github.com/technosophos/deis@v1.7.1-0.20150915173815-f9005256004b/docs/installing_deis/digitalocean.rst (about) 1 :title: Installing Deis on DigitalOcean 2 :description: How to provision a multi-node Deis cluster on DigitalOcean 3 4 .. _deis_on_digitalocean: 5 6 DigitalOcean 7 ============ 8 9 In this tutorial, we will show you how to set up your own 3-node cluster on DigitalOcean. 10 11 Please :ref:`get the source <get_the_source>` and refer to the scripts in `contrib/digitalocean`_ 12 while following this documentation. 13 14 15 Prerequisites 16 ------------- 17 18 To complete this guide, you must have the following: 19 20 - A domain to point to the cluster 21 - The ability to provision at least 3 DigitalOcean Droplets that are 4GB or greater 22 23 In order to provision the cluster, we will need to install a couple of administrative tools. 24 `docl`_ is a convenience tool to help provision DigitalOcean Droplets. We will also require the 25 `Deis Control Utility`_, which will assist us with installing, configuring and managing the Deis 26 platform. 27 28 Check System Requirements 29 ------------------------- 30 31 Please refer to :ref:`system-requirements` for resource considerations when choosing a droplet 32 size to run Deis. 33 34 35 Generate SSH Key 36 ---------------- 37 38 .. include:: ../_includes/_generate-ssh-key.rst 39 40 41 Generate a New Discovery URL 42 ---------------------------- 43 44 .. include:: ../_includes/_generate-discovery-url.rst 45 46 47 Create CoreOS Droplets 48 ---------------------- 49 50 Now that we have the user-data file, we can provision some Droplets. We've made this process simple 51 by supplying a script that does all the heavy lifting for you. If you want to provision manually, 52 however, start by uploading the SSH key you wish to use to log into each of these servers. After 53 that, create at least three Droplets with the following specifications: 54 55 - All Droplets deployed in the same region 56 - Region must have private networking enabled 57 - Region must have User Data enabled. Supply the user-data file here 58 - Select CoreOS Stable channel 59 - Select your SSH key from the list 60 61 If private networking is not available in your region, swap out ``$private_ipv4`` with 62 ``$public_ipv4`` in the user-data file. 63 64 If you want to use the script: 65 66 .. code-block:: console 67 68 $ gem install docl 69 $ docl authorize 70 $ docl upload_key deis ~/.ssh/deis.pub 71 $ # retrieve your SSH key's ID 72 $ docl keys 73 deis (id: 12345) 74 $ # retrieve the region name 75 $ docl regions --metadata --private-networking 76 Amsterdam 2 (ams2) 77 Amsterdam 3 (ams3) 78 Frankfurt 1 (fra1) 79 London 1 (lon1) 80 New York 3 (nyc3) 81 San Francisco 1 (sfo1) 82 Singapore 1 (sgp1) 83 $ ./contrib/digitalocean/provision-do-cluster.sh nyc3 12345 4GB 84 85 Which will provision 3 CoreOS nodes for use. 86 87 Configure DNS 88 ------------- 89 90 .. note:: 91 92 If you're using your own third-party DNS registrar, please refer to their documentation on this 93 setup, along with the :ref:`dns_records` required. 94 95 .. note:: 96 97 If you don't have an available domain for testing, you can refer to the :ref:`xip_io` 98 documentation on setting up a wildcard DNS for Deis. 99 100 Deis requires a wildcard DNS record to function properly. If the top-level domain (TLD) that you 101 are using is ``example.com``, your applications will exist at the ``*.example.com`` level. For example, an 102 application called ``app`` would be accessible via ``app.example.com``. 103 104 One way to configure this on DigitalOcean is to setup round-robin DNS via the `DNS control panel`_. 105 To do this, add the following records to your domain: 106 107 - A wildcard CNAME record at your top-level domain, i.e. a CNAME record with * as the name, and @ 108 as the canonical hostname 109 - For each CoreOS machine created, an A-record that points to the TLD, i.e. an A-record named @, 110 with the droplet's public IP address 111 112 The zone file will now have the following entries in it: (your IP addresses will be different) 113 114 .. code-block:: console 115 116 * CNAME @ 117 @ IN A 104.131.93.162 118 @ IN A 104.131.47.125 119 @ IN A 104.131.113.138 120 121 For convenience, you can also set up DNS records for each node: 122 123 .. code-block:: console 124 125 deis-1 IN A 104.131.93.162 126 deis-2 IN A 104.131.47.125 127 deis-3 IN A 104.131.113.138 128 129 If you need help using the DNS control panel, check out `this tutorial`_ on DigitalOcean's 130 community site. 131 132 Apply Security Group Settings 133 ----------------------------- 134 135 Because DigitalOcean does not have a security group feature, we'll need to add some custom 136 ``iptables`` rules so our components are not accessible from the outside world. To do this, there 137 is a script in ``contrib/`` which will help us with that. To run it, use: 138 139 .. code-block:: console 140 141 $ for i in 1 2 3; do ssh core@deis-$i.example.com 'bash -s' < contrib/util/custom-firewall.sh; done 142 143 Our components should now be locked down from external sources. 144 145 Install Deis Platform 146 --------------------- 147 148 Now that you've finished provisioning a cluster, please refer to :ref:`install_deis_platform` to 149 start installing the platform. 150 151 152 .. _`contrib/digitalocean`: https://github.com/deis/deis/tree/master/contrib/digitalocean 153 .. _`docl`: https://github.com/nathansamson/docl#readme 154 .. _`Deis Control Utility`: https://github.com/deis/deis/tree/master/deisctl#readme 155 .. _`DNS control panel`: https://cloud.digitalocean.com/domains 156 .. _`this tutorial`: https://www.digitalocean.com/community/tutorials/how-to-set-up-a-host-name-with-digitalocean