CENM Deployment AWS/EKS
You can use the PKI tool to create a set of keys and certificates, which must be shared between all CENM services through the use of a shared file system.
In AWS this is achieved via the AWS Elastic Filesystem (EFS).
Steps
There are three main steps to complete this deployment:
- Create an EKS cluster.
- Create an EFS.
- Deploy EFS Provisioner on the EKS cluster.
Once complete, you can continue with your CENM deployment tasks, such as establishing your network services.
Create EKS
Create an EKS cluster with at least 10-12 GB of free RAM.
Managed nodes – LinuxCreate EFS
For performance reasons, you should use the same region as the one used for the EKS cluster.
- Click
Create file system - Click
Customize- Choose the name of your file system
- Encryption: disable
- Adjust all the other options according to your needs
- Click
Next
- Network
- Virtual Private Cloud (VPC)
- VPC: select the one used for the EKS cluster
- Mount targets
- Availability zone: default
- Subnet ID: default
- IP address: default
- Security groups: add the main primary Security Group which is shown as “Cluster security group” in the Cluster configuration, “Networking” tab within the AWS UI management console
- Click
Next
- Virtual Private Cloud (VPC)
- File system policy (optional)
- Leave empty
- Click
Next
- Review and create
- Click
Create
- Click
Once the EFS has been created, click on it and choose “Access points”.
- Click
Create access point- Details
- Choose
Name(optional) - Root directory path:
/
- Choose
- POSIX user:
- User ID: 1000
- Group ID: 1000
- Secondary group IDs: leave empty
- Root directory creation permissions:
- Owner User ID: 1000
- Owner Group ID: 1000
- Permissions: 0777
- Click
Create access point
- Details
Deploy EFS Provisioner on the EKS cluster
Modify efs.yaml
Use the command line for the following steps:
- Provide a correct value for the EFS file system ID field.
- Specify the correct region of your EFS file system:
...
kind: ConfigMap
...
data:
file.system.id: [EFS file system ID]
aws.region: [REGION]
...
kind: Deployment
...
volumes:
- name: pv-volume
nfs:
server: [EFS file system ID].efs.[REGION].amazonaws.com
kubectl create -f efs.yaml
Wait until the EFS provisioner gets bootstrapped - the example command is as follows:
kubectl get pods -o wide
Create storage classes
For Azure, use the following file:
kubectl create -f storage-class-azure.yaml
For AWS use this file:
kubectl create -f storage-class-aws.yaml
Complete CENM deployment
Your AWS deployment is complete. You can now complete the rest of your CENM deployment process.
Was this page helpful?
Thanks for your feedback!
Chat with us
Chat with us on our #docs channel on slack. You can also join a lot of other slack channels there and have access to 1-on-1 communication with members of the R3 team and the online community.
Propose documentation improvements directly
Help us to improve the docs by contributing directly. It's simple - just fork this repository and raise a PR of your own - R3's Technical Writers will review it and apply the relevant suggestions.
We're sorry this page wasn't helpful. Let us know how we can make it better!
Chat with us
Chat with us on our #docs channel on slack. You can also join a lot of other slack channels there and have access to 1-on-1 communication with members of the R3 team and the online community.
Create an issue
Create a new GitHub issue in this repository - submit technical feedback, draw attention to a potential documentation bug, or share ideas for improvement and general feedback.
Propose documentation improvements directly
Help us to improve the docs by contributing directly. It's simple - just fork this repository and raise a PR of your own - R3's Technical Writers will review it and apply the relevant suggestions.