github.com/rvaralda/deis@v1.4.1/docs/installing_deis/digitalocean.rst (about) 1 :title: Installing Deis on DigitalOcean 2 :description: How to provision a multi-node Deis cluster on DigitalOcean 3 4 .. _deis_on_digitalocean: 5 6 DigitalOcean 7 ============ 8 9 In this tutorial, we will show you how to set up your own 3-node cluster on DigitalOcean. 10 11 Please :ref:`get the source <get_the_source>` and refer to the scripts in `contrib/digitalocean`_ 12 while following this documentation. 13 14 15 Prerequisites 16 ------------- 17 18 To complete this guide, you must have the following: 19 20 - A domain to point to the cluster 21 - The ability to provision at least 3 DigitalOcean Droplets that are 4GB or greater 22 23 In order to provision the cluster, we will need to install a couple of administrative tools. 24 `docl`_ is a convenience tool to help provision DigitalOcean Droplets. We will also require the 25 `Deis Control Utility`_, which will assist us with installing, configuring and managing the Deis 26 platform. 27 28 Check System Requirements 29 ------------------------- 30 31 Please refer to :ref:`system-requirements` for resource considerations when choosing a droplet 32 size to run Deis. 33 34 35 Generate SSH Key 36 ---------------- 37 38 .. include:: ../_includes/_generate-ssh-key.rst 39 40 41 Generate a New Discovery URL 42 ---------------------------- 43 44 .. include:: ../_includes/_generate-discovery-url.rst 45 46 47 Create CoreOS Droplets 48 ---------------------- 49 50 Now that we have the user-data file, we can provision some Droplets. We've made this process simple 51 by supplying a script that does all the heavy lifting for you. If you want to provision manually, 52 however, start by uploading the SSH key you wish to use to log into each of these servers. After 53 that, create at least three Droplets with the following specifications: 54 55 - All Droplets deployed in the same region 56 - Region must have private networking enabled 57 - Region must have User Data enabled. Supply the user-data file here 58 - Select CoreOS Stable channel 59 - Select your SSH key from the list 60 61 If private networking is not available in your region, swap out ``$private_ipv4`` with 62 ``$public_ipv4`` in the user-data file. 63 64 If you want to use the script: 65 66 .. code-block:: console 67 68 $ gem install docl 69 $ docl authorize 70 $ docl upload_key deis ~/.ssh/deis.pub 71 $ # retrieve your SSH key's ID 72 $ docl keys 73 deis (id: 12345) 74 $ # retrieve the region name 75 $ docl regions --metadata --private-networking 76 Amsterdam 2 (ams2) 77 Amsterdam 3 (ams3) 78 London 1 (lon1) 79 New York 3 (nyc3) 80 Singapore 1 (sgp1) 81 $ ./contrib/digitalocean/provision-do-cluster.sh nyc3 12345 4GB 82 83 Which will provision 3 CoreOS nodes for use. 84 85 Configure DNS 86 ------------- 87 88 .. note:: 89 90 If you're using your own third-party DNS registrar, please refer to their documentation on this 91 setup, along with the :ref:`dns_records` required. 92 93 .. note:: 94 95 If you don't have an available domain for testing, you can refer to the :ref:`xip_io` 96 documentation on setting up a wildcard DNS for Deis. 97 98 Deis requires a wildcard DNS record to function properly. If the top-level domain (TLD) that you 99 are using is ``example.com``, your applications will exist at the ``*.example.com`` level. For example, an 100 application called ``app`` would be accessible via ``app.example.com``. 101 102 One way to configure this on DigitalOcean is to setup round-robin DNS via the `DNS control panel`_. 103 To do this, add the following records to your domain: 104 105 - A wildcard CNAME record at your top-level domain, i.e. a CNAME record with * as the name, and @ 106 as the canonical hostname 107 - For each CoreOS machine created, an A-record that points to the TLD, i.e. an A-record named @, 108 with the droplet's public IP address 109 110 The zone file will now have the following entries in it: (your IP addresses will be different) 111 112 .. code-block:: console 113 114 * CNAME @ 115 @ IN A 104.131.93.162 116 @ IN A 104.131.47.125 117 @ IN A 104.131.113.138 118 119 For convenience, you can also set up DNS records for each node: 120 121 .. code-block:: console 122 123 deis-1 IN A 104.131.93.162 124 deis-2 IN A 104.131.47.125 125 deis-3 IN A 104.131.113.138 126 127 If you need help using the DNS control panel, check out `this tutorial`_ on DigitalOcean's 128 community site. 129 130 Apply Security Group Settings 131 ----------------------------- 132 133 Because DigitalOcean does not have a security group feature, we'll need to add some custom 134 ``iptables`` rules so our components are not accessible from the outside world. To do this, there 135 is a script in ``contrib/`` which will help us with that. To run it, use: 136 137 .. code-block:: console 138 139 $ for i in 1 2 3; do ssh core@deis-$i.example.com 'bash -s' < contrib/util/custom-firewall.sh; done 140 141 Our components should now be locked down from external sources. 142 143 Install Deis Platform 144 --------------------- 145 146 Now that you've finished provisioning a cluster, please refer to :ref:`install_deis_platform` to 147 start installing the platform. 148 149 150 .. _`contrib/digitalocean`: https://github.com/deis/deis/tree/master/contrib/digitalocean 151 .. _`docl`: https://github.com/nathansamson/docl#readme 152 .. _`Deis Control Utility`: https://github.com/deis/deis/tree/master/deisctl#readme 153 .. _`DNS control panel`: https://cloud.digitalocean.com/domains 154 .. _`this tutorial`: https://www.digitalocean.com/community/tutorials/how-to-set-up-a-host-name-with-digitalocean