Hello!
I’m quite new to nix, immediately fell in love with it, and saw its potential to help generate a lot of boilerplate around kubernetes and terraform.
So I went ahead and tried to integrate both tools: GitHub - docteurklein/kubenix-test (don’t mind the repo name :)), using https://terranix.org/ and https://kubenix.org/ behind the hood.
I took inspiration of anything I could find, like this fresh nixconf prez.
Please note that it’s highly opinionated for my use-case, which is a typical web-app running http endpoints and background workers (backed by GCP - pubsub, GKE, …).
The idea is:
I’m using lib.evalModules to represent the high level components of my stack:
- a “worker” is an abstract object representing a process consuming a message queue
- a “service” is an object aiming at serving (http) endpoints
From those high-level descriptions, I infer the corresponding resources:
Each “worker” is:
- projected as a terraform resource to create a gcp pubsub subscription
- projected as a kube
Deploymentobject which receives the name of the subscription (created above) as an env var
Each “service” is similarly projected as a kube Deployement + Service.
So here is my question:
In order to bridge the outputs generated by terraform and pass them to kubernetes, I’m not sure if what I’ve done is correct or if there is a better way.
Indeed I’m git-versioning the tfoutput file (generated by terraform) after I nix run terraform -- apply, so that it is visible to the flake.
That allows me to expose those outputs to the kubenix config.
I struggled a bit with modules and submodules, and I’m not sure if what I’m doing makes sense, or is idiomatic to nix. Maybe I should have used an IFD or something?
What do you think?
Is there something obvious I’m missing to make this easier?
PS: the source is all available here: GitHub - docteurklein/kubenix-test
Thanks a lot!