Versions Compared

Old Version 12

changes.mady.by.user ashvin.p@bluemeric.com

Saved on

compared with

New Version 13

changes.mady.by.user Vinothini Raju

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

In order for Terraform to be able to create resources in your AWS account, you will need to configure the AWS credentials. One of the easiest of which is to set the following environment variables:

export TF_VAR_aws_region="us-east-2"

...


export TF_VAR_aws_ami="ami-026141f3d5c6d2d0c"

...


export TF_VAR_aws_instance="t4g.medium"

...


export TF_VAR_vpc_id=<id>

...


export TF_VAR_aws_subnet_id=<id>

...


export TF_VAR_access_key=<key>

...


export TF_VAR_secret_key="<key>

...


export TF_LOG="TRACE"

...


export TF_LOG_PATH = "tf.log"

The variable.tf file takes the values from the env's set above. 

...

The template contains main.tf file, variable.tf file, PEM file (add your PEM file here) and worker_user_data.tmpl file. 
You can move the PEM file to the directory where this template resides or you can change the location of the PEM file in the main.tf file inside the connection block. 


connection {

...


host = self.public_ip

...


type = "ssh"

...


user = "ubuntu"

...


password = ""

...


private_key = "${file("<pem file path>")}"

...


}


main.tf file

The first step to using Terraform is typically to configure the provider(s) you want to use. The template is already configured using the environment variables. 

...

The user_data in the main.tf file installs the microk8s inside the EC2 instance.

#!/bin/bash

...


sudo su

...


apt update -y >> microk8s_install.log

...


apt install snapd -y >> microk8s_install.log

...


snap install core >> microk8s_install.log

...


export PATH=

...

$PATH:/snap/bin

...


snap install microk8s --classic --channel=1.20/stable >> microk8s_install.log

...


microk8s status --wait-ready

...


microk8s enable dns >> microk8s_install.log

...


microk8s add-node > microk8s.join_token

...


microk8s config > configFile-master

Since terraform does not wait until the user_data is executed, we 'exec' into the instance by using the 'remote-exec' type provisioner and add the following script. This script will make terraform process wait for util microk8s.join-token to be created.

provisioner "remote-exec" {

...


inline = ["until [ -f /microk8s.join_token ]; do sleep 5; done; cat /microk8s.join_token"]

...


}

For testing purposes, we create an 'ALLOW ALL' ingress and egress rule security group.

ingress  {

...


from_port = 0

...


to_port = 0

...


protocol = "-1"

...


cidr_blocks = ["0.0.0.0/0"]

...


}

...


egress  {

...


from_port = 0

...


to_port = 0

...


protocol = "-1"

...


cidr_blocks = ["0.0.0.0/0"]

...


}

'Local-Exec' provisioners are configured to move the microk8s join token from the master node to the local machine. A local 'data store' is created with the token for further use. 

...

To create a master node with microk8s, run the following commands. 

terraform init

...


terraform plan

...


terraform apply

Once the worked nodes are created, they will be connected to the master. A multi-node k8s cluster will be provisioned with calico CNI.

...