mirror of
https://github.com/rancher/quickstart.git
synced 2026-02-05 12:45:15 +01:00
AWS NeuVector Quickstart
This will create a single node RKE2 cluster running on an EC2 instance with SLES 15 and install NeuVector into the cluster.
The instance will have wide-open security groups and will be accessible over SSH using the SSH keys
id_rsa and id_rsa.pub keys generated by terraform.
Optionally, you can also deploy the Rancher Management Server into the same cluster to test the Rancher and NeuVector integration.
Refer to Requirements/Using Cloud Quickstarts to get started.
Requirements
| Name | Version |
|---|---|
| terraform | >= 1.0.0 |
| aws | 5.1.0 |
| helm | 2.10.1 |
| kubernetes | 2.21.1 |
| local | 2.4.0 |
| rancher2 | 3.0.0 |
| ssh | 2.6.0 |
| tls | 4.0.4 |
Providers
| Name | Version |
|---|---|
| aws | 5.1.0 |
| helm | 2.10.1 |
| local | 2.4.0 |
| rancher2.bootstrap | 3.0.0 |
| ssh | 2.6.0 |
| tls | 4.0.4 |
Modules
No modules.
Resources
| Name | Type |
|---|---|
| aws_instance.neuvector_server | resource |
| aws_internet_gateway.neuvector_gateway | resource |
| aws_key_pair.quickstart_key_pair | resource |
| aws_route_table.neuvector_route_table | resource |
| aws_route_table_association.neuvector_route_table_association | resource |
| aws_security_group.neuvector_sg_allowall | resource |
| aws_subnet.neuvector_subnet | resource |
| aws_vpc.neuvector_vpc | resource |
| helm_release.cert_manager | resource |
| helm_release.cluster_issuer | resource |
| helm_release.neuvector | resource |
| helm_release.rancher_server | resource |
| local_file.kube_config_server_yaml | resource |
| local_file.ssh_public_key_openssh | resource |
| local_sensitive_file.ssh_private_key_pem | resource |
| rancher2_bootstrap.admin | resource |
| ssh_resource.install_rke2 | resource |
| ssh_resource.retrieve_config | resource |
| ssh_resource.rke2_config | resource |
| ssh_resource.rke2_config_dir | resource |
| tls_private_key.global_key | resource |
| aws_ami.sles | data source |
Inputs
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| aws_access_key | AWS access key used to create infrastructure | string |
n/a | yes |
| aws_secret_key | AWS secret key used to create AWS infrastructure | string |
n/a | yes |
| aws_region | AWS region used for all resources | string |
"us-east-1" |
no |
| aws_session_token | AWS session token used to create AWS infrastructure | string |
"" |
no |
| aws_zone | AWS zone used for all resources | string |
"us-east-1b" |
no |
| cert_manager_version | Version of cert-manager to install alongside NeuVector (format: 0.0.0) | string |
"1.11.0" |
no |
| install_rancher | Also install Rancher and setup SSO for NeuVector | bool |
false |
no |
| instance_type | Instance type used for all EC2 instances | string |
"t3a.xlarge" |
no |
| kubernetes_version | Kubernetes version to use | string |
"v1.24.14+rke2r1" |
no |
| neuvector_admin_password | Admin password for NeuVector | string |
"AI2zSYMFuCZ3HUeyNNMj1urUpCSEfgE0" |
no |
| neuvector_chart_version | NeuVector helm chart version | string |
"2.6.1" |
no |
| prefix | Prefix added to names of all resources | string |
"neuvector-quickstart" |
no |
| rancher_helm_repository | The helm repository, where the Rancher helm chart is installed from | string |
"https://releases.rancher.com/server-charts/latest" |
no |
| rancher_server_admin_password | Admin password to use for Rancher server bootstrap, min. 12 characters | string |
"adminadminadmin" |
no |
| rancher_version | Rancher version | string |
"2.7.9" |
no |
Outputs
| Name | Description |
|---|---|
| neuvector_url | n/a |
| node_ip | n/a |
| rancher_url | n/a |