kaws
kaws is a tool for creating and managing Kubernetes clusters on AWS using Terraform. It ties together several other tools to make Kubernetes deployment easy, repeatable, and secure.
kaws is not intended to support every possible deployment scenario for Kubernetes clusters. It follows a specific approach used by InQuicker, involving specific software, services, and conventions. Specifically, kaws creates Kubernetes clusters in AWS using CoreOS servers, all managed by declarative configuration files with Terraform.
Status
kaws has not yet reached version 1.0, and is not recommended for production usage until it has. In accordanace with Semantic Versioning, while kaws is < 1.0, backwards incompatible changes may occur. Major expected changes include using rkt as the container runtime for Kubernetes. See the issues for details.
kaws has not been reviewed by security professionals. For information about the threat model of kaws, see the security document.
Synopsis
USAGE:
kaws [FLAGS] [SUBCOMMAND]
FLAGS:
-h, --help Prints help information
-V, --version Prints version information
SUBCOMMANDS:
admin Commands for managing cluster administrators
cluster Commands for managing a cluster's infrastructure
help Prints this message or the help message of the given subcommand(s)
init Initializes a new repository for managing Kubernetes clusters
Start by creating a new repository with the init
command.
Goals
- Define infrastructure as code for predictability and repeatability
- Produce secure, highly available Kubernetes clusters
- Generate and distribute Kubernetes API access credentials securely
- Avoid shell scripting as much as possible
Supported platforms
At this time, kaws has only been developed for and tested on OS X. Support for Linux is planned.
Installing dependencies
kaws requires the following other programs to be available on your system:
OS X
All the dependencies can be installed with Homebrew:
brew install terraform openssl kubernetes-cli
To use the Homebrew-installed OpenSSL, prefix the cargo build
command (in the section on build from source below) with:
OPENSSL_INCLUDE_DIR=
Installing kaws
Once all the required dependencies are installed on your system, you can install kaws.
Precompiled binaries
Signed precompiled binaries for tagged version numbers are available for download on the releases page.
Building from source
- Install the appropriate version of Rust for your system.
- Run
git clone git@github.com:InQuicker/kaws.git
. - Inside the freshly cloned repository, run
cargo build --release
. - Copy the binary from
target/release/kaws
to a directory in your PATH, such as/usr/local/bin
.
Documentation
Detailed documentation is available in the docs directory. A good place to start is the overview.
Development
To package the current release for distribution, update TAG
in the Makefile and then run make
.
Release artifacts will be written to the dist
directory.
Your GPG secret key will be required to sign sha256sums.txt
.
Docker images for inquicker/kaws
and inquicker/kaws:$TAG
will be created, but you must push them manually.
cargo publish
must be run manually to release to crates.io.
Legal
kaws is released under the MIT license. See LICENSE
for details.