Skip to content
/ air-gapped-tkg Public

Building TKG in a completely-internetless environment.

7 stars 3 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

voor/air-gapped-tkg

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

22 Commits
.gitignore
.gitignore
 
 
README.md
README.md
 
 
main.tf
main.tf
 
 
providers.tf
providers.tf
 
 
vpc_subnets.tf
vpc_subnets.tf
 
 
vpce.tf
vpce.tf
 
 

Repository files navigation

Air Gapped TKG (VPC only creation light version)

Install TKG into an air-gapped situation that has no connectivity to the internet.

Assumptions

  1. You have terraform and aws cli installed on the first box. You should not need admin rights to install either of these tools.
  2. You have an AWS account that can create VPCs and IAM policies.

Terraform

  1. Create a terraform.tfvars file: 
    environment_name = "gapped"

region = "us-gov-east-1"
availability_zones = ["us-gov-east-1a", "us-gov-east-1b", "us-gov-east-1c"]

key_name = "cluster-api-provider-aws"
  2. Run terraform: 
    terraform init
terraform plan -out=main.tfplan
terraform apply "main.tfplan"
  3. Launch an instance into this VPC and make sure to give it a role with the AWS CAPA controller manager (for OSS this is controllers.cluster-api-provider-aws.sigs.k8s.io)
  4. This role should also allow AWS SSM access, which is the easiest way to get into this environment without a lot of complex AWS transit gateway or AWS peering stuff.
  5. You will need to copy files into S3 and then access them from S3 due to the closed off nature of the VPC (unless you were able to peer it into another network).
  6. Good luck.

About

Building TKG in a completely-internetless environment.

Resources

Readme
Activity

Stars

7 stars

Watchers

3 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages