Terraform to setup an network within VCD to allow deployment of an TKG based Kubernetes cluster. This setup is a permissive from a network security policy perspective. Examine the firewall rules carefully.
- Deploying clusters to EDCE Brisbane
- No other workload is hosted within the VDC
- Use has direct access to the VCD API.
- VDC has at least two IPs
- Kubernetes API is presented via an external IP address.
Under NSX-T a minimum of at least two IPs are required:
- One IP for SNAT for outbound internet access
- One IP for a control plane load balancer.
- Additional load balanced services will need additional IPs for VIPs.
Note: State for this terraform codebase is only setup locally
- Download the github project
- Collect the necessary data from VMware cloud director including:
- Edge network name
- Virtual Data centre name
- Public IP ranges allocated to the VDC
- Org name
- Either via a
.tfvarsfile or environmental variables override the required variables - Run the terraform to deploy the network configuration e.g.
terraform initterraform apply
- Use the VCD UI to deploy a cluster.
- Critical considerations are:
- Deploying to the correct network (in this case
kubernetes-network) - Matching the kubernetes api IP to the same as defined in variables.tf
- Deploying to the correct network (in this case
- Critical considerations are:
- Deploy workload or Test deployments by using the kubernetes dashboard