This guide explains how to set up and deploy the Ephemeral Environments using OpenTofu, Kubernetes.
- Linux/Unix-based system
- curl
- wget
- Kubernetes cluster (kind)
- Git
First, install OpenTofu and K9s:
# Install OpenTofu
curl -fsSL https://get.opentofu.org/install-opentofu.sh | sh -s -- --install-method standalone
# Install K9S for cluster management
curl -sS https://webi.sh/k9s | shAdd these helpful aliases to your shell configuration:
alias kk="EDITOR='code --wait' k9s"
alias tf=tofu
alias k=kubectl# Navigate to bootstrap directory
cd bootstrap
# Initialize OpenTofu
tofu init
# Set up GitHub authentication
# You will be prompted to enter your GitHub token securely
export TF_VAR_github_token="$GITHUB_TOKEN"
# Apply the infrastructure configuration
tofu apply# Install Gateway API components
k apply -f ../gatewayapi
# Verify services
k get svcwget https://github.com/kubernetes-sigs/cloud-provider-kind/releases/download/v0.6.0/cloud-provider-kind_0.6.0_linux_amd64.tar.gz
tar -xvzf cloud-provider-kind_0.6.0_linux_amd64.tar.gz -C /go/bin
/go/bin/cloud-provider-kind >/dev/null 2>&1 &# Deploy release configuration
k apply -f ../release
# Deploy preview configuration
k apply -f ../preview
# Create GitHub authentication secret in preview namespace
kubectl create secret generic github-auth \
--from-literal=username=git \
--from-literal=password=${GITHUB_TOKEN} \
-n app-previewTo verify the deployment, you can check the LoadBalancer IP and test the endpoints:
# Get LoadBalancer IP
LB_IP=$(kubectl get svc -o jsonpath='{.items[?(@.metadata.name matches "envoy-envoy-gateway.*")].status.loadBalancer.ingress[0].ip}' -n envoy-gateway-system)
# Test the main endpoint
curl $LB_IP -HHost:kbot.example.com
# Test preview endpoint
curl $LB_IP/pr-40 -HHost:kbot.example.comAfter successful deployment:
- Create Pull Request
# Test preview endpoint
# Note: use your PR number e.g. 40
curl $LB_IP/pr-40 -HHost:kbot.example.com
- Merge your Pull Request
- Create a Release
# Test release endpoint
curl $LB_IP -HHost:kbot.example.com
- Make sure to keep your GitHub token secure
- Ensure all prerequisites are installed before starting the setup
- Check service status using
kubectl get svcif you encounter any issues