Integrating cloud service is the most frequent need in our daily development. Varies from the Object storage、Cloud database to LoadBalancer, cache, or search engine, faster to loading them save more time. Meanwhile, to orchestrate different resources from multi-cloud is quite a pain point.
In this section, we introduce an example of using Alibaba Cloud RDS to show you how to deploy cloud services.
Has a cloud vendor account. To keep its permission more secure, we recommend delegating a subaccount of security keys. For example in AliCloud, please head it to Creating RAM.
Ensure your account has a sufficient balance
Connect to a Kubernetes cluster on this cloud vendor for hosting your cloud services
First, we open up VelaUX Dashboard, switch to the tab
Addon, and click up terraform-alibaba:
Then fill in your ALICLOUD_ACCESS_KEY, ALICLOUD_REGION, and ALICLOUD_SECRET_KEY to enable it。
Notice: KubeVela encrypt all the keys hence no need to worry about its safety
terraform-alibaba addon depends on
terraform addon. If the latter isn't enabled, it'll be automatically enabled when the former does. The creating process of cloud services pulls configuration from GitHub. If your control plane cluster that runs KubeVela is very hard to connect to GitHub, please open up the
GithubBlocked option in
terraform-alibaba addon supports the following types of resources and more later on:
The way of deploying cloud services differs from other types of apps, cause its controller only runs in the control plane cluster. Therefore, we need to set the cloud vendor and regional parameters of each target.
Enter the page of Targets, select the cloud service you need. Click
Edit to the edit mode or simply create a new one.
The target first mainly describes the Namespace of the Kubernetes cluster and then describes the cloud vendor and region where the cluster is located by setting shared variables.
- Cloud Service Provider: The cloud service provider is bound to AK/SK. The default name generated by
default, so fill in default here.
- Region: Region, select a region based on this parameter when creating a cloud service. You should fill in the location of the Kubernetes cluster described in the current target so that applications in Kubernetes can directly access the delivered cloud services.
After finishing setting up the target, let's go to the
Applications page and click
New Application to create. Similar to other apps, you need to choose the type of your cloud service, such as
alibaba-rds; then choose an environment that must have both
Cloud Service Provider and
Region parameters set up.
Next Step to the configuration page. For different vendors, these parameters update accordingly. As for
alibaba-rds, it has the following:
- InstanceName: the name of the instance
- DatabaseName: the name of the database
- AccountName: account name by default
- Password: password by default
- AllocatePublicConnection: Whether to assign a public network access address
- DeleteResource: Whether to delete the corresponding cloud service when the app is deleted
- Privilege: default account permissions
For other cloud resources, you could read the description of each field to get know how to use it.
Set the above parameters according to your needs, click
Create to enter the application management page, and click the deploy button to start the deployment of cloud services.
Like other apps, cloud service apps also need to switch to the corresponding environment page to view instance information. By default, there are several targets in an environment, and the cloud service will generate a corresponding number of instances.
In the instance list, the instance name, status, resource type, and location are displayed. In the beginning, the name is empty, because the cloud service instance generation takes a certain amount of time, and the name will appear when the instance is generated normally. Click the name to enter the cloud vendor console page corresponding to the resource.
Check the detail button to view the application details. You will find that each instance generates a Secret resource, which generally records the service's access address and key information. Secret resources will be distributed to the cluster and Namespace where the target is located while the control cluster exists. Therefore, other applications in the same environment can directly use the resource in the environment variable to obtain the access address and key.
- The cloud service instance is in the ProviderNotReady state
First to look at whether the parameters of the target are correctly set according to the documentation guidelines. Then make sure that the AK/SK is correct and the corresponding user has the authority to create the resource.
- The cloud service is always ProvisioningAndChecking and has no name
The creation of cloud services generally takes a certain amount of time. Please wait or enter the cloud vendor console to view the creation progress.