Module: Pangea::Kubernetes::Architecture

Defined in:: lib/pangea/kubernetes/architecture.rb

Overview

Cloud-agnostic Kubernetes architecture module. Provides kubernetes_cluster() and kubernetes_node_pool() functions that delegate to provider-specific backends.

This module is designed to be included in a synthesizer context (AbstractSynthesizer or TerraformSynthesizer).

Examples:

class MyInfra < TerraformSynthesizer
  include Pangea::Kubernetes::Architecture

  def build
    kubernetes_cluster(:production, {
      backend: :aws,
      kubernetes_version: '1.29',
      region: 'us-east-1',
      node_pools: [
        { name: :system, instance_types: ['t3.large'], min_size: 2, max_size: 5 }
      ]
    })
  end
end

Defined Under Namespace

Classes: ArchitectureResult, AwsEksIamResult, AzureNetworkResult, ClusterResult, GcpIamResult, GcpNetworkResult, HcloudNetworkResult, IamResult, NetworkResult

Constant Summary collapse

SecurityGroupAccessor = Minimal accessor so templates can write result.cluster.security_group.id Inherits from the base contract for is_a? compatibility.

Pangea::Contracts::SecurityGroupAccessor

Instance Method Summary collapse

#kubernetes_cluster(name, attributes = {}) ⇒ ArchitectureResult

Create a complete Kubernetes cluster with all supporting infrastructure.
#kubernetes_node_pool(cluster_name, pool_name, attributes = {}, cluster_ref:, backend:, tags: {}) ⇒ ResourceReference

Create a standalone node pool for an existing cluster.

Instance Method Details

#kubernetes_cluster(name, attributes = {}) ⇒ `ArchitectureResult`

Create a complete Kubernetes cluster with all supporting infrastructure.

Phase pipeline: Network -> IAM -> Cluster -> Node Pools -> Addons

Parameters:

name (Symbol) —

Architecture name
attributes (Hash) (defaults to: {}) —

Cluster configuration (see Types::ClusterConfig)

Returns:

(ArchitectureResult) —

with cluster, node_pools, network, iam references

# File 'lib/pangea/kubernetes/architecture.rb', line 54

def kubernetes_cluster(name, attributes = {})
  # VPN config comes in two forms:
  # 1. Typed (VpnConfig with :links) — validated by dry-struct, used by NixOS backends
  # 2. Cloud-init passthrough (flat hash with :interface, :port, etc.) — passed
  #    as-is to cloud-init for AWS/cloud backends where the node configures WireGuard
  # Both are legitimate. Only validate if the hash has :links (typed form).

  config = Types::ClusterConfig.new(attributes)
  backend_module = BackendRegistry.resolve(config.backend)
  backend_module.load_provider!

  base_tags = {
    KubernetesCluster: name.to_s,
    Backend: config.backend.to_s,
    ManagedBy: 'Pangea'
  }.merge(config.tags)

  result = ArchitectureResult.new(name, config)

  # Phase 1: Network
  # Pre-built network takes priority (e.g., SecureVpc from pangea-architectures).
  # When external_network is set, skip backend's create_network entirely.
  if config.external_network
    result.network = config.external_network
  elsif config.network
    result.network = backend_module.create_network(self, name, config, base_tags)
  end

  # Phase 2: IAM
  result.iam = backend_module.create_iam(self, name, config, base_tags)

  # Phase 3: Cluster
  result.cluster = backend_module.create_cluster(self, name, config, result, base_tags)

  # Phase 4: Node Pools
  config.node_pools.each do |pool_config|
    pool_ref = backend_module.create_node_pool(self, name, result.cluster, pool_config, base_tags)
    result.add_node_pool(pool_config.name, pool_ref)
  end

  result
end

#kubernetes_node_pool(cluster_name, pool_name, attributes = {}, cluster_ref:, backend:, tags: {}) ⇒ `ResourceReference`

Create a standalone node pool for an existing cluster.