Configure your cluster
Before you can create your cluster, you need to configure the identity and access management (IAM) for your cloud service provider (CSP) and choose machine types for the nodes.
Creating the configuration file
You can generate a configuration file for your CSP by using the following CLI command:
- Azure
- GCP
- AWS
constellation config generate azure
constellation config generate gcp
constellation config generate aws
This creates the file constellation-conf.yaml in the current directory.
You can also automatically generate a configuration file by adding the --generate-config flag to the constellation iam create command when creating an IAM configuration.
Choosing a VM type
Constellation supports the following VM types:
- Azure
- GCP
- AWS
By default, Constellation uses Standard_DC4as_v5 CVMs (4 vCPUs, 16 GB RAM) to create your cluster. Optionally, you can switch to a different VM type by modifying instanceType in the configuration file. For CVMs, any VM type with a minimum of 4 vCPUs from the DCasv5 & DCadsv5 or ECasv5 & ECadsv5 families is supported.
You can also run constellation config instance-types to get the list of all supported options.
By default, Constellation uses n2d-standard-4 VMs (4 vCPUs, 16 GB RAM) to create your cluster. Optionally, you can switch to a different VM type by modifying instanceType in the configuration file. Supported are all machines with a minimum of 4 vCPUs from the N2D family. Refer to N2D machine series or run constellation config instance-types to get the list of all supported options.
By default, Constellation uses m6a.xlarge VMs (4 vCPUs, 16 GB RAM) to create your cluster. Optionally, you can switch to a different VM type by modifying instanceType in the configuration file. Supported are all nitroTPM-enabled machines with a minimum of 4 vCPUs (xlarge or larger). Refer to the list of nitroTPM-enabled instance types or run constellation config instance-types to get the list of all supported options.
Fill the desired VM type into the instanceType field in the constellation-conf.yml file.
Creating an IAM configuration
You can create an IAM configuration for your cluster automatically using the constellation iam create command.
If you haven't generated a configuration file yet, you can do so by adding the --generate-config flag to the command. This creates a configuration file and populates it with the created IAM values.
- Azure
- GCP
- AWS
You must be authenticated with the Azure CLI in the shell session.
constellation iam create azure --region=westus --resourceGroup=constellTest --servicePrincipal=spTest
This command creates IAM configuration on the Azure region westus creating a new resource group constellTest and a new service principal spTest.
Note that CVMs are currently only supported in a few regions, check Azure's products available by region. These are:
- westus
- eastus
- northeurope
- westeurope
Paste the output into the corresponding fields of the constellation-conf.yaml file.
Since clientSecretValue is a sensitive value, you can leave it empty in the configuration file and pass it via an environment variable instead. To this end, create the environment variable CONSTELL_AZURE_CLIENT_SECRET_VALUE and set it to the secret value.
You must be authenticated with the GCP CLI in the shell session.
constellation iam create gcp --projectID=yourproject-12345 --zone=europe-west3-a --serviceAccountID=constell-test
This command creates IAM configuration in the GCP project yourproject-12345 on the GCP zone europe-west3-a creating a new service account constell-test.
Note that only regions offering CVMs of the N2D series are supported. You can find a list of all regions in Google's documentation, which you can filter by machine type N2D.
Paste the output into the corresponding fields of the constellation-conf.yaml file.
You must be authenticated with the AWS CLI in the shell session.
constellation iam create aws --zone=eu-central-1a --prefix=constellTest
This command creates IAM configuration for the AWS zone eu-central-1a using the prefix constellTest for all named resources being created.
Constellation OS images are currently replicated to the following regions:
- eu-central-1
- us-east-2
- ap-south-1
If you require the OS image to be available in another region, let us know.
You can find a list of all regions in AWS's documentation.
Paste the output into the corresponding fields of the constellation-conf.yaml file.
Alternatively, you can manually create the IAM configuration on your CSP.
Now that you've configured your CSP, you can create your cluster.
Deleting an IAM configuration
You can keep created IAM configurations and reuse them for new clusters. Alternatively, you can also delete them if they aren't being used anymore.
Prerequisites:
- Terraform is installed on your machine.
- Access to the terraform.tfstatefile created by theconstellation iam createcommand.
You can delete the IAM configuration using the following commands:
# Navigate to the directory containing the terraform.tfstate file
cd constellation-iam-terraform
# Destroy the IAM configuration via Terraform
terraform destroy
# Confirm deletion by typing "yes"
# Remove the Terraform state directory
cd ..
rm -rf constellation-iam-terraform
