# Documentation to deploy dkp ### Setup Bastion in order to Deploy It is best to use an Ubuntu instance because it has great support for docker. Launch an Ubuntu instance size m5.large. Follow this guide to install docker. >https://docs.docker.com/engine/install/ubuntu/ Also follow post install steps >https://docs.docker.com/engine/install/linux-postinstall/ Install dkp cli wget https://downloads.d2iq.com/dkp/v2.3.1/dkp_v2.3.1_linux_amd64.tar.gz tar -xvf dkp_v2.3.1_linux_amd64.tar.gz sudo mv dkp /usr/bin Install kubectl cli curl -LO "https://dl.k8s.io/1.23.0/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl" Install kind curl -Lo ./kind https://kind.sigs.k8s.io/dl/v0.16.0/kind-linux-amd64 chmod +x ./kind sudo mv ./kind /usr/local/bin/kind ### Base Konvoy Image In the next step you'll need to reference a base image to build the konvoy image. It is helpful to install some packages on that image before, create an ami of it, and give that ami id as the source ami sudo yum update -y sudo dnf install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm ### Download Konvoy To download the latest version of Konvoy Builder run wget https://github.com/mesosphere/konvoy-image-builder/releases/download/v1.19.11/konvoy-image-bundle-v1.19.11_linux_amd64.tar.gz You should place it in its own sub directory mkdir -p konvoy_build mv konvoy-image-bundle-v1.19.11_linux_amd64.tar.gz konvoy_build cd konvoy_build tar -xvf konvoy-image-bundle-v1.19.11_linux_amd64.tar.gz In order to build konvoy image currently we need to specify the packer.json for the image and replace values. vim packer.json Here is the packer.json { "variables": { "ami_groups": "", "ami_regions": "__PACKER_REGION__", "ami_users": "", "ansible_extra_vars": "", "aws_access_key": "", "aws_profile": "", "aws_region": "__PACKER_REGION__", "aws_secret_key": "", "aws_instance_type": "__PACKER_SIZE__", "build_timestamp": "{{timestamp}}", "encrypted": "false", "existing_ansible_ssh_args": "{{env `ANSIBLE_SSH_ARGS`}}", "iam_instance_profile": "", "konvoy_image_builder_version": "0.0.1", "kms_key_id": "", "manifest_output": "manifest.json", "python_path": "", "skip_profile_validation": "false", "snapshot_groups": "all", "snapshot_users": "", "subnet_id": "", "vpc_id": "", "security_group_id": "", "volume_size": "51", "extra_vars_file": "", "build_name": "", "distribution": "", "distribution_version": "", "kubernetes_full_version": "", "ssh_bastion_host": "{{ user `ssh_bastion_host`}}", "ssh_bastion_username": "{{ user `ssh_bastion_username`}}", "ssh_bastion_password": "{{ user `ssh_bastion_password`}}", "ssh_bastion_private_key_file": "{{ user `ssh_bastion_private_key_file` }}", "build_name_extra": "" }, "builders": [ { "name": "{{(user `distribution`) | lower}}-{{user `distribution_version`}}{{user `build_name_extra`}}", "type": "amazon-ebs", "instance_type": "{{user `aws_instance_type`}}", "source_ami_filter": { "filters" : { "name": "__NAME_OF_SOURCE_AMI__" }, "owners": "__OWNER_OF_SOURCE_AMI__" }, "ami_name": "konvoy-ami-{{user `build_name`}}-{{user `kubernetes_full_version` | clean_resource_name}}-{{user `build_timestamp`}}", "snapshot_tags": { "ami_name": "konvoy-ami-{{user `build_name`}}-{{user `kubernetes_full_version` | clean_resource_name}}-{{user `build_timestamp`}}" }, "ami_groups": "{{user `ami_groups`}}", "ami_users": "{{user `ami_users`}}", "ami_description": "Konvoy base for Kubernetes {{user `kubernetes_full_version`}} on {{user `distribution`}}-{{user `distribution_version`}}", "snapshot_groups": "{{user `snapshot_groups`}}", "snapshot_users": "{{user `snapshot_users`}}", "encrypt_boot": "{{user `encrypted`}}", "kms_key_id": "{{user `kms_key_id`}}", "ami_product_codes": "", "ami_regions": "{{user `ami_regions`}}", "access_key": "{{user `aws_access_key`}}", "profile": "{{ user `aws_profile`}}", "region": "{{ user `aws_region` }}", "secret_key": "{{user `aws_secret_key`}}", "iam_instance_profile": "{{user `iam_instance_profile`}}", "skip_profile_validation": "{{user `skip_profile_validation`}}", "ssh_username": "__SSH_USERNAME__", "ssh_key_exchange_algorithms": [ "curve25519-sha256@libssh.org", "ecdh-sha2-nistp256", "ecdh-sha2-nistp384", "ecdh-sha2-nistp521", "diffie-hellman-group14-sha1", "diffie-hellman-group1-sha1" ], "vpc_id": "__VPC_ID__", "ssh_bastion_host": "{{ user `ssh_bastion_host` }}", "ssh_bastion_username": "{{ user `ssh_bastion_username` }}", "ssh_bastion_password": "{{ user `ssh_bastion_password` }}", "ssh_bastion_private_key_file": "{{ user `ssh_bastion_private_key_file` }}", "subnet_id": "__SUBNET_ID__", "security_group_id": "{{ user `security_group_id` }}", "tags": { "build_date": "{{isotime}}", "build_timestamp": "{{user `build_timestamp`}}", "containerd_version": "{{user `containerd_version`}}", "distribution": "{{user `distribution`}}", "distribution_version": "{{user `distribution_version`}}", "image_builder_version": "{{user `konvoy_image_builder_version`}}", "kubernetes_cni_version": "{{user `kubernetes_cni_version`}}", "kubernetes_version": "{{user `kubernetes_full_version` | clean_resource_name}}", "source_ami": "{{.SourceAMI}}" }, "launch_block_device_mappings": [ { "device_name": "{{ user `root_device_name` }}", "volume_size": "__VOLUME_SIZE__", "volume_type": "gp3", "delete_on_termination": true } ] } ], "provisioners": [ { "type": "shell", "environment_vars": [ "HTTP_PROXY={{user `http_proxy`}}", "http_proxy={{user `http_proxy`}}", "HTTPS_PROXY={{user `https_proxy`}}", "https_proxy={{user `https_proxy`}}", "NO_PROXY={{user `no_proxy`}}", "no_proxy={{user `no_proxy`}}", "BUILD_NAME={{user `build_name`}}" ], "inline": [ "if [ $BUILD_NAME != \"ubuntu-1804\" ]; then exit 0; fi", "while [ ! -f /var/lib/cloud/instance/boot-finished ]; do echo 'Waiting for cloud-init...'; sleep 1; done", "sudo apt-get -qq update && sudo DEBIAN_FRONTEND=noninteractive apt-get -qqy install python python-pip" ] }, { "type": "shell", "environment_vars": [ "HTTP_PROXY={{user `http_proxy`}}", "http_proxy={{user `http_proxy`}}", "HTTPS_PROXY={{user `https_proxy`}}", "https_proxy={{user `https_proxy`}}", "NO_PROXY={{user `no_proxy`}}", "no_proxy={{user `no_proxy`}}", "BUILD_NAME={{user `build_name`}}" ], "script": "./packer/files/no-update-flatcar.sh", "execute_command": "BUILD_NAME={{user `build_name`}}; if [[ \"${BUILD_NAME}\" == *\"flatcar\"* ]]; then sudo {{.Vars}} -S -E bash '{{.Path}}'; fi" }, { "type": "shell", "environment_vars": [ "HTTP_PROXY={{user `http_proxy`}}", "http_proxy={{user `http_proxy`}}", "HTTPS_PROXY={{user `https_proxy`}}", "https_proxy={{user `https_proxy`}}", "NO_PROXY={{user `no_proxy`}}", "no_proxy={{user `no_proxy`}}", "BUILD_NAME={{user `build_name`}}" ], "script": "./packer/files/no-update-flatcar.sh", "execute_command": "BUILD_NAME={{ user `build_name`}}; if [[ \"${BUILD_NAME}\" == *\"flatcar\"* ]]; then sudo {{.Vars}} -S -E bash '{{.Path}}'; fi" }, { "type": "shell", "environment_vars": [ "BUILD_NAME={{ user `build_name`}}" ], "script": "./packer/files/no-update-flatcar.sh", "execute_command": "BUILD_NAME={{build_name}}; if [[ \"${BUILD_NAME}\" == *\"flatcar\"* ]]; then sudo {{.Vars}} -S -E bash '{{.Path}}'; fi" }, { "type": "shell", "environment_vars": [ "BUILD_NAME={{build_name}}" ], "script": "./packer/files/no-update-flatcar.sh", "execute_command": "BUILD_NAME={{build_name}}; if [[ \"${BUILD_NAME}\" == *\"flatcar\"* ]]; then sudo {{.Vars}} -S -E bash '{{.Path}}'; fi" }, { "type": "shell", "environment_vars": [ "BUILD_NAME={{build_name}}" ], "script": "./packer/files/bootstrap-flatcar.sh", "execute_command": "BUILD_NAME={{ user `build_name`}}; if [[ \"${BUILD_NAME}\" == *\"flatcar\"* ]]; then sudo {{.Vars}} -S -E bash '{{.Path}}'; fi" }, { "type": "shell", "inline": [ "mkdir -p /tmp/.goss-dir" ] }, { "type": "file", "source": "/usr/local/bin/goss", "destination": "/tmp/.goss-dir/goss", "direction": "upload", "max_retries": 10 }, { "type": "ansible", "playbook_file": "./ansible/provision.yaml", "user": "{{user `ssh_username`}}", "ansible_env_vars": [ "ANSIBLE_SSH_ARGS='{{user `existing_ansible_ssh_args`}} -o IdentitiesOnly=yes -o HostkeyAlgorithms=+ssh-rsa -o PubkeyAcceptedAlgorithms=+ssh-rsa'", "ANSIBLE_REMOTE_TEMP='/tmp/.ansible/'" ], "extra_arguments": [ "--extra-vars", "{{ user `ansible_extra_vars` }}" ] }, { "arch": "{{user `goss_arch`}}", "format": "{{user `goss_format`}}", "format_options": "{{user `goss_format_options`}}", "goss_file": "{{user `goss_entry_file`}}", "inspect": "{{user `goss_inspect_mode`}}", "skip_install": true, "download_path": "/tmp/.goss-dir/goss", "type": "goss", "tests": [ "{{user `goss_tests_dir`}}" ], "url": "{{user `goss_url`}}", "use_sudo": true, "vars_file": "{{user `goss_vars_file`}}", "vars_inline": { "ARCH": "amd64", "OS": "{{user `distribution` | lower}}", "PROVIDER": "amazon" }, "vars_env": { "HTTP_PROXY": "{{user `http_proxy`}}", "http_proxy": "{{user `http_proxy`}}", "HTTPS_PROXY": "{{user `https_proxy`}}", "https_proxy": "{{user `https_proxy`}}", "NO_PROXY": "{{user `no_proxy`}}", "no_proxy": "{{user `no_proxy`}}" }, "version": "{{user `goss_version`}}" }, { "type": "shell", "inline": [ "rm -r /tmp/.goss-dir" ] } ], "post-processors": [ { "type": "manifest", "output": "{{user `manifest_output`}}", "custom_data": { "containerd_version": "{{user `containerd_version`}}", "kubernetes_cni_version": "{{user `kubernetes_cni_semver`}}", "kubernetes_version": "{{user `kubernetes_full_version`}}", "distribution": "{{user `distribution`}}", "distribution_version": "{{user `distribution_version`}}" } } ] } After copying that content to a file Then run the following commands to replace the values with your values sed -i 's/__VPC_ID__/{vpc}/g' packer.json sed -i 's/__SUBNET_ID__/{subnet}/g' packer.json sed -i 's/__PACKER_REGION__/{awsregion}/g' packer.json sed -i 's/__PACKER_SIZE__/{instance-type size}/g' packer.json # example m5.large sed -i 's/__SSH_USERNAME__/{ssh-username}/g' packer.json sed -i 's/__VOLUME_SIZE__/{volume-size}/g' packer.json sed -i 's/__NAME_OF_SOURCE_AMI__/{name-of-source-ami}/g' packer.json sed -i 's/__OWNER_OF_SOURCE_AMI__/{owner-of-source-ami}/g' packer.json If you are not on linux you need to run with '' # Example sed -i '' 's/__VPC_ID__/{value}/g' packer.json To build ./konvoy-image build images/ami/rhel-84.yaml --packer-manifest=packer.json --source-ami=$SOURCE_AMI_ID_BUILD_KONVOY --source-ami-filter-owner=$SOURCE_AMI_OWNER_ID_BUILD_KONVOY > Make sure to replace the AMI SOURCE and OWNER ID from the command > Note that you are specifying the manifest of packer.json You should see output like this ==> rhel-8.4: Prevalidating any provided VPC information ==> rhel-8.4: Prevalidating AMI Name: konvoy-ami-rhel-8.4-1.23.12-1666106978 rhel-8.4: Found Image ID: ami-061f03f591cb9cb35 ==> rhel-8.4: Creating temporary keypair: packer_634ec664-80a0-4e2a-8fb4-4b978b40988c ==> rhel-8.4: Creating temporary security group for this instance: packer_634ec66b-6e86-6a4b-5a6e-323d3489ef4e ==> rhel-8.4: Authorizing access to port 22 from [0.0.0.0/0] in the temporary security groups... ==> rhel-8.4: Launching a source AWS instance... rhel-8.4: Instance ID: i-0a94079e464d05ff8 ==> rhel-8.4: Waiting for instance (i-0a94079e464d05ff8) to become ready... ==> rhel-8.4: Using SSH communicator to connect: 172.31.0.42 ==> rhel-8.4: Waiting for SSH to become available... ### Delete Cluster dkp delete cluster -c {cluster-name} --delete-kubernetes-resources=false