Setting Up a Workstation

This topic provides the requirements and instructions to follow for configuring a workstation to use for creating and managing the EKS infrastructure. The workstation needs to be able to connect to the AWS API. It also needs to have the required AWS and Kubernetes (K8s) software packages as well as the deployment scripts and configuration files supplied by Cambridge Semantics. This workstation will be used to connect to the AWS API and provision the K8s cluster and node groups.

You can use the Anzo server as the workstation if the network routing and security policies permit the Anzo server to access the AWS and K8s APIs. When deciding whether to use the Anzo server as the K8s workstation, consider whether Anzo may be migrated to a different server or VPC in the future.

Workstation Requirements and Software Installation

Component Requirement
Operating System The operating system for the workstation must be RHEL/CentOS 7.8 or later.
Networking The workstation should be in the same VPC as the EKS cluster. If it is not in the same VPC, make sure that it is on a network that is routable from the cluster's VPC.
Software
  • AWS-CLI Version 2 is recommended. Version 1.16.156 or later is supported. For instructions, see Install AWS-CLI below.
  • EKSCTL Version 0.40.0 or later is required. For instructions, see Install EKSCTL below.
  • Kubectl Versions 1.17 – 1.19 are supported. Cambridge Semantics recommends that you use the same kubectl version as the EKS cluster version. For instructions, see Install Kubectl below.
CSI EKSCTL Package Cambridge Semantics provides eksctl scripts and configuration files to use for provisioning the EKS cluster and node groups. Download the files to the workstation. See Cluster Creation Scripts and Configuration Files for more information about the eksctl package.

Install AWS-CLI

AWS CLI is the AWS command line interface. Version 2 is recommended. Follow the instructions below to install the latest aws-cli version 2 package. For more information, see Installing, Updating, and Uninstalling the AWS CLI Version 2 on Linux in the AWS CLI documentation.

  1. Run the following command to download the latest aws-cli package to the current directory:
    curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
  2. Run the following command to unzip the package:
    unzip awscliv2.zip
  3. Then run the following command to run the install program. By default, the files are all installed to /usr/local/aws-cli, and a symbolic link is created in /usr/local/bin.
    sudo ./aws/install

Install EKSCTL

EKSCTL is the AWS EKS command line interface. Version 0.40.0 or later is required. Follow the instructions below to download the eksctl package and place it in the /usr/local/bin directory. For more information, see Installing eksctl in the Amazon EKS documentation.

  1. Run the following command to download the eksctl package to the /tmp directory:
    curl --silent --location "https://github.com/weaveworks/eksctl/releases/download/<tag>/eksctl_$(uname -s)_amd64.tar.gz" | tar xz -C /tmp

    Where <tag> is the release that you want to download. For example:

    curl --silent --location "https://github.com/weaveworks/eksctl/releases/download/0.40.0/eksctl_$(uname -s)_amd64.tar.gz" | tar xz -C /tmp
  2. Then run the following command to move eksctl to the /usr/local/bin directory:
    sudo mv /tmp/eksctl /usr/local/bin

Install Kubectl

Follow the instructions below to install kubectl on your workstation. Cambridge Semantics recommends that you install the same version of kubectl as the K8s cluster API. For more information, see Install and Set Up kubectl on Linux in the Kubernetes documentation.

  1. Run the following cURL command to download the kubectl binary:
    curl -LO https://dl.k8s.io/release/<version>/bin/linux/amd64/kubectl

    Where <version> is the version of kubectl to install. For example, the following command downloads version 1.17.17:

    curl -LO https://dl.k8s.io/release/v1.17.17/bin/linux/amd64/kubectl
  2. Run the following command to make the binary executable:
    chmod +x ./kubectl
  3. Run the following command to move the binary to your PATH:
    sudo mv ./kubectl /usr/local/bin/kubectl
  4. To confirm that the binary is installed and that you can run kubectl commands, run the following command to display the client version:
    kubectl version --client

    The command returns the following information:

    Client Version: version.Info{Major:"1", Minor:"17", GitVersion:"v1.17.17", GitCommit:"f3abc15296f3a3f54e4ee42e830c61047b13895f", 
GitTreeState:"clean", BuildDate:"2021-01-13T13:21:12Z", GoVersion:"go1.13.15", Compiler:"gc", Platform:"linux/amd64"}

Cluster Creation Scripts and Configuration Files

Cambridge Semantics provides a package of files that enable users to manage the configuration, creation, and deletion of the EKS cluster and node groups. The top-level directory is called eksctl. Place the directory in any location on the workstation. The files and directory structure are shown below: 

eksctl
├── conf.d
│   ├── iam_serviceaccounts.yaml
│   ├── k8s_cluster.conf
│   ├── nodepool.yaml
│   ├── nodepool_anzograph.yaml
│   ├── nodepool_common.yaml
│   ├── nodepool_dynamic.yaml
│   └── nodepool_operator.yaml
├── reference
│   └── ca_autodiscover-patch-file.yaml
│   └── ca_autodiscover.yaml
│   └── cluster-autoscaler-policy.json
│   └── nodepool_anzograph_tuner.yaml
│   └── nodepool_dynamic_tuner.yaml
│   └── versions
│   └── warm_ip_target.yaml
├── aws_cli_common.sh
├── common.sh
├── create_k8s.sh
├── create_nodepools.sh
├── delete_k8s.sh
└── delete_nodepools.sh
└── README.md

The list below gives an overview of the files that are included in the eksctl package. Subsequent topics describe the files in more detail.

  • The conf.d directory contains the configuration files that supply the specifications to follow when creating the K8s cluster and node groups.
    • iam_serviceaccounts.yaml: Supplies optional IAM roles for Service Account specifications for use as part of cluster creation if you would like to assign permissions for the applications that run on EKS.
    • k8s_cluster.conf: Supplies the specifications for the EKS cluster.
    • nodepool.yaml: This file is supplied as a reference. It contains the super set of node group parameters and includes comments that provide additional information.
    • nodepool_anzograph.yaml: Supplies the specifications for the AnzoGraph node group.
    • nodepool_common.yaml: Supplies the specifications for the Common node group.
    • nodepool_dynamic.yaml: Supplies the specifications for the Dynamic node group.
    • nodepool_operator.yaml: Supplies the specifications for the Operator node group.
  • The reference directory contains crucial files that are referenced by the cluster and node group creation scripts. The files in the directory should not be edited, and the reference directory must exist on the workstation at the same level as the create*.sh and delete*.sh scripts.
  • The aws-cli-common.sh and common.sh scripts are used by the create*.sh and delete*.sh scripts.
  • The create_k8s.sh script is used to deploy the EKS cluster.
  • The create_nodepools.sh script is used to deploy node groups in the EKS cluster.
  • The delete_k8s.sh script is used to delete the EKS cluster.
  • The delete_nodepools.sh script is used to remove node groups from the EKS cluster.

Once the workstation is configured, see Planning the Anzo and EKS Network Architecture to review information about the network architecture that the eksctl scripts create. And see Creating and Assigning IAM Policies for instructions on creating the IAM policies that are needed for assigning permissions to create and use the EKS cluster.

Related Topics