Cluster Management

You can quickly bind existing policy frameworks to different clusters using the Shipa provider for Pulumi.

import * as pulumi from "@pulumi/pulumi";
import * as shipa from "@shipa-corp/pulumi";


const item = new shipa.Cluster("shipa-cluster", {
    cluster: {
        name: "pulumi-cluster-1",
        endpoint: {
            addresses: ["<address>"],
            caCert: `-----BEGIN CERTIFICATE-----
<cert content>
-----END CERTIFICATE-----`,
            token: "<token content>"
        },
        resources: [
            {
                frameworks: {
                    names: ["framework1", "framework2"]
                },
                ingressControllers: [
                    {
                        type: "traefik",
                        debug: false,
                        serviceType: "loadbalancer",
                        ingressIp: "xx.xx.xx.xx"
                    }
                ]
            }
        ],
    }
});

export const clusterName = item.cluster.name;

Cluster Specification

Component path: cluster

Component

Type

Description

name

string

The name of the cluster that will be used as the identifier when binding it to Shipa.

The cluster name used here does not need to match the actual cluster name.

Required: Yes

endpoint

The Kubernetes cluster API address, token, and certificate that Shipa should use when connecting with the cluster.

Required: Yes

Endpoint

Component path: cluster > endpoint

Component

Type

Description

addresses

string

The Kubernetes cluster API address that Shipa should use when connecting to the cluster.

You can find detailed information on how to find your cluster information here

Required: Yes

caCert

string

The CA Cert that should be used by Shipa when connecting to the cluster API

You can find detailed information on how to find your cluster information here

Required: Yes

token

string

The Shipa admin account token that was previously added to your cluster so Shipa can successfully connect to it.

You can find detailed information on how to create a service account for Shipa in your cluster here

Required: Yes

Policy Frameworks

Component path: cluster > resources > frameworks

Component

Type

Description

name

string

The name of the policy frameworks that should be bound to the cluster.

Required: Yes

Ingress Controllers

Component

Type

Description

type

string

The ingress controller that should be used by Shipa when connecting policy frameworks to the cluster.

Options:

  • istio
  • traefik

Required: Yes

If you are binding policy frameworks where Istio is the selected ingress controller, make sure Istio is already installed and available in the cluster. More information available here

When connecting policy frameworks where Traefik is the selected ingress controller, Shipa can automatically configure Traefik

debug

bool

The level of logging produced when using the selected ingress controller.

Required: No

serviceType

string

The service type that should be used by Shipa when deploying applications using the policy framework.

Options:

  • loadbalancer
  • clusterip
  • nodeport

Required: No

If not selected, Shipa will automatically assign LoadBalancer as the default option.

ingressIp

string

The ingress controller IP that Shipa should use when creating application endpoints.

Required: No

Condition: If Traefik is selected, Shipa can auto-configure it. If Istio is selected, then you must enter the Istio service IP. More information available here


Did this page help you?