This project provides terraform and some scripts to easily stand up AWS resources and infrastructure, deploy an RKE Kubernetes cluster and the Rancher management server in HA.
- rke version 0.2.5 or newer RKE Download
- helm version 2.12.1 or newer helm client download
- kubectl version 0.13.3 or newer kubectl client download
- terraform 0.12.x terraform client download
- an AWS profile with sufficient access to deploy the necessary resources
- a VPC to deploy to at AWS
- at least 3 subnets associated with the VPC
The terraform.tfvars file in this repository contains the settings that need to be configured before running the terraform. Each var has a comment describing what is needed. Aside from modifying these variables, you may wish to lock down the ssh and load balancer security group rules to trusted addresses. This will be variablized in upcoming releases.
If deploying Rancher with the "private" SSL setting you will need tot ensure that you copy your SSL certificate, key and ca into the root directory before running the terraform. The files need to be named specifically as follows for Rancher to read the secrets created:
tls.crt
tls.key
cacerts.pem
(This will be updated to take a path in upcoming releases)
export CLUSTER_NAME=mycluster # set this to the desired cluster name (must be consistent everywhere)
cd state_stores # switch to the state storage directory
cp terraform.tfvars.example $CLUSTER_NAME.tfvars # copy the example var file to one for this cluster
vim $CLUSTER_NAME.tfvars # set the values to the desired values
terraform init
terraform plan -var-file=$CLUSTER_NAME.tfvars
terraform apply -var-file=$CLUSTER_NAME.tfvars
export CLUSTER_NAME=mycluster # set this to the desired cluster name (must be consistent everywhere)
cp terraform.tfvars.example tfvars/$CLUSTER_NAME.tfvars # copy the example tfvars to one for this cluster
vim tfvars/$CLUSTER_NAME.tfvars # modify the vars for your cluster deployment
terraform init -backend-config=state_stores/backends/backend-$CLUSTER_NAME.conf -var-file=tfvars/$CLUSTER_NAME.tfvars
terraform plan -var-file=tfvars/$CLUSTER_NAME.tfvars
terraform apply -var-file=tfvars/$CLUSTER_NAME.tfvars
*** Be sure to copy the locally generated file in rke/kube_config_$CLUSTER_NAME-cluster.yml to somewhere secure as this is the admin Kubernetes configuration for the server should Rancher and other auth become unavailable!
- Chris Nuber