-
brew install --cask google-cloud-sdk -
gcloud init && gcloud components install gke-gcloud-auth-plugin -
gcloud auth application-default login -
Get the repository:
git clone https://github.com/secoda/terraform-gcp-secoda
cd terraform-gcp-secoda
brew install terraform
terraform init
cp rename.onprem.tfvars onprem.tfvarsthen fillonprem.tfvarsin:
docker_password="*****"
region="us-east1"- Then run:
# The order of these commands is important:
terraform apply -var-file="onprem.tfvars" --target=google_container_node_pool.nodes
# Type `yes` at the prompt.
terraform apply -var-file="onprem.tfvars"
# Type `yes` at the prompt.- You must create a CNAME record with your DNS provider that points your your domain, i.e.
secoda.yourcompany.comto your ingress external ip. - Wait about 10 minutes. Then open
https://secoda.yourcompany.comto test out the service. It will only listen on HTTPS. Make sure you usehttps://and nothttp://. - We suggest using Cloudflare ZeroTrust to limit access to Secoda; optional.
- Load balancer is publicly accessible by default (IP is returned after running
terraform apply). You will not be able to connect to the IP. The ingress will only accept connections via thedomainname. There will be a delay on first setup as the registration target happens ~5 minutes. - We suggest using Cloudflare ZeroTrust to limit access to Secoda.
- It is configure to automatically pull the latest images on restart.
kubectl rollout restart deployment secoda-webwill redeploy the application with the latest images.
- Then run:
terraform destroy -var-file="onprem.tfvars"
# Type `yes` at the prompt.To store state in Hashicorp cloud, which we recommend, please complete the following steps. You should be a member of a Terraform Cloud account before proceeding.
In this directory, run terraform login. In versions.tf please uncomment the following lines and replace secoda with your organization name.
backend "remote" {
organization = "secoda"
}