MetaKube Terraform Example
This guide provides an example of how to use Terraform with SysEleven's MetaKube service.
Prerequisites
- A MetaKube project
- A SysEleven IAM Service Account with the all MetaKube permissions.
Steps
We will use Terraform in this example. Please refer to the official installation instructions to install Terraform.
- Create a new directory for your Terraform configuration:
- Create a file named
main.tfwith the following content:
variable "s11_service_account" {
description = "Service Account credentials for SysEleven authentication"
type = string
default = "YOUR_APPLICATION_CREDENTIAL_SECRET" # this token format s11_orgsa_<uuid>_<secret>
}
variable "project_id" {
description = "Project ID for SysEleven"
type = string
default = "YOUR_PROJECT_ID"
}
variable "region" {
description = "Region for SysEleven OpenStack"
type = string
default = "dus2"
}
terraform {
required_providers {
metakube = {
source = "syseleven/metakube"
}
openstack = {
source = "terraform-provider-openstack/openstack"
}
}
}
provider "metakube" {
host = "https://metakube.syseleven.de"
token = var.s11_service_account
}
provider "openstack" {
application_credential_id = "s11auth:${var.project_id}"
application_credential_secret = var.s11_service_account
# domain_name = "syseleven-openstack-cloud"
auth_url = "https://keystone.cloud.syseleven.net:5000/v3"
region = var.region
}
data "openstack_images_image_v2" "image" {
most_recent = true
visibility = "public"
properties = {
os_distro = "ubuntu"
os_version = "24.04"
}
}
data "local_file" "public_sshkey" {
filename = pathexpand("~/.ssh/id_rsa.pub")
}
resource "metakube_sshkey" "local" {
project_id = var.project_id
name = "local SSH key"
public_key = data.local_file.public_sshkey.content
}
data "metakube_k8s_version" "cluster" {
major = "1"
minor = "31"
}
resource "metakube_cluster" "cluster" {
name = "my-sys11-tf-cluster"
dc_name = "syseleven-${var.region}"
project_id = var.project_id
sshkeys = [metakube_sshkey.local.id]
spec {
enable_ssh_agent = true
version = data.metakube_k8s_version.cluster.version
cloud {
openstack {
application_credentials {
id = "s11auth:${var.project_id}"
secret = var.s11_service_account
}
floating_ip_pool = "ext-net"
}
}
cni_plugin {
type = "cilium"
}
}
}
# create admin.conf file
resource "local_file" "kubeconfig" {
content = metakube_cluster.cluster.kube_config
filename = "${path.module}/admin.conf"
}
resource "metakube_node_deployment" "node_deployment" {
cluster_id = metakube_cluster.cluster.id
project_id = var.project_id
spec {
replicas = 1
template {
cloud {
openstack {
flavor = "SCS-2V-8-50n"
image = data.openstack_images_image_v2.image.name
use_floating_ip = true
instance_ready_check_period = "5s"
instance_ready_check_timeout = "100s"
}
}
operating_system {
ubuntu {
}
}
versions {
kubelet = data.metakube_k8s_version.cluster.version
}
}
}
}
- Configure MetaKube and OpenStack Access
Replace the following placeholders in the main.tf file:
- YOUR_APPLICATION_CREDENTIAL_SECRET
- YOUR_PROJECT_ID
- Initialize Terraform
- Apply the Terraform configuration
When prompted, review the planned changes and type yes to proceed. You should see the output of the Terraform configuration. Verify in the SysEleven Dashboard that the MetaKube cluster and node deployment have been created.
- Access your cluster
After the apply is complete, you'll find a admin.conf file in your current directory. You can use this file to access your cluster with kubectl:
- Destroy the Terraform configuration
When you're done experimenting, you can destroy all created resources:
Example Configuration
The main.tf file provided in step 2 serves as a complete example configuration for creating a MetaKube cluster using Terraform. You can use this as a starting point for your own configurations, adjusting the cluster specifications, node deployments, and other settings as needed.