Skip to content

Latest commit

 

History

History
164 lines (140 loc) · 10.6 KB

README.md

File metadata and controls

164 lines (140 loc) · 10.6 KB

How Plural works

The two main functionalities that make Plural work are dependency tracking between DevOps tools (Helm and Terraform) and templating.

When a user sets up a new Plural workspace in a git repository a workspace.yaml file is created that stores global values for that cluster such as the cloud account and region, the cluster and VPC name and what subdomain all the applications will be hosted under. Next, the user can install an application using the plural bundle <app_name> <bundle> CLI command. The CLI will then prompt the user for for inputs needed to setup that application, along with any dependencies of the application. These inputs are saved in the context.yaml file.

Next, the user runs plural build which will create a wrapper Helm chart and Terraform module. The wrapper Helm chart and Terraform module depend on the application Helm chart(s) and Terraform module(s) it gets from the Plural API, which the CLI downloads. The CLI will then generate the values.yaml for the wrapper helm chart and main.tf for the wrapper Terraform module using the values saved in the context.yaml using its templating engine.

Plural application artifacts

As mentioned above, the Plural CLI creates a wrapper Helm chart and Terraform module for each installed application and inputs the user defined values for that installation. Some extra files are necessary in Helm charts and Terraform modules for Plural to be able to understand their dependencies and run them through its templating engine. Namely, a deps.yaml file which lists the dependencies of the Helm chart or Terraform module, and the values.yaml.tpl and terraform.tfvars file for Helm and Terraform respectively.

The values.yaml.tpl and terraform.tfvars files are run through the Plural templating engine, which is similar to that of Helm, and are used to generate the values.yaml for the wrapper helm chart and main.tf for the wrapper Terraform module.

The next example is a snippet of the values.yaml.tpl file for Grafana:

grafana:
  admin:
    password: {{ dedupe . "grafana.grafana.admin.password" (randAlphaNum 14) }}
    user: admin
  ingress:
    tls:
    - hosts:
      - {{ .Values.hostname }}
      secretName: grafana-tls
    hosts:
    - {{ .Values.hostname }}

In the above example, the hostname a for Grafana that is saved in the context.yaml will be set in the ingress for Grafana by {{ .Values.hostname }}. It also showcases dedupe, which is one of the templating functions available in the Plural CLI.

We are using the dedupe function so that a new random password for the Grafana admin is not generated if it has already been set. The reason grafana.grafana.admin.password is specified for the path, is because the CLI will create a wrapper Helm chart named grafana in a user's installation workspace. Please see this section of the Helm docs for an explanation on how to pass values to a subchart.

The next snippet shows a part of the terraform.tfvars for the AWS bootstrap terraform module:

vpc_name = {{ .Values.vpc_name | quote }}
cluster_name = {{ .Cluster | quote }}

Except for the user's application inputs from the context.yaml and the aforementioned dedupe function, Plural includes a lot of other values and functions that make it possible to simplify otherwise complex application configurations.

Templating reference

Along with the standard functions available in the Go templating language, the following Plural specific functions can be used.

Functions:

Function Input (type) Returned value Description
fileExists Path (string) Boolean Checks if a file exists
pathJoin Parts ([]string) String Joins parts of a path
repoRoot X String Returns the path of the installation repository
repoName X String Returns the base path of repoRoot
repoUrl X String Returns the remote.origin.url of the installation repository
branchName X String Returns the name of the branch used for the installation repository
dumpConfig X String, Error Returns the Plural CLI config
dumpAesKey X String, Error Returns the AES keys used for the installation repository
readFile Path (strong) String Returns the contents of a file as a string
readLine Prompt (string) String, Error Prompts the user for input and returns the inputted string
readPassword Prompt (string) String, Error Prompts the user for a password input and returns the inputted string
readLineDefault Prompt, Default (string) string, error Prompts the user for input and returns the inputted string or the default value if input is empty
homeDir Parts ([]string) string, error Returns the path of the user's home directory with the path parts appended to it
knownHosts X string, error Returns the contents of the .ssh/known_hosts file in the user's home directory
probe Object (interface{}), Path (string) interface{}, error Checks if the object exists at the input path
dedupe Object (interface{}), Path, Value (string) string Returns Object if it exists at the input Path, otherwise returns Value as a string
dedupeObj Object (interface{}), Path (string), Value (interface{}) interface{} Returns Object if it exists at the input Path, otherwise returns Value as an interface{}. Used for complex data types
namespace Name (string) string Returns the namespace for an application
secret Namespace, Name (string) map[string]interface{} Returns the content of a Kubernetes secret
importValue Tool, Path (string) string Returns the value from another tool at the given path. An example use case is to use a value from the Terraform output in the Helm chart
toYaml Value (interface{}) string, error Formats the input value as YAML
eabCredential Cluster, Provider (string) api.EabCredential, error Creates a new set of EAB credentials in the Plural API for when using cert-manager with the Plural DNS

Template values:

Path Description
.Values The (recipe) values a user inputted for the given application
.Configuration Allows for getting values from other applications stored in the context.yaml file. For example, to use the hostname configured for Grafana in another application {{ .Configuration.grafana.hostname }} can be used.
.License The License for this application installation
.Config The Plural CLI configuration object. Please see below for a detailed explanation
.OIDC The OIDC configuration object for an application. Please see below for a detailed explanation
.Region The cloud region configured for the workspace of the installation
.Project The cloud project configured for the workspace of the installation
.Cluster The name of the cluster configured for the workspace of the installation
.Provider The name of the cloud provider configured for the workspace of the installation
.Context The context map of the Plural cloud provider config for the workspace of the installation
.SMTP The SMTP configuration of the workspace. Please see below for a detailed explanation
.Applications.HelmValues Function that can be used to get the Helm values from another application. This differs from .Configuration as this can access all Helm values for an application, not only those stored in the context.yaml. For example, to use the generated Grafana admin password in another application you can do {{ $grafanaValues := .Applications.HelmValues "grafana" }} then {{ $grafanaValues.grafana.grafana.admin.password }}.
.Applications.TerraformValues Function that can be used to get the Terraform outputs from another application. Usage is similar to .Applications.HelmValues. For example, to get the Terraform outputs of the bootstrap application you can use {{ $bootstrapOutputs := .Applications.TerraformValues "bootstrap" }}
.Acme.KeyId The ACME key ID for to the application when using Plural DNS
.Acme.Secret The ACME secret for to the application when using Plural DNS

.Config values:

Path Description
.Config.Email The user email address of the current CLI user
.Config.Token The Plural token of the current CLI user
.Config.NamespacePrefix The prefix to add to namespaces created for Plural applications
.Config.Endpoint The Plural endpoint the CLI will use
.Config.LockProfile
.Config.ReportErrors If CLI errors should be reported back to Plural
.COnfig.metadata.Name Name of the CLI config that is currently being used

.OIDC values:

Path Description
.OIDC.Id The ID of the OIDC provider for the application
.OIDC.ClientId The Client ID for the OIDC provider of the application
.OIDC.ClientSecret The Client Secret for the OIDC provider of the application
.OIDC.RedirectUris List of redirect URIs for the OIDC provider of the application
.OIDC.Bindings List of bindings for the OIDC provider of the application. Please see below for a detailed explanation
.OIDC.Configuration.Issuer The Issuer of the OIDC provider for the application
.OIDC.Configuration.AuthorizationEndpoint The Authorization endpoint of the OIDC provider for the application
.OIDC.Configuration.TokenEndpoint The Token endpoint of the OIDC provider for the application
.OIDC.Configuration.JwksUri The JWKS URI of the OIDC provider for the application
.OIDC.Configuration.UserinfoEndpoint The endpoint exposing user info of the OIDC provider for the application

.OIDC.Bindings values:

Path Description
.OIDC.Bindings.User.Id The ID of the user that's bound to the application's OIDC provider
.OIDC.Bindings.User.Email The Email of the user that's bound to the application's OIDC provider
.OIDC.Bindings.User.Name The Name of the user that's bound to the application's OIDC provider
.OIDC.Bindings.Group.Id The ID of the group that's bound to the application's OIDC provider
.OIDC.Bindings.Group.Name The Name of the group that's bound to the application's OIDC provider

.SMTP values:

Path Description
.SMTP.Service
.SMTP.Server The SMTP server configured for the workspace
.SMTP.Port The SMTP port configured for the workspace
.SMTP.Sender The SMTP sender to use for the application
.SMTP.User The username used to login to the SMTP server
.SMTP.Password The password used to login to the SMTP server