EKS Installer
Fury EKS Installer deploys a production-grade Kubernetes Fury cluster on Amazon Elastic Kubernetes Services (EKS).
Modules
The installer is composed of three terraform modules:
| Module | Description |
|---|---|
| VPC | Deploy the necessary networking infrastructure |
| VPN | Deploy the a VPN Server to connect to private clusters |
| EKS | Deploy the EKS cluster |
Click on each module to see its full documentation.
Architecture
The EKS installers deploys and configures a production-ready EKS cluster without having to learn all internals of the service.
The EKS module deploys a private control plane cluster, where the control plane endpoint is not publicly accessible.
The VPC module setups all the necessary networking infrastructure. The VPN module setups one or more bastion hosts with an OpenVPN server.
The bastion host includes an OpenVPN instance easily manageable by using furyagent to provide access to the cluster.
🕵🏻♂️ Furyagent is a tool developed by SIGHUP to manage OpenVPN and SSH user access to the bastion host.
Usage
To create/upgrade a Kubernetes cluster with this installer we strongly suggest to use furyctl, our companion CLI tool to manage the full lifecycle of KFD clusters.
This installer is fully automated with the EKSCluster provider. furyctl automates the installation of the required components inside each node with your own parameters, which you can specify using a configuration file.
Check the Fury on VMs guide to get started.
Find more info about the EKSCluster provider [here][ekscluster].
If you want to create Ansible playbooks by yourself, you can take a look at the examples inside our GitHub repository to have an idea of what you can do.
Requirements
- AWS Access Credentials of an AWS Account with the following IAM permissions.
- terraform
>=1.3.0 sshor OpenVPN Client - Tunnelblick (on macOS) or OpenVPN Connect (for other OS) are recommended.- an S3 bucket to save the terraform state files
EKS cluster
[EKS][eks] is the Kubernetes distribution provided by Amazon, which will fully integrate with AWS services and infrastructure.
This installer can manage the provisioning of:
- a VPC with two subnets (public and private)
- a VPN bastion host to connect to the cluster
- an EKS cluster with a node pool for the control plane and one or more worker node pools
If the installer is invoked through kubectl, the terraform state for every provisioned component will be saved in an S3 bucket.
It can also be used to upgrade the Kubernetes version on all nodes.