Cluster Management

You can quickly bind existing policy frameworks to different clusters using the Shipa provider for Pulumi.

import * as pulumi from "@pulumi/pulumi";
import * as shipa from "@shipa-corp/pulumi";


const item = new shipa.Cluster("shipa-cluster", {
    cluster: {
        name: "pulumi-cluster-1",
        endpoint: {
            addresses: ["<address>"],
            caCert: `-----BEGIN CERTIFICATE-----
<cert content>
-----END CERTIFICATE-----`,
            token: "<token content>"
        },
        resources: [
            {
                frameworks: {
                    names: ["framework1", "framework2"]
                },
                ingressControllers: [
                    {
                        type: "traefik",
                        debug: false,
                        serviceType: "loadbalancer",
                        ingressIp: "xx.xx.xx.xx"
                    }
                ]
            }
        ],
    }
});

export const clusterName = item.cluster.name;

Cluster Specification

Component path: cluster

ComponentTypeDescription
namestringThe name of the cluster that will be used as the identifier when binding it to Shipa.

The cluster name used here does not need to match the actual cluster name.

Required: Yes
endpointThe Kubernetes cluster API address, token, and certificate that Shipa should use when connecting with the cluster.

Required: Yes

Endpoint

Component path: cluster > endpoint

ComponentTypeDescription
addressesstringThe Kubernetes cluster API address that Shipa should use when connecting to the cluster.

You can find detailed information on how to find your cluster information here

Required: Yes
caCertstringThe CA Cert that should be used by Shipa when connecting to the cluster API

You can find detailed information on how to find your cluster information here

Required: Yes
tokenstringThe Shipa admin account token that was previously added to your cluster so Shipa can successfully connect to it.

You can find detailed information on how to create a service account for Shipa in your cluster here

Required: Yes

Policy Frameworks

Component path: cluster > resources > frameworks

ComponentTypeDescription
namestringThe name of the policy frameworks that should be bound to the cluster.

Required: Yes

Ingress Controllers

ComponentTypeDescription
typestringThe ingress controller that should be used by Shipa when connecting policy frameworks to the cluster.

Options:
- istio
- traefik

Required: Yes

If you are binding policy frameworks where Istio is the selected ingress controller, make sure Istio is already installed and available in the cluster. More information available here

When connecting policy frameworks where Traefik is the selected ingress controller, Shipa can automatically configure Traefik
debugboolThe level of logging produced when using the selected ingress controller.

Required: No
serviceTypestringThe service type that should be used by Shipa when deploying applications using the policy framework.

Options:
- loadbalancer
- clusterip
- nodeport

Required: No

If not selected, Shipa will automatically assign LoadBalancer as the default option.
ingressIpstringThe ingress controller IP that Shipa should use when creating application endpoints.

Required: No

Condition: If Traefik is selected, Shipa can auto-configure it. If Istio is selected, then you must enter the Istio service IP. More information available here