Overview

In this guide we will create a Liquid Metal Platform on devices hosted by Equinix Metal.

The Platform we will end up with is the one used by the team for testing and delivering demos in a near-Production environment. Therefore it is a good place to start and learn more about Liquid Metal while you fine-tune your environments.

Requirements

You will need to have the following to complete this tutorial:

• An Equinix Account
• A Tailscale account
• terraform installed locally
• tailscale installed locally
• kind installed locally
• kubectl installed locally
• clusterctl installed locally

NOTE

Please do not authenticate your local machine to Tailscale just now.

Outcomes

We will be using Terraform and the terraform-equinix-liquidmetal to provision our infrastructure.

The module will create the following in your org:

• A new project
• A VLAN in that project
• A "networking hub" device to run our DHCP server, NAT forwarding and VPN subnet router
• N devices to act as MicroVM hosts running the flintlockd service

The following networking topology will be applied:

• All devices will be configured in Hybrid Bonded mode.
• All devices will be connected to a VLAN (100) tagged to their bonded interface. The VLAN's subnet will be 192.168.10.0/25.
• A DHCP server will be configured to assign MicroVM addresses from within that VLAN's private range.
• MicroVMs will have macvtap devices mapped to their host's VLAN interface.
• NAT and filter rules will forward egress traffic from the VLAN interface to the parent bond.
• A VPN subnet router will route traffic from local VPN-connected devices to MicroVMs in the private subnet.

danger

At the time of writing, the private subnet for MicroVMs (192.168.10.0/25) is not configurable with the terraform module used in this tutorial. This may cause issues if you are using the same network on your local workstation.

Fixing this is on our todo list.