This is some terraform to spin up a kubernetes cluster with windows nodes running on aws. this is based on the work examples to run in google
https://github.com/apprenda/kubernetes-ovn-heterogeneous-cluster
With many thanks to:
This implementation will spin up a few ec2 instances.
terraform plan
terraform apply
This will set up a cluster which will obviously take a few minutes especially for the windows node.
in the terraform folder there is a variables.tf file , here are all the options to configure various aspects of the Custer. There is some duplication which I have not scripted out as this is just proof of concept code. PR's welcome
The rest of the variables should be self explanatory
you can use kubectl on any of the master or k8s nodes, local setup can be done by getting 3 files from the generated s3 bucket , which will have the name:
"${var.cluster-name}-k8s-state"
aws s3 cp s3:\\<bucket>\admin\admin-key.pem .
aws s3 cp s3:\\<bucket>\admin\admin.pem .
aws s3 cp s3:\\<bucket>\tls\ca.pem .
To use kubectl locally on your desktop you will need to create a config file in your home drive in a .kube folder
mkdir ~/.kube
apiVersion: v1
kind: Config
preferences: {}
clusters:
- cluster:
certificate-authority: <homepath>\.kube\ca.pem
server: https://api.<clustername>.<dns zone>
name: default-cluster
contexts:
- context:
cluster: default-cluster
user: default-admin
name: local
current-context: local
users:
- name: default-admin
user:
client-certificate: <homepath>\.kube\admin.pem
client-key: <homepath>\.kube\admin-key.pem
The network configuration is 2 bastion nodes , one for linux and one for windows with public IP addresses
There are 2 elastic load balancers one for the API and one for supporting ingress using NodePort services, this points to the gateway node.
here is an example ssh config file if you want to ssh into the bastion nodes via ip address ,
ssh config file example which you store in your directory
< home >/.ssh/config
Host k8s
ForwardAgent yes
Hostname <bastion host dns name>
user ubuntu
IdentityFile <path to ssh private key>
Host 10.221.*
ProxyCommand ssh -W %h:%p k8s
StrictHostKeyChecking no
User ubuntu
IdentityFile <path to ssh private key>
To RDP into the windows hosts you will need to use the bastion jumpbox. in the console get the public DNS address of the bastion host, and the AWS defined administrator password.