This workshop enables an NGINX-PLUS Kubernetes demo environment to be instantiated in AWS. The key technologies used are Packer, Terraform, Ansible, and bash.
The workshop consists of a fully working OpenSource Kubernetes 3-node cluster (one master, 2 worker-nodes) and a docker registry containing NGINX PLUS and NGINX PLUS ingress controller images.
The entire workshop installs and instantiates with the steps below, so will be entirely self-updating for all open-source and commercial software included.
- Access to an AWS account, together with the programatic access credentials as per the following shell variables:
- The aws CLI tool version 2, available here:
- Packer - a shell command line tool, install from here:
- Terraform - a shell command line tool, install from here:
- Ansible - a shell command line tool, install from here:
- A valid NGINX PLUS license. This consists of a certifate and key, nginx-repo.crt and nginx-key.crt These certificate and key files should be placed in a directory called ~/.ssh/ngx-certs
- A domain name registration within AWS Route 53. This can be any domain name of your choosing, the default will be which is registered and owned by F5 Networks.
- The git command line tool. This can be installed from the relevant repo with your linux distro.
With the above pre-requisites in place execute the following steps to instantiate the demo workshop:
Clone this git repository onto your workstation. This will create a copy of the workshop locally: git clone code block
cd into the newly created K8s-Demo-Workshop directory
Run the initiation script and enter a subdomain name for your workshop. This must be unique to you, since there may be several other workshops running concurrently. Just stick to lower-case letters and numbers, a good example would be: fredblogs
cd into the step 1_terraform-create-or-refresh-certs directory. This will enable you to create some TLS Certificates for your new domain, which will be, for example,
Initiate the 1_terraform-create-or-refresh-certs directory by running:
cd 1_terraform-create-or-refresh-certs
terraform init
- Apply the terraform plan to create your certificates and keys. You'll get a wildcard cert for your domain, an intermediate cert to tie it back to your root CA, and also a private key.
time terraform apply --auto-approve
- Your certs will now be visible in a new 'certs' directory.
- The next step is to build your base docker machine. This will be based on an existing CentOS image from AWS, but with docker installed ready for instantiation into a fully working kubernetes system at the next stage.
cd ../2_packer
packer build pack_k8s_base_docker_machine.json
- Once your Docker base-machine is built, you can terraform the entire kubernetes cluster using stage 3_terraform
cd ../3_terraform
terraform init
time terraform apply --auto-approve
- You now should have, after approximately 6 minutes - a fully working 3 node kubernetes cluster, plus a private docker registry with NGINX PLUS and NGINX PLUS ingress controller images available.
- When you have finished working with the workshop be sure to tear down your workshop
terraform destroy --auto-approve