Provision Terraform infrastructure and runtime Environment

Important
 A Domino install can’t be hosted on a subdomain of another Domino install. For example, if you have Domino deployed at data-science.example.com, you can’t deploy another instance of Domino at acme.data-science.example.com.
Provision your infrastructure with Domino’s Terraform module

Domino recommends that you use our public-facing AWS-specific Reference Terraform module. You can also reference this module to manually provision the environment and infrastructure.

  1. Create a private key named domino.pem for ssh access to bastion host and eks nodes.

    ssh-keygen -q -P '' -t rsa -b 4096 -m PEM -f domino.pem && chmod 400 domino.pem

  2. Create a folder to hold the Terraform files.

  3. Place the main.tf file in the folder.

  4. In the same folder, create a file named domino-terraform.auto.tfvars and add/edit the following:

    deploy_id             = "_FILL_ME_IN_"
region                = "_FILL_ME_IN_"
availability_zone_ids = ["_FILL_ME_IN_1_", "_FILL_ME_IN_2_"]
k8s_version           = "_FILL_ME_IN_"

    • deploy_id: Deployment ID, used to name all created resources.

    • region: Region used to deploy the cluster and its resources.

    • availability_zone_ids: Availability Zone IDs to use for your cluster, node pools, and networking. A minimum of two are required in order to create an EKS cluster. Domino recommends using three zones for high availability.

    • k8s_version: Kubernetes version (i.e 1.25). You can omit this to deploy the latest supported version.

  5. Set AWS credentials in the environment.

    export AWS_ACCESS_KEY_ID='_FILL_ME_IN_'
export AWS_SECRET_ACCESS_KEY='_FILL_ME_IN_'
export AWS_REGION='_FILL_ME_IN_'

  6. To initialize the modules, run the following command in the same folder as main.tf:

    terraform init

  7. To start the infrastructure deployment, run the following commands:

    terraform plan -out=terraform.plan
terraform apply terraform.plan

  8. Due to how the Terraform AWS provider currently works, there are objects that change during provisioning and a second apply is needed to reconcile the state. You can verify by running the following command:

    terraform plan

  9. If you see Note: Objects have changed outside of Terraform, run the following commands to reconcile the state:

    terraform apply --auto-approve

  10. Run the following command:

    terraform plan

  11. Verify you see the following message:

    No changes. Your infrastructure matches the configuration.