Avatar

This blog is a follow up to a previous one on IST (Intersight Service for Terraform) and VM Provisioning. Let’s continue our exploration of programmable infrastructures with our next use case.

First, here are some numbers to set the context

“By 2025, 85% of global organizations will be running containerized applications in production, which is a significant increase from fewer than 35% in 2019”
Gartner: “Best Practices for Running Containers and Kubernetes in Production.”
Published 4 August 2020

“By 2025, the proportion of enterprise applications that are containerized will rise to 15%, up from 5% in 2020”
Gartner: “Kubernetes Isn’t Always the Answer (and Here’s How to Determine Suitability)” Published 5 January 2021

Organizations are seeking uniformity in tools and procedures

Tracking industry trends, some of the legacy enterprise applications will be modernized in a microservices architecture and containerized. While some of the microservices and heritage apps will remain on-prem. Others will make their way to public clouds. In general, DevOps has been very successful in leveraging open source tools, such as Terraform, for public cloud infrastructure provisioning. For example, enterprises are seeking to bring the cloud experience on-prem by providing their DevOps and application developers with IT services like CAAS (Container As A Service).

Organizations are seeking uniformity in tools and procedures that they use to orchestrate their cloud stacks across public and private clouds to host these containerized workloads.

Intersight Kubernetes Service (IKS) container management platform

The debate on container orchestration frameworks has pretty much concluded (at least for now!) and Kubernetes is a clear winner. Organizations have successfully leveraged Kubernetes services (AKS, EKS, GKE,..) from public clouds and Terraform has played a prominent role in their CI/CD toolchain. To support containerized workload deployments and operations, Cisco Intersight includes IKS (Intersight Kubernetes Service) which is a SaaS-delivered, turn-key container management platform for multicloud and production-grade Kubernetes.

The following use case attempts to highlight the integration that was recently announced between Cisco Intersight and HashiCorp Cloud for Business.

Cisco Intersight and HashiCorp Cloud for Business use case

In this blog, we will walk through a simple use case where:

  • A cloud admin would offer CaaS (containers as a service) in their service catalog, leveraging IKS (Intersight Kubernetes Service) to set up the ippools and Kubernetes policies for an app team in her enterprise
  • An App DevOps then comes in and leverages those policies to provision an IKS cluster based on the specification of the App developers for the cluster and finally
  • An App Developer would deploy a sample app.

The above will leverage TFCB (Terraform Cloud For Business), IST (Intersight Service for Terraform), IKS (Intersight Kubernetes Service), Intersight Terraform Provider and Helm Terraform provider.

Following assumes that the configuration and provisioning is all done with Terraform Cloud UI (traditional ClickOps). Please watch out for subsequent blogs that will address the same using Intersight API’s for end-to-end programmability.

Role of a Cloud Admin

You will provision the following Targets in Intersight and verify for a Connected operational status:

Terraform Pat Jana

You will set up the Terraform config files and workspaces for provisioning ippools and policies for the app team and execute the Terraform plan in TFCB. An example can be found here

Role of an App DevOps

Based on the infrastructure requirements provided by your app team, you will set up the Terraform config files and workspaces to provision an IKS cluster leveraging the policies configured by your Cloud Admin. You will plan and execute the Terraform plan in TFCB. An example of the config file to provision a single node IKS cluster can be found here:

Role of an App Developer

You will set up the Terraform config files and workspaces for deploying a sample app on the IKS cluster provisioned by your DevOps. An example of the config file to deploy a sample app using the Terraform Helm Provider can be found here:

SandBox and learning lab

A sandbox and a learning lab are available here. It helps the user wear the hat of the above personas and walk through a sample deployment exercise:

The following captures a very high-level view of the sequence across the various tools in the sandbox and is quite self-explanatory. The Sandbox simulates your on prem infrastructure:

Terraform Pat Jana

Check out this DevNet CodeExchange entry if you would like to experiment with a single-node cluster in your own vSphere infrastructure.

Behind the scenes…

The following highlights the value add of Cisco Intersight and TFCB integrations in simplifying and securely provisioning private cloud resources such as k8s clusters and applications on prem.

Terraform Pat Jana

Terraform Pat Jana

Additional Resources