Creating an EKS cluster using onboarding-cli
The Onboarding CLI is a powerful command-line tool designed to streamline the process of deploying Amazon Elastic Kubernetes Service (EKS) clusters along with their essential requirements. Developed to simplify the setup of Kubernetes clusters, this CLI automates the entire deployment process, minimising manual intervention and enabling users to focus on their core tasks. By asking a few crucial inputs from the user, the CLI swiftly configures the necessary infrastructure, easing the burden of cluster creation and management.
Pre-requisites
- Download aws cli == 2.x.x
- Download git
- Create an AWS profile locally which is using an IAM user having admin access to the AWS account where you want to deploy the cluster.
- Ensuring AWS Infrastructure requirements are read carefully.
Download the CLI
- Download the binary using the below command.
- For Apple Silicon MacOS
curl -H 'Cache-Control: max-age=0' -s https://releases.ocli.truefoundry.tech/binaries/ocli_darwin_arm64 -o ocli - For Intel MacOS
curl -H 'Cache-Control: max-age=0' -s https://releases.ocli.truefoundry.tech/binaries/ocli_darwin_amd64 -o ocli - For Linux (arm)
curl -H 'Cache-Control: max-age=0' -s https://releases.ocli.truefoundry.tech/binaries/ocli_linux_arm64 -o ocli - For Linux (amd)
curl -H 'Cache-Control: max-age=0' -s https://releases.ocli.truefoundry.tech/binaries/ocli_linux_amd64 -o ocli
- For Apple Silicon MacOS
- Make the binary executable and move it to
$PATHsudo chmod +x ./ocli sudo mv ocli /usr/local/bin - Confirm by running the command
$ ocli version: v0.1.4
Update to latest version
Always make sure to update
oclito the latest version.
Installation
Creating a config file
-
In this document we will check what are the options available for configuring AWS EKS cluster.
-
There are two ways to go about it
- Existing VPC - This is the case when you have an already existing network setup for your existing AWS environment. The onboarding CLI can use the VPC ID and the private and public subnet IDs to deploy the EKS cluster inside it. So before running the command make sure you have these handy
- New VPC - If you don't have any existing VPC or want to deploy the Truefoundry EKS cluster inside a new VPC then you can select this option. In this option you will be prompted for the VPC CIDR which is the CIDR range of the VPC you want. If you are not sure
10.10.0.0/16will be taken as default. You will also be asked for private and public CIDRS.
-
Run the below command
ocli infra init -
Screen will be cleared and you will be asked for cloud provider choice. Select
awshere and for the next question add your account IDTruefoundry is a platform that makes it very easy to deploy microservices, ML models training jobs, LLMs on Kubernetes. We will start the process of bootstrapping a Kubernetes cluster. This CLI is useful only if you don't have a Kubernetes cluster. If you already have a cluster, please go to https://docs.truefoundry.com/docs/creating-your-own-kubernetes-cluster Let's get started! 1. Cloud Provider In which cloud provider you would like to deploy your cluster: : > aws azure 2. Account ID What is the AWS Account ID where you want to deploy your cluster:
exec: "aws": executable file not found in $PATH
The above error indicates that aws cli is not present in your local machine. Make sure you have downloaded the aws CLI.
GetLocalAWSProfiles: exit status 2
The above error indicates that the version of aws CLI is not matching the required version. For
oclito work aws == 2.x.x
-
Select the right profile and enter the cluster name( substring which will be part of all AWS resources created by this script). Here it will show all the local AWS profile name and you can select the one that you have created before or the one which has
adminaccess to the AWS account where you want to deploy your cluster.3. AWS profiles Which AWS profile you want to use: : > newcluster newcluster 4. AWS cluster name What is the cluster name that you want for your cluster: newcluster newcluster -
Select the region and the availability zone where you want to deploy the cluster. If you don't select the no of availability zones, by default 3 will be selected in format
us-east-1a,us-east-1b,us-east-1c, if selected region isus-east-1. In the below example we selected to availability zones5(B). Avilability Zones Enter the number of availability zones (Default: 3, 2 <= range <=4): 2 Enter the name of availability zones 1 (default: ap-south-1a): ap-south-1a Enter the name of availability zones 2 (default: ap-south-1b): ap-south-1c "ap-south-1a" "ap-south-1c"
Existing VPC
-
Select
existingwhen you want to deploy the cluster in an existing VPC, followed by inputting the VPC ID. -
Next enter the subnet IDs of both private and public subnets
6(A). VPC ID What is you existing VPC ID: vpc-029827189eaa2c22e vpc-029827189eaa2c22e Below we will ask you to enter the subnet ID details for your existing VPC. We need total of 2 subnets, private and public each6(B). Private Subnet IDs Enter the ID private subnet 1: subnet-0be5bd498c2869c67 Enter the ID private subnet 2: subnet-0321f13d89fce5bdf "subnet-0be5bd498c2869c67" "subnet-0321f13d89fce5bdf" 6(B). Public Subnet IDs Enter the ID of public subnet 1: subnet-0da043d78612040f3 Enter the ID of public subnet 2: subnet-0cc42609184649379 "subnet-0da043d78612040f3" "subnet-0cc42609184649379"
New VPC
-
Select
newwhen you want to deploy the cluster in a new VPC, followed by your expected CIDR range. If you press enter10.10.0.0/16will be selected as default and then subnets will be automatically selected. -
If you chose a different CIDR range for your VPC you have to select the subnet CIDR explicitly.
6(A). VPC CIDR What should be the CIDR for your new VPC (Default: 10.10.0.0/16. Chose a range between /8 and /24): 10.20.0.0/16 10.20.0.0/16 Below we will ask you to enter the subnet CIDR details for your new VPC. We need to create total of 3 subnets for each availability zones 6(B). Private Subnet CIDRS Enter the CIDR of private subnet 1: 10.20.0.0/20 Enter the CIDR of private subnet 2: 10.20.16.0/20 Enter the CIDR of private subnet 3: 10.20.32.0/20 "10.20.0.0/20" "10.20.16.0/20" "10.20.32.0/20" 6(C). Public Subnet CIDRS Enter the CIDR of public subnet 1: 10.20.128.0/20 Enter the CIDR of public subnet 2: 10.20.144.0/20 Enter the CIDR of public subnet 3: 10.20.160.0/20
Running the config file
- Once the config file is created, the file will have below contents
aws: account: id: "123456789098" cluster: name: cluster-substring network: existing: false private_subnets_cidrs: - 10.20.0.0/20 - 10.20.16.0/20 - 10.20.32.0/20 private_subnets_ids: [] public_subnets_cidrs: - 10.20.128.0/20 - 10.20.144.0/20 - 10.20.160.0/20 public_subnets_ids: [] vpc_cidr: 10.20.0.0/16 vpc_id: "" profile: name: newcluster region: availability_zones: - ap-south-2a - ap-south-2b - ap-south-2c name: ap-south-2 tags: {} azure: null binaries: terraform: binary_path: null terragrunt: binary_path: null gcp: null provider: aws - If you have selected new VPC then
vpc_cidr,private_subnets_cidrsandpublic_subnets_cidrswill be filled andexistingwill befalse. In case of existing VPCvpc_id,private_subnets_ids,public_subnets_idswill be filled andexistingwill betrue. - Run the config file by
ocli infra create --file config.yaml
Saving the output
The above process generates some output which are helpful for deployment of some applications which require IAM role ARNs. For this save the output in some file
ocli infra output --file config.yaml > output.txt
Post cluster-creation steps
- Once the cluster gets created we need to attach this cluster to the TrueFoundry platform.
- Export the important variables
export AWS_REGION="" export CLUSTER_NAME="" export AWS_PROFILE="" - Run the below command to get its
kubeconfigfile on your local
aws eks --region $AWS_REGION update-kubeconfig --name $CLUSTER_NAME --profile $AWS_PROFILE
- Download kubectl == 1.26.x
- Follow the Connecting the cluster to connect your tenant.
Updated 17 days ago