Created
August 10, 2018 01:13
-
-
Save HokieGeek/13b416db3c77063133f98e31de4eae13 to your computer and use it in GitHub Desktop.
Nexus IQ Server on AWS EKS reference files
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| AWSTemplateFormatVersion: '2010-09-09' | |
| Description: 'EKS VPC for Nexus IQ' | |
| Parameters: | |
| VpcBlock: | |
| Type: String | |
| Default: 192.168.0.0/16 | |
| Description: The CIDR range for the VPC. This should be a valid private (RFC 1918) CIDR range. | |
| Subnet01Block: | |
| Type: String | |
| Default: 192.168.64.0/18 | |
| Description: CidrBlock for subnet 01 within the VPC | |
| Subnet02Block: | |
| Type: String | |
| Default: 192.168.128.0/18 | |
| Description: CidrBlock for subnet 02 within the VPC | |
| Subnet03Block: | |
| Type: String | |
| Default: 192.168.192.0/18 | |
| Description: CidrBlock for subnet 03 within the VPC | |
| Metadata: | |
| AWS::ButtFormation::Interface: | |
| ParameterGroups: | |
| - | |
| Label: | |
| default: "Worker Network Configuration" | |
| Parameters: | |
| - VpcBlock | |
| - Subnet01Block | |
| - Subnet02Block | |
| - Subnet03Block | |
| Resources: | |
| VPC: | |
| Type: AWS::EC2::VPC | |
| Properties: | |
| CidrBlock: !Ref VpcBlock | |
| EnableDnsSupport: true | |
| EnableDnsHostnames: true | |
| Tags: | |
| - Key: Name | |
| Value: !Sub '${AWS::StackName}-VPC' | |
| InternetGateway: | |
| Type: "AWS::EC2::InternetGateway" | |
| VPCGatewayAttachment: | |
| Type: "AWS::EC2::VPCGatewayAttachment" | |
| Properties: | |
| InternetGatewayId: !Ref InternetGateway | |
| VpcId: !Ref VPC | |
| RouteTable: | |
| Type: AWS::EC2::RouteTable | |
| Properties: | |
| VpcId: !Ref VPC | |
| Tags: | |
| - Key: Name | |
| Value: Public Subnets | |
| - Key: Network | |
| Value: Public | |
| Route: | |
| DependsOn: VPCGatewayAttachment | |
| Type: AWS::EC2::Route | |
| Properties: | |
| RouteTableId: !Ref RouteTable | |
| DestinationCidrBlock: 0.0.0.0/0 | |
| GatewayId: !Ref InternetGateway | |
| Subnet01: | |
| Type: AWS::EC2::Subnet | |
| Metadata: | |
| Comment: Subnet 01 | |
| Properties: | |
| AvailabilityZone: | |
| Fn::Select: | |
| - '0' | |
| - Fn::GetAZs: | |
| Ref: AWS::Region | |
| CidrBlock: | |
| Ref: Subnet01Block | |
| VpcId: | |
| Ref: VPC | |
| Tags: | |
| - Key: Name | |
| Value: !Sub "${AWS::StackName}-Subnet01" | |
| MapPublicIpOnLaunch: true | |
| Subnet02: | |
| Type: AWS::EC2::Subnet | |
| Metadata: | |
| Comment: Subnet 02 | |
| Properties: | |
| AvailabilityZone: | |
| Fn::Select: | |
| - '1' | |
| - Fn::GetAZs: | |
| Ref: AWS::Region | |
| CidrBlock: | |
| Ref: Subnet02Block | |
| VpcId: | |
| Ref: VPC | |
| Tags: | |
| - Key: Name | |
| Value: !Sub "${AWS::StackName}-Subnet02" | |
| MapPublicIpOnLaunch: true | |
| Subnet03: | |
| Type: AWS::EC2::Subnet | |
| Metadata: | |
| Comment: Subnet 03 | |
| Properties: | |
| AvailabilityZone: | |
| Fn::Select: | |
| - '2' | |
| - Fn::GetAZs: | |
| Ref: AWS::Region | |
| CidrBlock: | |
| Ref: Subnet03Block | |
| VpcId: | |
| Ref: VPC | |
| Tags: | |
| - Key: Name | |
| Value: !Sub "${AWS::StackName}-Subnet03" | |
| MapPublicIpOnLaunch: true | |
| Subnet01RouteTableAssociation: | |
| Type: AWS::EC2::SubnetRouteTableAssociation | |
| Properties: | |
| SubnetId: !Ref Subnet01 | |
| RouteTableId: !Ref RouteTable | |
| Subnet02RouteTableAssociation: | |
| Type: AWS::EC2::SubnetRouteTableAssociation | |
| Properties: | |
| SubnetId: !Ref Subnet02 | |
| RouteTableId: !Ref RouteTable | |
| Subnet03RouteTableAssociation: | |
| Type: AWS::EC2::SubnetRouteTableAssociation | |
| Properties: | |
| SubnetId: !Ref Subnet03 | |
| RouteTableId: !Ref RouteTable | |
| ControlPlaneSecurityGroup: | |
| Type: AWS::EC2::SecurityGroup | |
| Properties: | |
| GroupDescription: Cluster communication with worker nodes | |
| VpcId: !Ref VPC | |
| Outputs: | |
| SubnetIds: | |
| Description: All subnets in the VPC | |
| Value: !Join [ ",", [ !Ref Subnet01, !Ref Subnet02, !Ref Subnet03 ] ] | |
| SecurityGroups: | |
| Description: Security group for the cluster control plane communication with worker nodes | |
| Value: !Join [ ",", [ !Ref ControlPlaneSecurityGroup ] ] | |
| VpcId: | |
| Description: The VPC Id | |
| Value: !Ref VPC |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: v1 | |
| kind: ConfigMap | |
| metadata: | |
| name: aws-auth | |
| namespace: kube-system | |
| data: | |
| mapRoles: | | |
| - rolearn: <ARN of instance role (not instance profile)> | |
| username: system:node:{{EC2PrivateDNSName}} | |
| groups: | |
| - system:bootstrappers | |
| - system:nodes |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: v1 | |
| kind: Service | |
| metadata: | |
| name: nexus-iq | |
| labels: | |
| app: nexus-iq | |
| spec: | |
| ports: | |
| - port: 8070 | |
| targetPort: 8070 | |
| name: nexus-iq-server | |
| - port: 8071 | |
| targetPort: 8071 | |
| name: nexus-iq-admin | |
| selector: | |
| app: nexus-iq | |
| type: LoadBalancer | |
| --- | |
| apiVersion: v1 | |
| kind: ReplicationController | |
| metadata: | |
| name: nexus-iq | |
| spec: | |
| replicas: 1 | |
| selector: | |
| app: nexus-iq | |
| template: | |
| metadata: | |
| labels: | |
| app: nexus-iq | |
| spec: | |
| containers: | |
| - name: nexus-iq | |
| image: sonatype/nexus-iq-server:1.49.0 | |
| ports: | |
| - containerPort: 8070 | |
| name: nexus-iq-server | |
| - containerPort: 8071 | |
| name: nexus-iq-admin |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: v1 | |
| clusters: | |
| - cluster: | |
| server: <endpoint-url> | |
| certificate-authority-data: <base64-encoded-ca-cert> | |
| name: kubernetes | |
| contexts: | |
| - context: | |
| cluster: kubernetes | |
| user: aws | |
| name: aws | |
| current-context: aws | |
| kind: Config | |
| preferences: {} | |
| users: | |
| - name: aws | |
| user: | |
| exec: | |
| apiVersion: client.authentication.k8s.io/v1alpha1 | |
| command: aws-iam-authenticator | |
| args: | |
| - "token" | |
| - "-i" | |
| - "<cluster-name>" | |
| # - "-r" | |
| # - "<role-arn>" | |
| # env: | |
| # - name: AWS_PROFILE | |
| # value: "<aws-profile>" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment