Digital Ocean Project support

[almereyda]

What happened?

As outlined in kubermatic/docs#1116, KubeOne's documentation does not yet feature details about Digital Ocean's new Projects, which are also supported by Terraform.

Expected behavior

Digital Ocean Projects are explained in

• https://github.com/kubermatic/kubeone/tree/master/examples/terraform/digitalocean

How to reproduce the issue?

Read the docs.

What KubeOne version are you using?

{
  "kubeone": {
    "major": "1",
    "minor": "4",
    "gitVersion": "1.4.5",
    "gitCommit": "a56d5566abef82bbc632b0356bcc9b72cfe752cf",
    "gitTreeState": "",
    "buildDate": "2022-07-12T09:29:32Z",
    "goVersion": "go1.18.1",
    "compiler": "gc",
    "platform": "linux/amd64"
  },
  "machine_controller": {
    "major": "1",
    "minor": "43",
    "gitVersion": "v1.43.3",
    "gitCommit": "",
    "gitTreeState": "",
    "buildDate": "",
    "goVersion": "",
    "compiler": "",
    "platform": "linux/amd64"
  }
}

Additional information

This can be implemented with

main.tf

@@ -21,6 +21,21 @@ locals {
   kube_cluster_tag = "kubernetes-cluster:${var.cluster_name}"
 }
 
+resource "digitalocean_project" "kube_cluster" {
+  name        = "${var.project_name}"
+  description = "${var.project_description}"
+  purpose     = "${var.project_purpose}"
+  environment = "${var.project_environment}"
+  resources   = concat(
+    flatten(
+      digitalocean_droplet.control_plane.*.urn
+    ),
+    [
+      digitalocean_loadbalancer.control_plane.urn
+    ]
+  )
+}
+
 resource "digitalocean_tag" "kube_cluster_tag" {
   name = local.kube_cluster_tag
 }

variables.tf

@@ -14,6 +14,26 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+variable "project_name" {
+  description = "Name of the project"
+  type        = string
+}
+
+variable "project_description" {
+  description = "Description of the project"
+  type        = string
+}
+
+variable "project_purpose" {
+  description = "Purpose of the project"
+  type        = string
+}
+
+variable "project_environment" {
+  description = "Environment of the project"
+  type        = string
+}
+
 variable "cluster_name" {
   description = "Name of the cluster"
   type        = string

[kron4eg]

Why is this a bug?!

[almereyda]

I thought the examples as complete for a specific vendor's environment. It will be useful for other users of the DO cloud to know about this.

This is why I created two issues: One for the documentation, and one here for the technical part.

Since the Digital Ocean provider is an officially supported module, I didn't consider this a Feature Request. Indeed labeling this documentation question as a bug might be irritating, which is due to the nature of KubeOne's code and the examples being unified in the same repository.

[kron4eg]

/kind feature

[almereyda]

This also extends beyond the Terraform example, but also occurs with the MachineController:

A droplet is created in the default project, and the project information in the Terraform JSON state is not respected by KubeOne.

It was possible to delete the MachineDeployment in the cluster, setting the desired project as default project at Digital Ocean, and then recreating it from the KubeOne manifest:

kubeone config machinedeployments -m ... -t ... | k apply -f -

• A simple kubeone apply -m ... -t ... did not not reinstantiate the MachineDeployment.
• Even then, the LoadBalancer did not pick up the new node. (It was complaining about a missing one before.)

This is consistent with what the KubeOne output says:

WARN[16:47:26 CEST] KubeOne will not manage MachineDeployments objects besides initially creating them and optionally upgrading them... 
WARN[16:47:26 CEST] For more info about MachineDeployments see: https://docs.kubermatic.com/kubeone/v1.4/guides/machine_controller/ 

Simply recreating the cluster worked better:

terraform state rm digitalocean_project.kube_cluster
terraform destroy
terraform import digitalocean_project.kube_cluster b36238c2-f9d0-4971-b2ae-fead4b4af00b
terraform plan
terraform apply

Here we always want to keep the existing project, since it is set as default, and reuse it for the next iteration.

We have to create a Digital Ocean Cloud Project in advance, set it there as default, and then import it to Terraform:

doctl projects list
terraform import digitalocean_project.kube_cluster <UUID>

In case we need to revise something, it is suggested to remove it from the Terraform state, to have it not be deleted, and another project set as default:

terraform state rm digitalocean_project.kube_cluster