AWS: Create the Management Cluster
Use this procedure to create a self-managed AWS Management cluster with DKP. A self-managed cluster refers to one in which the CAPI resources and controllers that describe and manage it are running on the same cluster they are managing.
Name Your Cluster
The cluster name may only contain the following characters: a-z
, 0-9
, .
, and -
. Cluster creation will fail if the name has capital letters. See Kubernetes for more naming information.
By default, the control-plane Nodes will be created in 3 different zones. However, the default worker Nodes will reside in a single Availability Zone. You may create additional node pools in other Availability Zones with the dkp create nodepool
command.
Follow these steps:
Give your cluster a unique name suitable for your environment.
In AWS it is critical that the name is unique, as no two clusters in the same AWS account can have the same name.
Set the environment variable:
export CLUSTER_NAME=<aws-example>
To increase Docker Hub's rate limit use your Docker Hub credentials when creating the cluster, by setting the following flag --registry-mirror-url=https://registry-1.docker.io --registry-mirror-username= --registry-mirror-password=
on the dkp create cluster
command.
Create a New AWS Kubernetes Cluster
If you use these instructions to create a cluster on AWS using the DKP default settings without any edits to configuration files or additional flags, your cluster is deployed on an Ubuntu 20.04 operating system image with 3 control plane nodes, and 4 worker nodes.
DKP uses AWS CSI as the default storage provider. You can use a Kubernetes CSI compatible storage solution that is suitable for production. See the Kubernetes documentation called Changing the Default Storage Class for more information.
In previous DKP releases, AMI images provided by the upstream CAPA project would be used if you did not specify an AMI. However, the upstream images are not recommended for production and may not always be available. Therefore, DKP now requires you to specify an AMI when creating a cluster. To create an AMI, use Konvoy Image Builder.
There are two approaches to supplying the ID of your AMI. Either provide the ID of the AMI or provide a way for DKP to discover the AMI using location, format and OS information:
Option One - Provide the ID of your AMI:
Use the example command below leaving the existing flag that provides the AMI ID:
--ami AMI_ID
Option Two - Provide a path for your AMI with the information required for image discover:
Where the AMI is published using your AWS Account ID:
--ami-owner AWS_ACCOUNT_ID
The format or string used to search for matching AMIs and ensure it references the Kubernetes version plus the base OS name:
--ami-base-os ubuntu-20.04
The base OS information:
--ami-format 'example-{{.BaseOS}}-?{{.K8sVersion}}-*'
⚠️ IMPORTANT: The AMI must be created with Konvoy Image Builder in order to use the registry mirror feature.
CODEexport AWS_AMI_ID=<ami-...>
(Optional) Registry Mirror - Configure your cluster to use an existing local registry as a mirror when attempting to pull images. Below is an AWS ECR example:
CODEexport REGISTRY_URL=<ecr-registry-URI>
REGISTRY_URL
: the address of an existing local registry accessible in the VPC that the new cluster nodes will be configured to use a mirror registry when pulling images.
Run this command to create your Kubernetes cluster using any relevant flags for Option One explained above:
CODEdkp create cluster aws \ --cluster-name=${CLUSTER_NAME} \ --additional-tags=owner=$(whoami) \ --with-aws-bootstrap-credentials=true \ --ami AMI_ID \ --self-managed
OR
Option Two is to run the command as shown from the explanation above:
CODEdkp create cluster aws \ --cluster-name=${CLUSTER_NAME} \ --additional-tags=owner=$(whoami) \ --with-aws-bootstrap-credentials=true \ --ami-owner AWS_ACCOUNT_ID \ --ami-base-os ubuntu-20.04 \ --ami-format 'example-{{.BaseOS}}-?{{.K8sVersion}}-*' \ --self-managed
If your environment uses HTTP/HTTPS proxies, you must include the flags --http-proxy
, --https-proxy
, and --no-proxy
and their related values in this command for it to be successful. More information is available in Configuring an HTTP/HTTPS Proxy.
Cluster Verification
If you want to monitor or verify the installation of your clusters, refer to:
Verify your Cluster and DKP Installation.