search

cloudposse / geodesic

🚀 Geodesic is a DevOps Linux Toolbox in Docker
https://cloudposse.com/accelerate
Apache License 2.0
954 stars 121 forks source link

GCP support? #346

Open jcheroske opened 5 years ago

jcheroske commented 5 years ago

Just curious if this project has full support for GCP? I noticed you've got gcloud included in the CLI package, but the docs seem to indicate this is an AWS-centric project. Would someone be so kind as to list this project's supported cloud providers, and where the project is headed in that regard? Thanks!

osterman commented 5 years ago

@jcheroske good question! The Caltech Vanvalen Lab is using it with GKE as well as with AWS.

Here's the deal. By itself, geodesic is really just a docker base image used for infrastructure automation. That is, when need to automate infrastructure with tools like terraform, kops, ansible, etc our recommendation is that it should be done the same way we deploy all other apps: with containers. So geodesic is a deceivingly simple concept (that's taken us hundreds of PRs to get right) of bundling the essential tools of the trade and making a "cloud ready" docker image. E.g. Instead of using FROM alpine:3.8 as your base image for infrastructure automation, use FROM cloudposse/geodesic:$release.

That said, 99% of our open source terraform modules are all for AWS. So, you'll probably want to rely on the public terraform registry to find the modules you need for GCP.

jcheroske commented 5 years ago

Thanks for such a great reply. I'm trying to go all cattle on a project I'm working on, and discovered you guys while searching for a bastion container. I've been using Ansible for some things, and my co-worker knows Terraform, but we want to do this project using only Google Deployment Manager and Helm. To start off, I just want to create a utility cluster and deploy your bastion container. I'm a bit confused though how to integrate the GCP SSH key management into the picture. How would you normally manage the SSH keys in the bastion? My goal is to have a bastion container that's got GCP auth support baked into it in some way, so that I can use gcloud to connect to it, and then jump from it using gcloud again.

Nuru commented 5 years ago

@jcheroske We store the SSH key in AWS SSM using chamber and then use our own kopsctl to manage the keys and the login to the bastion.