Where does Kubernetes take over in a TF environment?

Hey folks,

Sure, sure, terraform and opentofu automation is great, but which system manages infrastructure when Kubernetes is also in the mix?

Here’s a quick overview of a Masterpoint client project showing that boundary.

This was a larger project for a startup where their target market was enterprises. Their platform was single tenant. This startup had chosen to go with two clusters per customer, one for stage and one for prod.

We built them a streamlined Terraform + ArgoCD setup to manage all infrastructure. There was one terraform repo and a gitops repo for K8s + ArgoCD manifests. Everything was heavily reusable with shareable terraform root modules and helm charts for application deployment.

Having Terraform fully automated was a key component to make sure none of the terraform plan or terraform apply work was done on an engineer's machine. That’s not a foundation you want to build on, so we utilized Spacelift to automate Terraform.

ArgoCD handled all configuration within the cluster once the cluster was bootstrapped by Terraform. Having that single GitOps monorepo was beautiful as it provided one “source of truth” for how the clusters + applications were configured.

There’s always a tension between investing time to improve the speed of an environment spin up and realizing what is “good enough”. We got environment creation down to a few hours for each customer and that felt like a good ROI at that point so we stopped optimizing it and transitioned it to the client's engineers.

When Masterpoint was finished and we passed the resulting platform work to the client, we had built a couple dozen clusters. They've since built a couple dozen more.

May your cluster spin-up be quick,

Matt @ Masterpoint

PS Want to learn about additional use cases for Terraform? Check out this Masterpoint blog post detailing three of them.