Adds demo code (#1)

* Terraform
  * adds config for Terraform Cloud Workspaces 
  * adds config for creating K8s clusters with AKS, DOKS, and GKE
  * adds Terraform Cloud Workspace to collect Cluster Information

* Kubernetes / Helm
  * adds inline Terraform module for Helm deployment of Vault
  * adds deployment of Vault on DOKS Cluster

.gitignore

@@ -15,3 +15,7 @@
 
 # Crash log files
 crash.log
+
+# Credentials
+clusters/aks/private_ssh_key
+clusters/gke/account.json

README.md

@@ -6,9 +6,31 @@
 
 - [Multi-Cloud Kubernetes](#multi-cloud-kubernetes)
   - [Table of Contents](#table-of-contents)
+  - [Workflows](#workflows)
   - [Author Information](#author-information)
   - [License](#license)
 
+## Workflows
+
+The code in this repository is split out into a handful of distinct flows, each in their own directory:
+
+### `clusters` Workflows
+
+* `clusters/aks` contains code for Azure AKS Clusters
+* `clusters/doks` contains code for Digital Ocean Kubernetes Clusters
+* `clusters/gke` contains code for Google Cloud GKE Clusters
+
+### `vault` Workflows
+
+* `vault` contains code for deploying Vault on Kubernetes Clusters
+
+### Other Workflows
+
+* `outputs` contains code for collecting distinctive outputs from all Workspaces in this repository
+* `workspaces` contains code for Terraform Cloud Workspaces
+
+Each directory contains its own `README.md` with information relevant to the workflow.
+
 ## Author Information
 
 This repository is maintained by the contributors listed on [GitHub](https://github.com/ksatirli/multi-cloud-kubernetes/graphs/contributors).

clusters/aks/README.md

@@ -0,0 +1,26 @@
+# Workspace `aks`
+
+> This directory contains [Microsoft Azure](https://registry.terraform.io/providers/hashicorp/azurerm/) Resources.
+
+## Requirements
+
+* Terraform CLI `1.0.8` or newer
+* a Microsoft Azure account
+
+## Downstream Consumption
+
+The Kubernetes Cluster can be consumed via the [azurerm_kubernetes_cluster](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/kubernetes_cluster) data source:
+
+```hcl
+# see https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/kubernetes_cluster
+data "azurerm_kubernetes_cluster" "cluster" {
+  name                = "multi-cloud-k8s"
+  resource_group_name = "multi-cloud-k8s"
+}
+```
+
+The above example uses the default values for the `name` and `resource_group_name` property. This may need to be changed for your situation.
+
+## Notes
+
+The implementation of this AKS Cluster is based on previous work carried out [here](https://github.com/ksatirli/dynamically-configured-infrastructure/tree/main/terraform/azure).

clusters/aks/data-sources.tf

@@ -0,0 +1,6 @@
+# see https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/kubernetes_service_versions
+data "azurerm_kubernetes_service_versions" "cluster" {
+  location        = var.azure_region
+  version_prefix  = "1.19"
+  include_preview = false
+}

clusters/aks/main.tf

@@ -0,0 +1,25 @@
+# see https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group
+resource "azurerm_resource_group" "cluster" {
+  name     = var.tfe_workspaces_prefix
+  location = var.azure_region
+}
+
+# see https://registry.terraform.io/modules/Azure/aks/azurerm/4.13.0
+module "aks" {
+  source  = "Azure/aks/azurerm"
+  version = "4.13.0"
+
+  resource_group_name             = azurerm_resource_group.cluster.name
+  agents_count                    = 3
+  enable_http_application_routing = true
+  kubernetes_version              = data.azurerm_kubernetes_service_versions.cluster.latest_version
+  orchestrator_version            = data.azurerm_kubernetes_service_versions.cluster.latest_version
+  os_disk_size_gb                 = 100
+  prefix                          = var.tfe_workspaces_prefix
+  vnet_subnet_id                  = module.network.vnet_subnets[0]
+
+  # see https://www.terraform.io/docs/language/meta-arguments/depends_on.html
+  depends_on = [
+    module.network
+  ]
+}

clusters/aks/networking.tf

@@ -0,0 +1,16 @@
+# see https://registry.terraform.io/modules/Azure/network/azurerm/3.5.0
+module "network" {
+  source  = "Azure/network/azurerm"
+  version = "3.5.0"
+
+  resource_group_name = azurerm_resource_group.cluster.name
+
+  address_space   = "11.0.0.0/16"
+  subnet_prefixes = ["11.0.1.0/24"]
+  subnet_names    = ["subnet1"]
+
+  # see https://www.terraform.io/docs/language/meta-arguments/depends_on.html
+  depends_on = [
+    azurerm_resource_group.cluster
+  ]
+}

clusters/aks/outputs.tf

@@ -0,0 +1,35 @@
+# see https://www.terraform.io/docs/language/values/outputs.html
+output "cluster_id" {
+  description = "AKS Cluster ID."
+  value       = module.aks.aks_id
+}
+
+# see https://www.terraform.io/docs/language/values/outputs.html
+output "cluster_name" {
+  description = "AKS Cluster Name."
+  value       = var.tfe_workspaces_prefix
+}
+
+# see https://www.terraform.io/docs/language/values/outputs.html
+output "cluster_region" {
+  description = "AKS Cluster Region."
+  value       = module.aks.location
+}
+
+# see https://www.terraform.io/docs/language/values/outputs.html
+output "cluster_resource_group" {
+  description = "AKS Cluster Resource Group."
+  value       = azurerm_resource_group.cluster.name
+}
+
+# see https://www.terraform.io/docs/language/values/outputs.html
+output "console_url" {
+  description = "Azure Portal URL."
+  value       = "https://portal.azure.com/#home"
+}
+
+# this variable is used for testing purposes and has no bearing on the demo
+# see https://www.terraform.io/docs/language/values/outputs.html
+output "workspace_url" {
+  value = "https://app.terraform.io/app/a-demo-organization/workspaces/multi-cloud-k8s-aks"
+}

clusters/aks/providers.tf

@@ -0,0 +1,7 @@
+# see https://registry.terraform.io/providers/hashicorp/azurerm/2.78.0
+provider "azurerm" {
+  features {}
+
+  # see https://registry.terraform.io/providers/hashicorp/azurerm/2.78.0/docs#environment
+  environment = "public"
+}

clusters/aks/terraform.tf

@@ -0,0 +1,23 @@
+terraform {
+  # see https://www.terraform.io/docs/language/settings/backends/remote.html
+  backend "remote" {
+    hostname     = "app.terraform.io"
+    organization = "a-demo-organization"
+
+    workspaces {
+      name = "multi-cloud-k8s-aks"
+    }
+  }
+
+  # see https://www.terraform.io/docs/language/settings/index.html#specifying-provider-requirements
+  required_providers {
+    # see https://registry.terraform.io/providers/hashicorp/google/3.87.0
+    azurerm = {
+      source  = "hashicorp/azurerm"
+      version = "2.78.0"
+    }
+  }
+
+  # see https://www.terraform.io/docs/language/settings/index.html#specifying-a-required-terraform-version
+  required_version = "1.0.8"
+}

clusters/aks/variables.tf

@@ -0,0 +1,11 @@
+variable "tfe_workspaces_prefix" {
+  type        = string
+  description = "Prefix for TFE Workspaces."
+  default     = "multi-cloud-k8s"
+}
+
+variable "azure_region" {
+  type        = string
+  description = "The Azure Region where the Resources should exist."
+  default     = "westus"
+}

clusters/doks/README.md

@@ -0,0 +1,21 @@
+# Workspace `doks`
+
+> This directory contains [Digital Ocean](https://registry.terraform.io/providers/digitalocean/digitalocean) Resources.
+
+## Requirements
+
+* Terraform CLI `1.0.8` or newer
+* a Digital Ocean [account](https://m.do.co/c/b73b4af31c09)
+
+## Downstream Consumption
+
+The Kubernetes Cluster can be consumed via the [digitalocean_kubernetes_cluster](https://registry.terraform.io/providers/digitalocean/digitalocean/latest/docs/data-sources/kubernetes_cluster) data source:
+
+```hcl
+# see https://registry.terraform.io/providers/digitalocean/digitalocean/latest/docs/data-sources/kubernetes_cluster
+data "digitalocean_kubernetes_cluster" "cluster" {
+  name = "multi-cloud-k8s"
+}
+```
+
+The above example uses the default values for the `name` property. This may need to be changed for your situation.

clusters/doks/data-sources.tf

@@ -0,0 +1,4 @@
+# see https://registry.terraform.io/providers/digitalocean/digitalocean/latest/docs/data-sources/kubernetes_versions
+data "digitalocean_kubernetes_versions" "cluster" {
+  version_prefix = "1.19"
+}

clusters/doks/main.tf

@@ -0,0 +1,22 @@
+# see https://registry.terraform.io/providers/digitalocean/digitalocean/latest/docs/resources/kubernetes_cluster
+resource "digitalocean_kubernetes_cluster" "cluster" {
+  auto_upgrade = false
+
+  maintenance_policy {
+    start_time = "03:00"
+    day        = "monday"
+  }
+
+  name = var.tfe_workspaces_prefix
+
+  node_pool {
+    name       = "worker-pool"
+    size       = "s-2vcpu-2gb"
+    node_count = 3
+  }
+
+  region = var.do_region
+
+  # see https://registry.terraform.io/providers/digitalocean/digitalocean/latest/docs/resources/kubernetes_cluster#version
+  version = data.digitalocean_kubernetes_versions.cluster.latest_version
+}

clusters/doks/outputs.tf

@@ -0,0 +1,29 @@
+# see https://www.terraform.io/docs/language/values/outputs.html
+output "cluster_id" {
+  description = "DOKS Cluster ID."
+  value       = digitalocean_kubernetes_cluster.cluster.id
+}
+
+# see https://www.terraform.io/docs/language/values/outputs.html
+output "cluster_name" {
+  description = "DOKS Cluster Name."
+  value       = digitalocean_kubernetes_cluster.cluster.name
+}
+
+# see https://www.terraform.io/docs/language/values/outputs.html
+output "cluster_region" {
+  description = "DOKS Cluster Region."
+  value       = digitalocean_kubernetes_cluster.cluster.region
+}
+
+# see https://www.terraform.io/docs/language/values/outputs.html
+output "console_url" {
+  description = "DigitalOcean Console URL."
+  value       = "https://cloud.digitalocean.com/kubernetes/clusters"
+}
+
+# this variable is used for testing purposes and has no bearing on the demo
+# see https://www.terraform.io/docs/language/values/outputs.html
+output "workspace_url" {
+  value = "https://app.terraform.io/app/a-demo-organization/workspaces/multi-cloud-k8s-doks"
+}

clusters/doks/providers.tf

@@ -0,0 +1,5 @@
+# see https://registry.terraform.io/providers/digitalocean/digitalocean/latest
+provider "digitalocean" {
+  token        = var.do_token
+  api_endpoint = "https://api.digitalocean.com"
+}

clusters/doks/terraform.tf

@@ -0,0 +1,23 @@
+terraform {
+  # see https://www.terraform.io/docs/language/settings/backends/remote.html
+  backend "remote" {
+    hostname     = "app.terraform.io"
+    organization = "a-demo-organization"
+
+    workspaces {
+      name = "multi-cloud-k8s-doks"
+    }
+  }
+
+  # see https://www.terraform.io/docs/language/settings/index.html#specifying-provider-requirements
+  required_providers {
+    # see https://registry.terraform.io/providers/digitalocean/digitalocean/2.14.0
+    digitalocean = {
+      source  = "digitalocean/digitalocean"
+      version = "2.14.0"
+    }
+  }
+
+  # see https://www.terraform.io/docs/language/settings/index.html#specifying-a-required-terraform-version
+  required_version = "1.0.8"
+}

clusters/doks/terraform.tfvars.sample

@@ -0,0 +1 @@
+do_token = "..."