...
- Fawad Shaikh, Sr Solutions Architect at Juniper
- Deploying TF on k8s with Helm
- Example of how IBM rolled it out for their IBM Cloud Private (ICP)
- Basic overview of TF with k8s
- ICP
- Currently use Calico by default as the CNI in the ICP
- Some customers wanted namespace isolation and analytics → enter TF
- TF integration with ICP went surprisingly smoothly
- Their private cloud market is growing because of compliance, security, support, and services
- Step toward hybrid and multi cloud
- ICP heavily relies on Helm to manage k8s or things that run on k8s
- So you need Helm up and running to get the apps up & running → do on host network so you don't have to wait for CNI
- After that, use Helm to bring up the CNI, followed by platform tools (databases, logging, etc), then apps
- Use cases of what they were trying to achieve
- Control and security for k8s is painful
- Using the tags for TF makes things a lot better
- Can isolate pods to segment & have better security
- Reuse of policies was very useful
- Demo time!
- Video already on the TF YouTube channel:
Widget Connector url https://www.youtube.com/watch?v=gAGxduPCb_0
- The CNI comes up in 1 minute (and it's only that slow because it has to get the Docker containers)
- Video already on the TF YouTube channel:
View file | ||||
---|---|---|---|---|
|