📙 Disclaimer: This is being deprecated for the Mesosphere Universal Installer located here.
Mission: Allow for automated installs and upgrades for DC/OS on GCP.
- Terraform 0.11.x
- Google Cloud Credentials. configure via:
gcloud auth login - Or Google Cloud Service Account key
- SSH Keys
- Existing Google Project. Soon automated with Terraform using project creation as documented here.
Make your directory where Terraform will download and place your Terraform infrastructure files.
mkdir dcos-installer
cd dcos-installerRun this command below to have Terraform initialized from this repository. There is no git clone of this repo required as Terraform performs this for you.
terraform init -from-module github.com/dcos/terraform-dcos/gcp
cp desired_cluster_profile.tfvars.example desired_cluster_profile.tfvars
To access your GCP Project from terraform you have two options:
Run this command to authenticate to the Google Provider. This will bring down your keys locally on the machine for terraform to use.
$ gcloud auth login
$ gcloud auth application-default loginAuthenticating with Google Cloud services requires a JSON file which called service account file.
This file is downloaded directly from the Google Developers Console. To make the process more straightforwarded, it is documented here: Log into the Google Developers Console and select a project. The API Manager view should be selected, click on "Credentials" on the left, then "Create credentials", and finally "Service account key".
Select "Compute Engine default service account" in the "Service account" dropdown, and select "JSON" as the key type. Clicking "Create" will download your credentials.
$ cat desired_cluster_profile.tfvars
gcp_credentials_key_file = "PATH/YOUR_GCP_SERVICE_ACCOUNT_KEY.json"
...Set the private key that you will be using to your ssh-agent and set public key in terraform. This will allow you to log into to the cluster after DC/OS is deployed and also helps Terraform setup your cluster at deployment time.
$ ssh-add ~/.ssh/your_private_key.pem$ cat desired_cluster_profile.tfvars
gcp_ssh_pub_key_file = "PATH/YOUR_GCP_SSH_PUBLIC_KEY.pub"
...Currently terraform-dcos assumes a project already exist in GCP to start deploying your resources against. This repo soon will have support for terraform to create projects on behalf of the user soon via this document here. For the time being a user will have to create this project before time or leverage an existing project.
$ cat desired_cluster_profile.tfvars
gcp_project = "massive-bliss-781"
...The default variables are tracked in the variables.tf file. Since this file can be overwritten during updates when you may run terraform get --update when you want to fetch new releases of DC/OS to upgrade too, its best to use the desired_cluster_profile.tfvars and set your custom terraform and DC/OS flags there. This way you can keep track of a single file that you can use manage the lifecycle of your cluster.
For a list of supported operating systems for this repo, see the ones that DC/OS recommends here. You can find the list that Terraform for this repo here.
To apply the configuration file, you can use this command below.
terraform apply -var-file desired_cluster_profile.tfvarsWe have designed this project to be flexible. Here are the example working variables that allows very deep customization by using a single tfvars file.
For advance users with stringent requirements, here are the DC/OS flags examples where you can simply paste your YAML configuration in your desired_cluster_profile.tfvars. The alternative to YAML is to convert it to JSON.
$ cat desired_cluster_profile.tfvars
dcos_version = "1.10.2"
os = "centos_7.3"
num_of_masters = "3"
num_of_private_agents = "2"
num_of_public_agents = "1"
expiration = "6h"
dcos_security = "permissive"
dcos_cluster_docker_credentials_enabled = "true"
dcos_cluster_docker_credentials_write_to_etc = "true"
dcos_cluster_docker_credentials_dcos_owned = "false"
dcos_cluster_docker_registry_url = "https://index.docker.io"
dcos_use_proxy = "yes"
dcos_http_proxy = "example.com"
dcos_https_proxy = "example.com"
dcos_no_proxy = <<EOF
# YAML
- "internal.net"
- "169.254.169.254"
EOF
dcos_overlay_network = <<EOF
# YAML
vtep_subnet: 44.128.0.0/20
vtep_mac_oui: 70:B3:D5:00:00:00
overlays:
- name: dcos
subnet: 12.0.0.0/8
prefix: 26
EOF
dcos_rexray_config = <<EOF
# YAML
rexray:
loglevel: warn
modules:
default-admin:
host: tcp://127.0.0.1:61003
storageDrivers:
- ec2
volume:
unmount:
ignoreusedcount: true
EOF
dcos_cluster_docker_credentials = <<EOF
# YAML
auths:
'https://index.docker.io/v1/':
auth: Ze9ja2VyY3licmljSmVFOEJrcTY2eTV1WHhnSkVuVndjVEE=
EOF
gcp_ssh_pub_key_file = "INSERT_PUBLIC_KEY_PATH_HERE"Note: The YAML comment is required for the DC/OS specific YAML settings.
You can upgrade your DC/OS cluster with a single command. This terraform script was built to perform installs and upgrades from the inception of this project. With the upgrade procedures below, you can also have finer control on how masters or agents upgrade at a given time. This will give you the ability to change the parallelism of master or agent upgrades.
Update your terraform scripts to gain access to the latest DC/OS version with this command below. Please make sure you meet the current upgrade version conditions here https://docs.mesosphere.com/1.11/installing/oss/upgrading/#supported-upgrade-paths.
terraform get --update
# change dcos_version = "<desired_version>" in desired_cluster_profile.tfvars
terraform apply -var-file desired_cluster_profile.tfvars -var state=upgrade -target null_resource.bootstrap -target null_resource.master -parallelism=1
terraform apply -var-file desired_cluster_profile.tfvars -var state=upgradeterraform apply -var-file desired_cluster_profile.tfvars -var state=upgradeIf you would like to add more or remove (private) agents or public agents from your cluster, you can do so by telling terraform your desired state and it will make sure it gets you there.
# update num_of_private_agents = "5" in desired_cluster_profile.tfvars
terraform apply -var-file desired_cluster_profile.tfvars# update num_of_private_agents = "2" in desired_cluster_profile.tfvars
terraform apply -var-file desired_cluster_profile.tfvarsImportant: Always remember to save your desired state in your desired_cluster_profile.tfvars
If you want to redeploy a problematic agent (i.e., storage filled up, not responsive, etc.), you can tell terraform to redeploy during the next cycle.
NOTE: This only applies to DC/OS clusters that have set their dcos_master_discovery to master_http_loadbalancer and not static. Unfortunately, unlike AWS or Azure, there is no exhibitor_storage_backend for Google Cloud Storage, so this feature is only available today if you have used a zookeeper setting.
terraform taint google_compute_instance.master.0 # The number represents the agent in the listterraform apply -var-file desired_cluster_profile.tfvarsIf you wanted to redeploy a problematic agent, (ie. storage filled up, not responsive, etc), you can tell terraform to redeploy during the next cycle.
terraform taint google_compute_instance.agent.0 # The number represents the agent in the listterraform apply -var-file desired_cluster_profile.tfvarsterraform taint google_compute_instance.public-agent.0 # The number represents the agent in the listterraform apply -var-file desired_cluster_profile.tfvarsComing soon!
You can shutdown/destroy all resources from your environment by running this command below:
terraform destroy -var-file desired_cluster_profile.tfvars- Support for GCP
- Support for CoreOS
- Support for Public Agents
- Support for expanding Private Agents
- Support for expanding Public Agents
- Support for specific versions of CoreOS
- Support for Centos
- Secondary support for specific versions of Centos
- Support for RHEL
- Secondary support for specific versions of RHEL
- Multi AZ support