Version: v1.1

Provision and Binding

Cloud-oriented development is now becoming the norm, there is an urgent need to integrate cloud resources from different sources and types. Whether it is the most basic object storage, cloud database, or load balancing, it is all faced with the challenges of hybrid cloud, multi-cloud and other complex environments. KubeVela is perfect to satisfy the needs.

KubeVela efficiently and securely integrates different types of cloud resources through resource binding capabilities in cloud resource Components and Traits. At present, you can directly use the default components of AliCloud Kubernetes(ACK), AliCloud Object Storage Service (OSS) and AliCloud Relational Database Service (RDS). At the same time, more new cloud resources will gradually become the default option under the support of the community in the future. You can use cloud resources of various manufacturers in a standardized and unified way.

This tutorial will talk about how to provision and consume Cloud Resources by Terraform.

⚠️ This section requires your platform engineers have already enabled add-on ‘terraform/provider-alicloud’.

Supported Cloud Resource list

Orchestration TypeCloud ProviderCloud ResourceDescription
TerraformAlibaba CloudACKTerraform configuration for Alibaba Cloud ACK cluster
EIPTerraform configuration for Alibaba Cloud EIP object
OSSTerraform configuration for Alibaba Cloud OSS object
RDSTerraform configuration for Alibaba Cloud RDS object

Terraform

All supported Terraform cloud resources can be seen in the list above. You can also filter them by command by vela components --label type=terraform.

Provision cloud resources

Use the following Application to provision an OSS bucket:

  1. apiVersion: core.oam.dev/v1beta1
  2. kind: Application
  3. metadata:
  4.   name: provision-cloud-resource-sample
  5. spec:
  6.   components:
  7.     - name: sample-oss
  8.       type: alibaba-oss
  9.       properties:
  10.         bucket: vela-website-0911
  11.         acl: private
  12.         writeConnectionSecretToRef:
  13.           name: oss-conn

The above alibaba-oss component will create an OSS bucket named vela-website-0911, with private acl, with connection information stored in a secreted named oss-conn. description, whether it’s compulsory, and default value.

Apply the above application, then check the status:

  1. $ vela ls
  2. APP                             COMPONENT   TYPE        TRAITS  PHASE   HEALTHY STATUS                                          CREATED-TIME
  3. provision-cloud-resource-sample sample-oss  alibaba-oss         running healthy Cloud resources are deployed and ready to use   2021-09-11 12:55:57 +0800 CST

After the phase becomes running and healthy, you can then check the OSS bucket in Alibaba Cloud console or by ossutil command.

  1. $ ossutil ls oss://
  2. CreationTime                                 Region    StorageClass    BucketName
  3. 2021-09-11 12:56:17 +0800 CST        oss-cn-beijing        Standard    oss://vela-website-0911

Bind cloud resources

Let’s deploy the application below to provision Alibaba Cloud OSS and RDS cloud resources, and consume them by the web component.

  1. apiVersion: core.oam.dev/v1beta1
  2. kind: Application
  3. metadata:
  4.   name: webapp
  5. spec:
  6.   components:
  7.     - name: express-server
  8.       type: webservice
  9.       properties:
  10.         image: zzxwill/flask-web-application:v0.3.1-crossplane
  11.         ports: 80
  12.       traits:
  13.         - type: service-binding
  14.           properties:
  15.             envMappings:
  16.               # environments refer to db-conn secret
  17.               DB_PASSWORD:
  18.                 secret: db-conn                                   # 1) If the env name is the same as the secret key, secret key can be omitted.
  19.               endpoint:
  20.                 secret: db-conn
  21.                 key: DB_HOST                                      # 2) If the env name is different from secret key, secret key has to be set.
  22.               username:
  23.                 secret: db-conn
  24.                 key: DB_USER
  25.               # environments refer to oss-conn secret
  26.               BUCKET_NAME:
  27.                 secret: oss-conn
  30.     - name: sample-db
  31.       type: alibaba-rds
  32.       properties:
  33.         instance_name: sample-db
  34.         account_name: oamtest
  35.         password: U34rfwefwefffaked
  36.         writeConnectionSecretToRef:
  37.           name: db-conn
  40.     - name: sample-oss
  41.       type: alibaba-oss
  42.       properties:
  43.         bucket: vela-website-0911
  44.         acl: private
  45.         writeConnectionSecretToRef:
  46.           name: oss-conn

The component sample-db will generate secret db-conn with these keys, and the component sample-oss will generate secret oss-conn. These secrets are binded to the Envs of component express-server by trait Service Binding. Then the component can consume instances of OSS and RDS.

Deploy and verify the application.

  1. $ vela ls
  2. APP     COMPONENT       TYPE        TRAITS          PHASE           HEALTHY     STATUS  CREATED-TIME
  3. webapp  express-server  webservice  service-binding running         healthy             2021-09-08 16:50:41 +0800 CST
  4. ├─      sample-db       alibaba-rds                 running         healthy             2021-09-08 16:50:41 +0800 CST
  5. └─      sample-oss      alibaba-oss                 running         healthy             2021-09-08 16:50:41 +0800 CST
  1. $ sudo kubectl port-forward deployment/express-server 80:80
  4. Forwarding from 127.0.0.1:80 -> 80
  5. Forwarding from [::1]:80 -> 80
  6. Handling connection for 80
  7. Handling connection for 80

Provision and Binding - 图1

Next