...
First a basic Kubernetes cluster needs to be created. This can be done in two different ways:
Using the
eksctlCLIterraformtool.Using the OCI management console.
In this guide, eksctl terraform will be used. Mainly because it will enable you to create the basic Kubernetes cluster in minutes with just a single command.
Once the basic Kubernetes cluster has been created, additional infrastructure needs to be added. For this terraform is also used.
Before proceeding, go to Release Information, and download the awsoci.tar.gz file for the Usage Engine Private Edition version that is being installed. Once downloaded, extract its content to a suitable location.
...
We assume you have an existing parent domain i.e. example.com hosted on the same account as the cluster that we going to create in the coming section and you wish to access the cluster environment through the hostname. Terraform will create a subdomain in format
<cluster_name>.<domain>.cluster name: uepe-eks
domain: example.com
final domain: uepe-eks.example.com
In addition, we also assume terraform is allowed to add a NS (NameServer) record to the parent domain. This is to allow DNS delegation from the parent domain to subdomain.
Please note that in case your parent domain is not under the same account or your parent domain is hosted in another cloud provider, then you must set
auto_create_ns_recordto false in the terraform template to disable subdomain NS record auto creation in parent domain.The service hostname that created by Usage Engine Private Edition will be accessible in format
<service_name>.<cluster_name>.<domain>i.e. desktop-online.uepe-eks.example.com.Terraform needs to persist the state of your provisioned infrastructure, by default the state file is stored locally on the computer that terraform is executed from. However if you have multiple person working on the infrastructure then it is recommended to store the state file on remote persistent such as S3 bucket, see https://developer.hashicorp.com/terraform/language/settings/backends/s3 for more information.
We use EFS the OCI File System service (NFS) as the default persistent storage for data needs to be persisted.
We use RDS the OCI Managed PostgreSQL service for Usage Engine Private Edition database, default engine type is PostgreSQL.
Create Basic Cluster and additional infrastructure
The following steps explains how to create a basic Kubernetes cluster using a configuration file named uepe-eks.yamlwith public and private VPC:
Go to
<the location where you extracted the awsgcp.tar.gz file>/awsgcp/eksctlterraformand edit copy theuepe-eks.yamlfile.In themetadatasection, specifyterraform.tfvars.exampletoterraform.tfvars.Edit the
terraform.tfvarsfile.Specify the desired cluster
name, AWS GCPregionand Kuberneteskubernetes_version prefix(please refer to the https://infozone.atlassian.net/wiki/x/owDKCg Compatibility Matrix (4.1) to find out which Kubernetes versions that are compatible with this release of Usage Engine Private Edition).In the
nodeGroupssection, specify the desired node size within the cluster. SetminSizeandmaxSizeto specify a limit to the number of node’s minimum and maximum range. SetdesiredCapacityto specify the exact number of node running within the cluster. In this example, we are creating a 3 nodes cluster with public and private VPC.
...
Also specify your GCP
project id(which can be found on the GCP dashboard), as well as the desired number of nodes per region (gke_num_nodes).If you will be running with a database other than Derby also specify
db_password,db_versionanddb_allocated_storage.
terraform.tfvars | Where to get the value from? |
|---|---|
| In the GCP management console, this is the Project ID that is listed on |
| In the GCP management console, this is the Project Number that is listed on |
| The region in which you will install your cluster, refer to https://cloud.google.com/compute/docs/regions-zones for possible values. Or use command |
| A name for your cluster. Cluster names must start with a lowercase letter followed by up to 39 lowercase letters, numbers or hyphens. They can't end with a hyphen. The cluster name must be unique in the project. |
| Your existing domain name. In the GCP management console, this is the DNS name that is listed on page |
| Prefix version for kubernetes (default “ |
| Number of cluster nodes per zone. |
| Choose a secure password for the system database administrator. Minimum 10 characters. |
| Database version, check https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/sql_database_instance#database_version for possible values. Default is |
| Allocated amount of storage for the database. Default is “10” (10GB). |
| To find out available zones of your region, use command Replace |
| Code Block | ||
|---|---|---|
| ||
apiVersion: eksctl.io/v1alpha5
kind: ClusterConfig
metadata:
name: example-cluster
region: eu-west-1
version: "1.29"
tags:
deployment: aws-template
vpc:
clusterEndpoints:
publicAccess: true
privateAccess: true
iam:
withOIDC: true
serviceAccounts:
- metadata:
name: aws-load-balancer-controller
namespace: uepe
labels: {aws-usage: "aws-load-balancer-contoller"}
wellKnownPolicies:
awsLoadBalancerController: true
- metadata:
name: external-dns
namespace: uepe
labels: {aws-usage: "external-dns"}
wellKnownPolicies:
externalDNS: true
- metadata:
name: cert-manager
namespace: cert-manager
wellKnownPolicies:
certManager: true
- metadata:
name: cluster-autoscaler
namespace: uepe
labels: {aws-usage: "cluster-ops"}
wellKnownPolicies:
autoScaler: true
- metadata:
name: efs-csi-controller-sa
namespace: uepe
labels: {aws-usage: "aws-efs-csi-driver"}
wellKnownPolicies:
efsCSIController: true
- metadata:
name: ebs-csi-controller-sa
namespace: uepe
labels: {aws-usage: "aws-ebs-csi-driver"}
wellKnownPolicies:
ebsCSIController: true
nodeGroups:
- name: public-nodes
instanceType: m5.large
minSize: 3
maxSize: 3
desiredCapacity: 3
volumeSize: 80
labels: {role: worker}
volumeEncrypted: true
tags:
nodegroup-role: worker
cloudWatch:
clusterLogging:
enableTypes: ["*"] |
...