Add a DKP license

Prerequisites

For licenses that you purchase from the AWS Marketplace, an AWS administrator must attach the AWS managed policy AWSLicenseManagerConsumptionPolicy to the control-plane.cluster-api-provider-aws.sigs.k8s.io role created when configuring AWS IAM policies for Konvoy. If an Administrator does not attach this policy attached to the role, DKP cannot verify the license information provided in the procedure steps that follow.

The machine onto which you install DKP must meet these requirements:

Docker installed - DKP uses Kubernetes-in-Docker (Kind) to create a bootstrap cluster for creating Management clusters, and thus Docker installation is required. Docker is not used to run your Management or workload clusters.
Active Internet connectivity
Existing AWS account
AWS Administrator logged into the AWS account used to purchase DKP

Download the Container Image and Extract the Binaries

When you complete the sales transaction in the AWS Marketplace, select a DKP version from the Choose a fulfillment option dropdown. We recommend that you select the latest version.
Select Continue to Launch to obtain the download instructions, available when you select Usage Instructions.
Complete the steps in each of the procedures under Usage instructions. The links in these steps take you to DKP documentation pages that provide the steps you need to set up AWS to work with DKP, and the download and installation of DKP itself.
Expand the Create a license token and IAM role link in the Container images section of the window. This gives you access to the Create token button to generate the license token and IAM role and exposes an inset code window with the token and role credentials.
Use the generated command to log in to AWS using the token and role you just generated. Note that you can omit this step if you have already configured the AWS CLI with valid credentials.
Tip: Using the Copy button at the upper right of this inset code window helps ensure you copy the entire command.

Copy the commands at the bottom of the page, and run them sequentially to download the container images. It will look similar to this:

CODE

aws ecr get-login-password \
  --region <insert-region> | docker login \
  --username <username> \
  --password-stdin <ecr-address>

CODE

CONTAINER_IMAGES="<ecr-address>/mesosphere/d2iq-dkp-essential-premium-support:v2.5.0"

CODE

for i in $(echo $CONTAINER_IMAGES | sed "s/,/ /g"); do docker pull $i; done

Access a terminal window on the Linux machine where you plan to run the DKP CLI cluster, and execute the command above, using your environment's specific values. This downloads a container that contains the DKP binary.
After downloading the container, run the following command to copy the binaries onto your Linux machine.
CODE
```
docker run -it --rm -u $(id -u):$(id -g) -v $(pwd):/dkp $CONTAINER_IMAGES
```
You will then see the following output:
CODE
```
dkp binary is placed in the local directory, to run:
./dkp --help
```
You will now see the dkp binary in your working directory. Follow the DKP installation instructions using these binaries, and then add your license to DKP.

Obtain the Amazon Resource Number (ARN) from the AWS Marketplace UI

At this point, you need to use the AWS Marketplace user interface to navigate to the license table and configure its settings to display the ARN for your purchased license.

From the Launch this software page, navigate back to the Product Detail page.
Select the View Subscription button at the upper right (in the blue information box labeled “You have access to this product”).
Select Manage subscriptions from the left-hand navigation pane, and then click the Manage button on the specific license. The details page for that license displays.
Select the License number hyperlink to display the license page, then select Granted licenses from the left-hand navigation pane and find your license in the list.
Use the Settings icon in the upper right corner to display the columns displayed, and then enable the License arn value.
Select the Confirm button to return to the license list with the License ARN displayed in the last column. You can now copy and paste this ARN as needed.

If you have difficulty obtaining your ARN, contact D2iQ Support for assistance.

Enter License Information in the DKP UI

For licenses purchased directly from D2iQ, you can obtain the license token through the Support Portal. Insert this token in the last step below.

For licenses purchased through the AWS marketplace, you can find the license in the “Granted Licenses” table of AWS License Manager inside the AWS console. If necessary, modify the table view preferences to show the “License ARN.” Copy this value for use in the last step below.

You must be an administrator to add licenses to DKP.

From the the UI with Kommander, complete the following steps:

Select Global in the workspace header drop-down.
In the sidebar menu, select Administration > Licensing.
Select + Activate License to enter the Activate License form.
On the Activate License form page, select D2iQ or AWS Marketplace depending on where you acquired your license.
Paste your license token, or the AWS ARN, in the text box and select Save.

If there is an error submitting a license acquired directly from D2iQ, you can activate the license directly through kubectl.

Enter a DKP License using kubectl

You can activate a license acquired from D2iQ directly using the kubectl utility.

Create a secret, replacing the value MY_LICENSE in the command that follows with your actual, D2iQ-provided DKP license token:

CODE

kubectl create secret generic my-license-secret --from-literal=jwt=MY_LICENSE -n kommander
kubectl label secret my-license-secret kommanderType=license -n kommander

Create a license object with this command:

CODE

cat <<EOF | kubectl apply -f -
apiVersion: kommander.mesosphere.io/v1beta1
kind: License
metadata:
  name: my-license
  namespace: kommander
spec:
  licenseRef:
    name: my-license-secret
EOF

Return to the license page in the DKP UI to see your valid license display.