovh-us"
+}
+
+resource "ovh_cloud_project_kube" "coder" {
+  name   = "coder_cluster"
+  region = "US-EAST-VA-1"
+}
+
+
+resource "ovh_cloud_project_kube_nodepool" "coder" {
+  kube_id       = ovh_cloud_project_kube.coder.id
+  name          = "coder-pool" //Warning: "_" char is not allowed!
+  flavor_name   = "d2-8"
+  desired_nodes = 2
+  max_nodes     = 2
+  min_nodes     = 2
+}
+
+# There's an obnoxious TF issue while destroying 
+resource "local_file" "kubeconfig" {
+  content  = ovh_cloud_project_kube.coder.kubeconfig
+  filename = "tf-generated-config.yml"
+}
+
+provider "kubernetes" {
+  # If the kubeconfig_path variable is set, use that. Otherwise, fall back to the local file.
+  config_path = var.kubeconfig_path != "" ? var.kubeconfig_path : local_file.kubeconfig.filename
+}
+
+resource "kubernetes_namespace" "coder_namespace" {
+  metadata {
+    name = "coder"
+  }
+
+  depends_on = [
+    ovh_cloud_project_kube_nodepool.coder,
+    local_file.kubeconfig
+  ]
+}
+
+###############################################################
+# Coder configuration
+###############################################################
+provider "helm" {
+  kubernetes {
+    config_path = var.kubeconfig_path != "" ? var.kubeconfig_path : local_file.kubeconfig.filename
+  }
+}
+
+# kubectl logs postgresql-0 -n coder
+resource "helm_release" "pg_cluster" {
+  name      = "postgresql"
+  namespace = kubernetes_namespace.coder_namespace.metadata.0.name
+
+  repository = "https://charts.bitnami.com/bitnami"
+  chart      = "postgresql"
+
+  set {
+    name  = "auth.username"
+    value = "coder"
+  }
+
+  set {
+    name  = "auth.password"
+    value = var.db_password
+  }
+
+  set {
+    name  = "auth.database"
+    value = "coder"
+  }
+
+  set {
+    name  = "persistence.size"
+    value = "10Gi"
+  }
+}
+
+resource "helm_release" "coder" {
+  name      = "coder"
+  namespace = kubernetes_namespace.coder_namespace.metadata.0.name
+
+  chart = "https://github.com/coder/coder/releases/download/v${var.coder_version}/coder_helm_${var.coder_version}.tgz"
+
+  values = [
+    <<EOT
+coder:
+  env:
+    - name: CODER_PG_CONNECTION_URL
+      value: "postgres://coder:${var.db_password}@${helm_release.pg_cluster.name}.coder.svc.cluster.local:5432/coder?sslmode=disable"
+    - name: CODER_EXPERIMENTAL
+      value: "true"
+    EOT
+  ]
+
+  depends_on = [
+    helm_release.pg_cluster
+  ]
+}
