-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add kops #14
base: add-vpc
Are you sure you want to change the base?
Add kops #14
Changes from all commits
1e8a581
674dbc1
2d65e0b
ca648e2
dd8093c
10cc7b0
8083298
d6039e2
04bcd09
030e3cf
01e47a1
928bf95
58d7fe8
e8797b8
26398fd
76c5ece
f0ab6a8
3e2439f
db43d0b
4be7b86
ba68023
627ed03
23007ed
a5e4344
cfb9204
0145db4
0abf158
a8b743b
5634b4c
ee8ead3
d3fd612
c23cdeb
722e8c6
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,9 +1,121 @@ | ||
# Runnable On-Prem Terraform | ||
|
||
### Dependencies | ||
|
||
``` | ||
brew install terraform kops jq kubectl | ||
``` | ||
|
||
[How to install homebrew](https://brew.sh/). | ||
|
||
### Step 1: Obtaining AWS Access Tokens | ||
|
||
1. https://console.aws.amazon.com/iam/home?region=us-east-2#/security_credential | ||
2. Click create new access key | ||
|
||
``` | ||
# TODO: Define permisisons | ||
export AWS_ACCESS_KEY_ID= | ||
export AWS_SECRET_ACCESS_KEY= | ||
terraform get | ||
terraform plan | ||
terraform apply | ||
|
||
``` | ||
[How to get access tokens](http://docs.aws.amazon.com/lambda/latest/dg/getting-started.html) | ||
|
||
### Step 2: Populating Variables | ||
|
||
Populate `environments/main.tfvars` with correct variables. | ||
|
||
The following are the only required variables: | ||
|
||
``` | ||
# Domain to be used by Runnable. | ||
# Access to setting DNS nameservers is required. | ||
# Multiple subdomains must be set for this domain | ||
domain = "runnable.com" | ||
# A Github organization id (See below of obtaining ID) | ||
github_org_id = "2828361" # Github ID for organization | ||
# Location of previously generationg configuation | ||
# Should be generated using github.com/CodeNow/on-prem-devops-scripts | ||
lc_user_data_file_location = "~/dock-runnable-on-prem.sh" # File must be already generated | ||
# Path to a public key (See below of generating public key) | ||
public_key_path = "~/.ssh/*.pub" # A public key | ||
``` | ||
|
||
##### Obtaining A Github ID} | ||
|
||
``` | ||
curl -sS "https://api.github.com/orgs/${ORGNAME}" | jq '.id' | ||
``` | ||
|
||
##### Obtaining A Public Key From Private Key | ||
|
||
``` | ||
ssh-keygen -y -f ~/.ssh/${NAME}.pem >> ~/.ssh/${NAME}.pem.pub | ||
``` | ||
|
||
##### Creating a New Public Key | ||
``` | ||
openssl req -newkey rsa:2048 -new -nodes -keyout key.pem | ||
chmod 400 key.pem | ||
ssh-keygen -y -f key.pem >> key.pem.pub | ||
``` | ||
|
||
### Step 3: Init Terraform and Apply First Part | ||
|
||
``` | ||
terraform init | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. add There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. You're supposed to run it from this directory... |
||
# Bug in terraform requires explicitely requiring submodules https://github.com/hashicorp/terraform/issues/5190 | ||
terraform apply -target=module.step_1.module.key_pair -target=module.step_1.module.vpc -target=module.step_1.module.route53 -target=module.step_1.module.s3 -var-file="environments/main.tfvars" | ||
``` | ||
|
||
### Step 4: Update DNS | ||
|
||
Using the output of the command above you can see the DNS entry section, update your DNS to match these records. There should 4 entries. DNS nameservers need to be propagated before going on to the next step. | ||
|
||
### Step 5: Create Kops configuration | ||
|
||
[kops]() is a tool to automatically spin up | ||
|
||
``` | ||
bash create-k8-cluster.bash environments/main.tfvars | ||
``` | ||
|
||
### Step 6: Apply configuration | ||
|
||
Finally, it's time to create the infrastructure. This includes the kuberentes cluster, the auto scaling group for the dock workers, and the RDS database. | ||
|
||
If you want to review the resources to be created, first run `terraform plan -var-file="environments/main.tfvars"`. | ||
|
||
When you're ready to apply changes, just run | ||
|
||
``` | ||
terraform apply -var-file="environments/main.tfvars" | ||
``` | ||
|
||
### Step 7: Confirm Cluster is Up | ||
|
||
After finishing the setup, you can now test if the cluster is up by running the following command (This can take a few minutes). | ||
|
||
``` | ||
kubectl get nodes | ||
``` | ||
|
||
You should see something like this. It will take some time for nodes to appear as "Ready": | ||
|
||
``` | ||
$ kubectl get nodes | ||
NAME STATUS AGE VERSION | ||
ip-10-10-34-129.us-west-2.compute.internal Ready,master 1h v1.5.7 | ||
ip-10-10-57-73.us-west-2.compute.internal Ready 1h v1.5.7 | ||
ip-10-10-61-76.us-west-2.compute.internal Ready 1h v1.5.7 | ||
``` | ||
|
||
### Step 8: Add dashboard | ||
|
||
After cluster is ready, run the following command to run the dashboard: | ||
|
||
``` | ||
kubectl create -f https://raw.githubusercontent.com/kubernetes/kops/master/addons/kubernetes-dashboard/v1.6.0.yaml | ||
``` | ||
|
||
Then, run `kubectl proxy` and go to [`127.0.0.1:8001/ui/`](http://127.0.0.1:8001/ui) to test it. |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,30 @@ | ||
#!/usr/bin/env bash | ||
|
||
# We need to run a refresh before we can run `terraform output` | ||
terraform refresh -var-file=$1 > /dev/null | ||
|
||
JSON=$(terraform output -json) | ||
REGION=$(echo $JSON | jq --raw-output '.aws_region.value') | ||
ENV=$(echo $JSON | jq --raw-output '.environment.value') | ||
VPC_ID=$(echo $JSON | jq --raw-output '.vpc_id.value') | ||
BUCKET_NAME=$(echo $JSON | jq --raw-output '.kops_config_bucket.value') | ||
CLUSTER_NAME=$(echo $JSON | jq --raw-output '.cluster_name.value') | ||
SSH_PUBLIC_KEY_PATH=$(echo $JSON | jq --raw-output '.ssh_public_key_path.value') | ||
|
||
echo "Creating cluster in VPC $VPC_ID with name $CLUSTER_NAME" | ||
|
||
kops create cluster \ | ||
--zones="${REGION}a" \ | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. why did you add There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Needs to be |
||
--name=${CLUSTER_NAME} \ | ||
--vpc=${VPC_ID} \ | ||
--node-count=3 \ | ||
--cloud=aws \ | ||
--cloud-labels="Environment=${ENV}" \ | ||
--ssh-public-key=${SSH_PUBLIC_KEY_PATH} \ | ||
--state=s3://${BUCKET_NAME} \ | ||
--node-size=m4.large \ | ||
--master-size=m4.large \ | ||
--out=./step-2-kops --target=terraform | ||
|
||
# Move file in order for it to be a valid module | ||
mv ./step-2-kops/kubernetes.tf ./step-2-kops/main.tf |
This file was deleted.
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,15 +1,9 @@ | ||
# All variables in this document should match | ||
domain = "" | ||
github_org_id = "" | ||
public_key = "" | ||
db_username = "" # Must start with a letter | ||
db_password = "" | ||
db_subnet_group_name = "" | ||
main_host_vpc_id = "" | ||
main_host_subnet_id = "" | ||
main_host_private_ip = "10.4.0.100" | ||
dock_subnet_id = "" | ||
github_org_id = "" | ||
key_name = "" | ||
lc_user_data_file_location = "~/dock-runnable-on-prem.sh" | ||
bastion_sg_id = "" | ||
environment = "runnable-on-prem" | ||
aws_region = "us-west-2" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
we should also provide link to install brew.