Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

Digging Into Mesosphere DC/OS (Part 2)

DZone's Guide to

Digging Into Mesosphere DC/OS (Part 2)

Learn how to get Mesosphere going on AWS, including configuration details and security provisions.

· Cloud Zone
Free Resource

Site24x7 - Full stack It Infrastructure Monitoring from the cloud. Sign up for free trial.

Now that we have had a brief overview of DC/OS from our first post, it’s time to do a little practical work and put things into context a bit.

The best way for us to take that step is to spin up a quick environment. There is no doubt that this can be quick, especially with the AWS implementation of DC/OS that we are going to use.

Note that you will need an active AWS account, and this will incur some costs to run the instances. The instances are pretty hearty because they are designed to run at a decent scale.

DC/OS on AWS Demo Setup

Log in to AWS to ensure you have access. The instances we need do not qualify for the Free Tier, so this will need a full account with billing enabled.

On the DCOS.io site, there are template links. Follow the install page as you see here:

DC/OS AWS requirements

That takes you to the install documentation and links to the CloudFormation template link (https://downloads.dcos.io/dcos/EarlyAccess/aws.html)

DC/OS Early Access AWS Cloud Formation Template

We can decide if we use a single master, or a three master system. To start small, we are going to launch a single master on us-west-2 in Oregon because I have other instances and SSH Keys active there.

Take the defaults and click Next on the Select Template screen:

DC/OS on AWS how to select template

Choose a name for your DC/OS stack. Choose a Key from your existing SSH key list. Security settings are available to enable OAuth Access (i.e. using GitHub, Google, or Microsoft accounts) which is what we can use for our demo. Choose the number of agent instances you wish to use. Everything else can remain as default:

DC/OS on AWS how to name your stack

Tagging is a good idea for anything inside AWS, so choose some tags if you want to identify your DC/OS instances:

DC/OS on AWS how to tag and select options

Once that step is done, you can save your stack to be able to launch it.

DC/OS on AWS how to review and save stack settings

As you check your stack state, it will begin as CREATE_IN_PROGRESS:

How to check stack state on DC/OS for AWS

The process takes around 10-15 minutes. Once it is completed, the status will be indicated as COMPLETED in your CloudFormation window. This is also where you can get your DNS information to access the DC/OS master console. Click the Output tab in the lower portion of the window:

DC/OS on AWS dns setup

Now, you can log into your DC/OS instance over the web. That will bring you to this screen:

DC/OS on AWS login view

Now you are ready to start some testing! But before we do that, you need to some very important information.

Securing Your Web Access on AWS

By default, the settings you have chosen will be the default security groups, which are to allow inbound access over HTTP/HTTPS from any IP address.

Since we have OAuth enabled, anyone could just simply find your instance, log in, and start working on it. Not good.

To mitigate this, go to your VPC settings in the AWS console and you can sort by your node names. In my example, we search for DCOS which shows us the different security groups:

DC/OS security groups view

As you can see, all IP addresses are open. Click on the Edit button and change the 0.0.0.0/0 to your external IP address from your network (you can get this from http://whatsmyip.org) and make sure to use a /32 as the net mask:

single ip security on DC/OS

Save the entry, and now you are blocking access to the DC/OS master web interface unless it comes from your network.

Our next post will take a look at how to browse around your DC/OS environment and to spin up some application workloads.

Site24x7 - Full stack It Infrastructure Monitoring from the cloud. Sign up for free trial.

Topics:
cloudformation ,aws ,cloud ,mesosphere

Published at DZone with permission of Eric Wright, DZone MVB. See the original article here.

Opinions expressed by DZone contributors are their own.

THE DZONE NEWSLETTER

Dev Resources & Solutions Straight to Your Inbox

Thanks for subscribing!

Awesome! Check your inbox to verify your email so you can start receiving the latest in tech news and resources.

X

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}