This workshop enables an NGINX-PLUS Kubernetes demo environment to be instantiated in AWS. The key technologies used are Packer, Terraform, Ansible, and bash.
The workshop consists of a fully working OpenSource Kubernetes 3-node cluster (one master, 2 worker-nodes) and a docker registry containing NGINX PLUS and NGINX PLUS ingress controller images.
The entire workshop installs and instantiates with the steps below, so will be entirely self-updating for all open-source and commercial software included.
- Access to an AWS account, together with the programatic access credentials as per the following shell variables:
export AWS_ACCESS_KEY_ID=""
export AWS_SECRET_ACCESS_KEY=""
export AWS_SESSION_TOKEN=""
- The aws CLI tool version 2, available here: https://docs.aws.amazon.com/cli/latest/userguide/install-cliv2.html
- Packer - a shell command line tool, install from here: https://www.packer.io/docs/install/
- Terraform - a shell command line tool, install from here: https://learn.hashicorp.com/terraform/getting-started/install.html
- Ansible - a shell command line tool, install from here: https://docs.ansible.com/ansible/latest/installation_guide/intro_installation.html
- A valid NGINX PLUS license. This consists of a certifate and key, nginx-repo.crt and nginx-key.crt These certificate and key files should be placed in a directory called ~/.ssh/ngx-certs
- A domain name registration within AWS Route 53. This can be any domain name of your choosing, the default will be nginxdemo.net which is registered and owned by F5 Networks.
- The git command line tool. This can be installed from the relevant repo with your linux distro.
With the above pre-requisites in place execute the following steps to instantiate the demo workshop:
-
Clone this git repository onto your workstation. This will create a copy of the workshop locally: git clone https://github.com/temporarychicken/K8s-Demo-Workshop.git code block
-
cd into the newly created K8s-Demo-Workshop directory
-
Run the initiation script configure_workshop_name.sh and enter a subdomain name for your workshop. This must be unique to you, since there may be several other workshops running concurrently. Just stick to lower-case letters and numbers, a good example would be: fredblogs
-
cd into the step 1_terraform-create-or-refresh-certs directory. This will enable you to create some TLS Certificates for your new domain, which will be, for example, fredblogs.nginxdemo.net
-
Initiate the 1_terraform-create-or-refresh-certs directory by running:
cd 1_terraform-create-or-refresh-certs
terraform init
- Apply the terraform plan to create your certificates and keys. You'll get a wildcard cert for your domain, an intermediate cert to tie it back to your root CA, and also a private key.
time terraform apply --auto-approve
- Your certs will now be visible in a new 'certs' directory.
- The next step is to build your base docker machine. This will be based on an existing CentOS image from AWS, but with docker installed ready for instantiation into a fully working kubernetes system at the next stage.
cd ../2_packer
packer build pack_k8s_base_docker_machine.json
- Once your Docker base-machine is built, you can terraform the entire kubernetes cluster using stage 3_terraform
cd ../3_terraform
terraform init
time terraform apply --auto-approve
- You now should have, after approximately 6 minutes - a fully working 3 node kubernetes cluster, plus a private docker registry with NGINX PLUS and NGINX PLUS ingress controller images available.
- When you have finished working with the workshop be sure to tear down your workshop
terraform destroy --auto-approve