🚀 integrate terraform, kubernetes and helm

charts/databunker/README.md

@@ -457,8 +457,8 @@ You can configure this chart to load certificates you created outside of contain
 
 ```yaml
 certificates:
-  customCertificate: "mytls"
-    certificateSecret: ""
+  customCertificate:
+    certificateSecret: "databunkertls"
     chainSecret:
       name: ""
       key: ""
@@ -470,7 +470,7 @@ certificates:
 > Tip! You can create a self-signed certificate and a secret containing your certificates using the following command:
 ```bash
 openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout tls.key -out tls.crt -subj "/CN=localhost"
-kubectl create secret tls mytls --key="tls.key" --cert="tls.crt"
+kubectl create secret tls databunkertls --key="tls.key" --cert="tls.crt"
 ```
 
 ### Setting Pod's affinity

terraform/aws/README.md

@@ -1,13 +1,54 @@
+## Terraform script to prepare environment for Databunker
 
+1. Create VPC
+2. Create MySQL RDS
+3. Create EKS
+
+### How to set up everything
 
 ```
+terraform init
 terraform apply
+```
+
+Make sure to save the database hostname displayed as **rds_hostname** variable.
+
+Same RDS hostname is printed using the following command:
+
+```
+terraform output rds_hostname
+```
+
+### Next steps
+1. Set KUBECONFIG to point to new generated kubernetes config file
+2. Create SSL certificate for Databunker and save it as Kubernetes secret
+3. Start Databunker process
+
+```
+export KUBECONFIG=`pwd`/`ls -1 kubeconfig_*`
+cd ../../charts
+openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout tls.key -out tls.crt -subj "/CN=localhost"
+kubectl create secret tls databunkertls --key="tls.key" --cert="tls.crt"
+helm install myprj ./databunker --set mariadb.enabled=false \
+  --set externalDatabase.host=MYSQL-RDS-HOST \
+  --set externalDatabase.existingSecret=databunker-mysql-rds \
+  --set certificates.customCertificate.certificateSecret=databunkertls
+```
+
+The **MYSQL-RDS-HOST** is the same as ```terraform output rds_hostname```.
+
+### View generated database password
+
+```
+terraform output rds_password
+```
+
+### Troubleshooting
+```
 terraform destroy -target aws_eks_cluster.yuli-cluster
 terraform destroy -target module.eks.aws_eks_cluster.this\[0\]
-terraform output rds_password
-
-export KUBECONFIG=/Users/yuli/Desktop/code/databunker/terraform/kubeconfig_yuli-cluster
-export KUBE_CONFIG_PATH=/Users/yuli/Desktop/code/databunker/terraform/kubeconfig_yuli-cluster
-
+terraform destroy
+helm uninstall myprj
+kubectl get secret databunkertls -o json
+kubectl get secret databunker-mysql-rds -o json
 ```
-

terraform/aws/rds.tf

@@ -47,7 +47,7 @@ resource "aws_db_parameter_group" "mydb" {
 resource "aws_db_instance" "mydb" {
   # https://github.com/tmknom/terraform-aws-rds-mysql/blob/master/main.tf
   # The name of the database. If this parameter is not specified, no database is created in the DB instance.
-  name                   = "bunkerdb"
+  name                   = "databunkerdb"
   identifier             = "mydb"
   tags                   = { "Name" = "mydb"}
   instance_class         = "db.t3.medium"
@@ -86,7 +86,7 @@ resource "kubernetes_secret" "databunker-mysql-rds" {
     #port = aws_db_instance.mydb.port
     #dbname = aws_db_instance.mydb.name
     #username = aws_db_instance.mydb.username
-    "mariadb-password" = aws_db_instance.mydb.password
+    "db-password" = aws_db_instance.mydb.password
   }
   type = "Opaque"
 }