constellation/docs/versioned_docs/version-2.12/workflows/create.md

# Create your cluster

:::info
This recording presents the essence of this page. It's recommended to read it in full for the motivation and all details.
:::

<asciinemaWidget src="/constellation/assets/create-cluster.cast" rows="20" cols="112" idleTimeLimit="3" preload="true" theme="edgeless" />

---

Creating your cluster requires two steps:

1. Creating the necessary resources in your cloud environment
2. Bootstrapping the Constellation cluster and setting up a connection

See the [architecture](../architecture/orchestration.md) section for details on the inner workings of this process.

:::tip
If you don't have a cloud subscription, you can also set up a [local Constellation cluster using virtualization](../getting-started/first-steps-local.md) for testing.
:::

## The *create* step

This step creates the necessary resources for your cluster in your cloud environment.
Before you create the cluster, make sure to have a [valid configuration file](./config.md).

### Create

<tabs groupId="provider">
<tabItem value="cli" label="CLI">

```bash
constellation create
```

*create* stores your cluster's state in a [`constellation-terraform`](../architecture/orchestration.md#cluster-creation-process) directory in your workspace.

</tabItem>
<tabItem value="terraform" label="Terraform">

Terraform allows for an easier GitOps integration as well as meeting regulatory requirements.
Since the Constellation CLI also uses Terraform under the hood, you can reuse the same Terraform files.

:::info
Familiarize with the [Terraform usage policy](../reference/terraform.md) before manually interacting with Terraform to create a cluster.
Please also refrain from changing the Terraform resource definitions, as Constellation is tightly coupled to them.
:::

Download the Terraform files for the selected CSP from the [GitHub repository](https://github.com/edgelesssys/constellation/tree/main/cli/internal/terraform/terraform).

Create a `terraform.tfvars` file.
There, define all needed variables found in `variables.tf` using the values from the `constellation-config.yaml`.

To find the image reference for your CSP and region, execute:

```bash
CONSTELL_VER=vX.Y.Z
curl -s https://cdn.confidential.cloud/constellation/v1/ref/-/stream/stable/$CONSTELL_VER/image/info.json | jq
```

Initialize and apply Terraform to create the configured infrastructure:

```bash
terraform init
terraform apply
```

The Constellation [init step](#the-init-step) requires the already created `constellation-config.yaml` and the `constellation-state.yaml`.
Create the `constellation-state.yaml` using the output from the Terraform state and the `constellation-conf.yaml`:

```bash
CONSTELL_IP=$(terraform output ip)
CONSTELL_INIT_SECRET=$(terraform output initSecret | jq -r | tr -d '\n' | base64)
touch constellation-state.yaml
yq eval '.version ="v1"' --inplace constellation-state.yaml
yq eval '.infrastructure.initSecret ="$CONSTELL_INIT_SECRET"' --inplace constellation-state.yaml
yq eval '.infrastructure.clusterEndpoint ="$CONSTELL_IP"' --inplace constellation-state.yaml
```

</tabItem>
</tabs>

## The *init* step

The following command initializes and bootstraps your cluster:

```bash
constellation init
```

Next, configure `kubectl` for your cluster:

```bash
export KUBECONFIG="$PWD/constellation-admin.conf"
```

🏁 That's it. You've successfully created a Constellation cluster.


### Troubleshooting
In case `init` fails, the CLI collects logs from the bootstrapping instance and stores them inside `constellation-cluster.log`.
docs: add release v2.12.0 2023-10-10 04:40:46 -04:00			`# Create your cluster`

			`:::info`
			`This recording presents the essence of this page. It's recommended to read it in full for the motivation and all details.`
			`:::`

			`<asciinemaWidget src="/constellation/assets/create-cluster.cast" rows="20" cols="112" idleTimeLimit="3" preload="true" theme="edgeless" />`

			`---`

			`Creating your cluster requires two steps:`

			`1. Creating the necessary resources in your cloud environment`
			`2. Bootstrapping the Constellation cluster and setting up a connection`

			`See the [architecture](../architecture/orchestration.md) section for details on the inner workings of this process.`

			`:::tip`
			`If you don't have a cloud subscription, you can also set up a [local Constellation cluster using virtualization](../getting-started/first-steps-local.md) for testing.`
			`:::`

			`## The create step`

			`This step creates the necessary resources for your cluster in your cloud environment.`
			`Before you create the cluster, make sure to have a [valid configuration file](./config.md).`

			`### Create`

			`<tabs groupId="provider">`
			`<tabItem value="cli" label="CLI">`

			```bash
			`constellation create`
			```

			create stores your cluster's state in a [`constellation-terraform`](../architecture/orchestration.md#cluster-creation-process) directory in your workspace.

			`</tabItem>`
			`<tabItem value="terraform" label="Terraform">`

			`Terraform allows for an easier GitOps integration as well as meeting regulatory requirements.`
			`Since the Constellation CLI also uses Terraform under the hood, you can reuse the same Terraform files.`

			`:::info`
			`Familiarize with the [Terraform usage policy](../reference/terraform.md) before manually interacting with Terraform to create a cluster.`
			`Please also refrain from changing the Terraform resource definitions, as Constellation is tightly coupled to them.`
			`:::`

			`Download the Terraform files for the selected CSP from the [GitHub repository](https://github.com/edgelesssys/constellation/tree/main/cli/internal/terraform/terraform).`

			Create a `terraform.tfvars` file.
			There, define all needed variables found in `variables.tf` using the values from the `constellation-config.yaml`.

			`To find the image reference for your CSP and region, execute:`

			```bash
			`CONSTELL_VER=vX.Y.Z`
			`curl -s https://cdn.confidential.cloud/constellation/v1/ref/-/stream/stable/$CONSTELL_VER/image/info.json \| jq`
			```

			`Initialize and apply Terraform to create the configured infrastructure:`

			```bash
			`terraform init`
			`terraform apply`
			```

			The Constellation [init step](#the-init-step) requires the already created `constellation-config.yaml` and the `constellation-state.yaml`.
			Create the `constellation-state.yaml` using the output from the Terraform state and the `constellation-conf.yaml`:

			```bash
			`CONSTELL_IP=$(terraform output ip)`
			`CONSTELL_INIT_SECRET=$(terraform output initSecret \| jq -r \| tr -d '\n' \| base64)`
			`touch constellation-state.yaml`
			`yq eval '.version ="v1"' --inplace constellation-state.yaml`
			`yq eval '.infrastructure.initSecret ="$CONSTELL_INIT_SECRET"' --inplace constellation-state.yaml`
			`yq eval '.infrastructure.clusterEndpoint ="$CONSTELL_IP"' --inplace constellation-state.yaml`
			```

			`</tabItem>`
			`</tabs>`

			`## The init step`

			`The following command initializes and bootstraps your cluster:`

			```bash
			`constellation init`
			```

			Next, configure `kubectl` for your cluster:

			```bash
			`export KUBECONFIG="$PWD/constellation-admin.conf"`
			```

			`🏁 That's it. You've successfully created a Constellation cluster.`


			`### Troubleshooting`
			In case `init` fails, the CLI collects logs from the bootstrapping instance and stores them inside `constellation-cluster.log`.