[FOLIO-2650] Provision new EKS cluster to replace folio-eks-1-us-west-2 Created: 17/Jun/20  Updated: 19/Jun/20  Resolved: 19/Jun/20

Status: Closed
Project: FOLIO
Components: None
Affects versions: None
Fix versions: None

Type: Task Priority: P2
Reporter: John Malconian Assignee: John Malconian
Resolution: Done Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original estimate: Not Specified

Issue links:
Relates
relates to FOLIO-2649 Rancher pipelines fail on Build Docke... Closed
Sprint: DevOps: sprint 90
Development Team: FOLIO DevOps

 Description   

Due to unresolvable networking issues in FOLIO-2649 Closed , a new EKS cluster needs to be set up and imported into Rancher.



 Comments   
Comment by John Malconian [ 17/Jun/20 ]

EKS cluster, folio-eks-2-us-west-2, is up and fully functional. I've imported it into Rancher as well. Important items to note:

  • Ingress manifests should include the following annotations:
annotations:
    kubernetes.io/ingress.class: "nginx"
    external-dns.alpha.kubernetes.io/target: "f2b6996c-kubesystem-albing-accc-1096161577.us-west-2.elb.amazonaws.com"

external-dns.alpha.kubernetes.io/target: "f2b6996c-kubesystem-albing-accc-1096161577.us-west-2.elb.amazonaws.com" will automatically create an A record DNS entry for YOUR_HOSTNAME.ci.folio.org in Route53 and resolve it to the AWS ALB that handles all ingress into the cluster and passes it off to nginx running inside the cluster. Example simple ingress config for okapi below:

apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
  name: okapi-test
  namespace: okapi-test
  annotations:
    kubernetes.io/ingress.class: "nginx"
    external-dns.alpha.kubernetes.io/target: "f2b6996c-kubesystem-albing-accc-1096161577.us-west-2.elb.amazonaws.com"
spec:
  rules:
    - host: okapi-test.ci.folio.org
      http:
        paths:
          - path: /
            backend:
              serviceName: okapi-test
              servicePort: 9130
Comment by John Malconian [ 17/Jun/20 ]

Still need to provision a bastion host on the new VPC so that we can access worker nodes via SSH.

Comment by John Malconian [ 19/Jun/20 ]

Closing this. Will create new issue for bastion host.

Generated at Thu Feb 08 23:22:14 UTC 2024 using Jira 1001.0.0-SNAPSHOT#100246-sha1:7a5c50119eb0633d306e14180817ddef5e80c75d.