Skip to content

Deploy Okera on EKS

This document will guide you through installing Okera on an EKS cluster. You will walk through the following steps:

  1. Verifying you have access to your EKS cluster.
  2. Downloading and unpacking okctl.
  3. Deploying a base unconfigured Okera cluster.
  4. Updating the configuration of your cluster.

Prerequisites

  1. A functional EKS cluster that adheres to the Okera prerequisites.
  2. A Linux node that can execute kubectl commands against the EKS cluster - we will call this the deployer node.

Verify EKS Access

On the deployer node, you can verify you have EKS access by running:

$ kubectl get nodes -owide
NAME                                       STATUS   ROLES    AGE   VERSION               INTERNAL-IP   EXTERNAL-IP   OS-IMAGE         KERNEL-VERSION                  CONTAINER-RUNTIME
ip-10-1-10-96.us-west-2.compute.internal   Ready    <none>   38m   v1.12.10-eks-ffbd96   10.1.10.96    <none>        Amazon Linux 2   4.14.133-113.112.amzn2.x86_64   docker://18.6.1
ip-10-1-2-109.us-west-2.compute.internal   Ready    <none>   44m   v1.12.10-eks-ffbd96   10.1.2.109    <none>        Amazon Linux 2   4.14.133-113.112.amzn2.x86_64   docker://18.6.1

You should see all the nodes that you have in your EKS cluster listed.

Choosing a Region

Okera provides the installation files in three locations, US West, US East, and EU West. You should modify the links shown below choosing the region closest to you by replacing the S3 base URL, while leaving the rest of the URL path as given in the examples on this page.

The base links for the available regions are:

Region Base URL
US West https://okera-release-uswest.s3-us-west-2.amazonaws.com
US East https://okera-release-useast.s3.amazonaws.com
EU West https://okera-release-euwest.s3.eu-west-2.amazonaws.com
Asia Pacific (Sydney) https://okera-release-apsoutheast.s3.apsoutheast-2.amazonaws.com

For example, for the download link of the Okera command-line tool (explained in the next section) in the US East region, combine the S3 base URL for the region with the path of the installation resource, including the Okera version number:

https://okera-release-useast.s3.amazonaws.com/2.10.0/gravity/okctl.tar

|---------------- Base URL -----------------||---- Resource Path ----|

Download okctl

On the deployer node, we will be downloading okctl and the Okera Kubernetes resource files. Run the following commands to create a directory and then download and unpack okctl in it:

$ mkdir okera && cd okera
$ curl -O https://okera-release-uswest.s3.amazonaws.com/2.10.0/gravity/okctl.tar
$ tar xvf okctl.tar

We can verify we have a functional okctl binary by running:

$ ./okctl version
2.10.0
$ ./okctl --help
usage: okctl [<flags>] <command> [<args> ...]

the Okera Controller

Flags:
    --help                   Show context-sensitive help (also try --help-long and --help-man).
-v, --debug                  Show debug output (WARNING: this will output sensitive information to your shell)
    --kubeconfig=KUBECONFIG  Kubernetes config to use
    --cluster=CLUSTER        Kubernetes cluster to use as defined in KUBECONFIG
    --context=CONTEXT        Kubernetes contex to use as defined in KUBECONFIG
    --namespace=NAMESPACE    Kubernetes namespace to use
-o, --output=OUTPUT          Format to print output in
    --auth-dir=".auth"       Location for auth related files

Commands:
help [<command>...]
    Show help.

...

Below instructions will assume that you are executing commands from within the folder we created above.

Deploying Okera

To deploy Okera, run:

$ ./okctl deploy --arch aws
2019/08/26 16:26:08 Deploying 'resources/kubernetes/aws/00-roles.yaml'...
2019/08/26 16:26:09 Deployed successfully
2019/08/26 16:26:09 Deploying 'resources/kubernetes/aws/01-secrets.yaml'...
2019/08/26 16:26:10 Deployed successfully
2019/08/26 16:26:10 Deploying 'resources/kubernetes/aws/02-config.yaml'...
2019/08/26 16:26:11 Deployed successfully
2019/08/26 16:26:11 Deploying 'resources/kubernetes/aws/03-services.yaml'...
2019/08/26 16:26:12 Deployed successfully
2019/08/26 16:26:12 Deploying 'resources/kubernetes/aws/04-canary.yaml'...
2019/08/26 16:26:13 Deployed successfully
2019/08/26 16:26:13 Deploying 'resources/kubernetes/aws/05-zookeeper.yaml'...
2019/08/26 16:26:14 Deployed successfully
2019/08/26 16:26:14 Deploying 'resources/kubernetes/aws/06-catalog.yaml'...
2019/08/26 16:26:15 Deployed successfully
2019/08/26 16:26:15 Deploying 'resources/kubernetes/aws/07-planner.yaml'...
2019/08/26 16:26:16 Deployed successfully
2019/08/26 16:26:16 Deploying 'resources/kubernetes/aws/08-worker.yaml'...
2019/08/26 16:26:17 Deployed successfully
2019/08/26 16:26:17 Deploying 'resources/kubernetes/aws/09-rest-server.yaml'...
2019/08/26 16:26:17 Deployed successfully
2019/08/26 16:26:17 Deploying 'resources/kubernetes/aws/10-presto.yaml'...
2019/08/26 16:26:18 Deployed successfully

Note: By default, Okera clusters are accessible only within your configured VPC/Subnet. To change this, you can edit resources/kubernetes/aws/03-services.yaml and remove service.beta.kubernetes.io/aws-load-balancer-internal: 0.0.0.0/0. You can then run okctl deploy again.

Note: The files in resources/kubernetes/aws are self-contained Kubernetes resource files, and you can deploy them yourself using your preferred Kubernetes tooling, including using kubectl apply -f.

This deploys a base version of Okera on your EKS cluster that is not configured - no authentication is set up and all state is being persisted locally.

Configuring Your Okera Cluster

Okera clusters use a YAML configuration file, which you can learn more about here.

You can update the configuration of your cluster using okctl update.

To deploy the Quickstart configuration, which will add authentication and SSL:

$ ./okctl update --config configs/config-quickstart.yaml

You can copy this file (or the other example configuration files in the configs/ directory) and modify them for your deployment, and then apply them using okctl update.