In this part of the self-paced exercise, you will provision an Amazon EKS cluster with an inline IAM policy and service account for the EFS CSI driver. You will then create a EFS file system using the AWS CLI.
On your command line, navigate to the "cluster" sub folder
Type the command
rctl apply -f eks-efs.yaml
If there are no errors, you will be presented with a "Task ID" that you can use to check progress/status. Note that this step requires creation of infrastructure in your AWS account and can take ~20-30 minutes to complete.
{
"taskset_id": "5m1gq6m",
"operations": [
{
"operation": "ClusterCreation",
"resource_name": "eks-efs-cluster",
"status": "PROVISION_TASK_STATUS_PENDING"
},
{
"operation": "NodegroupCreation",
"resource_name": "ng-1",
"status": "PROVISION_TASK_STATUS_PENDING"
},
{
"operation": "BlueprintSync",
"resource_name": "eks-efs-cluster",
"status": "PROVISION_TASK_STATUS_PENDING"
}
],
"comments": "The status of the operations can be fetched using taskset_id",
"status": "PROVISION_TASKSET_STATUS_PENDING"
}
Navigate to the project in your Org
Click on Infrastructure -> Clusters. You should see something like the following
You will use the AWS CLI to create an EFS file system for the EKS cluster.
Run the following command to retrieve the VPC ID that your cluster is in and store it in a variable for use in a later step. Replace the cluster name if a different name was used.
Run the following command to retrieve the CIDR range for your cluster's VPC and store it in a variable for use in a later step. Update the region with the AWS Region that your cluster is in.
Be sure to capture and save the returned File System ID for use in a later step.
Next, we will need to create mount targets for the file system.
Run the below command on the cluster to determine the IP addresses of the cluster nodes.
kubectl get nodes
An example output is as follows showing the IP address in the node name.
NAME STATUS ROLES AGE VERSION
ip-192-168-21-103.us-west-2.compute.internal Ready <none> 36m v1.24.13-eks-0a21954
ip-192-168-55-138.us-west-2.compute.internal Ready <none> 35m v1.24.13-eks-0a21954
Run the below command to determine the IDs of the subnets in your VPC and which Availability Zone the subnet is in.
Add mount targets for the subnets that your nodes are in. From the output in the previous two steps, the cluster has a node with IP address 192.168.21.103 and another node with IP address 192.168.55.138. That first IP address is within the CidrBlock of the subnet with the ID subnet-08ac33b08e9b8051c and the second IP address is within the CidrBlock of the subnet with ID subnet-09706d126cb8fc07e.
Run the below command for each subnet in each AZ that you have a node in, replacing the subnet-id with the appropriate subnet ID.
Congratulations! At this point, you have successfully configured and provisioned an Amazon EKS cluster with a inline policy for EFS using the RCTL CLI. You are now ready to move on to the next step where you will create and deploy a custom cluster blueprint that contains the EFS CSI Driver as an addon.