This is a Terraform configuration that deploys a two node Swarm cluster on Oracle Cloud Infrastructure (OCI).
It also included an HA storage implemented in GlusterFS and docker plugins for Gluster FS and Oracle Object Storage.
The application uses a typical topology for a 3-tier web application as follows
Component | What | Why | Learn |
---|---|---|---|
Compute Instances | 2 Always Free tier eligible compute instance | These VMs host the application | Learn More |
Autonomous Database | 1 Always Free tier eligible Autonomous Database instance | The database used by the application | Learn More |
Vault | Optional use of OCI Vault keys for Key Management (KMS). | Encrypt boot volumes of the compute instances and Object Storage buckets. | Learn More |
Load Balancer | 1 Always Free tier eligible load balancer | Routes traffic between the nodes hosting the application | Learn More |
Virtual Cloud Network | This resource provides a virtual network in the cloud | The virtual network used by the application to host all its networking components | Learn More |
Private Subnet | A subnet within the network that does not allow the network components to have publicly reachable IP addresses | The private subnet is used to house the compute instances. Being private, they ensure that the application nodes are not exposed to the internet | Learn More |
Public Subnet | A subnet that allows public IPs. | The subnet that houses the public load balancer. Components in this subnet can be allocated public IP addresses and be exposed to the internet through the InternetGateway. | Learn More |
Internet Gateway | A virtual router that allows direct internet access. | This enables the load balancer to be reachable from the internet. | Learn More |
NAT Gateway | (Not available on Always-free only) A virtual router that allows internet access without exposing the source directly to the internet | It gives the compute instances (with no public IP addresses) access to the internet without exposing them to incoming internet connections. | Learn More |
Service Gateway | (Not available on Always-free only) A virtual router that enables private traffic to OCI services from a VCN | Provides a path for private network traffic between your VCN and services like Object Storage or ATP. | Learn More |
Route Tables | Route tables route traffic that leaves the VCN. | The public subnet route rules direct traffic to use the Internet Gateway, while the private subnet route rules enable the compute instances to reach the internet through the NAT gateway and OCI services through the service gateway | Learn More |
Security Lists | Security Lists act like a firewall with the rules determining what type of traffic is allowed in or out. | Security rules enable HTTP traffic to the LoadBalancer from anywhere. Also enables are HTTP and SSH traffic to the compute instances, but only from the subnet where the load balancer is. | Learn More |
Clone https://github.com/marcelo-ochoa/oci-swarm-cluster
- Rename the file
terraform.tfvars.example
toterraform.tfvars
- Change the credentials variables to your user and any other desirable variables
- Run
terraform init
to init the terraform providers - Run
terraform apply
to create the resources on OCI
Just Fork https://github.com/marcelo-ochoa/oci-swarm-cluster using your GitHub account and import using OCI Resource Manager. See how it works on this video:
Clone https://github.com/marcelo-ochoa/oci-swarm-cluster
- Go into directory oci-swarm-cluster and zip it using "zip -r ../oci-swarm-cluster.zip *"
- Upload oci-swarm-cluster.zip on using OCI Resource Manager pane