Deploy your Kubernetes cluster on DigitalOcean using Terraform.
- DigitalOcean account
- DigitalOcean Token In DO's settings/tokens/new
- Terraform
With brew installed, all tools can be installed with
brew install terraform kubectl
Do all the following steps from a development machine. It does not matter where it is, as long as it is connected to the internet. This one will be subsequently used to access the cluster via kubectl
.
ssh-keygen -t rsa -b 4096
The system will prompt you for a file path to save the key, we will go with ~/.ssh/id_rsa
in this tutorial.
Do it here. Name it and paste the public key just below Add SSH Key
.
eval `ssh-agent -s`
ssh-add ~/.ssh/id_rsa
We put our DigitalOcean token in the file ./secrets/DO_TOKEN
(this directory is mentioned in .gitignore
, of course, so we don't leak it)
Then we setup the environment variables (step into this repository
root). Note that the first variable sets up the number of workers
export TF_VAR_number_of_workers=3
export TF_VAR_do_token=$(cat ./secrets/DO_TOKEN)
export TF_VAR_ssh_fingerprint=$(ssh-keygen -E MD5 -lf ~/.ssh/id_rsa.pub | awk '{print $2}' | sed 's/MD5://g')
If you are using an older version of OpenSSH (<6.9), replace the last line with
export TF_VAR_ssh_fingerprint=$(ssh-keygen -lf ~/.ssh/id_rsa.pub | awk '{print $2}')
There is a convenience script for you in ./setup_terraform.sh
. Invoke it as
. ./setup_terraform.sh
Optionally, you can customize the datacenter region via:
export TF_VAR_do_region=fra1
The default region is nyc3
. You can find a list of available regions from DigitalOcean.
After setup, call terraform apply
terraform apply
That should do! kubectl
is configured, so you can just check the nodes (get no
) and the pods (get po
).
$ KUBECONFIG=$PWD/secrets/admin.conf kubectl get no
NAME LABELS STATUS
X.X.X.X kubernetes.io/hostname=X.X.X.X Ready 2m
Y.Y.Y.Y kubernetes.io/hostname=Y.Y.Y.Y Ready 2m
$ KUBECONFIG=$PWD/secrets/admin.conf kubectl --namespace=kube-system get po
NAME READY STATUS RESTARTS AGE
kube-apiserver-X.X.X.X 1/1 Running 0 13m
kube-controller-manager-X.X.X.X 1/1 Running 0 12m
kube-proxy-X.X.X.X 1/1 Running 0 12m
kube-proxy-X.X.X.X 1/1 Running 0 11m
kube-proxy-X.X.X.X 1/1 Running 0 12m
kube-scheduler-X.X.X.X 1/1 Running 0 13m
You are good to go. Now, we can keep on reading to dive into the specifics.
After the installation is complete, terraform
will put the kubeconfig in secrets/admin.conf
. Test your brand new cluster
KUBECONF=$PWD/secrets/admin.conf kubectl get nodes
You should get something similar to
$ kubectl get nodes
NAME LABELS STATUS
X.X.X.X kubernetes.io/hostname=X.X.X.X Ready
The file 04-microbot.yaml
will be rendered (i.e. replace the value EXT_IP1
), and then kubectl
will create the Service and Replication Controller.
To see the IP of the service, run kubectl get svc
and look for the EXTERNAL-IP
(should be the first worker's ext-ip).