My terraform, ansible, and kubeadm scripts for CKS exam (K8S v1.20.0)
- terraform (brew install terraform)
- ansible (brew install ansible)
- git (brew install git)
- kubectl (brew install kubectl)
- GCP Project with a Google cloud managed dns (publilc_zone)
- Clone this repo
git %git clone https://github.com/vmware-ysung/cks-centos.git
git %cd cks-centos
cks-centos %
- Prepare variables.tf
cks-centos %mv variables.tf.example variables.tf
- Review and modify the variables.tf
cks-centos % cat variables.tf
variable "gcp_profile" {
description = "GCP Configuration"
type = map
default = {
project = "XXXXXXX" <== Your GCP Project
region = "us-central1" <== Your Preferred GCP Region
zone = "us-central1-c" <== Your Preferred GCP Zone
credentials = "~/.ssh/XXXXXXX.json" <== Your GCP Service Account Credential
}
sensitive = true
}
variable "gce_vm" {
description = "GCE Instance Configuration"
type = map
default = {
instance_type = "n2-standard-2"
os_project = "ubuntu-os-cloud"
os_family = "ubuntu-2004-lts"
boot_disk_size = 200
ssh_user = "XXXX" <== Your local user_name
ssh_pub = "~/.ssh/id_rsa.pub" <== Your ssh public key
}
}
variable "master_count" {
description = "K8s Master instances"
type = number
default = 1
}
variable "worker_count" {
description = "K8s worker instances"
type = number
default = 3
}
variable "k8s_version" {
type = string
default = "1.20.0"
}
variable "gcp_private_dns_zone" {
description = "Google Managed DNS zone - private zone name"
type = map
default = {
zone_name = "XXXXX-private" <== Your Google Cloud Managed Zone (private)
dns_name = "cks.vmware.lab." <== Your Google Cloud Managed Zone DNS Name (private)
}
}
variable "gcp_public_dns_zone" {
description = "Google Managed DNS zone - public (preconfig required). If no public zone, external api uses public IP"
type = map
default = {
enabled = false <== OPTIOINAL: google domain resource requires 24hrs to be affected. You need to pre config a google domain in advance, then create a public DNS zone.
zone_name = "ysung-public-vmware-zone"
}
}
variable "vpc_subnet_cidr" {
description = "VPC custom subnet CIDR"
type = string
default = "192.168.20.0/24"
}
variable "k8s_pod_cidr" {
description = "K8s pod subnet CIDR"
type = string
default = "10.244.0.0/16"
}
variable "k8s_service_cidr" {
description = "K8s service CIDR"
type = string
default = "10.96.0.0/12"
}
- Init Terraform plugins
cks-centos %terraform init
- Reivew Terraform plan
cks-centos %terraform plan
- Apply Terraform plan
cks-centos %terraform apply --auto-approve
- Check the k8s cluster
cks-centos %kubectl get nodes
- Kubectl away...
cks-centos %cd kubectl/deployments
deployments %
- Destroy the terraform plan
cks-centos %terraform destroy --auto-approve
- [] Instance groups
- [] Kubeadm upgrade
- Control plane HA
- GCP LoadBalancer: Layer4 TCP Load Balancer
- GCP SSL health check (haproxy + keepalived)
- GCP target pool
- kubeadm join --control-plane