Skip to content

Commit

Permalink
discourage use of ibm_container_bind_service (IBM-Cloud#5588)
Browse files Browse the repository at this point in the history 
* discourage use of ibm_container_bind_service

Signed-off-by: Bence Vidosits <bence.vidosits1@ibm.com>

* fix link

---------

Signed-off-by: Bence Vidosits <bence.vidosits1@ibm.com>
Co-authored-by: Bence Vidosits <bence.vidosits1@ibm.com>
  • Loading branch information
@bevicted
2 people authored and Srikant Sahu committed Sep 24, 2024
1 parent e281918 commit bdc87d9
Show file tree
Hide file tree
Showing 2 changed files with 55 additions and 0 deletions.
51 changes: 51 additions & 0 deletions website/docs/guides/binding-services.html.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,51 @@
---
subcategory: ""
layout: "ibm"
page_title: "Binding a Service to a Cluster"
description: |-
Bind an IBM Cloud service to an IBM Cloud Kubernetes Service cluster.
---

# Binding a Service to a Cluster

Bind an IBM Cloud service to an IBM Cloud Kubernetes Service cluster. Service binding is a quick way to create service credentials for an IBM Cloud service by using its public service endpoint and storing these credentials in a Kubernetes secret in your cluster. The Kubernetes secret is automatically encrypted in etcd to protect your data.

To bind a service to your cluster, you need to:

1. Create a resource key for the service
2. Use the target cluster's config as the `kubernetes` provider's configuration
3. Create a kubernetes secret, using the resource key's credentials

## Example

In the following example, we bind the `ibm_resource_instance.kms` service to `ibm_container_cluster.cluster`.

```terraform
// create resource key
resource "ibm_resource_key" "kms_key" {
name = "kms_key"
resource_instance_id = ibm_resource_instance.kms.id
}
// get cluster config by cluster ID
data "ibm_container_cluster_config" "cluster_config" {
cluster_name_id = ibm_container_cluster.cluster.id
}
// use kubernetes provider configuration from cluster
provider "kubernetes" {
host = data.ibm_container_cluster_config.cluster_config.host
token = data.ibm_container_cluster_config.cluster_config.token
cluster_ca_certificate = data.ibm_container_cluster_config.cluster_config.ca_certificate
}
// create kubernetes secret from resource key's credentials
resource "kubernetes_secret_v1" "kms_secret" {
metadata {
name = "kms-secret"
namespace = "default"
}
data = ibm_resource_key.kms_key.credentials
}
```
4 changes: 4 additions & 0 deletions website/docs/r/container_bind_service.html.markdown
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,10 @@ description: |-
---

# ibm_container_bind_service

> [!CAUTION]
> This resource will be deprecated, please check [this guide](https://registry.terraform.io/providers/IBM-Cloud/ibm/latest/docs/guides/binding-services) on how to bind services.
Bind an IBM Cloud service to an IBM Cloud Kubernetes Service cluster. Service binding is a quick way to create service credentials for an IBM Cloud service by using its public service endpoint and storing these credentials in a Kubernetes secret in your cluster. The Kubernetes secret is automatically encrypted in etcd to protect your data.

To bind a service to your cluster, you must provision an instance of the service first. For more information, about service binding, see [Adding services by using IBM Cloud service binding](https://cloud.ibm.com/docs/containers?topic=containers-service-binding).
Expand Down

0 comments on commit bdc87d9

Please sign in to comment.