OVH Basic: Essential Cloud Infrastructure Guide
Basic Terraform Kit Guide
Overview
This guide walks you through deploying a production-grade Kubernetes cluster using the GetInfra Terraform kit. It outlines how to create a base cluster, enable GitOps, and progressively activate additional modules such as monitoring and sample applications.
Folder Structure
The project is structured according to Terraform best practices. Each major component resides in its own module folder, and configuration is centralized via a shared .tfvars file. You can toggle specific features by enabling or disabling modules in the configuration.
Configuration
Before deploying, make sure to configure your environment as described in the OVH Configuration Guide.
This includes:
- Defining provider credentials
- Setting up your Terraform backend
- Specifying domains, regions, and project settings in
.tfvars - Specifying modules settings
- Initializing the Terraform project
Once configured, return to this guide to begin provisioning your cluster.
Modules
The following modules are included in this package:
- ArgoCD – Enables GitOps deployment and continuous sync of cluster state with Git.
- Monitoring – Deploys Prometheus, Grafana, and Kiali for observability and traffic visualization.
- Samples – Installs REST and gRPC demo services for testing and validation.
Learn more about all supported modules.
Create a Cluster
First, define the initial module configuration in your .tfvars file. This step provisions the Kubernetes cluster and installs OVH Managed Kubernetes Cluster, Gateway API CDRs, Istio and cert-manager:
project_modules = {
cert_manager = true
argocd = false
monitoring = false
samples = false
}
Assuming ./scripts/init.sh dev was called and proper configuration was set in env/dev/vas.tfvars file. if not refer to configuation.
Run:
chmod +x ./scripts/plan.sh
./scripts/plan.sh
chmod +x ./scripts/apply.sh
./scripts/apply.sh
Setup GitOps
Next, enable GitOps with Argo CD:
project_modules = {
cert_manager = true
argocd = true
monitoring = false
samples = false
}
Plan and Apply the changes:
./scripts/plan.sh
./scripts/apply.sh
ArgoCD module will install ArgoCD on the cluster and will create requered Gateway and HTTPRoute resources to expose it.
Add A Record to Access ArgoCD
Get the external IP of the Argo CD server:
kubectl get svc argo-cd-gateway-istio -n argocd
Now you need add A DNS record to map argocd's external ip with yor sub domain e.g argo.example.com → [external-ip]
It might take a while for DNS setting to change
Get Initial Admin Password
Retrieve the Argo CD admin password:
kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d && echo
Use the password at https://argo.example.com.
Setup the Rest
Now enable the full set of modules, including monitoring and demo apps:
project_modules = {
cert_manager = true
argocd = true
monitoring = true
samples = true
}
Run:
terraform apply
Add A Record to Access Kiali
kubectl get svc -n istio-system kiali -o wide
kiali.example.com → [external-ip]
Add A Record to Access Grafana
kubectl get svc -n monitoring grafana -o wide
grafana.example.com → [external-ip]
Playing with Sample Apps
Sample REST and gRPC services are deployed under the samples namespace.
Add A Record to Access REST API
kubectl get svc restapi -n samples -o wide
restapi.example.com → [external-ip]
Add A Record to Access gRPC Service
kubectl get svc grpc-service -n samples -o wide
grpc.example.com → [external-ip]
Use these domains to validate ingress setup, TLS certificates, and monitoring dashboards.