Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2024-10-01 01:36:09 -04:00
Code Issues Packages Projects Releases Wiki Activity
09d19fec22
constellation/docs/versioned_docs/version-2.13/workflows/create.md
Moritz Sanft 7d4e7eff65
docs: adjust MAA updating (#3152) 
* docs: adjust MAA updating

* versioned-docs: backport fix
2024-06-07 13:56:10 +02:00

3.6 KiB
Raw Blame History

Create your cluster

:::info This recording presents the essence of this page. It's recommended to read it in full for the motivation and all details. :::

Creating your cluster requires two steps:

  1. Creating the necessary resources in your cloud environment
  2. Bootstrapping the Constellation cluster and setting up a connection

See the architecture section for details on the inner workings of this process.

:::tip If you don't have a cloud subscription, you can also set up a local Constellation cluster using virtualization for testing. :::

The create step

This step creates the necessary resources for your cluster in your cloud environment. Before you create the cluster, make sure to have a valid configuration file.

Create

constellation create

create stores your cluster's state in a constellation-terraform directory in your workspace.

Self-managed infrastructure allows for more flexibility in the setup, by separating the infrastructure setup from the Constellation cluster management. This provides flexibility in DevOps and can meet potential regulatory requirements. It's recommended to use Terraform for infrastructure management, but you can use any tool of your choice.

:::info

When using Terraform, you can use the Terraform module for ease of use to manage the entire Constellation cluster.

:::

You can refer to the Terraform files for the selected CSP from the Constellation GitHub repository for a minimum Constellation cluster configuration. From this base, you can now add, edit, or substitute resources per your own requirements with the infrastructure management tooling of your choice. You need to keep the essential functionality of the base configuration in order for your cluster to function correctly.

:::info

On Azure, a manual update to the MAA provider's policy is necessary. You can apply the update with the following command after creating the infrastructure, with <URL> being the URL of the MAA provider (i.e., $(terraform output attestationURL | jq -r), when using the minimal Terraform configuration).

constellation maa-patch <URL>

:::

Make sure all necessary resources are created, e.g., through checking your CSP's portal and retrieve the necessary values, aligned with the outputs (specified in outputs.tf) of the base configuration.

Fill these outputs into the corresponding fields of the Infrastructure block inside the constellation-state.yaml file. For example, fill the IP or DNS name your cluster can be reached at into the .Infrastructure.ClusterEndpoint field.

Continue with initializing your cluster.

The apply step

The following command initializes and bootstraps your cluster:

constellation apply

Next, configure kubectl for your cluster:

export KUBECONFIG="$PWD/constellation-admin.conf"

🏁 That's it. You've successfully created a Constellation cluster.

Troubleshooting

In case apply fails, the CLI collects logs from the bootstrapping instance and stores them inside constellation-cluster.log.