Walkthrough: Deploy a Kubernetes Cluster on Azure using Tectonic by CoreOS¶
Note
A highly-available Kubernetes cluster requires at least five virtual machines (three for the master and two for your app’s containers). Therefore we don’t recommend using Kubernetes to run a BigchainDB node if that’s the only thing the Kubernetes cluster will be running. Instead, see our Node Setup. If your organization already has a big Kubernetes cluster running many containers, and your organization has people who know Kubernetes, then this Kubernetes deployment template might be helpful.
A BigchainDB node can be run inside a Kubernetes cluster. This page describes one way to deploy a Kubernetes cluster on Azure using Tectonic. Tectonic helps in easier cluster management of Kubernetes clusters.
If you would rather use Azure Container Service to manage Kubernetes Clusters, please read our guide for that.
Step 1: Prerequisites for Deploying Tectonic Cluster¶
Get an Azure account. Refer to this step in our docs.
Create an SSH Key pair for the new Tectonic cluster. Refer to this step in our docs.
Step 2: Get a Tectonic Subscription¶
CoreOS offers Tectonic for free for up to 10 nodes.
Sign up for an account here if you do not have one already and get a license for 10 nodes.
Login to your account, go to Overview > Your Account and save the
CoreOS License
and the Pull Secret
to your local machine.
Step 3: Deploy the cluster on Azure¶
The latest instructions for deployment can be found here.
The following points suggests some customizations for a BigchainDB deployment when following the steps above:
- Set the
CLUSTER
variable to the name of the cluster. Also note that the cluster will be deployed in a resource group namedtectonic-cluster-CLUSTER
. - Set the
tectonic_base_domain
to""
if you want to use Azure managed DNS. You will be assigned acloudapp.azure.com
sub-domain by default and you can skip theConfiguring Azure DNS
section from the Tectonic installation guide. - Set the
tectonic_cl_channel
to"stable"
unless you want to experiment or test with the latest release. - Set the
tectonic_cluster_name
to theCLUSTER
variable defined in the step above. - Set the
tectonic_license_path
andtectonic_pull_secret_path
to the location where you have stored thetectonic-license.txt
and theconfig.json
files downloaded in the previous step. - Set the
tectonic_etcd_count
to"3"
, so that you have a multi-node etcd cluster that can tolerate a single node failure. - Set the
tectonic_etcd_tls_enabled
to"true"
as this will enable TLS connectivity between the etcd nodes and their clients. - Set the
tectonic_master_count
to"3"
so that you cane tolerate a single master failure. - Set the
tectonic_worker_count
to"2"
. - Set the
tectonic_azure_location
to"westeurope"
if you want to host the cluster in Azure’swesteurope
datacenter. - Set the
tectonic_azure_ssh_key
to the path of the public key created in the previous step. - We recommend setting up or using a CA(Certificate Authority) to generate Tectonic
Console’s server certificate(s) and adding it to your trusted authorities on the client side,
accessing the Tectonic Console i.e. Browser. If you already have a CA(self-signed or otherwise),
Set the
tectonic_ca_cert
andtectonic_ca_key
configurations with the content of PEM-encoded certificate and key files, respectively. For more information about, how to set up a self-signed CA, Please refer to How to Set up self-signed CA. - Note that the
tectonic_azure_client_secret
is the same as theARM_CLIENT_SECRET
. - Note that the URL for the Tectonic console using these settings will be the
cluster name set in the configutation file, the datacenter name and
cloudapp.azure.com
. For example, if you named your cluster astest-cluster
and specified the datacenter aswesteurope
, the Tectonic console will be available attest-cluster.westeurope.cloudapp.azure.com
. - Note that, if you do not specify
tectonic_ca_cert
, a CA certificate will be generated automatically and you will encounter the untrusted certificate message on your client(Browser), when accessing the Tectonic Console.
Step 4: Configure kubectl¶
- Refer to this tutorial for instructions on how to download the kubectl configuration files for your cluster.
- Set the
KUBECONFIG
environment variable to makekubectl
use the new config file along with the existing configuration.
$ export KUBECONFIG=$HOME/.kube/config:/path/to/config/kubectl-config
# OR to only use the new configuration, try
$ export KUBECONFIG=/path/to/config/kubectl-config
Next, you can follow one of our following deployment templates: