cldctl - for creating on-demand cloud infrastructure

cldctl standardizes the interfaces for common cloud resources like VPCs, managed kubernetes clusters, and more, making it easier for developers to create and manage on-demand cloud infrastructure. With this CLI, you'll be able to list, get, create, or delete supported resources from your favorite cloud providers and tools without learning the API calls or language used by each individual provider.

Preqes

Please make sure to install

[ ] NodeJS

Usage

# Install the CLI
$ npm install -g @architect-io/cldctl

# Register your first provider
$ cldctl add credentials --name my-credentials

# List some resources
$ cldctl list vpc --credentials my-credentials

# Create a resource
$ cldctl create vpc

Cloud Providers

Before you'll be able to interact with any cloud resources, you'll need to register your cloud credentials with cldctl:

# The CLI will prompt you for available provider types and required credentials
$ cldctl add credentials

Scroll down to see more information about how to register each provider. We highly recommend taking the time to read through our Readme for your desired cloud provider. While cldctl can help to simplify the managment of resources, each cloud provider has it's own quirks that can still add some complexity to getting started. Our step by step guide can help make sure everything wroks smoothly the first time.

Supported providers

• [x] digitalocean
• [x] aws
• [x] gcp
• [ ] azure

GCP

To use cldctl with Google Cloud, or GCP, you’ll need to add a [service account](https://console.cloud.google.com/iam-admin/serviceaccounts] to the cluster you want to work with. Once you’ve created the service account, give the service account the Kubernetes Engine Admin, Compute Admin and Service Account User roles, as shown in the screenshot below.

Download key file

Now that you’ve granted the necessary permissions to your service account, you’ll need to generate and download a key file so cldctl can use the service account. Click Keys in the menu bar above the service account, then click on the Add Key dropdown box and select ‘Create new key. Keep the default selection of JSONfor the format and click theCreate` button.

Once you click the Create button, the key file should automatically begin downloading to your local machine. You’ll provide the path to this file to cldctl when you run the create provider command.

Enable APIs

The final step is to enable the ability to manage GCP using their APIs. From the GCP management console, ensure that the Compute Engine API and the Kubernetes Admin API are enabled.

AWS

Create IAM user

For AWS, we’ll need to create a new IAM user and generate an access key. From the IAM page of the web console, click the Add users button. Give the user a meaningful name and continue clicking the Next button, accepting defaults, until the user is created.

Add policies

Once the user is created, click on the user name to access the user details. From the Permission tab, click the Add permissions dropdown box and select Add inline policy.

From the policy editor that is displayed, click on the JSON tab, enter the following text into the editor, and click the Review policy button.

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "eks:*",
                "iam:*",
                "ec2:*",
                "logs:*"
            ],
            "Resource": "*"
        }
    ]
}

Give the policy a meaningful name and click the Create policy button.

Generate access keys

You now have a new IAM user with the appropriate permissions. The last step is to generate the access key. Click on the Security credentials tab, scroll to the Access keys section, and click the Create access key button.

On the next screen, select the radio button next to Command Line Interface (CLI), scroll to the bottom of the screen and check the box to accept the recommendations, and click the Next button.

Give the key a descriptive name, and click the Create access key button.

From here, you can click the button to copy the key directly to your clipboard or download it in a .csv file. You’ll use this key to register your AWS provider.

Digitial Ocean

Generate token

Navigate to the Api Page on the Digitial Ocean dashboard and click Generate New Token. Enter a useful name, set Expiration to No expiry, and click the Generate Token button.

Once the token is generated it will appear in the list of keys. Copy the token as once you leave this page the token will not be visible again. You’ll use this token to register your Digital Ocean provider.

Resource types

The first reponsibility of this CLI is to define a set of standard schemas for common cloud resources, like VPCs, Regions, managed kubernetes clusters, and more. Below is the current list of supported schemas as well as some insights into future plans for support:

Supported resources

• [x] region
• [x] vpc
• [x] kubernetesCluster
• [ ] kubernetesNamespace
• [ ] database
• [ ] databaseType
• [ ] databaseVersion
• [ ] databaseSchema
• [ ] databaseUser
• [ ] dnsZone
• [ ] dnsRecord

Interacting with resources

$ cldctl list <resource>
$ cldctl list all
$ cldctl get <resource> <id>
$ cldctl create <resource>
$ cldctl delete <resource> <id>