You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

71 lines
2.7 KiB

  1. ## Kubernetes on AWS with Terraform
  2. **Overview:**
  3. This project will create:
  4. * VPC with Public and Private Subnets in # Availability Zones
  5. * Bastion Hosts and NAT Gateways in the Public Subnet
  6. * A dynamic number of masters, etcd, and worker nodes in the Private Subnet
  7. * even distributed over the # of Availability Zones
  8. * AWS ELB in the Public Subnet for accessing the Kubernetes API from the internet
  9. **Requirements**
  10. - Terraform 0.8.7 or newer
  11. **How to Use:**
  12. - Export the variables for your AWS credentials or edit `credentials.tfvars`:
  13. ```
  14. export AWS_ACCESS_KEY_ID="www"
  15. export AWS_SECRET_ACCESS_KEY ="xxx"
  16. export AWS_SSH_KEY_NAME="yyy"
  17. export AWS_DEFAULT_REGION="zzz"
  18. ```
  19. - Rename `contrib/terraform/aws/terraform.tfvars.example` to `terraform.tfvars`
  20. - Update `contrib/terraform/aws/terraform.tfvars` with your data
  21. - Allocate a new AWS Elastic IP. Use this for your `loadbalancer_apiserver_address` value (below)
  22. - Create an AWS EC2 SSH Key
  23. - Run with `terraform apply --var-file="credentials.tfvars"` or `terraform apply` depending if you exported your AWS credentials
  24. Example:
  25. ```commandline
  26. terraform apply -var-file=credentials.tfvars -var 'loadbalancer_apiserver_address=34.212.228.77'
  27. ```
  28. - Terraform automatically creates an Ansible Inventory file called `hosts` with the created infrastructure in the directory `inventory`
  29. - Ansible will automatically generate an ssh config file for your bastion hosts. To connect to hosts with ssh using bastion host use generated ssh-bastion.conf.
  30. Ansible automatically detects bastion and changes ssh_args
  31. ```commandline
  32. ssh -F ./ssh-bastion.conf user@$ip
  33. ```
  34. - Once the infrastructure is created, you can run the kubespray playbooks and supply inventory/hosts with the `-i` flag.
  35. Example (this one assumes you are using CoreOS)
  36. ```commandline
  37. ansible-playbook -i ./inventory/hosts ./cluster.yml -e ansible_ssh_user=core -e bootstrap_os=coreos -b --become-user=root --flush-cache
  38. ```
  39. **Troubleshooting**
  40. ***Remaining AWS IAM Instance Profile***:
  41. If the cluster was destroyed without using Terraform it is possible that
  42. the AWS IAM Instance Profiles still remain. To delete them you can use
  43. the `AWS CLI` with the following command:
  44. ```
  45. aws iam delete-instance-profile --region <region_name> --instance-profile-name <profile_name>
  46. ```
  47. ***Ansible Inventory doesnt get created:***
  48. It could happen that Terraform doesnt create an Ansible Inventory file automatically. If this is the case copy the output after `inventory=` and create a file named `hosts`in the directory `inventory` and paste the inventory into the file.
  49. **Architecture**
  50. Pictured is an AWS Infrastructure created with this Terraform project distributed over two Availability Zones.
  51. ![AWS Infrastructure with Terraform ](docs/aws_kubespray.png)