<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=521127644762074&amp;ev=PageView&amp;noscript=1">

Update to Pentagon: a Framework for Building Kubernetes-based Infrastructure

Pentagon is an open source tool that dramatically reduces the number of manual steps required to create an infrastructure. It saves time, reduces errors and vastly improves standardization and consistency. Best of all, engineers outside the Fairwinds organization can use it.

So what exactly is Pentagon?

In a nutshell, Pentagon is ReactiveOps’ open source framework for building repeatable, cloud-based infrastructure as code with Kubernetes. Pentagon creates vanilla Kubernetes-based infrastructure in an opinionated way in your own AWS account, generating configuration files for Terraform, Ansible and kops (ops tools for managing infrastructure and creating Kubernetes clusters in AWS). These configuration files allow you to create a Kubernetes cluster, including a new VPC and a VPN.

Why We Use Pentagon at Fairwinds

We created Pentagon because we wanted a way to quickly build uniform infrastructure. When we manage our clients’ infrastructure, all their code is organized the same and the tooling is the same. As a result, there are fewer surprises, gotchas and departures from our best practices.

Let’s use AWS as an example. It’s near impossible to go from AWS to production ready in a couple months, especially when you’re starting from scratch. And if you wanted to build a base framework like Pentagon on your own, it would take months. With Pentagon, you can speed up the entire process.

How Pentagon Works

In short, Pentagon generates configuration files. If you want to tailor Pentagon for your infrastructure, all you need to do is change the configuration files or add new configuration files to your Terraform or Ansible. You can take the directory that the Pentagon tool creates and make it whatever you want it to be.

Robust Default Feature Set

With Pentagon, you get a network with a cluster that has the following default features:

  • Segregated multiple development / non-production environments
  • VPN-based access control
  • Configuration that is highly available and built across multiple Availability Zones

The most recent release of Pentagon incorporates the concept of components, and Pentagon itself is now extensible with defined component classes. This means you can bring arbitrary code into the Pentagon framework to generate whatever set of files Fairwinds you want your components to generate.

Why Fairwinds Open Sources Pentagon

Fairwinds is a service company, not a product company. Our core competency is our ability to manage infrastructure, along with our collective knowledge of cloud infrastructure and Kubernetes infrastructure. We’ve defined our best practices in code and open sourced our tool, and our clients can see these best practices based on the code in the repository.

Using standard best practices means we don’t have to recreate the wheel with every new client. Pentagon enables us to make the process repeatable to greatly reduce our management effort. It also allows us to focus on higher-value tasks vs. automatable tasks.

Why You Should Use Pentagon

Why Use It

It’s a good starting point for someone who has a level of ops knowledge but doesn’t want to write their own Terraform VPC module or figure out VPN on their own. With Pentagon, the batteries are included.

When these tools are run in a specific order using the steps we give you, the result is a VPC with a VPN and a Kubernetes cluster in AWS. While Pentagon is designed to be customizable, it includes defaults that fit most software infrastructure needs.

Why Pentagon Was Hard to Use in the Past

When we initially open sourced it, Pentagon documentation was scattered and difficult to understand. It wasn’t tailored toward open source users; instead, it was tailored for the domain knowledge experts at Fairwinds who received in-house training and had access to extremely detailed documentation that wasn’t open sourced. That translated into a big learning curve for engineers outside our organization.

Why Pentagon Is More User Friendly Today

We’ve aimed to make it easier for those outside Fairwinds and without domain knowledge to get started using Pentagon to create great infrastructure. We’re continually working to make Pentagon more user friendly to the open source community, and Pentagon is now well-documented. Today, the references to closed-source documentation are gone, and we’ve defined and minimized the number of steps required to create a Kubernetes cluster.

Whereas the first generation of Pentagon involved highly manual processes, now you can configure everything within the bounds of the Pentagon structure from the initial Pentagon start-project command. The entire process is automated right up to creating the Kubernetes cluster. With just two commands, you can get to a VPC with a running VPN. From there, you can write a Python module that will extend the functionality of the Pentagon program.

Commands Used to Get a Cluster Up and Running

Additional Details

One thing that’s important to note is that Pentagon is a Python program that produces a directory. Pentagon itself isn’t the directory; instead, it’s a generator of a defined directory structure. Much like  Ruby on Rails is a generator. The directory defines a basic set of configurations for Ansible, Terraform and kops.

It’s also important to note that Pentagon doesn’t create a Kubernetes cluster automatically. While the process required to prepare to create a Kubernetes cluster requires only two commands, the process of creating a Kubernetes cluster itself is much more detailed (and requires extensive documentation and DevOps and Kubernetes expertise).

Specific Commands to Create a Pentagon Project

---
> pentagon start-project <project-name> --aws-access-key <aws-access-key>
--aws-secret-key <aws-secret-key> --aws-default-region <aws-default-region> > cd <project-name>-infrastructure > make all

GitHub

reactiveops/pentagon

You can learn more about getting started with Pentagon here.

The Future of Pentagon

We are excited to have just released templating and automating the creation of the kops/Kubernetes cluster in AWS.  Fairwinds is also working on improving Google Container Engine (GKE) support on Google Cloud Platform. Further, we’re working on a process by which we can use multiple projects and multiple accounts inside one Pentagon repository. Our goal is to expand what we can do inside our kops cluster and to automatically enable key features in Kubernetes.

Pentagon is designed to allow our team to build many complex infrastructures quickly and maintain them securely, affordably and consistently. It enables us to start from an existing code base. It’s built to allow for complex customization, and we can tailor that base as needed. Just as importantly, so can you.

With Pentagon, our team streamlines the creation of clusters – and if you choose to take advantage of all that Pentagon has to offer, you’ll find that you can save your team considerable time and frustration as well.