Skip to content

Declaration reference

The following attributes are available for modifying an okctl environment

metadata

Type: Object

accountID required

Type: String
Example: 123456789123

The AWS Account ID where your okctl environment will live. This is the account that will own all resources that okctl sets up.

name required

Type: String
Example: kjoremiljo-prod

Name can be anything, but should define the scope of the cluster. Meaning if the cluster is scoped to one product, you might want to name it the name of the product. If the cluster contains all services and products owned by a team, the team name might be more fitting.

region

Type: String
Default: eu-west-1

Region defines the AWS region to prefer when creating resources

clusterRootDomain required

Type: String
Example: kjoremiljo-prod.oslo.systems

The cluster root domain defines the domain of which to create services beneath. For example; okctl will setup ArgoCD which has a frontend. The frontend will be available at https://argocd.<clusterRootDomain>.

For example, for Cognito it will be https://auth.<clusterRootDomain>

github

Type: Object

For okctl to be able to setup ArgoCD correctly for you, it needs to know what repository on Github that will contain your infrastructure.

repository required

Type: String
Example: okctl

The name of the repository

organization

Type: String
Default: oslokommune

The organization that owns the repository

outputPath

Type: String
Default: infrastructure

The folder to place infrastructure files

users

Type: List

Defines which users can access everything connected to Cognito. Applications connected to Cognito include: ArgoCD UI, Grafana.

email

Type: String
Example: olly@okctl.io

The email of the user to add as an admin of the okctl environment

integrations

Type: Object

argoCD

Type: Boolean
Default: true

ArgoCD is a service that watches a repository for Kubernetes charts and ensures the defined resources are running as declared in the cluster

autoscaler

Type: Boolean
Default: true

Autoscaler automatically adjusts the size of pods and nodes in your cluster depending on load

awsLoadBalancerController

Type: Boolean
Default: true

AWS Load Balancer Controller handles routing from the internet to your application running inside your okctl Kubernetes cluster. If you want your applications and services accessible from the internet, this needs to be enabled

blockstorage

Type: Boolean
Default: true

Block storage provides persistent storage for your cluster (Persistent Volumes)

cognito

Type: Boolean
Default: true

Cognito is an authentication provider that okctl uses to control access to different resources, like ArgoCD and Grafana

externalDNS

Type: Boolean
Default: true

External DNS handles defining the necessary DNS records required to route traffic to your defined service or application

externalSecrets

Type: Boolean
Default: true

External Secrets fetches secrets from external sources and exposes them as native Kubernetes secrets inside the cluster

kubePromStack

Type: Boolean
Default: true

KubePromStack enables Prometheus and Grafana for metrics

promtail

Type: Boolean
Default: true

Promtail scrapes logs from pods and feeds them to Loki

loki

Type: Boolean
Default: true

Loki collects logs and exposes them as a data source in Grafana

tempo

Type: Boolean
Default: true

Tempo collects traces and exposes them as a data source in Grafana. Supports formats like jaeger, zipkin, open telemetry

databases

Type: Object

postgres

Type: List of objects

name

Type: String
Example: okctl-db

Name defines the name of the database to provision

namespace

Type: String
Example: okctl

Namespace defines which namespace to place the database information in. There will be created a Kubernetes Secret containing the administrator credentials and a config map for connection details.

user

Type: String
Example: admin

User defines which admin user to provision for administrative operations

vpc

Type: Object

okctl creates a Virtual Private Cloud for you which it organizes all the intended resources that require networking. A VPC is mandatory, but can be configured by the following attributes.

cidr

Type: String
Default: 192.168.0.0/20

CIDR defines the VPC IP range. Leave this be if you don't know what it is/does

highAvailability

Type: Boolean
Default: true

HighAvailability means we create redundancy in the network setup. If set to true we will create a NAT gateway per public subnet, instead of routing all traffic through one.


Last update: 2021-10-22