This is the multi-page printable view of this section. Click here to print.
Portefaix on Alibaba Cloud
Running Portefaix on Alibaba Cloud ACK
- 1: Deployment
- 1.1: Install Portefaix
- 1.2: Inspec Portefaix
- 1.3: Uninstall Portefaix
- 2: Authentication and Authorization
- 3: Troubleshooting Deployments on Alibaba Cloud ACK
1 - Deployment
Instructions for deploying Portefaix on Alibaba Cloud ACK
Work In Progress
1.1 - Install Portefaix
Instructions for deploying Portefaix on Alibaba Cloud
Setup
Create an admin user, then API Keys.
And configure Portefaix environment file ${HOME}/.config/portefaix/portefaix.sh
:
# Alicloud
function setup_alicloud() {
# Alicloud User: Portefaix Admin
export ALICLOUD_ACCESS_KEY="xxxxxxxxxx"
export ALICLOUD_SECRET_KEY="xxxxxxxxxxxxxxxx"
export ALICLOUD_REGION="eu-central-1"
# For Terraform Cloud
export TF_VAR_access_key="${ALICLOUD_ACCESS_KEY}"
export TF_VAR_secret_key="${ALICLOUD_SECRET_KEY}"
export TF_VAR_region="${ALICLOUD_REGION}"
}
And load environment :
❯ . ./portefaix.sh alicloud
Storage for Terraform
Create an OSS bucket for Terraform states:
❯ make -f hack/build/alicloud.mk aliyun-bucket-create ENV=staging
Create a TableStore instance:
❯ make -f hack/build/alicloud.mk aliyun-tablestore-create ENV=staging
Terraform Cloud / Github Actions
Terraform Cloud is used as the remote backend. Github Actions perform tasks to deploy the Alibaba Cloud infrastructure.
Gitops for Kubernetes
Next: Gitops
1.2 - Inspec Portefaix
Instructions for check Portefaix infrastructure on Alibaba Cloud
Inspec is used to check infrastructure.
Check:
❯ make -f hack/build/alicloud.mk inspec-alicloud-debug
Execute tests:
Work In Progress
CIS Kubernetes Benchmark
❯ make -f hack/build/alicloud.mk inspec-alicloud-kubernetes ENV=staging
1.3 - Uninstall Portefaix
Instructions for uninstall Portefaix
Terraform
Github Actions with Terraform Cloud could be used to delete the infrastructure:
2 - Authentication and Authorization
Authentication and authorization support for Portefaix in Alibaba Cloud
This section shows the how to setup Portefaix with authentication and authorization support in Alibaba Cloud
Configure Alibaba Cloud
❯ . ./portefaix.sh alicloud
[ Portefaix ]
Setup credentials
Done
Bastion
Work In Progress
Configure kubectl
Work In Progress
❯ make kubernetes-credentials CLOUD=alicloud ENV=staging
❯ kubectl get nodes
NAME STATUS ROLES AGE VERSION
3 - Troubleshooting Deployments on Alibaba Cloud ACK
Help diagnose and fix issues you may encounter in your Portefaix deployment