Ocean is the place where whales live, eat, sleep, and think.
- Access the bastion
- Add the bastion's public key to each node
Install virtualenv:
sudo apt-get update -y
sudo apt-get install -y pipx
pipx install virtualenv
pipx ensurepathCreate a virtual environment:
mkdir ./Ocean
cd ./Ocean/
virtualenv ansible
source ansible/bin/activateClone this repository:
git clone --recurse-submodules https://github.com/metalwhale/ocean
cd ./ocean/Install requirements for kubespray:
cd ./kubernetes/kubespray/
pip install -U -r requirements.txt
cd ../../Install roles:
ansible-galaxy install -r requirements.ymlCreate an inventory file and replace the placeholders with correct values:
cd ./ocean/
cp ./inventory.yaml.example ./inventory.yaml
vi ./inventory.yamlIP_ADDRESSs: IP addresses of each node
Run basic setup:
ansible-playbook -i inventory.yaml --ask-become-pass base.yml
cd ../Create an inventory file and replace the placeholders with correct values:
cd ./kubernetes/
cp ./inventory/hosts.yaml.example ./inventory/hosts.yaml
vi ./inventory/hosts.yamlIP_ADDRESSs: IP addresses of each node
Deploy Wave cluster:
cd ./kubespray/
ansible-playbook -i ../inventory --become --become-user=root --ask-become-pass cluster.yml
ansible-playbook -i ../inventory --become --become-user=root --ask-become-pass ../wave/cluster.yml
cd ../../If the cluster is deployed inside an internal network, you may need an Nginx server acting as a reverse proxy between the cluster and outside world, with the following SSL passthrough configuration:
stream {
server {
listen 80;
proxy_pass LB_IP_ADDRESS:80;
}
server {
listen 443;
proxy_pass LB_IP_ADDRESS:443;
}
}
Where LB_IP_ADDRESS is the IP address of the load balancer to forward requests to.