Deploying the EKS Platform
Quick Start
Steps | Example |
---|---|
1. Vendor EKS components | atmos workflow vendor -f eks |
2. Connect to the VPN | |
3. Deploy roles for each EKS stack | atmos workflow deploy/iam-service-linked-roles -f eks |
4. Deploy cluster into each stack | atmos workflow deploy/cluster -s plat-use1-dev -f eks |
5. Deploy resources into each stack | atmos workflow deploy/resources -s plat-use1-dev -f eks |
Repeat steps 4 and 5 for each EKS stack, typically plat-dev
, plat-staging
, and plat-prod
Requirements
In order to deploy EKS, Networking must be fully deployed and functional. In particular, the user deploying the cluster must have a working VPN connection to the targeted account. See the network documentation for details.
All deployment steps below assume that the environment has been successfully set up with the following steps.
- Sign into AWS via Leapp
- Connect to the VPN
- Open Geodesic
Steps
0 Vendor Components
EKS adds many components required to set up a cluster. Generally, all these components are contained in the EKS
components and catalog folders, under components/terraform/eks
and catalog/stacks/eks
respectively.
Vendor these components with the included Atmos Workflows.
atmos workflow vendor -f eks
or for each component. See stacks/workflows/eks.yaml
for a complete list.
atmos vendor pull --component eks/cluster
0 Deploy EKS Cluster
EKS provisioning includes many components packaged together into a single import per stack. Leveraging Atmos
inheritance, we have defined a baseline set of required components for all EKS deployments and a unique set of
additional components for a particular stack's EKS deployment. Find these catalog set definitions under
catalog/stacks/eks/clusters
.
To provision a cluster, these components need to be deployed in order. The included Atmos Workflows will carry out this deployment in the proper order, but any of these step can be run outside of a workflow if desired.
See the eks workflow (stacks/workflows/eks.yaml
) for each individual deployment step.
0 Deploy IAM Service Linked Roles
In order for Karpenter to reserve Spot Instances, the cluster needs to have a Service-Linked Role. Deploy these to all
cluster accounts with iam-service-linked-roles
atmos workflow deploy/iam-service-linked-roles -f eks
0 Deploy Initial Platform Dev Cluster
First deploy the cluster and AWS EFS. Since Karpenter will be used in the following steps, the initial cluster is deployed without Nodes.
atmos workflow deploy/cluster -s plat-use1-dev -f eks
0 Deploy Platform Dev Cluster Resources
Once the cluster is up and running, continue with the EKS plat
resources deployment. These need to be deployed in the
given order by the include Atmos Workflow. For additional details on each component, see the included README.md
for
the individual component.
Run the Atmos Workflow to deploy all required plat
components.
atmos workflow deploy/resources -s plat-use1-dev -f eks
Validate the cluster deployment with eks/echo-server
and the targeted service domain. The following URL should return
a success message for dev
:
0 Deploy Staging
Once the dev
cluster is deployed and validated, continue with staging
and then prod
.
Repeat the same deployment steps in staging
atmos workflow deploy/cluster -s plat-use1-staging -f eks
atmos workflow deploy/resources -s plat-use1-staging -f eks
Validate staging
: https://echo.use1.staging.plat.acme-svc.com/
0 Deploy Production
Then deploy prod
atmos workflow deploy/cluster -s plat-use1-prod -f eks
atmos workflow deploy/resources -s plat-use1-prod -f eks
Validate prod
: https://echo.use1.prod.plat.acme-svc.com/