Create and connect new AWS EKS cluster
The following document shows how to create an AWS EKS cluster using the OCLI.
Prerequisites
- Install git if not already present.
- Install aws cli == 2.x.x and create an AWS profile locally with admin access to the AWS account where you want to create the new cluster.
Suggestion
We highly recommend you to please go through the AWS Infrastructure requirements carefully.
Installing OCLI
- Download the binary using the below command.
curl -H 'Cache-Control: max-age=0' -s "https://releases.ocli.truefoundry.tech/binaries/ocli_$(curl -H 'Cache-Control: max-age=0' -s https://releases.ocli.truefoundry.tech/stable.txt)_darwin_arm64" -o ocli
curl -H 'Cache-Control: max-age=0' -s "https://releases.ocli.truefoundry.tech/binaries/ocli_$(curl -H 'Cache-Control: max-age=0' -s https://releases.ocli.truefoundry.tech/stable.txt)_darwin_amd64" -o ocli
curl -H 'Cache-Control: max-age=0' -s "https://releases.ocli.truefoundry.tech/binaries/ocli_$(curl -H 'Cache-Control: max-age=0' -s https://releases.ocli.truefoundry.tech/stable.txt)_linux_arm64" -o ocli
curl -H 'Cache-Control: max-age=0' -s "https://releases.ocli.truefoundry.tech/binaries/ocli_$(curl -H 'Cache-Control: max-age=0' -s https://releases.ocli.truefoundry.tech/stable.txt)_linux_amd64" -o ocli
- Make the binary executable and move it to
$PATH
sudo chmod +x ./ocli sudo mv ocli /usr/local/bin
- Confirm by running the command
ocli --version
Configuring Input Config file
- To create a new cluster, you would require your AWS
Account ID
,Region
, and anAWS Profile
- Run the following command to fill in the inputs interactively
ocli init-compute-plane
- For networking, there are two possible configurations:
- New VPC (Recommended) - This creates a new VPC for your new cluster.
- Existing VPC - You can enter your existing VPC and subnet IDs.
- Once all the inputs are filled, a config file with the name
tfy-config.yaml
would be generated in your current directory. We highly recommend you to once go through the generated config file and tally your inputs. You can also customize the inputs directly by editing the file. Below is the sample for the same:
aws:
account:
id: "xxxxxxxxxxxxxxxxx"
cluster:
name: "coolml"
public_access:
cidrs:
- 0.0.0.0/0
enabled: true
version: "1.28"
iam_role:
assume_role_arns:
- arn:aws:iam::416964291864:role/tfy-ctl-euwe1-production-truefoundry-deps
ecr:
enabled: true
enabled: true
role_enable_override: false
role_override_name: ""
s3:
bucket_enable_override: false
bucket_override_name: ""
enabled: true
ssm:
enabled: true
network:
existing: true
private_subnets_cidrs: []
private_subnets_ids:
- subnet-xxxxxxxxxxxxxxxxx
- subnet-xxxxxxxxxxxxxxxxx
- subnet-xxxxxxxxxxxxxxxxx
public_subnets_cidrs: []
public_subnets_ids:
- subnet-xxxxxxxxxxxxxxxxx
- subnet-xxxxxxxxxxxxxxxxx
- subnet-xxxxxxxxxxxxxxxxx
vpc_cidr: ""
vpc_id: vpc-xxxxxxxxxxxxxxxxx
profile:
name: administrator-xxxxxxxxxxxxxxxxx
region:
availability_zones:
- us-east-1a
- us-east-1b
- us-east-1c
name: us-east-1
tags: {}
azure: null
binaries:
terraform:
binary_path: null
terragrunt:
binary_path: null
gcp: null
provider: aws
aws:
account:
id: "xxxxxxxxxxxxxxxxx"
cluster:
name: coolml
public_access:
cidrs:
- 0.0.0.0/0
enabled: true
version: "1.28"
iam_role:
assume_role_arns:
- arn:aws:iam::416964291864:role/tfy-ctl-euwe1-production-truefoundry-deps
ecr:
enabled: true
enabled: true
role_enable_override: false
role_override_name: ""
s3:
bucket_enable_override: false
bucket_override_name: ""
enabled: true
ssm:
enabled: true
network:
existing: false
private_subnets_cidrs:
- 10.222.0.0/20
- 10.222.16.0/20
- 10.222.32.0/20
private_subnets_ids: []
public_subnets_cidrs:
- 10.222.176.0/20
- 10.222.192.0/20
- 10.222.208.0/20
public_subnets_ids: []
vpc_cidr: 10.222.0.0/16
vpc_id: ""
profile:
name: administrator-xxxxxxxxxxxxxxxxx
region:
availability_zones:
- us-east-2a
- us-east-2b
- us-east-2c
name: us-east-2
tags: {}
azure: null
binaries:
terraform:
binary_path: null
terragrunt:
binary_path: null
gcp: null
provider: aws
Create the cluster
Run the following command to create the EKS cluster and IAM roles needed to provide access to various infrastructure components as per the inputs configured above.
ocli run --file tfy-config.yaml
This command may take around 30-45 minutes to complete.
Connecting the cluster
- Head over to the TrueFoundry platform and log in. If you haven't logged in, then you can sign up here.
- Once you have logged in, navigate to
Integrations
tab from the left panel and click onSetup Cluster
. - Give the name of the EKS cluster and select the cluster type as
AWS EKS
. - Copy the resulting ocli command. This command installs the agent in your EKS cluster which will connect your cluster to the TrueFoundry control plane. The command looks similar to the following:
ocli connect-compute-plane --cloud aws-eks --control-plane-url https://coolml.truefoundry.tech \
--token xxxxxxx --tenant coolml
- Run the command from the current directory where your
tfy-config.yaml
is present.
Saving the output file
Once the above command finishes, save the output using the command below:
ocli output --file tfy-config.yaml > output.txt
Follow the guide below to connect the compute-plane cluster you just created to the control-plane.
- Go to Truefoundry Control-plane UI and go to Integrations.
- Click New Cluster
Updated 12 days ago