Fixes for AWS Terraform Deployment and Updated Readme

This commit is contained in:
Vincent Schwarzer 2017-04-12 15:11:39 +02:00
parent 3f76403983
commit f121058f0b
6 changed files with 41 additions and 9 deletions

View file

@ -14,20 +14,42 @@ This project will create:
**How to Use:** **How to Use:**
- Export the variables for your AWS credentials or edit credentials.tfvars: - Export the variables for your AWS credentials or edit `credentials.tfvars`:
``` ```
export aws_access_key="xxx" export AWS_ACCESS_KEY_ID="www"
export aws_secret_key="yyy" export AWS_SECRET_ACCESS_KEY ="xxx"
export aws_ssh_key_name="zzz" export AWS_SSH_KEY_NAME="yyy"
export AWS_DEFAULT_REGION="zzz"
``` ```
- Rename `contrib/terraform/aws/terraform.tfvars.example` to `terraform.tfvars`
- Update contrib/terraform/aws/terraform.tfvars with your data - Update `contrib/terraform/aws/terraform.tfvars` with your data
- Allocate new AWS Elastic IPs: Depending on # of Availability Zones used (2 for each AZ)
- Create an AWS EC2 SSH Key
- Run with `terraform apply -var-file="credentials.tfvars"` or `terraform apply` depending if you exported your AWS credentials
- Run with `terraform apply --var-file="credentials.tfvars"` or `terraform apply` depending if you exported your AWS credentials
- Terraform automatically creates an Ansible Inventory file called `hosts` with the created infrastructure in the directory `inventory`
- Once the infrastructure is created, you can run the kargo playbooks and supply inventory/hosts with the `-i` flag. - Once the infrastructure is created, you can run the kargo playbooks and supply inventory/hosts with the `-i` flag.
**Troubleshooting**
***Remaining AWS IAM Instance Profile***:
If the cluster was destroyed without using Terraform it is possible that
the AWS IAM Instance Profiles still remain. To delete them you can use
the `AWS CLI` with the following command:
```
aws iam delete-instance-profile --region <region_name> --instance-profile-name <profile_name>
```
***Ansible Inventory doesnt get created:***
It could happen that Terraform doesnt create an Ansible Inventory file automatically. If this is the case copy the output after `inventory=` and create a file named `hosts`in the directory `inventory` and paste the inventory into the file.
**Architecture** **Architecture**
Pictured is an AWS Infrastructure created with this Terraform project distributed over two Availability Zones. Pictured is an AWS Infrastructure created with this Terraform project distributed over two Availability Zones.

View file

@ -173,6 +173,7 @@ data "template_file" "inventory" {
list_etcd = "${join("\n",aws_instance.k8s-etcd.*.tags.Name)}" list_etcd = "${join("\n",aws_instance.k8s-etcd.*.tags.Name)}"
elb_api_fqdn = "apiserver_loadbalancer_domain_name=\"${module.aws-elb.aws_elb_api_fqdn}\"" elb_api_fqdn = "apiserver_loadbalancer_domain_name=\"${module.aws-elb.aws_elb_api_fqdn}\""
elb_api_port = "loadbalancer_apiserver.port=${var.aws_elb_api_port}" elb_api_port = "loadbalancer_apiserver.port=${var.aws_elb_api_port}"
kube_insecure_apiserver_address = "kube_apiserver_insecure_bind_address: ${var.kube_insecure_apiserver_address}"
} }
} }

View file

@ -18,3 +18,7 @@ output "etcd" {
output "aws_elb_api_fqdn" { output "aws_elb_api_fqdn" {
value = "${module.aws-elb.aws_elb_api_fqdn}:${var.aws_elb_api_port}" value = "${module.aws-elb.aws_elb_api_fqdn}:${var.aws_elb_api_port}"
} }
output "inventory" {
value = "${data.template_file.inventory.rendered}"
}

View file

@ -25,3 +25,4 @@ kube-master
[k8s-cluster:vars] [k8s-cluster:vars]
${elb_api_fqdn} ${elb_api_fqdn}
${elb_api_port} ${elb_api_port}
${kube_insecure_apiserver_address}

View file

@ -1,6 +1,5 @@
#Global Vars #Global Vars
aws_cluster_name = "devtest" aws_cluster_name = "devtest"
aws_region = "eu-central-1"
#VPC Vars #VPC Vars
aws_vpc_cidr_block = "10.250.192.0/18" aws_vpc_cidr_block = "10.250.192.0/18"
@ -28,5 +27,6 @@ aws_cluster_ami = "ami-903df7ff"
#Settings AWS ELB #Settings AWS ELB
aws_elb_api_port = 443 aws_elb_api_port = 6443
k8s_secure_api_port = 443 k8s_secure_api_port = 6443
kube_insecure_apiserver_address = 0.0.0.0

View file

@ -95,3 +95,7 @@ variable "aws_elb_api_port" {
variable "k8s_secure_api_port" { variable "k8s_secure_api_port" {
description = "Secure Port of K8S API Server" description = "Secure Port of K8S API Server"
} }
variable "kube_insecure_apiserver_address" {
description= "Bind Address for insecure Port of K8s API Server"
}