Project:Infrastructure/Terraform
From Gentoo Wiki
Jump to:navigation
Jump to:search
Infra-as-code
Gentoo uses some Terraform to manage various components that have terraform support; this helps support infra-as-code which we feel is important to manage infrastructure. For infra members, check out git+ssh://git@git.gentoo.org/infra/infra-as-code.
Pushing updates
Currently terraform can control our onprem gitlab and our AWS deployment. Pushing updates requires two credentials:
- An AWS credential to access terraform state (s3, dynamodb). - A credential for the target system (currently an AWS or gitlab credential.)
We will document how to get both.
AWS
infra-as-code/aws/accounts/$ARN/ is our aws control segment.
Gitlab
infra-as-code/gitlab/ is our gitlab control segment.
It stores terraform state on AWS; to use terraform apply you will need AWS creds. export AWS_SECRET_KEY_ID and AWS_SECRET_ACCESS_KEY for your role.