cldctl - for creating on-demand cloud infrastructure
cldctl standardizes the interfaces for common cloud resources like VPCs, managed kubernetes clusters, and more, making it easier for developers to create and manage on-demand cloud infrastructure. With this CLI, you'll be able to list
, get
, create
, or delete
supported resources from your favorite cloud providers and tools without learning the API calls or language used by each individual provider.
Preqes
Please make sure to install
[ ] NodeJS
Usage
# Install the CLI
$ npm install -g @architect-io/cldctl
# Register your first provider
$ cldctl add credentials --name my-credentials
# List some resources
$ cldctl list vpc --credentials my-credentials
# Create a resource
$ cldctl create vpc
Cloud Providers
Before you'll be able to interact with any cloud resources, you'll need to register your cloud credentials with cldctl:
# The CLI will prompt you for available provider types and required credentials
$ cldctl add credentials
Scroll down to see more information about how to register each provider. We highly recommend taking the time to read through our Readme for your desired cloud provider. While cldctl can help to simplify the managment of resources, each cloud provider has it's own quirks that can still add some complexity to getting started. Our step by step guide can help make sure everything wroks smoothly the first time.
Supported providers
- [x] digitalocean
- [x] aws
- [x] gcp
- [ ] azure
GCP
To use cldctl
with Google Cloud, or GCP, you’ll need to add a [service account](https://console.cloud.google.com/iam-admin/serviceaccounts] to the cluster you want to work with. Once you’ve created the service account, give the service account the Kubernetes Engine Admin
, Compute Admin
and Service Account User
roles, as shown in the screenshot below.
Download key file
Now that you’ve granted the necessary permissions to your service account, you’ll need to generate and download a key file so cldctl
can use the service account. Click Keys
in the menu bar above the service account, then click on the Add Key
dropdown box and select ‘Create new key. Keep the default selection of
JSONfor the format and click the
Create` button.
Once you click the Create
button, the key file should automatically begin downloading to your local machine. You’ll provide the path to this file to cldctl
when you run the create provider
command.
Enable APIs
The final step is to enable the ability to manage GCP using their APIs. From the GCP management console, ensure that the Compute Engine API
and the Kubernetes Admin API
are enabled.
AWS
Create IAM user
For AWS, we’ll need to create a new IAM user and generate an access key. From the IAM page of the web console, click the Add users
button. Give the user a meaningful name and continue clicking the Next
button, accepting defaults, until the user is created.
Add policies
Once the user is created, click on the user name to access the user details. From the Permission
tab, click the Add permissions
dropdown box and select Add inline policy
.
From the policy editor that is displayed, click on the JSON
tab, enter the following text into the editor, and click the Review policy
button.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"eks:*",
"iam:*",
"ec2:*",
"logs:*"
],
"Resource": "*"
}
]
}
Give the policy a meaningful name and click the Create policy
button.
Generate access keys
You now have a new IAM user with the appropriate permissions. The last step is to generate the access key. Click on the Security credentials
tab, scroll to the Access keys
section, and click the Create access key
button.
On the next screen, select the radio button next to Command Line Interface (CLI)
, scroll to the bottom of the screen and check the box to accept the recommendations, and click the Next
button.
Give the key a descriptive name, and click the Create access key
button.
From here, you can click the button to copy the key directly to your clipboard or download it in a .csv
file. You’ll use this key to register your AWS provider.
Digitial Ocean
Generate token
Navigate to the Api Page on the Digitial Ocean dashboard and click Generate New Token
. Enter a useful name, set Expiration
to No expiry
, and click the Generate Token
button.
Once the token is generated it will appear in the list of keys. Copy the token as once you leave this page the token will not be visible again. You’ll use this token to register your Digital Ocean provider.
Resource types
The first reponsibility of this CLI is to define a set of standard schemas for common cloud resources, like VPCs, Regions, managed kubernetes clusters, and more. Below is the current list of supported schemas as well as some insights into future plans for support:
Supported resources
- [x] region
- [x] vpc
- [x] kubernetesCluster
- [ ] kubernetesNamespace
- [ ] database
- [ ] databaseType
- [ ] databaseVersion
- [ ] databaseSchema
- [ ] databaseUser
- [ ] dnsZone
- [ ] dnsRecord
Interacting with resources
$ cldctl list <resource>
$ cldctl list all
$ cldctl get <resource> <id>
$ cldctl create <resource>
$ cldctl delete <resource> <id>