Illumina Innovates with Rancher and Kubernetes
Amazon EKS provides a managed control plane for your Kubernetes cluster. Amazon EKS runs the Kubernetes control plane instances across multiple Availability Zones to ensure high availability. Rancher provides an intuitive user interface for managing and deploying the Kubernetes clusters you run in Amazon EKS. With this guide, you will use Rancher to quickly and easily launch an Amazon EKS Kubernetes cluster in your AWS account. For more information on Amazon EKS, see this documentation.
Note Deploying to Amazon AWS will incur charges. For more information, refer to the EKS pricing page.
To set up a cluster on EKS, you will need to set up an Amazon VPC (Virtual Private Cloud). You will also need to make sure that the account you will be using to create the EKS cluster has the appropriate permissions. For details, refer to the official guide on Amazon EKS Prerequisites.
You need to set up an Amazon VPC to launch the EKS cluster. The VPC enables you to launch AWS resources into a virtual network that you’ve defined. For more information, refer to the Tutorial: Creating a VPC with Public and Private Subnets for Your Amazon EKS Cluster.
Rancher needs access to your AWS account in order to provision and administer your Kubernetes clusters in Amazon EKS. You’ll need to create a user for Rancher in your AWS account and define what that user can access.
Create a user with programmatic access by following the steps here.
Next, create an IAM policy that defines what this user has access to in your AWS account. It’s important to only grant this user minimal access within your account. Follow the steps here to create an IAM policy and attach it to your user.
Finally, follow the steps here to create an access key and secret key for this user.
Note: It’s important to regularly rotate your access and secret keys. See this documentation for more information.
For more detailed information on IAM policies for EKS, refer to the official documentation on Amazon EKS IAM Policies, Roles, and Permissions.
The figure below illustrates the high-level architecture of Rancher 2.x. The figure depicts a Rancher Server installation that manages two Kubernetes clusters: one created by RKE and another created by EKS.
Use Rancher to set up and configure your Kubernetes cluster.
From the Clusters page, click Add Cluster.
Choose Amazon EKS.
Enter a Cluster Name.
Use Member Roles to configure user authorization for the cluster.
Configure Account Access for the EKS cluster. Complete each drop-down and field using the information obtained in 2. Create Access Key and Secret Key.
Click Next: Select Service Role. Then choose a service role.
Click Next: Select VPC and Subnet.
Choose an option for Public IP for Worker Nodes. Your selection for this option determines what options are available for VPC & Subnet.
Now choose a VPC & Subnet. For more information, refer to the AWS documentation for Cluster VPC Considerations. Follow one of the sets of instructions below based on your selection from the previous step.
If you choose to assign a public IP address to your cluster’s worker nodes, you have the option of choosing between a VPC that’s automatically generated by Rancher (i.e., Standard: Rancher generated VPC and Subnet), or a VPC that you’re already created with AWS (i.e., Custom: Choose from your existing VPC and Subnets). Choose the option that best fits your use case.
Choose a VPC and Subnet option.
If you’re using Custom: Choose from your existing VPC and Subnets:
(If you’re using Standard, skip to step 11)
Make sure Custom: Choose from your existing VPC and Subnets is selected.
From the drop-down that displays, choose a VPC.
Click Next: Select Subnets. Then choose one of the Subnets that displays.
Click Next: Select Security Group.
If you chose this option, you must also choose a VPC & Subnet that allow your instances to access the internet. This access is required so that your worker nodes can connect to the Kubernetes control plane. Follow the steps below.
Tip: When using only private IP addresses, you can provide your nodes internet access by creating a VPC constructed with two subnets, a private set and a public set. The private set should have its route tables configured to point toward a NAT in the public set. For more information on routing traffic from private subnets, please see the official AWS documentation.
1. From the drop-down that displays, choose a VPC. 1. Click **Next: Select Subnets**. Then choose one of the **Subnets** that displays. 1. Click **Next: Select Security Group**.
Choose a Security Group. See the documentation below on how to create one.
Amazon Documentation:
Click Select Instance Options, and then edit the node options available. Instance type and size of your worker nodes affects how many IP addresses each worker node will have available. See this documentation for more information.
Click Create.
Result:
Default
default
System
cattle-system
ingress-nginx
kube-public
kube-system
For any issues or troubleshooting details for your Amazon EKS Kubernetes cluster, please see this documentation.
To find information on any AWS Service events, please see this page.
For more information on security and compliance with your Amazon EKS Kubernetes cluster, please see this documentation.
This tutorial on the AWS Open Source Blog will walk you through how to set up an EKS cluster with Rancher, deploy a publicly accessible app to test the cluster, and deploy a sample project to track real-time geospatial data using a combination of other open-source software such as Grafana and InfluxDB.