Setup
Setup steps for running a DevZero deployment on AWS.
Prerequisites
Requirements
Before setting up the Control and Data Planes, review these:
- Access to DevZero Self-Hosted Repository
- Custom EKS Nodes with DevZero AMI
- Custom domain - domain setup with wildcard (
*
) alternative name - EKS cluster (v1.29+)
- Storage - EBS or alternatives
Setup
If you have an existing cluster that meets the Requirements and have an environment that meets the Prerequisites, skip to directly deploy the Control and Data Planes.
If your company has an established way to create Kubernetes clusters, use that to create a cluster that meets these Requirements. By continuing, you will provision AWS infrastructure using DevZero's examples.
Clone the DevZero Self-Hosted repository
Clone this repository:
git clone https://github.com/devzero-inc/self-hosted.git
cd self-hosted
Prepare to configure the permission-helper
cd terraform/examples/aws/permission-helper
Update main.tf
Replace AWS_REGION in provider “aws”
in terraform/examples/aws/permission-helper/main.tf
with the target deployment region.
provider "aws" {
- region = "AWS_REGION"
+ region = "us-west-2" # target deployment region
}
Update terraform.tfvars
Replace AWS_REGION, ACCOUNT_ID, CLUSTER_NAME in terraform/examples/aws/permission-helper/terraform.tfvars
.
- AWS_REGION = "*"
- ACCOUNT_ID = "AWS_ACCOUNT_ID"
- CLUSTER_NAME = "permissions-test"
+ AWS_REGION = "us-west-2" # target deployment region
+ ACCOUNT_ID = "1234-1234-1234" # AWS account ID
+ CLUSTER_NAME = "devzero-self-hosted" # DevZero deployment identifier
Run the module
terraform init
terraform apply
Review generated policies under permissions/
# in: terraform/examples/aws/permission-helper
% ls permissions
cluster-creation-permissions.json efs-creation-permissions.json vpc-creation-permissions.json
cluster-deletion-permissions.json efs-deletion-permissions.json vpc-deletion-permissions.json
Example permissions: GitHub Gist.
Create an IAM user
Send the generated policies (step 6) to your AWS administrator. Then log in with that IAM user before proceeding to the next step.
Create an IAM user with the generated policies (step 4) before proceeding to the next step.
Create AWS infrastructure using DevZero's examples
Set up the base cluster
# terraform/examples/aws/base-cluster
cd ../base-cluster
Replace region
, cluster_name
and domain
in terraform/examples/aws/base-cluster/terraform.tfvars
.
- region = "us-west-1"
- cluster_name = "devzero-dsh"
- domain = "devzero.internal"
+ region = "us-west-2" # target deployment region
+ cluster_name = "devzero-cluster" # EKS cluster name
+ domain = "devzero.io" # custom domain
terraform init
terraform apply
Set up the cluster extensions
# terraform/examples/aws/cluster-extensions
cd ../cluster-extensions
Replace the cluster_name
in terraform/examples/aws/cluster-extensions/terraform.tfvars
.
- cluster_name = "devzero-dsh"
+ cluster_name = "devzero-cluster" # EKS cluster name
terraform init
terraform apply
Deploy the DevZero Control and Data Planes.