Cloud Native CI/CD with GitLab

The Infrastructure

Our goal here is to create a learning environment. An Ubuntu 24.04 server where we can deploy our applications and experiment with different configurations. For this purpose, we will use DigitalOcean and Terraform.

DigitalOcean is a cloud provider that offers a simple and easy-to-use interface to create and manage servers. It's one of the most accessible cloud providers for beginners and small projects and has a good reputation for its simplicity and reliability. Compared to AWS, Azure, and Google Cloud, DigitalOcean has cheaper prices and a more straightforward interface. Hence, it's a good choice to learn and experiment.

Feel free to use my referral link to create an account on DigitalOcean and get $200 in free credits.

You can use any other cloud provider if you prefer or use your local machine, but I recommend following this guide and creating a server on DigitalOcean for the following reasons:

• You will avoid any issues related to the differences between the environment used in this guide and your local environment.
• You will keep your local machine clean and free from any dependencies that you might not need in the future.
• If you are using Windows, you will avoid any issues related to the differences between Windows and Unix-based systems since the code and commands in this guide were executed and tested on an Ubuntu 24.04 server.

Let's move to creating the server on DigitalOcean using Terraform. If you want to create your server using the DigitalOcean interface, you can skip this part.

After creating an account on DigitalOcean, you need to generate an API token to feed it to Terraform. This token will allow Terraform to interact with your DigitalOcean account and create resources on your behalf. You can generate a new token by going to the API section of your DigitalOcean account. Click on the "Generate New Token" button and give it a name or by using the following URL (you need to be logged in): https://cloud.digitalocean.com/account/api/tokens/new.

Enter the token name (we will use learning but you can choose any other name), choose the expiration date (e.g. 90 days), and give your token read and write access - choose Full Access from the list of scopes. If you want to restrict the token to specific resources, you can do so by choosing "Custom Scopes" and selecting the resources you want to allow access to.

Copy the token and save it in a safe place. You will need it later when configuring Terraform.

You also need to install Terraform on your local machine. The only time we will use your machine is to run Terraform commands to create a new server on DigitalOcean. Everything else will be done on the server itself.

The installation is simple and straightforward. You can follow the official documentation.

For example, on Ubuntu/Debian, you can run the following commands:

# Install gnupg and software-properties-common
sudo apt-get update && sudo apt-get install -y gnupg software-properties-common

# Add the HashiCorp GPG key
wget -O- https://apt.releases.hashicorp.com/gpg | \
gpg --dearmor | \
sudo tee /usr/share/keyrings/hashicorp-archive-keyring.gpg > /dev/null

# Verify the key's fingerprint
gpg --no-default-keyring \
--keyring /usr/share/keyrings/hashicorp-archive-keyring.gpg \
--fingerprint

# Add the official HashiCorp Linux repository
echo "deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] \
https://apt.releases.hashicorp.com $(lsb_release -cs) main" | \
sudo tee /etc/apt/sources.list.d/hashicorp.list

# Update your repositories index
sudo apt update 

# Install Terraform
sudo apt install terraform

On MacOS, you can use Homebrew to install Terraform:

# Install HashiCorp tap
brew tap hashicorp/tap

# Install Terraform
brew install hashicorp/tap/terraform

# Upgrade Homebrew
brew update

# Upgrade Terraform
brew upgrade hashicorp/tap/terraform

Windows users can use Chocolatey:

choco install terraform

The server we are going to create will be passwordless. We will use SSH keys to connect to it. Create a new SSH key pair using this command:

ssh-keygen -t rsa \
-b 4096 \
-C "learning" \
-f ~/.ssh/learning \
-N ""

If you are using Windows, make sure you have either Git Bash, Windows Subsystem for Linux (WSL), or any other tool that provides an SSH client.

To use Terraform with DigitalOcean, we need to define the following variables:

• The region where the server will be created (e.g. nyc1 for New York, sfo2 for San Francisco, etc.). For this guide, we will use FRA1 for Frankfurt. Feel free to choose any other region but make sure to adapt the instructions accordingly.
• The VPC ID (Virtual Private Cloud) where the server will be created. In every region, DigitalOcean has a default VPC. We will create a new VPC for this guide on the Frankfurt region.
• The name of the image that will be used to create the server. Every Linux distribution has a specific image name. We will use ubuntu-20-04-x64 for this guide.
• The size of the server. DigitalOcean offers different sizes for servers. We will use s-2vcpu-4gb for this guide.
• The name of the project. DigitalOcean uses projects to group resources. We will use learning as the project name.
• The SSH key to connect to the server. We will use the SSH key we created earlier.
• The name of the server. We will use dev as the server name. You can also choose any other name like cicd.

Let's create a folder where we will store the Terraform configuration files:

mkdir -p $HOME/terraform/digitalocean && cd $HOME/terraform/digitalocean

Use the following code to create a main.tf file:

cat <<EOF > $HOME/terraform/digitalocean/main.tf
terraform {
  required_providers {
    // Specifies the provider and version required for this configuration.
    // Here, we are using the DigitalOcean provider.
    digitalocean = {
      source = "digitalocean/digitalocean"
      version = "~> 2.0"      
    }
  }
}

variable "region" {
  // Default region for deploying the resources.
  // "fra1" corresponds to Frankfurt, Germany.
  default = "fra1"
}

variable "image" {
  // Default image for the droplets.
  // "ubuntu-24-04-x64" specifies the Ubuntu 24.04 operating system (64-bit).
  default = "ubuntu-24-04-x64"
}

resource "digitalocean_ssh_key" "my_ssh_key" {
  // Defines an SSH key resource.
  // The SSH key will be used to access the created droplets.

  // Name of the SSH key.
  name       = "learning" 
  // Path to the public key file.
  public_key = file("~/.ssh/learning.pub")  
}

// Define a list of names for the droplets
variable "names" {
  // A list of droplet names to be created.
  // The default list contains one droplet named "dev".
  default = [    
    "dev",
  ]
}

variable "size" {
  // Default size for the droplets.
  // "s-2vcpu-4gb" specifies a droplet with 2 virtual CPUs and 4 GB of RAM.
  default = "s-2vcpu-4gb"
}

resource