Install Modules
In addition to the modules included in the Platform base, there are additional modules available to add other features and tools to your instance of the Rocket Pad Platform.
With such Modules your Rocket Pad Platform can be bootstrapped with all the components you need for your exact use case.
Add a Module to your Platform
The Rocket Pad Platform Modules are designed to be added trough GitOps and therefore rolled out with Argo CD when added into the bootstrap configuration of your cluster. Here is an example on how to add the Sealed Secrets Module to an either soon to be bootstrapped or even an already running cluster.
1. Add module to dependencies
In your bootstrap repository should be a /deps folder in this folder are all dependencies for your instance of the Rocket Pad Platform to run. If a new Module should be added that is not shipped with the Platform base, then it needs to be added as a additional dependency.
Adding new dependencies is very simple. Just include the https git pull url to the module code and the desired branch, tag or commit to the jsonnetfile.json file inside the /deps folder. This file is like the package.json for Javascript or the requirements.txt for python and defines which dependencies to load.
The Sealed Secrets module can be added as an object into the "dependencies":[] list. There will be already at least the platform base repository linked as a source so your resulting jsonnetfile.json file should look like this:
{
"version": 1,
"dependencies": [
{
"source": {
"git": {
"remote": "https://gitlab.com/rocketpadplatforms/platform/base.git",
"subdir": ""
}
},
"version": "main"
},
{
"source": {
"git": {
"remote": "https://gitlab.com/rocketpadplatforms/platform/modules/sealed-secrets.git",
"subdir": ""
}
},
"version": "main"
},
],
"legacyImports": false
}
Now that the modules repository is added as an dependency it can be installed / pulled into the /deps folder by using the Jsonnet Bundler, which can be installed directly using GO the same way as Jsonnet itself was installed before.
go install -a github.com/jsonnet-bundler/jsonnet-bundler/cmd/jb@latest
With Jsonnet Bundler installed we have access to the jb command within the terminal and it can be used to pull all the dependencies defined in the jsonnetfile.json.
jb update https://gitlab.com/rocketpadplatforms/platform/modules/sealed-secrets.git
The jb update REPO_URL command with a specific git url will only update a specific repository. Using jb update without a specified url will update all dependencies within the jsonnetfile.json
2. Add module to bootstrap
The module is now available in the dependencies folder. From there it can be referenced and included into the bootstrap process. In order to include it into the bootstrapping process the /bootstrap/main.jsonnet file is used.
The file has multiple imports at the top and a function that is used to bootstrap the cluster from the current git repository. In order to add the module add the path to the module inside the deps folder at the top to the imports. As an example here we added the Sealed Secrets module to the bootstrap main.jsonnet
local platformApps = import '../deps/vendor/gitlab.com/rocketpadplatforms/platform/base/apps.libsonnet';
local providerApps = import '../deps/vendor/gitlab.com/rocketpadplatforms/platform/provider/talos/apps.libsonnet';
local rootApp = import '../deps/vendor/gitlab.com/rocketpadplatforms/platform/base/root.libsonnet';
local config = import './config.libsonnet';
local path = import '../deps/vendor/gitlab.com/rocketpadplatforms/platform/base/deps/vendor/gitlab.com/rocketpadplatforms/platform/util-libsonnet/util-libsonnet/path.libsonnet';
local sealedSecretsModule = import '../deps/vendor/gitlab.com/rocketpadplatforms/platform/modules/sealed-secrets/root.libsonnet'; # Here we import the sealed secrets module from the dependencies
function(root=false, repoURL='YOUR_REPO_URL', revision='HEAD', pathPrefix='./bootstrap', dynamicConfig={})
local apps = {
platform: platformApps(repoURL, revision, (path.new(pathPrefix) + path.join('../deps/vendor/gitlab.com/rocketpadplatforms/platform/base/')).path, dynamicConfig=dynamicConfig) {
config+: config + dynamicConfig,
},
provider: providerApps(repoURL, revision, (path.new(pathPrefix) + path.join('../deps/vendor/gitlab.com/rocketpadplatforms/platform/provider/talos/')).path, dynamicConfig=dynamicConfig) {
config+: config + dynamicConfig,
},
sealedSecrets: sealedSecretsModule(repoURL, revision, (path.new(pathPrefix) + path.join('../deps/vendor/gitlab.com/rocketpadplatforms/platform/modules/sealed-secrets/')).path, dynamicConfig=std.get(dynamicConfig, 'sealedSecrets', {})),
}; # Here we load the sealed Secrets module and overwrite its config with what is defined in the global config under the key sealedSecrets
if !root then
apps.platform.flattened
+ apps.provider.flattened
+ apps.sealedSecrets.flattened # This will finally add the kubernetes manifests generated by the module to the bootstrap manifests to be applied by Argocd on the next commit.
else
apps.platform.bootstrap
+ [rootApp(repoURL=repoURL, revision=revision, path=pathPrefix, dynamicConfig=dynamicConfig)]
2. Configure Modules
The module is installed and added to bootstrap. But most modules need special configuration.
The best way to get the config into the module is to use an additional key within the global dynamic config in /bootstrap/config.libsonnet for general configuration or over terraform to inject secrets.
The config within this additional key can be selected from the global config and injected into the module as seen above in the /bootstrap/main.libsonnet.
In order for this to work the key for the config within the global dynamic config needs to be exactly the same as in the /bootstrap/main.jsonnet file.
In case of the sealed secrets module used as an example we don't need additional configuration. It can bootstrap with the provided defaults. But if we want to add custom certificates for example we can overwrite the config as follows:
{
sealedSecrets: {
customCertificate+: {
enabled: true,
certificate: 'MY_CERTIFICATE_DATA'
key: 'MY_KEY_DATA'
}
}
}
Go into the modules git repository or your deps folder and look into the config.libsonnet file in the root folder of the module to see what can be configured and what defaults are used