3. Provision Infrastructure

Overview

The image below illustrates the multiple components deployed. These include the EKS, Worker Nodes, Postgres DB, EBS Volumes, and Load Balancer.

Steps

1. Clone the DIGIT-DevOps repository:

git clone https://github.com/egovernments/DIGIT-DevOps.git

1. Navigate to the cloned repository and checkout the kubernetes-1.30 branch:

cd DIGIT-DevOps 
git checkout kubernetes-1.30

aws configure list

1. Choose either method below to generate SSH key pairs

   • b. Use openssl:

openssl genpkey -algorithm RSA -out private_key.pem openssl rsa -pubout -in private_key.pem -out public_key.pem

2. Open input.yaml file in vscode. Use the below code to open it in VS code:

   code infra-as-code/terraform/sample-aws/input.yaml

   If the command does not work, open the file in VS code manually. Once the file is open, fill in the inputs. (If you are not using vscode, open it in any editor of your choice).

3. Fill in the inputs as per the regex mentioned in the comments.

4. Go to infra-as-code/terraform/sample-aws and run init.go script to enrich different files based on input.yaml.

cd infra-as-code/terraform/sample-aws 
go run ../scripts/init.go

Terraform Execution: Infrastructure Resources Provisioning

Once we are complete declaring the resources, begin with deploying all resources.

Run the terraform scripts to provision infra required to Deploy DIGIT on AWS.

1. CD (change directory) to the following directory and run the below commands to create the remote state.

### Create the remote-state first, remember that the state name should be unique
### You may need to use sudo incase you don't have requisite permission

cd remote-state

terraform init

terraform plan

terraform apply

Once the remote state is created, it is time to provision DIGIT infra. Run the below commands:

### Once the remote state is created, you can create the DIGIT Infra

cd ..

terraform init

terraform plan

terraform apply

Important:

• DB password is asked for in the application stage. Remember the password you have provided. It should be at least 8 characters long. Otherwise, RDS provisioning will fail.

• The output of the apply command will be displayed on the console. Store this in a file somewhere. Values from this file will be used in the next step of deployment.

aws sts get-caller-identity

# Run the below command and give the respective region-code and the cluster name
aws eks --region <region-code> update-kubeconfig --name <cluster_name>

3. Verify that you can connect to the cluster by running the following command

kubectl config use-context <cluster_name>

kubectl get nodes

NAME                                             STATUS AGE   VERSION               OS-Image           
ip-192-168-xx-1.ap-south-1.compute.internal   Ready  45d   v1.15.10-eks-bac369   Amazon Linux 2   
ip-192-168-xx-2.ap-south-1.compute.internal   Ready  45d   v1.15.10-eks-bac369   Amazon Linux 2   
ip-192-168-xx-3.ap-south-1.compute.internal   Ready  45d   v1.15.10-eks-bac369   Amazon Linux 2   
ip-192-168-xx-4.ap-south-1.compute.internal   Ready  45d   v1.15.10-eks-bac369   Amazon Linux 2 

At this point, your basic infra has been provisioned.

Destroying Infra

To destroy the previously created infrastructure with Terraform, run the command below:

1. ELB is not deployed via Terraform. ELB was created at deployment time by the setup of Kubernetes Ingress. This has to be deleted manually by deleting the ingress service.

   • kubectl delete deployment nginx-ingress-controller -n <namespace>

   • kubectl delete svc nginx-ingress-controller -n <namespace>

     Note: Namespace can be either egov or jenkins.

2. Delete S3 buckets manually from the AWS console and verify if ELB got deleted.
3. Run terraform destroy.