Skip to content

A Docker Swarm Cluster deployed as terraform scripts at Oracle OCI

License

Notifications You must be signed in to change notification settings

marcelo-ochoa/oci-swarm-cluster

Repository files navigation

A Docker Swarm Cluster deployed as terraform scripts

This is a Terraform configuration that deploys a two node Swarm cluster on Oracle Cloud Infrastructure (OCI).

It also included an HA storage implemented in GlusterFS and docker plugins for Gluster FS and Oracle Object Storage.

Topology

The application uses a typical topology for a 3-tier web application as follows

OciSwarm Basic Infra

Components

Component What Why Learn
Compute Instances 2 Always Free tier eligible compute instance These VMs host the application Learn More
Autonomous Database 1 Always Free tier eligible Autonomous Database instance The database used by the application Learn More
Vault Optional use of OCI Vault keys for Key Management (KMS). Encrypt boot volumes of the compute instances and Object Storage buckets. Learn More
Load Balancer 1 Always Free tier eligible load balancer Routes traffic between the nodes hosting the application Learn More
Virtual Cloud Network This resource provides a virtual network in the cloud The virtual network used by the application to host all its networking components Learn More
Private Subnet A subnet within the network that does not allow the network components to have publicly reachable IP addresses The private subnet is used to house the compute instances. Being private, they ensure that the application nodes are not exposed to the internet Learn More
Public Subnet A subnet that allows public IPs. The subnet that houses the public load balancer. Components in this subnet can be allocated public IP addresses and be exposed to the internet through the InternetGateway. Learn More
Internet Gateway A virtual router that allows direct internet access. This enables the load balancer to be reachable from the internet. Learn More
NAT Gateway (Not available on Always-free only) A virtual router that allows internet access without exposing the source directly to the internet It gives the compute instances (with no public IP addresses) access to the internet without exposing them to incoming internet connections. Learn More
Service Gateway (Not available on Always-free only) A virtual router that enables private traffic to OCI services from a VCN Provides a path for private network traffic between your VCN and services like Object Storage or ATP. Learn More
Route Tables Route tables route traffic that leaves the VCN. The public subnet route rules direct traffic to use the Internet Gateway, while the private subnet route rules enable the compute instances to reach the internet through the NAT gateway and OCI services through the service gateway Learn More
Security Lists Security Lists act like a firewall with the rules determining what type of traffic is allowed in or out. Security rules enable HTTP traffic to the LoadBalancer from anywhere. Also enables are HTTP and SSH traffic to the compute instances, but only from the subnet where the load balancer is. Learn More

Using local or CloudShell terraform

Clone https://github.com/marcelo-ochoa/oci-swarm-cluster

  • Rename the file terraform.tfvars.example to terraform.tfvars
  • Change the credentials variables to your user and any other desirable variables
  • Run terraform init to init the terraform providers
  • Run terraform apply to create the resources on OCI

Using Resource Manager GitHub Connector

Just Fork https://github.com/marcelo-ochoa/oci-swarm-cluster using your GitHub account and import using OCI Resource Manager. See how it works on this video:

Deploy as Zip file

Clone https://github.com/marcelo-ochoa/oci-swarm-cluster

  • Go into directory oci-swarm-cluster and zip it using "zip -r ../oci-swarm-cluster.zip *"
  • Upload oci-swarm-cluster.zip on using OCI Resource Manager pane