Deploy Cloud Service
Integrating cloud service is the most frequent need in our daily development. Varies from the Object storage、Cloud database to LoadBalancer, cache, or search engine, faster to loading them save more time. Meanwhile, to orchestrate different resources from multi-cloud is quite a pain point.
In this section, we introduce an example of using Alibaba Cloud RDS to show you how to deploy cloud services.
Has a cloud vendor account. To keep its permission more secure, we recommend delegating a subaccount of security keys. For example in AliCloud, please head it to Creating RAM.
Ensure your account has a sufficient balance
Enabling cloud vendor Addons
First, we open up VelaUX Dashboard, switch to the tab , and click up terraform-alibaba:
Then fill in your ALICLOUD_ACCESS_KEY, ALICLOUD_REGION, and ALICLOUD_SECRET_KEY to enable it。
terraform-alibaba
addon depends on terraform
addon. If the latter isn’t enabled, it’ll be automatically enabled when the former does. The creating process of cloud services pulls configuration from GitHub. If your control plane cluster that runs KubeVela is very hard to connect to GitHub, please open up the GithubBlocked
option in terraform
addon.
The terraform-alibaba
addon supports the following types of resources and more later on:
- alibaba-rds
- alibaba-ack
- alibaba-ask
- alibaba-oss
- alibaba-rds
- alibaba-redis
The way of deploying cloud services differs from other types of apps, cause its controller only runs in the control plane cluster. Therefore, we need to set the cloud vendor and regional parameters of each target.
Enter the page of Targets, select the cloud service you need. Click to the edit mode or simply create a new one.
The target first mainly describes the Namespace of the Kubernetes cluster and then describes the cloud vendor and region where the cluster is located by setting shared variables.
- Cloud Service Provider: The cloud service provider is bound to AK/SK. The default name generated by
terraform-alibaba
isdefault
, so fill in default here. - Region: Region, select a region based on this parameter when creating a cloud service. You should fill in the location of the Kubernetes cluster described in the current target so that applications in Kubernetes can directly access the delivered cloud services.
Creating your cloud service
After finishing setting up the target, let’s go to the Applications
page and click New Application
to create. Similar to other apps, you need to choose the type of your cloud service, such as alibaba-rds
; then choose an environment that must have both and Region
parameters set up.
Click Next Step
to the configuration page. For different vendors, these parameters update accordingly. As for alibaba-rds
, it has the following:
- DatabaseName: the name of the database
- AccountName: account name by default
- Password: password by default
- AllocatePublicConnection: Whether to assign a public network access address
- DeleteResource: Whether to delete the corresponding cloud service when the app is deleted
- Privilege: default account permissions
For other cloud resources, you could read the description of each field to get know how to use it.
Set the above parameters according to your needs, click Create
to enter the application management page, and click the deploy button to start the deployment of cloud services.
Like other apps, cloud service apps also need to switch to the corresponding environment page to view instance information. By default, there are several targets in an environment, and the cloud service will generate a corresponding number of instances.
In the instance list, the instance name, status, resource type, and location are displayed. In the beginning, the name is empty, because the cloud service instance generation takes a certain amount of time, and the name will appear when the instance is generated normally. Click the name to enter the cloud vendor console page corresponding to the resource.
Click the Check the detail
button to view the application details. You will find that each instance generates a Secret resource, which generally records the service’s access address and key information. Secret resources will be distributed to the cluster and Namespace where the target is located while the control cluster exists. Therefore, other applications in the same environment can directly use the resource in the environment variable to obtain the access address and key.
FAQ
- The cloud service instance is in the ProviderNotReady state
- The cloud service is always ProvisioningAndChecking and has no name