Infrastructure as a Code (IaaC) Installation

14 min

infrastructure as a code (iaac) installation deploy the kloudmate agent across any cloud provider or on premises infrastructure using infrastructure as a code (iaac) and automation tools deployment approaches method best for cloud support cloud init new vms, asgs, scale sets all providers ansible existing vm fleets all providers + on prem terraform module iaac managed infrastructure all providers packer pre baked machine images aws, gcp, azure decision matrix if you are provisioning a new vm or auto scaling group, you should use cloud init via user data/custom data if you want faster boot times, use packer to pre bake the image and cloud init for config only if you are managing an existing fleet, use an ansible playbook if you are managing infrastructure with terraform , use the terraform module 1\ cloud init (universal) works on every provider that supports cloud init (aws, gcp, azure, digitalocean, alibaba, hetzner, vultr, linode, etc ) aws # encode and attach to launch template base64 w0 cloud init/cloud init yaml > /tmp/userdata b64 aws ec2 create launch template \\ \ launch template name kmagent template \\ \ launch template data '{ "userdata" "'$(cat /tmp/userdata b64)'" }' gcp gcloud compute instance templates create kmagent template \\ \ metadata from file user data=cloud init/cloud init yaml \\ \ machine type e2 medium \\ \ image family ubuntu 2204 lts \\ \ image project ubuntu os cloud azure az vmss create \\ \ name kmagent vmss \\ \ resource group myresourcegroup \\ \ image ubuntu2204 \\ \ custom data cloud init/cloud init yaml digitalocean doctl compute droplet create kmagent node \\ \ image ubuntu 22 04 x64 \\ \ size s 1vcpu 1gb \\ \ user data file cloud init/cloud init yaml alibaba cloud paste cloud init yaml content into ecs console → instance → advanced options → user data 2\ ansible ansible is perfect for deploying the kloudmate agent to existing vm fleets navigate to the ansible directory cd ansible/ set your api key export km api key="your kloudmate api key" edit your inventory add your hosts to the inventory file vim inventories/production ini deploy all hosts ansible playbook i inventories/production ini deploy kmagent yml \\ e "km api key=$km api key km endpoint=https //otel kloudmate com" specific group ansible playbook i inventories/production ini deploy kmagent yml \\ e "km api key=$km api key km endpoint=https //otel kloudmate com" \\ \ limit aws dry run ansible playbook i inventories/production ini deploy kmagent yml \\ e "km api key=$km api key km endpoint=https //otel kloudmate com" \\ \ check diff dynamic inventory (auto discover vms) instead of static inventory files, use cloud native dynamic inventory plugins aws pip install boto3 ansible playbook i aws ec2 yml deploy kmagent yml gcp pip install google auth ansible playbook i gcp compute yml deploy kmagent yml azure pip install azure identity azure mgmt compute ansible playbook i azure rm yml deploy kmagent yml example aws ec2 yml configuration aws plugin amazon aws aws ec2 regions \ us east 1 \ us west 2 \ ap south 1 filters tag\ environment production instance state name running keyed groups \ key tags role prefix role \ key placement region prefix region compose ansible host private ip address useful ansible commands \# upgrade agent on all hosts ansible playbook deploy kmagent yml tags upgrade \\ e "kmagent version=1 2 0" \# only reconfigure (no reinstall) ansible playbook deploy kmagent yml tags configure \# uninstall from specific hosts ansible playbook deploy kmagent yml \\ e "kmagent state=absent" limit "gcp" \# check agent status across fleet ansible all i inventories/production ini m shell \\ a "systemctl status kmagent | head 5" 3\ terraform module you can easily embed kmagent into your terraform deployments across any provider using our user data module module usage module "kmagent" { source = " /modules/user data" km api key = var km api key km endpoint = "https //otel kloudmate com" kmagent tags = { env = "production" team = "platform" } } aws resource "aws launch template" "app" { name prefix = "app " user data = base64encode(module kmagent cloud init) } resource "aws autoscaling group" "app" { launch template { id = aws launch template app id version = "$latest" } min size = 2 max size = 20 } gcp resource "google compute instance template" "app" { metadata = { user data = module kmagent cloud init } } azure resource "azurerm linux virtual machine scale set" "app" { custom data = base64encode(module kmagent cloud init) } digitalocean resource "digitalocean droplet" "app" { user data = module kmagent cloud init } 4\ packer (pre baked images) best when you want zero install time latency the agent binary is baked into the image; only the config (api key) is injected at boot navigate to the packer directory cd packer/ build your images aws ami packer build only=amazon ebs kmagent \\ var 'kmagent version=1 2 0' \\ kmagent image pkr hcl gcp image build all packer build kmagent image pkr hcl deploy use the resulting image in your launch template / instance template, with minimal user data that only injects the api key secret management never hardcode api keys! use your cloud's native secret store to securely inject credentials at runtime provider service retrieval command aws ssm parameter store aws ssm get parameter name /kloudmate/api key with decryption aws secrets manager aws secretsmanager get secret value secret id kloudmate api key gcp secret manager gcloud secrets versions access latest secret=kloudmate api key azure key vault az keyvault secret show name kloudmate api key vault name myvault digitalocean reserved env vars set via doctl or terraform alibaba kms aliyun kms getsecretvalue secretname kloudmate api key directory structure kmagent deploy/ ├── ansible/ │ ├── ansible cfg │ ├── deploy kmagent yml # main playbook │ ├── inventories/ │ │ └── production ini # static inventory (edit with your hosts) │ └── roles/ │ └── kmagent/ │ ├── defaults/main yml # configurable variables │ ├── handlers/main yml # service reload/restart │ ├── tasks/main yml # install, configure, upgrade, uninstall │ └── templates/ │ ├── agent yaml j2 # agent config │ └── kmagent service j2 # systemd unit └── terraform/ └── modules/ └── user data/ └── main tf # reusable user data module