# Lotus Land Story

- `LINODE_TOKEN`: See https://cloud.linode.com/profile/tokens
- `KUBECONFIG`: Set to `.kube/config`

```
# Install tooling
brew install kubernetes-cli terraform

# Bootstrapping
(cd bootstrap && terraform init && terraform apply)

# Terraform commands
terraform plan
terraform apply
terraform destroy
```

## References

- https://learnk8s.io/terraform-lke
- https://cert-manager.io/docs/tutorials/acme/ingress/
- https://www.linode.com/community/questions/20215/how-to-re-attach-persistent-volume-to-pod-when-claim-is-deleted
- Terraform providers
  - [kubernetes](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs)
  - [linode](https://registry.terraform.io/providers/linode/linode/latest/docs)

  > At first I get new PVC uid by command:
  > `kubectl get pvc my-pvc-0 -o yaml | grep uid`
  > Then I edit new empty volume, what provisioned by CSI Driver and remove claim - pv binding by removing claimRef section in:
  > `kubectl edit pv pvc-yyyyyyyyyyyy`
  > After that new PV change status to "Available" and can be deleted.
  > Then I edit old PV, what I want to bind with pod via new claim and put PVC uid to claimRef section:
  > `kubectl edit pv pvc-xxxxxxxxxxx`
  > After that, the old volume became associated with the new claim.

## TODO

- Encrypt data at rest?
  - https://kubernetes.io/docs/tasks/administer-cluster/encrypt-data/