Connect your AKS cluster to Ocean using Terraform

Spot by NetApp serves hundreds of customers across industries, with different systems, environments, processes and tools. With this in mind, Spot aims to develop our products with flexibility so that whatever the use case, companies can get the full benefits of the cloud. Spot easily plugs into many tools that DevOps teams are already using, from CI/CD to infrastructure as code, including Terraform. 

The integration between Terraform and Spot helps our users build, modify and version infrastructure easily and efficiently. Spot Ocean users that are running their Kubernetes applications with AWS EKS and ECS, or Azure AKS can manage their clusters via the Ocean UI, API or via Terraform. Existing templates are kept in place while Ocean determines and provisions the best possible mix of server sizes, types and life cycles for the workload.

Since Spot recently announced Ocean for Azure Kubernetes Service, let’s walk through the steps for connecting an AKS cluster to Ocean using Terraform. 

Before connecting the AKS cluster to Ocean, verify that you have: 

  1. Connected an Azure account to Spot
  2. AKS cluster running with at least one node.
  3. Kubernetes command-line tool, kubectl, installed on the user’s workstation and configured to work with the relevant AKS cluster.

Connect & Import an AKS cluster to Ocean SaaS

First, you’ll need to install the Ocean controller and import the AKS cluster Spot by Netapp BE. If you were to import the cluster manually, you’d have to run three scripts on one of the nodes in the cluster. Using Terraform, you don’t have to run the scripts on your instances. Instead, all you need to do is run the modules below for the Ocean controller and to create the cluster. 

In order to install the Ocean controller, you need to provide a Spot account, Spot token and your cluster identifier.

In addition, you need to provide an AKS identifier in the following format:

acd-XXXXXXXX  

Note: The last 8 digits of the identifier are user generated.

The AKS identifier will be used to validate the import process against the Ocean SaaS later on.

Now, run the following script:

module "ocean-controller" {
    source = "spotinst/ocean-controller/spotinst" 
# Credentials.  
   spotinst_token = "redacted" 
   spotinst_account = "redacted"
# Configuration. 
   cluster_identifier = "ocean-westus-dev-aks" 
   acd_identifier = "acd-12345678"
 }

This module installs the Ocean controller and imports your cluster to Spot by Netapp BE service.

Create an Ocean AKS Cluster 

After the data in the cluster is imported to Ocean SaaS, you can now create an Ocean cluster using Terraform. To do this, you’ll need to create the spotinst_ocean_aks resource that will be associated with your AKS cluster. 

All cluster configurations will be imported from Ocean SaaS using the same acd_identifier (acd-xxxxxxxx) that you specified in the ocean-controller module.

When you create the Ocean AKS cluster via Terraform, a third script will run as part of the  ocean-aks module that will adjust Azure Managed Service Identity (MSI) permissions for Ocean to use when provisioning new nodes.

Note: Don’t forget to fill the relevant fields under managed_service_identity, as it is necessary to run the script for MSI permissions. 

Users can edit the values of imported fields, although they are not specified in the Terraform template. Spot specifies these fields as computed, and users can update the values during or after cluster creation.

With these simple steps, you’re now managing Ocean AKS clusters via Terraform. Next, you can streamline management even further into Terraform, you can also use a resource in Terraform to manage your Ocean Virtual Node Groups. (spotinst_ocean_aks_virtual_node_group) 


For more information on Spot Ocean and Terraform, visit our documentation.

If you’re an AWS customer, check out is video below for a demo of Ocean for EKS and Terraform.