Note
Currently under initial development.
Kubernetes @ Humanitarian OpenStreetMap Team (HOT).
See the inital proposal for more background.
- Duplication exists between TF inputs, CI workflows, and local scripts.
- A tool like https://github.com/helmfile/helmfile may help with sourcing variables by environment.
- A basic version has been added to deploy revision deltas, further templating would be required.
- As more HOT applications + services are moved to cluster, this will only grow.
- Provisioning is currently done in the same workflow (TF, K8s, Helm), mostly as byproduct of initial development phase. Can be further refined.
- GitOps tools like ArgoCD are under consideration
- Flux Tofu controller may be an analog for base infrastructure (further investigation required).
- TF-managed information often needs to be referenced on the cluster
- ex: PostgresCluster CRD requires the role ARN authorized for backups. Role and bucket are created in TF.
- Global cluster resources are provisioned through TF, but argument can be made for their management by K8s.
- Ideal solution enables cluster resources to reference, mount, inject, etc. TF-managed information with minimal developer intervention.