kenfdev
diff --git a/‎.gitignore
Lines changed: 33 additions & 0 deletions b/‎.gitignore
Lines changed: 33 additions & 0 deletions
diff --git a/‎README.md
Lines changed: 92 additions & 0 deletions b/‎README.md
Lines changed: 92 additions & 0 deletions
diff --git a/‎assets/k8scluster.png
161 KB b/‎assets/k8scluster.png
161 KB
diff --git a/‎assets/overview.png
143 KB b/‎assets/overview.png
143 KB
diff --git a/‎assets/rancher.png
344 KB b/‎assets/rancher.png
344 KB
diff --git a/‎rancheragent/dns.tf
Lines changed: 28 additions & 0 deletions b/‎rancheragent/dns.tf
Lines changed: 28 additions & 0 deletions
diff --git a/‎rancheragent/files/userdata_agent
Lines changed: 113 additions & 0 deletions b/‎rancheragent/files/userdata_agent
Lines changed: 113 additions & 0 deletions
@@ -0,0 +1,33 @@
+
+# Created by https://www.gitignore.io/api/terraform
+
+### Terraform ###
+# Local .terraform directories
+**/.terraform/*
+
+# .tfstate files
+*.tfstate
+*.tfstate.*
+
+# Crash log files
+crash.log
+
+# Ignore any .tfvars files that are generated automatically for each Terraform run. Most
+# .tfvars files are managed as part of configuration and so should be included in
+# version control.
+#
+# example.tfvars
+
+# Ignore override files as they are usually used to override resources locally and so
+# are not checked in
+override.tf
+override.tf.json
+*_override.tf
+*_override.tf.json
+
+# Include override files you do wish to add to version control using negated pattern
+#
+# !example_override.tf
+
+
+# End of https://www.gitignore.io/api/terraform
@@ -0,0 +1,92 @@
+# Kubernetes on Scaleway with Rancher and Terraform
+
+Deploy Rancher and Kubernetes on Scaleway using Terraform (with DNS on Cloudflare).
+
+This terraform is based on the [DO quickstart deployment of Rancher](https://github.com/rancher/quickstart/tree/master/do)
+
+## Overview
+
+![overview](assets/overview.png)
+
+## Prerequisites
+
+* Prepare a [Scaleway](https://www.scaleway.com/) account
+* Prepare a [Cloudflare](https://www.cloudflare.com/) account
+* Setup at least 1 zone in [Cloudflare](https://www.cloudflare.com/)
+  * You can get a free domain at services like [Freenom}(https://www.freenom.com/)
+* Install [terraform](https://www.terraform.io/intro/getting-started/install.html)
+* Install [kubectl](https://kubernetes.io/docs/tasks/tools/install-kubectl/)
+
+## Jump Start
+
+**!!WARNING!!** This will deploy resources to Scaleway and be sure that they are going to cost you money.
+
+### Set up the tfvars
+
+`rancherserver/terraform.tfvars`
+
+Be sure to set the following variables:
+
+* scw_token
+  * Your Scaleway Secret Token
+* scw_org
+  * Your Scaleway Organization ID
+* admin_password
+  * The password you're going to use for the Rancher Server
+* rancher_server_url
+  * The URL you will use for your Rancher Server. This terraform is going to setup a rancher subdomain to your cloudflare zone. So if your zone is example.com , this terraform will create an A record to resolve rancher.example.com .
+* cloudflare_email
+  * Your Email for Cloudflare
+* cloudflare_token
+  * Your Cloudflare API token
+* cloudflare_zone
+  * Your Cloudflare zone
+
+`rancheragent/terraform.tfvars`
+
+Be sure to set the following variables:
+
+* rancher_server_address
+  * The address for your Rancher Server. It can either be an IP or domain name but I would recommend the domain name you set previously.
+* count_agent_all_nodes
+  * This is how many nodes to create that have all the roles(etcd, controlplae, worker). If you're just experimenting with the Kubernetes cluster, having one of this will be enough.
+* count_agent_etcd_nodes
+  * This is how many nodes to create that have the etcd role
+* count_agent_controlplane_nodes
+  * This is how many nodes to create that have the controlplane role
+* count_agent_worker_nodes
+  * This is how many nodes to create that have the worker role
+
+### Deploy the Rancher Server resources
+
+```bash
+cd rancherserver
+terraform apply
+```
+
+### Deploy the Rancher Agent resources
+
+```bash
+cd rancheragent
+terraform apply
+```
+
+## Check it out
+
+![rancher](assets/rancher.png)
+
+![k8scluster](assets/k8scluster.png)
+
+## Clean up
+
+**Destroy the Rancher Agent and related resources**
+```bash
+cd rancheragent
+terraform apply
+```
+
+**Destroy the Rancher Server and related resources**
+```bash
+cd rancherserver
+terraform destroy
+```
@@ -0,0 +1,28 @@
+provider "cloudflare" {
+  email = "${var.cloudflare_email}"
+  token = "${var.cloudflare_token}"
+}
+
+variable "cloudflare_email" {}
+
+variable "cloudflare_token" {}
+
+variable "cloudflare_zone" {}
+
+# resource "cloudflare_record" "rancher_worker_nodes" {
+#   count  = "${var.count_agent_worker_nodes}"
+#   domain = "${var.cloudflare_zone}"
+#   name   = "default"
+#   value  = "${scaleway_server.rancheragent_worker.*.public_ip[count.index]}"
+#   type   = "A"
+#   ttl    = 3600
+# }
+
+# resource "cloudflare_record" "rancher_all_nodes" {
+#   count  = "${var.count_agent_all_nodes}"
+#   domain = "${var.cloudflare_zone}"
+#   name   = "default"
+#   value  = "${scaleway_server.rancheragent_all.*.public_ip[count.index]}"
+#   type   = "A"
+#   ttl    = 3600
+# }
@@ -0,0 +1,113 @@
+#!/bin/bash -x
+export curlimage=appropriate/curl
+export jqimage=stedolan/jq
+export rancher_server_host='${server_address}'
+
+if [ `command -v curl` ]; then
+  curl -sL https://releases.rancher.com/install-docker/${docker_version_agent}.sh | sh
+elif [ `command -v wget` ]; then
+  wget -qO- https://releases.rancher.com/install-docker/${docker_version_agent}.sh | sh
+fi
+
+for image in $curlimage $jqimage; do
+  until docker inspect $image > /dev/null 2>&1; do
+    docker pull $image
+    sleep 2
+  done
+done
+
+while true; do
+  docker run --rm $curlimage -sLk https://$rancher_server_host/ping && break
+  sleep 5
+done
+
+# Login
+while true; do
+
+    LOGINRESPONSE=$(docker run \
+        --rm \
+        $curlimage \
+        -s "https://$rancher_server_host/v3-public/localProviders/local?action=login" -H 'content-type: application/json' --data-binary '{"username":"admin","password":"${admin_password}"}' --insecure)
+    LOGINTOKEN=$(echo $LOGINRESPONSE | docker run --rm -i $jqimage -r .token)
+
+    if [ "$LOGINTOKEN" != "null" ]; then
+        break
+    else
+        sleep 5
+    fi
+done
+
+# Get the Agent Image from the rancher server
+while true; do
+  AGENTIMAGE=$(docker run \
+    --rm \
+    $curlimage \
+      -sLk \
+      -H "Authorization: Bearer $LOGINTOKEN" \
+      "https://$rancher_server_host/v3/settings/agent-image" | docker run --rm -i $jqimage -r '.value')
+
+  if [ -n "$AGENTIMAGE" ]; then
+    break
+  else
+    sleep 5
+  fi
+done
+
+until docker inspect $AGENTIMAGE > /dev/null 2>&1; do
+  docker pull $AGENTIMAGE
+  sleep 2
+done
+
+# Create cluster
+CLUSTERRESPONSE=$(docker run --rm --net=host $curlimage -s "https://$rancher_server_host/v3/cluster" -H 'content-type: application/json' -H "Authorization: Bearer $LOGINTOKEN" --data-binary '{"type":"cluster","rancherKubernetesEngineConfig":{"addonJobTimeout":30,"ignoreDockerVersion":true,"sshAgentAuth":false,"type":"rancherKubernetesEngineConfig","authentication":{"type":"authnConfig","strategy":"x509"},"network":{"type":"networkConfig","plugin":"canal"},"ingress":{"type":"ingressConfig","provider":"nginx"},"services":{"type":"rkeConfigServices","kubeApi":{"podSecurityPolicy":false,"type":"kubeAPIService"},"etcd":{"snapshot":false,"type":"etcdService","extraArgs":{"heartbeat-interval":500,"election-timeout":5000}}}},"name":"${cluster_name}"}' --insecure)
+
+# Extract clusterid to use for generating the docker run command
+CLUSTERID=`echo $CLUSTERRESPONSE | docker run --rm -i $jqimage -r .id`
+
+# Generate registrationtoken
+docker run --rm --net=host $curlimage -s "https://$rancher_server_host/v3/clusterregistrationtoken" -H 'content-type: application/json' -H "Authorization: Bearer $LOGINTOKEN" --data-binary '{"type":"clusterRegistrationToken","clusterId":"'$CLUSTERID'"}' --insecure
+
+# Test if cluster is created
+while true; do
+  CLUSTERID=$(docker run \
+    --rm \
+    $curlimage \
+      -sLk \
+      -H "Authorization: Bearer $LOGINTOKEN" \
+      "https://$rancher_server_host/v3/clusters?name=${cluster_name}" | docker run --rm -i $jqimage -r '.data[].id')
+
+  if [ -n "$CLUSTERID" ]; then
+    break
+  else
+    sleep 5
+  fi
+done
+
+# Get role flags from hostname
+ROLEFLAG=`hostname | awk -F'-' '{ print $NF }'`
+if [[ "$ROLEFLAG" == "all" ]]; then
+  ROLEFLAG="all-roles"
+fi
+
+# Get token
+# Test if cluster is created
+while true; do
+  AGENTCMD=$(docker run \
+    --rm \
+    $curlimage \
+      -sLk \
+      -H "Authorization: Bearer $LOGINTOKEN" \
+      "https://$rancher_server_host/v3/clusterregistrationtoken?clusterId=$CLUSTERID" | docker run --rm -i $jqimage -r '.data[].nodeCommand' | head -1)
+
+  if [ -n "$AGENTCMD" ]; then
+    break
+  else
+    sleep 5
+  fi
+done
+
+# Combine command and flags
+COMPLETECMD="$AGENTCMD --$ROLEFLAG"
+
+# Run command
+$COMPLETECMD