Skip to content

cloudbees-oss/terraform-aws-cloudbees-cd-eks-addon

Repository files navigation

CloudBees CD/RO add-on for Amazon EKS blueprints

CloudBees CD/RO add-on for Amazon EKS blueprints

Deploy CloudBees CD/RO to Amazon Web Services (AWS) Elastic Kubernetes Service (EKS) clusters


GitHub Latest Release) GitHub Issues Code Quality: Terraform Code Quality: Super-Linter Documentation: MD Links Checker Documentation: terraform-docs gitleaks badge gitsecrets

Motivation

The CloudBees CD/RO AWS add-on streamlines the adoption and experimentation of CloudBees CD/RO enterprise features by:

CloudBees CD/RO license

You must have a valid license to operate the CloudBees CD/RO server. By default, CloudBees CD/RO uses the server license type. For more information, refer to Licenses.

Usage

Implementation examples are included in the blueprint folder, however this is the simplest example of usage:

module "eks_blueprints_addon_cbcd" {
  source = "REPLACE_ME"

  host_name     = "example"
  hosted_zone   = "domain.com"
  cert_arn     = "arn:aws:acm:us-east-1:0000000:certificate/0000000-aaaa-bbb-ccc-thisIsAnExample"
}

By default, it uses a minimum required configuration described in the Helm chart values.yml. If you need to override any default settings with the chart, you can do so by passing the helm_config variable.

Prerequisites

Tooling

The blueprint deploy and destroy phases use the same requirements provided in the AWS EKS Blueprints for Terraform - Prerequisites. However, the blueprint validate phase may require additional tooling, such as jq and velero.

Note

There is a companion Dockerfile to run the blueprints in a containerized development environment, ensuring all dependencies are met. It can be built locally using the Makefile target make dRun.

AWS authentication

Before getting started, you must export your required AWS Environment Variables to your CLI (for example, AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, and AWS_PROFILE).

Existing AWS 53 hosted zone

These blueprints rely on an existing hosted zone in AWS Route 53. If you do not have a hosted zone, you can create one by following the AWS Route 53 documentation.

Data storage options

CloudBees CD/RO uses a file system to persist data. Data is stored in several locations and configured to be stored in Amazon Elastic Block Store (Amazon EBS) or Amazon Elastic File System (Amazon EFS)

  • Amazon EBS volumes are scoped to a particular availability zone to offer high-speed, low-latency access to the Amazon Elastic Compute Cloud (Amazon EC2) instances they are connected to. If an availability zone fails, an Amazon EBS volume becomes inaccessible due to file corruption, or there is a service outage, the data on these volumes becomes inaccessible. The pods require this persistent data and have no mechanism to replicate the data, so CloudBees recommends frequent backups for Amazon EBS.
  • Amazon EFS file systems are scoped to an AWS region and can be accessed from any availability zone in the region that the file system was created in. Using Amazon EFS as a storage class allows pods to be rescheduled successfully onto healthy nodes in the event of an availability zone outage. Amazon EFS is more expensive than Amazon EBS, but provides greater fault tolerance.

Important

CloudBees CD/RO clustered mode requires Amazon EFS. For more information, refer to CloudBees CD/RO EKS Storage Requirements.

Note

For more information on pricing and cost analysis, refer to Amazon EBS pricing and Amazon EFS pricing.

Terraform documentation

Inputs

Name Description Type Default Required
cert_arn Certificate ARN from AWS ACM string n/a yes
host_name Route53 Host name string n/a yes
flow_db_secrets_file Secrets file yml path containing the secrets names:values to create the Kubernetes secret flow_db_secret. string "flow_db_secrets-values.yml" no
helm_config CloudBees CD Helm chart configuration any
{
"values": [
""
]
}
no

Outputs

Name Description
cbcd_domain_name Route 53 Domain Name to host CloudBees CD Services.
cbcd_flowserver_pod Flow Server Pod for CloudBees CD Add-on.
cbcd_ing Ingress for the CloudBees CD add-on.
cbcd_liveness_probe_int CD service internal liveness probe for the CloudBees CD add-on.
cbcd_namespace Namespace for CloudBees CD Addon.
cbcd_password Command to get the admin password of Cloudbees CD
cbcd_url URL for CloudBees CD Add-on.
merged_helm_config (merged) Helm Config for CloudBees CD

Additional resources