Create a LB with TF and deploy a service atatched to the created LB

containers-orchestration/managed-kubernetes/create-service-using-existing-lb/README.md

@@ -0,0 +1,97 @@
+## Create a LB with TF and use it in a MKS service
+
+/!\ Warning: works only on MKS Standard for th emoment!
+
+MKS Standard -> call directly to the CCM (100% upstream)
+MKS Free -> PCI Integration problem (to be fixed)
+
+### General information
+ - 🔗 [Using Terraform with OVHcloud](https://help.ovhcloud.com/csm/fr-terraform-at-ovhcloud?id=kb_article_view&sysparm_article=KB0054776)
+ - 🔗 [How to use Terraform](https://help.ovhcloud.com/csm/en-gb-public-cloud-compute-terraform?id=kb_article_view&sysparm_article=KB0050787)
+ - 🔗 [OVH token generation page](https://www.ovh.com/auth/api/createToken?GET=/*&POST=/*&PUT=/*&DELETE=/*)
+
+### Prerequisites
+ - Have an existing MKS Standard (on EU-WEST-PAR)
+
+### Set up
+  - Install the [Terraform CLI](https://www.terraform.io/downloads.html)
+  - Get the credentials from the OVHCloud Public Cloud project:
+    - `application_key`
+    - `application_secret`
+    - `consumer_key`
+  - Get the `service_name` (Public Cloud project ID)
+  - Install the kubectl CLI
+
+### Demo
+
+#### Load Balancer creation
+
+  - set the environment variables `OVH_APPLICATION_KEY`, `OVH_APPLICATION_SECRET`, `OVH_CONSUMER_KEY` and `OVH_CLOUD_PROJECT_SERVICE`
+
+```bash
+# OVHcloud provider needed keys
+export OVH_ENDPOINT="ovh-eu"
+export OVH_APPLICATION_KEY="xxx"
+export OVH_APPLICATION_SECRET="xxx"
+export OVH_CONSUMER_KEY="xxx"
+export OVH_CLOUD_PROJECT_SERVICE="xxx"
+```
+
+  - replace the service_name in the [variables.tf](variables.tf) file
+
+```bash
+envsubst < variables.tf.template > variables.tf
+```
+
+  - (If necessary) change the region in the [variables.tf](variables.tf) file (EU-WEST-PAR by default)
+
+  - use the [lb.tf](lb.tf) file to define the resources to create
+  - use the [output.tf](output.tf) file to display the LB ID at the end of Terraform execution
+
+  - run the `terraform init` command
+  - run the `terraform plan` command
+  - run the `terraform apply` command (~ 2-3 mins)
+
+  - retrieve the Load Balancer ID (and save it in an environment variable)
+
+```bash
+export LB_ID=$(terraform output lb_id)
+echo $LB_ID
+```
+
+#### Deploy an application in a deployment and its service attached to the exiting LB
+
+/!\ To do on an MKS Standard!!
+
+  - deploy a deployment
+
+```bash
+cd k8s
+kubectl create ns demo-attach-ip
+kubectl apply -f deployment.yaml -n demo-attach-ip
+```
+
+  - replace the value of your LB_IP environment variable in the `svc.yaml` file (in the annotation):
+
+```bash
+envsubst < svc.yaml.template > svc.yaml
+```
+
+  - deploy a service of type LB attached to the existing LB
+
+```bash
+kubectl apply -f svc.yaml -n demo-attach-ip
+```
+
+  - check the service is atatched to the LB (and have an external IP):
+
+```bash
+kubectl get deploy,svc -n demo-attach-ip
+```
+
+Note please wait several seconds to obtain the EXTERNAL-IP
+
+
+### After the demo
+
+  - if needed delete the token with https://api.ovh.com/console-preview/?section=%2Fme&branch=v1#delete-/me/api/credential/-credentialId-

containers-orchestration/managed-kubernetes/create-service-using-existing-lb/data.tf

@@ -0,0 +1,8 @@
+data "ovh_cloud_project_loadbalancer_flavors" "flavors" {
+  service_name = var.service_name
+  region_name  = var.region
+}
+
+output "flavor_small" {
+    value = element([for name in data.ovh_cloud_project_loadbalancer_flavors.flavors.flavors: name if "${name.name}" == "small"], 0).id
+}

containers-orchestration/managed-kubernetes/create-service-using-existing-lb/k8s/deployment.yaml

@@ -0,0 +1,21 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: hello-world-deployment
+  labels:
+    app: hello-world
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: hello-world
+  template:
+    metadata:
+      labels:
+        app: hello-world
+    spec:
+      containers:
+      - name: hello-world
+        image: ovhplatform/hello
+        ports:
+        - containerPort: 80

containers-orchestration/managed-kubernetes/create-service-using-existing-lb/k8s/svc.yaml.template

@@ -0,0 +1,17 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: hello-world
+  annotations:
+    loadbalancer.openstack.org/load-balancer-id: $LB_ID
+  labels:
+    app: hello-world
+spec:
+  type: LoadBalancer
+  ports:
+  - port: 80
+    targetPort: 80
+    protocol: TCP
+    name: http
+  selector:
+    app: hello-world

containers-orchestration/managed-kubernetes/create-service-using-existing-lb/lb.tf

@@ -0,0 +1,58 @@
+resource "ovh_cloud_project_network_private" "priv" {
+  service_name  = var.service_name
+  vlan_id       = "007"
+  name          = "my_priv_nw"
+  regions       = [var.region]
+}
+
+resource "ovh_cloud_project_network_private_subnet" "privsub" {
+  service_name  = ovh_cloud_project_network_private.priv.service_name
+  network_id    = ovh_cloud_project_network_private.priv.id
+  region        = var.region
+  start         = "10.0.0.2"
+  end           = "10.0.255.254"
+  network       = "10.0.0.0/16"
+  dhcp          = true
+}
+
+resource "ovh_cloud_project_gateway" "gateway" {
+  service_name = ovh_cloud_project_network_private.priv.service_name
+  name         = "my-gateway"
+  model        = "s"
+  region       = ovh_cloud_project_network_private_subnet.privsub.region
+  network_id   = tolist(ovh_cloud_project_network_private.priv.regions_attributes[*].openstackid)[0]
+  subnet_id    = ovh_cloud_project_network_private_subnet.privsub.id
+}
+
+resource "ovh_cloud_project_loadbalancer" "lb" {
+  service_name = ovh_cloud_project_network_private_subnet.privsub.service_name
+  region_name = ovh_cloud_project_network_private_subnet.privsub.region
+  //flavor_id = "31990104-8a7b-4d8f-a728-9c4cfd14fe72" # small flavor on GRA11 region
+  flavor_id = element([for name in data.ovh_cloud_project_loadbalancer_flavors.flavors.flavors: name if "${name.name}" == "small"], 0).id
+  name = "my_new_lb_for_kube"
+  network = {
+    private = {
+      gateway = {
+        id = ovh_cloud_project_gateway.gateway.id
+      }
+      floating_ip_create = {
+        description = "Floating IP for my new LB for Kube"
+      }
+      network = {
+        id = element([for region in ovh_cloud_project_network_private.priv.regions_attributes: region if "${region.region}" == var.region], 0).openstackid
+        subnet_id = ovh_cloud_project_network_private_subnet.privsub.id
+      }
+    }
+  }
+  description = "My new LB for Kube"
+  listeners = [
+    {
+      port = "34568"
+      protocol = "tcp"
+    },
+    {
+      port = "34569"
+      protocol = "udp"
+    }
+  ]
+}

containers-orchestration/managed-kubernetes/create-service-using-existing-lb/output.tf

@@ -0,0 +1,7 @@
+output "lb_id" {
+  value = ovh_cloud_project_loadbalancer.lb.id
+}
+
+output "lb_floating_ip" {
+  value = ovh_cloud_project_loadbalancer.lb.floating_ip.ip
+}

containers-orchestration/managed-kubernetes/create-service-using-existing-lb/provider.tf

@@ -0,0 +1,11 @@
+terraform {
+  required_providers {
+    ovh = {
+      source  = "ovh/ovh"
+    }
+  }
+}
+
+provider "ovh" {
+  endpoint           = "ovh-eu"
+}

containers-orchestration/managed-kubernetes/create-service-using-existing-lb/variables.tf.template

@@ -0,0 +1,9 @@
+variable service_name {
+  type        = string
+  default = "$OVH_CLOUD_PROJECT_SERVICE"
+}
+
+variable region {
+    //default = "GRA11" //1AZ - Free
+    default = "EU-WEST-PAR" //3AZ - Standard
+}