Last active
June 5, 2024 14:17
-
-
Save Archisman-Mridha/a8be668b7d118e1254ccddcba2b4bfab to your computer and use it in GitHub Desktop.
Demonstrating how to provision a self managed Kubernetes cluster in AWS using Cluster API Operator
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# Creating a temporary (local K3s) management cluster. | |
k3d cluster create bootstrapper --servers 1 --agents 2 | |
# Cluster API Operator uses Kubernetes Secrets to store credentials for cloud providers. | |
# Lets create a Kubernetes Secret storing our AWS cloud credentials. | |
# Install clusterawsadm | |
brew install clusterawsadm | |
clusterawsadm version | |
export AWS_REGION=us-east-2 | |
export AWS_ACCESS_KEY_ID=AKIASXPQUJB6D4ARBBUI | |
export AWS_SECRET_ACCESS_KEY=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 | |
# The clusterawsadm utility takes the credentials that you set as environment variables and uses | |
# them to create a CloudFormation stack in your AWS account with the correct IAM resources. | |
clusterawsadm bootstrap iam create-cloudformation-stack | |
# Create the base64 encoded credentials using clusterawsadm. | |
# This command uses your environment variables and encodes them in a value to be stored in a | |
# Kubernetes Secret. | |
export AWS_B64ENCODED_CREDENTIALS=$(clusterawsadm bootstrap credentials encode-as-profile) | |
export CREDENTIALS_SECRET_NAME="aws-credentials-secret" | |
export CREDENTIALS_SECRET_NAMESPACE="default" | |
kubectl create secret generic "${CREDENTIALS_SECRET_NAME}" --from-literal=AWS_B64ENCODED_CREDENTIALS="${AWS_B64ENCODED_CREDENTIALS}" --namespace "${CREDENTIALS_SECRET_NAMESPACE}" | |
# Install CertManager. | |
kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.14.5/cert-manager.yaml | |
# Installing the Cluster API operator. | |
helm repo add capi-operator https:#kubernetes-sigs.github.io/cluster-api-operator | |
helm repo update | |
helm install capi-operator capi-operator/cluster-api-operator \ | |
--create-namespace -n capi-operator-system \ | |
--set infrastructure=aws \ | |
--set configSecret.name=${CREDENTIALS_SECRET_NAME} --set configSecret.namespace=${CREDENTIALS_SECRET_NAMESPACE} \ | |
--wait --timeout 90s | |
# Install Core provider - which is responsible for managing the Cluster API CRDs and the Cluster | |
# API controller. | |
kubectl apply -f ./code/bootstrapper/core.provider.yaml | |
# Install AWS infrastructure provider. | |
kubectl apply -f ./code/bootstrapper/aws.infrastructure-provider.yaml | |
# Create an AWS SSH keypair. | |
# Install and configure AWS cli. | |
brew install awscli | |
aws configure | |
aws ec2 create-key-pair \ | |
--key-name bootstrapper \ | |
--key-type rsa \ | |
--key-format pem \ | |
--query "KeyMaterial" \ | |
--output text >./code/bootstrapper/bootstrapper.pem | |
# CAPA (Cluster API AWS) requires a machine image containing pre-installed, matching versions of | |
# kubeadm and kubelet. | |
# The machine image to be used, is either auto-resolved by ClusterAPI-AWS to a public AMI that | |
# matches the Kubernetes version in KubeadmControlPlane or MachineDeployment spec, or an | |
# appropriate custom image ID for the Kubernetes version can be set in AWSMachineTemplate spec. | |
# Find a machine image for the Kubernetes version, region and OS combination we want to use. | |
clusterawsadm ami list --kubernetes-version v1.28.0 --region us-east-2 --os amazon-2 | |
# AMI name : capa-ami-amazon-2-v1.28.0-1694352996 | |
# AMI ID : ami-0b633dfdc16bd31ce | |
# We'll put that AMI ID in the AWSMachineTemplates, at path spec.template.spec.ami.id. | |
# Generate YAML manifests describing the main cluster, using clusterctl. | |
# Install clusterctl. | |
brew install clusterctl | |
# Set aws infrastructure-provider specific environment variables. | |
export AWS_CONTROL_PLANE_MACHINE_TYPE=t4g.medium | |
export AWS_NODE_MACHINE_TYPE=t4g.medium | |
export AWS_SSH_KEY_NAME=bootstrapper | |
clusterctl generate cluster kubeaid-demo \ | |
--infrastructure aws:v2.1.4 \ | |
--target-namespace kubeaid-demo-cluster \ | |
--kubernetes-version 1.28.0 \ | |
--control-plane-machine-count 1 --worker-machine-count 1 \ | |
--write-to ./code/bootstrapper/kubeaid-demo.cluster.yaml | |
# Create the main cluster | |
kubectl create namespace kubeaid-demo-cluster | |
kubectl apply -f ./code/bootstrapper/kubeaid-demo.cluster.yaml | |
# Wait until the main cluster gets provisioned. | |
kubectl get clusters -n kubeaid-demo-cluster --watch | |
# After the main cluster is provisioned, we need to get it's kubeconfig. | |
clusterctl -n kubeaid-demo-cluster get kubeconfig kubeaid-demo | tee ./code/main/kubeconfig.yaml |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment