Deploying on EKS

This document will guide you through installing ODAS on an EKS cluster. You will walk through the following steps:

  1. Verifying you have access to your EKS cluster.
  2. Downloading and unpacking okctl.
  3. Deploying a base unconfigured ODAS cluster.
  4. Updating the configuration of your cluster.

Prerequisites

  1. A functional EKS cluster that adheres to the ODAS Prerequisites.
  2. A Linux node that can execute kubectl commands against the EKS cluster - we will call this the deployer node.

Verify EKS Access

On the deployer node, you can verify you have EKS access by running:

$ kubectl get nodes -owide
NAME                                       STATUS   ROLES    AGE   VERSION               INTERNAL-IP   EXTERNAL-IP   OS-IMAGE         KERNEL-VERSION                  CONTAINER-RUNTIME
ip-10-1-10-96.us-west-2.compute.internal   Ready    <none>   38m   v1.12.10-eks-ffbd96   10.1.10.96    <none>        Amazon Linux 2   4.14.133-113.112.amzn2.x86_64   docker://18.6.1
ip-10-1-2-109.us-west-2.compute.internal   Ready    <none>   44m   v1.12.10-eks-ffbd96   10.1.2.109    <none>        Amazon Linux 2   4.14.133-113.112.amzn2.x86_64   docker://18.6.1

You should see all the nodes that you have in your EKS cluster listed.

Choosing a Region

Okera provides the installation files in three locations, US West, US East, and EU West. You should modify the links shown below choosing the region closest to you by replacing the S3 base URL, while leaving the rest of the URL path as given in the examples on this page.

The base links for the available regions are:

Region Base URL
US West https://okera-release-uswest.s3-us-west-2.amazonaws.com
US East https://okera-release-useast.s3.amazonaws.com
EU West https://okera-release-euwest.s3.eu-west-2.amazonaws.com

For example, for the download link of the ODAS command-line tool (explained in the next section) in the US East region, combine the S3 base URL for the region with the path of the installation resource, including the ODAS version number:

https://okera-release-useast.s3.amazonaws.com/2.1.0/gravity/okctl.tar

|---------------- Base URL -----------------||---- Resource Path ----|

Download okctl

On the deployer node, we will be downloading okctl and the ODAS Kubernetes resource files. Run the following commands to create a directory and then download and unpack okctl in it:

$ mkdir odas && cd odas
$ curl -O https://okera-release-uswest.s3.amazonaws.com/2.1.0/gravity/okctl.tar
$ tar xvf okctl.tar

We can verify we have a functional okctl binary by running:

$ ./okctl version
2.1.0
$ ./okctl --help
usage: okctl [<flags>] <command> [<args> ...]

the ODAS Controller

Flags:
    --help                   Show context-sensitive help (also try --help-long and --help-man).
-v, --debug                  Show debug output (WARNING: this will output sensitive information to your shell)
    --kubeconfig=KUBECONFIG  Kubernetes config to use
    --cluster=CLUSTER        Kubernetes cluster to use as defined in KUBECONFIG
    --context=CONTEXT        Kubernetes contex to use as defined in KUBECONFIG
    --namespace=NAMESPACE    Kubernetes namespace to use
-o, --output=OUTPUT          Format to print output in
    --auth-dir=".auth"       Location for auth related files

Commands:
help [<command>...]
    Show help.

...

Below instructions will assume that you are executing commands from within the folder we created above.

Deploying ODAS

To deploy ODAS, run:

$ ./okctl deploy --arch aws
2019/08/26 16:26:08 Deploying 'resources/kubernetes/aws/00-roles.yaml'...
2019/08/26 16:26:09 Deployed successfully
2019/08/26 16:26:09 Deploying 'resources/kubernetes/aws/01-secrets.yaml'...
2019/08/26 16:26:10 Deployed successfully
2019/08/26 16:26:10 Deploying 'resources/kubernetes/aws/02-config.yaml'...
2019/08/26 16:26:11 Deployed successfully
2019/08/26 16:26:11 Deploying 'resources/kubernetes/aws/03-services.yaml'...
2019/08/26 16:26:12 Deployed successfully
2019/08/26 16:26:12 Deploying 'resources/kubernetes/aws/04-canary.yaml'...
2019/08/26 16:26:13 Deployed successfully
2019/08/26 16:26:13 Deploying 'resources/kubernetes/aws/05-zookeeper.yaml'...
2019/08/26 16:26:14 Deployed successfully
2019/08/26 16:26:14 Deploying 'resources/kubernetes/aws/06-catalog.yaml'...
2019/08/26 16:26:15 Deployed successfully
2019/08/26 16:26:15 Deploying 'resources/kubernetes/aws/07-planner.yaml'...
2019/08/26 16:26:16 Deployed successfully
2019/08/26 16:26:16 Deploying 'resources/kubernetes/aws/08-worker.yaml'...
2019/08/26 16:26:17 Deployed successfully
2019/08/26 16:26:17 Deploying 'resources/kubernetes/aws/09-rest-server.yaml'...
2019/08/26 16:26:17 Deployed successfully
2019/08/26 16:26:17 Deploying 'resources/kubernetes/aws/10-presto.yaml'...
2019/08/26 16:26:18 Deployed successfully

Note

By default, ODAS clusters will be accessible only within your configured VPC/Subnet.

To change this, you can edit resources/kubernetes/aws/03-services.yaml and remove service.beta.kubernetes.io/aws-load-balancer-internal: 0.0.0.0/0. You can then run okctl deploy again.

Note

The files in resources/kubernetes/aws are self-contained Kubernetes resource files, and you can deploy them yourself using your preferred Kubernetes tooling, including using kubectl apply -f.

This deploys a base version of ODAS on your EKS cluster that is not configured - no authentication is set up and all state is being persisted locally.

Configuring Your ODAS Cluster

ODAS clusters use a YAML configuration file, which you can learn more about here.

You can update the configuration of your cluster using okctl update.

To deploy the Quickstart configuration, which will add authentication and SSL:

$ ./okctl update --config configs/config-quickstart.yaml

You can copy this file (or the other example configuration files in the configs/ directory) and modify them for your deployment, and then apply them using okctl update.