Amazon EKS Installation


Amazon Nuances

Be aware of the following requirements when installing the CloudCenter Suite:

  • Maximum Supported Version: EKS Version 1.13.7 and below.

  • Unavailable Resources: The following resources will not be available until the upgrade completes:

    • EKS cluster

    • Suite admin cluster

  • Resources: Amazon creates the following resources for the AWS account:

    • An EKS Cluster with user-provided specifications.

    • All resources remain in the same region as the cluster.

    • A new CloudFormation stack with the same number of instances, security groups, subnets, and roles that are used to connect to the cluster.

      • VPC Name: cluster_name-VPC

      • Role Name for VPC: cluster_name-Role

      • Role Name for Workers: cluster_name-NodeInstanceRole

      • New CFN stack Name: cluster_name-New-Workers-random_UUID32

      • Auto Scaling Group for worker nodes as part of cloud formation workers stack

  • The Delete API:

    You cannot trigger a Delete call by deleting the Amazon cluster from either the AWS console or the AWS CLI. Instead, use the Delete API.

Module Details

Additionally, refer to your module documentation for module-specific dependencies as specified in the following table.

ModuleDocumentation
Workload ManagerCloud Overview
Action OrchestratorAdd Cloud Account
Cost OptimizerCloud Overview

Minimum Permissions Needed

The following IAM policies are required for the CloudCenter Suite to access the EKS and create a new cluster on AWS.

  • AmazonEC2FullAccess

  • IAMFullAccess

  • AutoScalingFullAccess

  • AmazonEKSClusterPolicy

  • AmazonEKSWorkerNodePolicy

  • AmazonVPCFullAccess

  • AmazonEKSServicePolicy

  • AmazonEKS_CNI_Policy

  • AmazonRoute53FullAccess

  • Inline_Policy_EKS_Cluster = an inline policy allowing the following actions on the EKS service to an IAM user:

    {
        "Version": "2012-10-17",
        "Statement": [
            {
                "Sid": "VisualEditor0",
                "Effect": "Allow",
                "Action": [
                    "cloudformation:CreateStack",
                    "cloudformation:DescribeStacks",
                    "cloudformation:DescribeStackEvents",
                    "cloudformation:DescribeStackResources",
                    "cloudformation:DescribeStackResource",
                    "cloudformation:GetTemplate",
                    "cloudformation:ValidateTemplate",
                    "cloudformation:DeleteStack",
                    "eks:UpdateClusterVersion",
                    “cloudformation:UpdateStack”,
                    "eks:ListUpdates",
                    "eks:DescribeUpdate",
                    "eks:DescribeCluster",
                    "eks:ListClusters",
                    "eks:CreateCluster",
                    "eks:DeleteCluster"
                ],
                "Resource": "*"
            }
        ]
    }

Installation Process

To install the CloudCenter Suite on a new Amazon cluster, perform the following procedure. 

  1. Verify that you have prepared your environment as listed in the Amazon Nuances section above.

  2. Navigate to the Suite Installer Dashboard.

  3. Click New Cluster.

  4. Select Amazon EKS.

  5. To connect using Amazon cloud credentials, enter the EKS details specified in the following table.

    EKS Details

    Description

    AWS Access Key IDAWS access key ID for the account
    EKS Secret Access KeyAWS secret access key
  6. Click Connect as displayed in the following screenshot.

  7. Once the connection is validated, click Next as displayed in the following screenshot.

  8. To specify the cloud properties, enter the EKS details listed in the following table and displayed in the following screenshot

    EKS Details

    Description

    EKS Cluster ID PrefixEKS Cluster ID Prefix, the prefix must start with a lowercase letter and cluster's name must not be longer than 40 characters. Only letters, numbers and hyphen are allowed in a cluster's name.
    AWS EKS RegionSelect region to launch the cluster.
    EKS Instance TypeSelect the type of instance of worker nodes.
    Available EC2 SSH KeysSelect the SSH key, account must have at least one key.


  9. Click InstallThe installation progress is visible on screen.

    If the Suite Admin is installed in EKS, the you cannot use the config file immediately after downloading it from the Suite installer success page. To access the Kubernetes cluster, access your command window to install AWS-IAM-AUTHENTICATOR and execute the following commands:

    brew install kubernetes-cli
    curl -Lo aws-iam-authenticator https://github.com/kubernetes-sigs/aws-iam-authenticator/releases/download/v0.3.0/heptio-authenticator-aws_0.3.0_darwin_amd64
    chmod +x aws-iam-authenticator
    sudo mv aws-iam-authenticator /usr/local/bin
  10. Once successful, you see the following message.

    CloudCenter Suite installation successful!
  11. You have the following options at this point:

    1. Click Take Me To Suite Admin to launch and set up the Suite Admin.

    2. Click Install Another Cluster to start another installation and go back to the homepage (Installer Dashboard).

    3. Download Kubeconfig file to connect to the launched cluster using the kubectl tool.

  12. Be sure to switch off the installer VM. You can reuse this VM for any other purpose, for example, as an Offline Repository.



Terms & Conditions Privacy Statement Cookies Trademarks