Skip to content
/ aws-eks-cluster-controller Public

Manages EKS clusters in different AWS accounts using Custom Resources

License

Apache-2.0 license
103 stars 30 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

awslabs/aws-eks-cluster-controller

BranchesTags

Repository files navigation

CircleCI

AWS EKS Cluster Controller

The aws-eks-cluster-controller manages cross account EKS clusters and supported Kubernetes resources.

This controller is built using the kubebuilder framework. For more information read their docs

Concepts

  • Parent EKS Cluster: The Kubernetes cluster where this controller runs.
  • Child EKS Clusters: These are the Kubernetes clusters managed by the controller running in parent EKS cluster.

Turn Key Installation

Prerequisites

Make sure you have following tools installed on your workstation:

  1. aws-cli
  2. kubectl
  3. eksctl
  4. jq
  5. aws-iam-authenticator
  6. kubebuilder - install step

-- or on MacOS via brew --

brew tap weaveworks/tap/eksctl
brew install kustomize kubernetes-cli eksctl awscli jq
go get -u -v github.com/kubernetes-sigs/aws-iam-authenticator/cmd/aws-iam-authenticator

And install kubebuilder

IMPORTANT make sure your AWS user/role has sufficient permissions to use eksctl.

Setup Parent EKS cluster

  1. Create the Parent EKS cluster

    eksctl create cluster

  2. Once eksctl has finished, verify you can access the cluster.

    kubectl get nodes

  3. For this installation process we use kube2iam to manage IAM permissions for pods running on the parent cluster.

    kubectl apply -f deploy/kube2iam.yaml

Build and deploy the Controller

  1. Clone this project

    mkdir -p some/path
cd some/path
git clone [email protected]:awslabs/aws-eks-cluster-controller.git

  2. Create the IAM role that the controller will use

    export NODE_INSTANCE_ROLE_ARNS=`aws iam list-roles | jq -r --arg reg_exp "^eksctl-.*-NodeInstanceRole-.*$" '.Roles | map(select(.RoleName|test($reg_exp))) | map(.Arn) | join(",")'`; \

aws cloudformation create-stack \
 --stack-name aws-eks-controller-role \
 --capabilities CAPABILITY_IAM CAPABILITY_NAMED_IAM \
 --template-body file://config/setup/aws-eks-cluster-controller-role.yaml \
 --parameters \
   ParameterKey=WorkerArn,ParameterValue="'${NODE_INSTANCE_ROLE_ARNS}'"

export IAMROLEARN=`aws iam get-role --role-name aws-eks-cluster-controller | jq -r .Role.Arn`

  3. Create repository and build/push image

    # Create ECR Repository
aws ecr create-repository --repository-name aws-eks-cluster-controller
export REPOSITORY=`aws ecr describe-repositories --repository-name aws-eks-cluster-controller | jq -r '.repositories[0].repositoryUri'`

# Build/tag the docker image
IMG=${REPOSITORY}:latest IAMROLEARN=${IAMROLEARN} make docker-build

# Push the docker image
aws ecr get-login --no-include-email | bash -
docker push ${REPOSITORY}:latest

  4. Install required Kubernetes CustomResourceDefinitions (CRDs) and deploy controller

    make deploy

License

This library is licensed under the Apache 2.0 License.

About

Manages EKS clusters in different AWS accounts using Custom Resources

Topics

kubernetes aws-eks eks

Resources

Readme

License

Apache-2.0 license

Code of conduct

Code of conduct

Security policy

Security policy
Activity
Custom properties

Stars

103 stars

Watchers

10 watching

Forks

30 forks
Report repository

Releases 2

Added Support for a bunch of other K8's objects Latest
Nov 20, 2019
+ 1 release

Packages

No packages published

Contributors 8

Languages