Skip to main content
Skip table of contents

AWS: Create the Management Cluster

Use this procedure to create a self-managed AWS Management cluster with DKP. A self-managed cluster refers to one in which the CAPI resources and controllers that describe and manage it are running on the same cluster they are managing.

Name Your Cluster

The cluster name may only contain the following characters: a-z, 0-9, ., and -. Cluster creation will fail if the name has capital letters. See Kubernetes for more naming information.

By default, the control-plane Nodes will be created in 3 different zones. However, the default worker Nodes will reside in a single Availability Zone. You may create additional node pools in other Availability Zones with the dkp create nodepool command.

Follow these steps:

  1. Give your cluster a unique name suitable for your environment.

    In AWS it is critical that the name is unique, as no two clusters in the same AWS account can have the same name.

  2. Set the environment variable:

CODE
export CLUSTER_NAME=<aws-example>

To increase Docker Hub's rate limit use your Docker Hub credentials when creating the cluster, by setting the following flag --registry-mirror-url=https://registry-1.docker.io --registry-mirror-username= --registry-mirror-password= on the dkp create cluster command.

Create a New AWS Kubernetes Cluster

If you use these instructions to create a cluster on AWS using the DKP default settings without any edits to configuration files or additional flags, your cluster is deployed on an Ubuntu 20.04 operating system image with 3 control plane nodes, and 4 worker nodes.

DKP uses AWS CSI as the default storage provider. You can use a Kubernetes CSI compatible storage solution that is suitable for production. See the Kubernetes documentation called Changing the Default Storage Class for more information.

In previous DKP releases, AMI images provided by the upstream CAPA project would be used if you did not specify an AMI. However, the upstream images are not recommended for production and may not always be available.   Therefore, DKP now requires you to specify an AMI when creating a cluster. To create an AMI, use Konvoy Image Builder.

There are two approaches to supplying the ID of your AMI. Either provide the ID of the AMI or provide a way for DKP to discover the AMI using location, format and OS information:

  1. Option One - Provide the ID of your AMI:

    1. Use the example command below leaving the existing flag that provides the AMI ID: --ami AMI_ID

  2. Option Two - Provide a path for your AMI with the information required for image discover:

    1. Where the AMI is published using your AWS Account ID: --ami-owner AWS_ACCOUNT_ID

    2. The format or string used to search for matching AMIs and ensure it references the Kubernetes version plus the base OS name: --ami-base-os ubuntu-20.04

    3. The base OS information: --ami-format 'example-{{.BaseOS}}-?{{.K8sVersion}}-*'

  • ⚠️ IMPORTANT: The AMI must be created with Konvoy Image Builder in order to use the registry mirror feature.

    CODE
    export AWS_AMI_ID=<ami-...>
  • (Optional) Registry Mirror - Configure your cluster to use an existing local registry as a mirror when attempting to pull images. Below is an AWS ECR example:

    CODE
    export REGISTRY_URL=<ecr-registry-URI>
    • REGISTRY_URL: the address of an existing local registry accessible in the VPC that the new cluster nodes will be configured to use a mirror registry when pulling images.

  1. Run this command to create your Kubernetes cluster using any relevant flags for Option One explained above:

    CODE
    dkp create cluster aws \
    --cluster-name=${CLUSTER_NAME} \
    --additional-tags=owner=$(whoami) \
    --with-aws-bootstrap-credentials=true \
    --ami AMI_ID \
    --self-managed

    OR

  2. Option Two is to run the command as shown from the explanation above:

    CODE
    dkp create cluster aws \
    --cluster-name=${CLUSTER_NAME} \
    --additional-tags=owner=$(whoami) \
    --with-aws-bootstrap-credentials=true \
    --ami-owner AWS_ACCOUNT_ID \
    --ami-base-os ubuntu-20.04 \
    --ami-format 'example-{{.BaseOS}}-?{{.K8sVersion}}-*' \
    --self-managed
Optional REGISTRY flag:
  1. If you chose the option of creating a registry mirror, add this flag to your dkp create cluster command:

CODE
--registry-mirror-url=${REGISTRY_URL}
  • Other registry flag options to export and use:

    CODE
    export REGISTRY_URL=<registry-address>:<registry-port>
    export REGISTRY_USERNAME=<username>
    export REGISTRY_PASSWORD=<password>
    export REGISTRY_CA=<path to the cacert file on the bastion>
    CODE
    --registry-mirror-cacert=${REGISTRY_CA} \
    --registry-mirror-username=${REGISTRY_USERNAME} \
    --registry-mirror-password=${REGISTRY_PASSWORD}
  1. Custom AMI flag:

CODE
--ami=${AWS_AMI_ID}
Flatcar OS

Flatcar OS use --os-hint to instruct the bootstrap cluster to make some changes related to the installation paths:

CODE
--os-hint flatcar

If your environment uses HTTP/HTTPS proxies, you must include the flags --http-proxy, --https-proxy, and --no-proxy and their related values in this command for it to be successful. More information is available in Configuring an HTTP/HTTPS Proxy.

Cluster Verification

If you want to monitor or verify the installation of your clusters, refer to:

Verify your Cluster and DKP Installation.

Next Step:

AWS: Install Kommander

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.