[caasp-beta] How to deploy CaaSP on EC2?

Ludovic Cavajani lcavajani at suse.com
Thu May 24 09:45:49 MDT 2018


Hi,

The AMIs are available in the Community AMIs, you can find them by
searching "suse-caasp-2-1".

There is currently no public documentation but it will be available soon
so you must be aware
that the deployment is ***different*** than on-premises. In the case of
public clouds, the bootstrapping
of the cluster nodes (masters/workers) is done through Velum leveraging
the underlying cloud api.

Here is an totally ***unsupported******* quick start guide to deploy a
cluster***usable only from inside the tenant***.
Deploying a cluster accessible from outside require ***a lot more
security considerations***.

1. An IAM role with the following policies attached to it must exit.

  * AWSMarketplaceFullAccess
  * AmazonRDSFullAccess
  * AmazonEC2FullAccess
  * AWSLambdaFullAccess
  * AmazonS3FullAccess
  * ReadOnlyAccess
  * AmazonEC2ContainerServiceFullAccess
  * AmazonVPCFullAccess
  * AmazonElasticFileSystemFullAccess
  * AWSMarketplaceManageSubscriptions

2. Launch a virtual instance of an admin node

  * Search Community AMIs -> suse-caasp-2-1-*admin*
  * Select and choose an instance type like t2.large
  * Fill in the common fields (Subnet, VPC etc), it is very important to
    select the ***iam role*** otherwise it is not possible to create a
    cluster
  * Select SSH keypair
  * Launch the instance

3. SSH to the admin node with the user 'ec2-user', run the script
/usr/sbin/caasp-admin-setup as root and answer the questions.

  * Would you like to use your own certificate from a known (public or
    self signed) Certificate Authority?
  * Email address for login to Admin Dashboard?
  * Password for login to Admin Dashboard
  * Would you like to register the system with the SUSE Customer Center
    (SCC) to receive updates? (e-mail and registration code required) (Y/n)

4. Edit the security group attached to the admin node and allow inbound
connection on port 443.

Only then you can access to Velum with https://admin-node-public-dns
For testing, you can use the public DNS associated with your instance,
something like "ec2-public-ip.eu-west-1.compute.amazonaws.com"

5. In the first Velum page, it is the same as usual if you're familiar
with the on-premises.

6. In the second Velum page, here is the selection of the flavor for the
nodes and the number of wanted nodes.

7. The nodes will be created and appear in the cluster configuration
where there is the selection of the role for each node.
     
External kubernetes (use internal DNS):
ip-private.eu-west-1.compute.internal
External dashboard FQDN (use public DNS):
ec2-public.eu-west-1.compute.amazonaws.com

8. Start the cluster bootstrap

9. Once bootstrapped, you'll get the info on how to get your kubeconfig 
with caasp-cli from the admin node and start using the cluster from there.

$ caasp-cli login -s https://ip-private.eu-west-1.compute.internal:6443
-u USER -p PASSWORD

Enjoy,


On 05/24/2018 05:32 PM, Paul Gonin wrote:
> Hi,
>
> Look for suse-caasp in Community AMIs
> suse-caasp-2-1-admin-byos-v20180516-hvm-ssd-x86_64 - ami-f171c08c
> suse-caasp-2-1-cluster-byos-v20180516-hvm-ssd-x86_64 - ami-de71c0a3
>
> rgds
> Paul Gonin
>
>
> Le jeudi 24 mai 2018 à 12:58 +0000, Yoshise, Junichi a écrit :
>> Even for 2.1, I can't find any AMI nor document. Is it really ready?
>>
>>
>> -----Original Message-----
>> From: Liam Proven <lproven at suse.com> 
>> Sent: Thursday, May 24, 2018 7:26 PM
>> To: Yoshise, Junichi <junichi.yoshise at hpe.com>
>> Cc: caasp-beta at lists.suse.com
>> Subject: Re: [caasp-beta] How to deploy CaaSP on EC2?
>>
>> On Thu, 24 May 2018 06:34:27 +0000
>> "Yoshise, Junichi" <junichi.yoshise at hpe.com> wrote:
>>
>>> I’m trying to deploy CaaSP 3.0 beta2 on AWS EC2. Since AMI is not 
>>> available, I’ve converted qcow2 or vmdk file then tried to import
>>> to 
>>> EC2, but it didn’t work. Is there any way to deploy CaaSP on EC2?
>> As I understand it, currently, for public cloud use, you should be
>> looking at CaaSP 2.1, not 3.0 -- and I believe it has not yet reached
>> beta phase.
>>
>> --
>> Liam Proven - Technical Writer, SUSE Linux s.r.o.
>> Corso II, Křižíkova 148/34, 186-00 Praha 8 - Karlín, Czechia
>> Email: lproven at suse.com - Office telephone: +420 284 241 084
>>
>>
>> _______________________________________________
>> caasp-beta mailing list
>> caasp-beta at lists.suse.com
>> http://lists.suse.com/mailman/listinfo/caasp-beta
> _______________________________________________
> caasp-beta mailing list
> caasp-beta at lists.suse.com
> http://lists.suse.com/mailman/listinfo/caasp-beta


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.suse.com/pipermail/caasp-beta/attachments/20180524/247e4d6d/attachment.sig>


More information about the caasp-beta mailing list