Amazon Elastic Kubernetes Service¶
This guide offers recommended configurations and settings unique to AWS Elastic Kubernetes Service (EKS). These should be used to augment the generic requirements offered on our primary requirements page.
EKS supports the use of both EBS and EFS storage for persistence. In theory,
EBS can be employed for the
anaconda-storage volume; but because EBS is
limited to the
ReadWriteOnce access mode, only EFS is acceptable for the
anaconda-persistence volume. For this reason, Anaconda recommends provisioning
a single volume that is large and performant enough to accommodate both
storage requirements, to simplify management.
Please refer to the following pages for information on provisioning an EFS volume:
Anaconda recommends the following configuration parameters for this volume:
OwnerUid: Anaconda recommends this be set to the same UID selected to run the Anaconda Enterprise containers.
OwnerGid: Anaconda recommends a value of
0, which simplifies access from Kubernetes containers whose primary group is
0by default. If you choose a different GID, it will be necessary to incorporate that into the
775. It is important that the directory be group writable.
When defining the access controls for this volume, include both the EKS cluster and the administration server, so the latter can be used to manage the volume.
You can create an EFS access point using the UID/GID defined above.
If you are using the Ingress controller that ships with Anaconda Enterprise, and you are using an internal/private VPC or subnet you will need to add annotations to the ingress service:
kubectl edit svc/anaconda-enterprise-nginx-ingress
service.beta.kubernetes.io/aws-load-balancer-internal: 0.0.0.0/0 service.beta.kubernetes.io/aws-load-balancer-internal: "true"
Here is an example Route53 DNS configuration to the ingress.