OVH Basic: Essential Cloud Infrastructure Guide

Basic Terraform Kit Guide

Overview

This guide walks you through deploying a production-grade Kubernetes cluster using the GetInfra Terraform kit. It outlines how to create a base cluster, enable GitOps, and progressively activate additional modules such as monitoring and sample applications.


Folder Structure

The project is structured according to Terraform best practices. Each major component resides in its own module folder, and configuration is centralized via a shared .tfvars file. You can toggle specific features by enabling or disabling modules in the configuration.


Configuration

Before deploying, make sure to configure your environment as described in the OVH Configuration Guide.

This includes:

  • Defining provider credentials
  • Setting up your Terraform backend
  • Specifying domains, regions, and project settings in .tfvars
  • Specifying modules settings
  • Initializing the Terraform project

Once configured, return to this guide to begin provisioning your cluster.


Modules

The following modules are included in this package:

  • ArgoCD – Enables GitOps deployment and continuous sync of cluster state with Git.
  • Monitoring – Deploys Prometheus, Grafana, and Kiali for observability and traffic visualization.
  • Samples – Installs REST and gRPC demo services for testing and validation.

Learn more about all supported modules.


Create a Cluster

First, define the initial module configuration in your .tfvars file. This step provisions the Kubernetes cluster and installs OVH Managed Kubernetes Cluster, Gateway API CDRs, Istio and cert-manager:

project_modules = {
    cert_manager = true
    argocd       = false
    monitoring   = false
    samples      = false
}

Assuming ./scripts/init.sh dev was called and proper configuration was set in env/dev/vas.tfvars file. if not refer to configuation.

Run:

chmod +x ./scripts/plan.sh
./scripts/plan.sh

chmod +x ./scripts/apply.sh
./scripts/apply.sh

Setup GitOps

Next, enable GitOps with Argo CD:

project_modules = {
    cert_manager = true
    argocd       = true
    monitoring   = false
    samples      = false
}

Plan and Apply the changes:

./scripts/plan.sh
./scripts/apply.sh

ArgoCD module will install ArgoCD on the cluster and will create requered Gateway and HTTPRoute resources to expose it.

Add A Record to Access ArgoCD

Get the external IP of the Argo CD server:

kubectl get svc argo-cd-gateway-istio -n argocd

Now you need add A DNS record to map argocd's external ip with yor sub domain e.g argo.example.com → [external-ip]

It might take a while for DNS setting to change

Get Initial Admin Password

Retrieve the Argo CD admin password:

kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d && echo

Use the password at https://argo.example.com.


Setup the Rest

Now enable the full set of modules, including monitoring and demo apps:

project_modules = {
    cert_manager = true
    argocd       = true
    monitoring   = true
    samples      = true
}

Run:

terraform apply

Add A Record to Access Kiali

kubectl get svc -n istio-system kiali -o wide
kiali.example.com → [external-ip]

Add A Record to Access Grafana

kubectl get svc -n monitoring grafana -o wide
grafana.example.com → [external-ip]

Playing with Sample Apps

Sample REST and gRPC services are deployed under the samples namespace.

Add A Record to Access REST API

kubectl get svc restapi -n samples -o wide
restapi.example.com → [external-ip]

Add A Record to Access gRPC Service

kubectl get svc grpc-service -n samples -o wide
grpc.example.com → [external-ip]

Use these domains to validate ingress setup, TLS certificates, and monitoring dashboards.