{"id":13625586,"url":"https://github.com/kelseyhightower/kubestack","last_synced_at":"2026-01-28T10:33:34.588Z","repository":{"id":32238039,"uuid":"35812215","full_name":"kelseyhightower/kubestack","owner":"kelseyhightower","description":"Manage Kubernetes with Packer and Terraform on Google Compute Engine.","archived":false,"fork":false,"pushed_at":"2016-02-04T21:34:55.000Z","size":265,"stargazers_count":298,"open_issues_count":4,"forks_count":64,"subscribers_count":23,"default_branch":"master","last_synced_at":"2025-02-28T03:28:36.524Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/kelseyhightower.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2015-05-18T10:44:37.000Z","updated_at":"2024-10-25T16:09:32.000Z","dependencies_parsed_at":"2022-09-08T11:24:39.380Z","dependency_job_id":null,"html_url":"https://github.com/kelseyhightower/kubestack","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/kelseyhightower/kubestack","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kelseyhightower%2Fkubestack","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kelseyhightower%2Fkubestack/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kelseyhightower%2Fkubestack/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kelseyhightower%2Fkubestack/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/kelseyhightower","download_url":"https://codeload.github.com/kelseyhightower/kubestack/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kelseyhightower%2Fkubestack/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28844014,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-28T07:39:25.367Z","status":"ssl_error","status_checked_at":"2026-01-28T07:39:24.487Z","response_time":57,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-01T21:01:58.022Z","updated_at":"2026-01-28T10:33:29.580Z","avatar_url":"https://github.com/kelseyhightower.png","language":null,"funding_links":[],"categories":["Others"],"sub_categories":[],"readme":"# Kubestack\n\nProvision a Kubernetes cluster with [Packer](https://packer.io) and [Terraform](https://www.terraform.io) on Google Compute Engine.\n\n## Status\n\nReady for testing. Over the next couple of weeks the repo should be generic enough for reuse with complete documentation.\n\n## Prep\n\n- [Install Packer](https://packer.io/docs/installation.html)\n- [Install Terraform](https://www.terraform.io/intro/getting-started/install.html)\n- [Setup an Authentication JSON File](https://www.terraform.io/docs/providers/google/index.html#account_file)\n\nThe Packer and Terraform configs assume your authentication JSON file is stored under `/etc/kubestack-account.json`\n\n## Packer Images\n\nImmutable infrastructure is the future. Instead of using cloud-init to provision machines at boot we'll create a custom image using Packer.\n\nRun the packer commands below will create the following image:\n\n```\nkubestack-0-17-1-v20150606\n```\n\n### Create the Kubestack Base Image\n\n```\ncd packer\npacker build -var-file=settings.json kubestack.json\n```\n\n## Terraform\n\nTerraform will be used to declare and provision a Kubernetes cluster.\n\n### Prep\n\nGenerate an [etcd discovery](https://coreos.com/docs/cluster-management/setup/cluster-discovery/) token:\n\n```\ncurl https://discovery.etcd.io/new?size=3\nhttps://discovery.etcd.io/465df9c06a9d589...\n```\n\nEdit `terraform/terraform.tfvars`. Add the required values:\n\n```\ndiscovery_url = \"https://discovery.etcd.io/465df9c06a9d589...\"\nproject = \"kubestack\"\nsshkey_metadata = \"core: ssh-rsa AAAAB3NzaC1yc2EA...\"\n```\n\n- Add API tokens to `terraform/secrets/tokens.csv`. See [Kubernetes Authentication Plugins](https://github.com/GoogleCloudPlatform/kubernetes/blob/master/docs/authentication.md) for more details.\n\nExample tokens.csv\n\n```\n04b6d6bfe5bexample82db624, kelseyhightower, kelseyhightower\n```\n\n- Ensure your local ssh-agent is running and your ssh key has been added. This step is required by the terraform provisioner.\n\n```\nssh-add ~/.ssh/id_rsa\n```\n\n\n### Provision the Kubernetes Cluster\n\n```\ncd terraform\nterraform plan\nterraform apply\n```\n\nIf you run into the follow error try changing the GCE zone and try again.\n\n```\nThe zone 'projects/kubestack/zones/us-central1-a' does not have enough resources available to fulfill the request.\n```\n\n```\nterraform destroy\n```\n\nGet a list of GCE zones.\n\n```\ngcloud compute zones list\nNAME           REGION       STATUS NEXT_MAINTENANCE TURNDOWN_DATE\nasia-east1-c   asia-east1   UP\nasia-east1-a   asia-east1   UP\nasia-east1-b   asia-east1   UP\neurope-west1-c europe-west1 UP\neurope-west1-b europe-west1 UP\neurope-west1-d europe-west1 UP\nus-central1-a  us-central1  UP\nus-central1-b  us-central1  UP\nus-central1-c  us-central1  UP\nus-central1-f  us-central1  UP\n```\n\nEdit `terraform.tfvars`\n\n```\nzone = \"us-central1-b\"\n```\n\nBe sure to generate a new etcd discovery token:\n\n```\ncurl https://discovery.etcd.io/new?size=3\nhttps://discovery.etcd.io/2e5df9c06a9d590...\n```\n\nEdit `terraform.tfvars`\n\n```\ndiscovery_url = \"https://discovery.etcd.io/2e5df9c06a9d590...\"\n```\n\nTry again.\n\n```\nterraform apply\n```\n\n### Resize the number of worker nodes\n\nEdit `terraform/terraform.tfvars`. Set `worker_count` to the desired value:\n\n```\nworker_count = 3\n```\n\nApply the changes:\n\n```\nterraform plan\nterraform apply\n```\n\n```\nApply complete! Resources: 10 added, 0 changed, 0 destroyed.\n\nThe state of your infrastructure has been saved to the path\nbelow. This state is required to modify and destroy your\ninfrastructure, so keep it safe. To inspect the complete state\nuse the `terraform show` command.\n\nState path: terraform.tfstate\n\nOutputs:\n\n  kubernetes-api-server = https://203.0.113.158:6443\n```\n\n## Next Steps\n\n### Configure kubectl\n\nReplace `$kubernetes-api-server` with the terraform output. \nReplace `$token` and `$user` with the info from `terraform/secrets/tokens.csv`.\n\n```\nkubectl config set-cluster kubestack --insecure-skip-tls-verify=true --server=$kubernetes-api-server\nkubectl config set-credentials kelseyhightower --token='$token'\nkubectl config set-context kubestack --cluster=kubestack --user=$user\nkubectl config use-context kubestack\n```\n\n```\nkubectl config view\n```\n\n```\napiVersion: v1\nclusters:\n- cluster:\n    insecure-skip-tls-verify: true\n    server: $kubernetes-api-server\n  name: kubestack\ncontexts:\n- context:\n    cluster: kubestack\n    user: $user\n  name: kubestack\ncurrent-context: kubestack\nkind: Config\npreferences: {}\nusers:\n- name: $user\n  user:\n    token: $token\n```\n\n## Register the worker nodes\n\nNodes will be named based on the following convention:\n\n```\n${cluster_name}-kube${count}.c.${project}.internal\n```\n\nEdit `testing-kube0.c.kubestack.internal.json`\n\n``` \n{\n  \"kind\": \"Node\",\n  \"apiVersion\": \"v1beta3\",\n  \"metadata\": {\n    \"name\": \"testing-kube0.c.kubestack.internal\"\n  },\n  \"spec\": {\n    \"externalID\": \"testing-kube0.c.kubestack.internal\"\n  }\n}\n```\n\n```\nkubectl create -f testing-kube0.c.kubestack.internal.json\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkelseyhightower%2Fkubestack","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fkelseyhightower%2Fkubestack","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkelseyhightower%2Fkubestack/lists"}