b56e54eaec
Now that we have a good number of longer exercises, it makes sense to rename the shorter demos/labs into 'labs' to avoid confusion between the two.
1.6 KiB
Accessing our EKS cluster
-
We also have a shared EKS cluster
-
With individual IAM users
-
Let's connect to this cluster!
What we need
-
kubectl(obviously!) -
awsCLI (recent-ish version)(or
awsCLI +aws-iam-authenticatorplugin) -
AWS API access key and secret access key
-
AWS region
-
EKS cluster name
Setting up AWS credentials
-
There are many ways to do this
-
We're going to use environment variables
-
You're welcome to use whatever you like (e.g. AWS profiles)
.lab[
-
Set the AWS region, API access key, and secret key:
export AWS_DEFAULT_REGION=`us-east-2` export AWS_ACCESS_KEY_ID=`AKI...` export AWS_SECRET_ACCESS_KEY=`xyz123...` -
Check that the AWS API recognizes us:
aws sts get-caller-identity
]
Updating our kubeconfig file
-
Now we can use the AWS CLI to:
-
obtain the Kubernetes API address
-
register it in our kubeconfig file
-
.lab[
-
Update our kubeconfig file:
aws eks update-kubeconfig --name `fancy-clustername-1234` -
Run some harmless command:
kubectl version
]
Our resources
-
We have the following permissions:
-
viewin thedefaultnamespace -
editin thecontainer-trainingnamespace -
adminin our personal namespace
-
-
Our personal namespace is our IAM user name
(but with dots replaced with dashes)
-
For instance, user
ada.lovelacehas namespaceada-lovelace
Deploying things
-
Let's deploy DockerCoins in our personal namespace!
-
Expose the Web UI with a
LoadBalancerservice
???
:EN:- Working with an EKS cluster :FR:- Travailler avec un cluster EKS