CloudStack

• 1: Requirements for EKS Anywhere on CloudStack
• 2: Preparing CloudStack for EKS Anywhere

1 - Requirements for EKS Anywhere on CloudStack

To run EKS Anywhere, you will need:

Prepare Administrative machine

Set up an Administrative machine as described in Install EKS Anywhere .

Prepare a CloudStack environment

To prepare a CloudStack environment to run EKS Anywhere, you need the following:

• A CloudStack 4.14 or later environment. CloudStack 4.16 is used for examples in these docs.

• Capacity to deploy 6-10 VMs.

• One shared network in CloudStack to use for the cluster. EKS Anywhere clusters need access to CloudStack through the network to enable self-managing and storage capabilities.

• A Red Hat Enterprise Linux qcow2 image built using the image-builder tool as described in artifacts .

• User credentials (CloudStack API key and Secret key) to create VMs and attach networks in CloudStack.

• One IP address routable from the cluster but excluded from DHCP offering. This IP address is to be used as the Control Plane Endpoint IP. Below are some suggestions to ensure that this IP address is never handed out by your DHCP server. You may need to contact your network engineer.

  • Pick an IP address reachable from the cluster subnet which is excluded from DHCP range OR
  • Alter DHCP ranges to leave out an IP address(s) at the top and/or the bottom of the range OR
  • Create an IP reservation for this IP on your DHCP server. This is usually accomplished by adding a dummy mapping of this IP address to a non-existent mac address.

Each VM will require:

• 2 vCPUs
• 8GB RAM
• 25GB Disk

The administrative machine and the target workload environment will need network access to:

• CloudStack endpoint (must be accessible to EKS Anywhere clusters)
• public.ecr.aws
• anywhere-assets.eks.amazonaws.com (http://anywhere-assets.eks.amazonaws.com/ ) (to download the EKS Anywhere binaries and manifests)
• distro.eks.amazonaws.com (http://distro.eks.amazonaws.com/ ) (to download EKS Distro binaries and manifests)
• d2glxqk2uabbnd.cloudfront.net (http://d2glxqk2uabbnd.cloudfront.net/ ) (for EKS Anywhere and EKS Distro ECR container images)
• api.ecr.us-west-2.amazonaws.com (http://api.ecr.us-west-2.amazonaws.com/ ) (for EKS Anywhere package authentication matching your region)
• d5l0dvt14r5h8.cloudfront.net (http://d5l0dvt14r5h8.cloudfront.net/ ) (for EKS Anywhere package ECR container images)
• api.github.com (http://api.github.com/ ) (only if GitOps is enabled)

CloudStack information needed before creating the cluster

You need at least the following information before creating the cluster. See CloudStack configuration for a complete list of options and Preparing CloudStack for instructions on creating the assets.

• Static IP Addresses: You will need one IP address for the management cluster control plane endpoint, and a separate one for the controlplane of each workload cluster you add.

Let’s say you are going to have the management cluster and two workload clusters. For those, you would need three IP addresses, one for each. All of those addresses will be configured the same way in the configuration file you will generate for each cluster.

A static IP address will be used for each control plane VM in your EKS Anywhere cluster. Choose IP addresses in your network range that do not conflict with other VMs and make sure they are excluded from your DHCP offering. An IP address will be the value of the property controlPlaneConfiguration.endpoint.host in the config file of the management cluster. A separate IP address must be assigned for each workload cluster.

• CloudStack datacenter: You need the name of the CloudStack Datacenter plus the following for each Availability Zone (availabilityZones). Most items can be represented by name or ID:
  • Account (account): Account with permission to create a cluster (optional, admin by default).
  • Credentials (credentialsRef): Credentials provided in an ini file used to access the CloudStack API endpoint. See CloudStack Getting started for details.
  • Domain (domain): The CloudStack domain in which to deploy the cluster (optional, ROOT by default)
  • Management endpoint (managementApiEndpoint): Endpoint for a cloudstack client to make API calls to client.
  • Zone network (zone.network): Either name or ID of the network.
• CloudStack machine configuration: For each set of machines (for example, you could configure separate set of machines for control plane, worker, and etcd nodes), obtain the following information. This must be predefined in the cloudStack instance and identified by name or ID:
  • Compute offering (computeOffering): Choose an existing compute offering (such as large-instance), reflecting the amount of resources to apply to each VM.
  • Operating system (template): Identifies the operating system image to use (such as rhel8-k8s-118).
  • Users (users.name): Identifies users and SSH keys needed to access the VMs.

2 - Preparing CloudStack for EKS Anywhere

Before you can create an EKS Anywhere cluster in CloudStack, you must do some setup on your CloudStack environment. This document helps you get what you need to fulfill the prerequisites described in the Requirements and values you need for CloudStack configuration .

Set up a domain and user credentials

Either use the ROOT domain or create a new domain to deploy your EKS Anywhere cluster. One or more users are grouped under a domain. This example creates a user account for the domain with a Domain Administrator role. From the apachecloudstack console:

1. Select Domains.

2. Select Add Domain.

3. Fill in the Name for the domain (eksa in this example) and select OK.

4. Select Accounts -> Add Account, then fill in the form to add a user with DomainAdmin role, as shown in the following figure:

   

5. To generate API credentials for the user, select Accounts-> -> View Users -> and select the Generate Keys button.

6. Select OK to confirm key generation. The API Key and Secret Key should appear as shown in the following figure:

   

7. Copy the API Key and Secret Key to a credentials file to use when you generate your cluster. For example:

   [Global]
   api-url = http://10.0.0.2:8080/client/api
   api-key = OI7pm0xrPMYjLlMfqrEEj...
   secret-key = tPsgAECJwTHzbU4wMH...
   

Import template

You need to build at least one operating system image and import it as a template to use for your cluster nodes. Currently, only Red Hat Enterprise Linux 8 images are supported. To build a RHEL-based image to use with EKS Anywhere, see Build node images .

1. Make your image accessible from you local machine or from a URL that is accessible to your CloudStack setup.

2. Select Images -> Templates, then select either Register Template from URL or Select local Template. The following figure lets you register a template from URL:

   

   This example imports a RHEL image (QCOW2), identifies the zone from which it will be available, uses KVM as the hypervisor, uses the osdefault Root disk controller, and identifies the OS Type as Red Hat Enterprise Linux 8.0. Select OK to save the template.

3. Note the template name and zone so you can use it later when you deploy your cluster.

Create CloudStack configurations

Take a look at the following CloudStack configuration settings before creating your EKS Anywhere cluster. You will need to identify many of these assets when you create you cluster specification:

DatacenterConfig information

Here is how to get information to go into the CloudStackDatacenterConfig section of the CloudStack cluster configuration file:

• Domain: Select Domains, then select your domain name from under the ROOT domain. Select View Users, not the user with the Domain Admin role, and consider setting limits to what each user can consume from the Resources and Configure Limits tabs.

• Zones: Select Infrastructure -> Zones. Find a Zone where you can deploy your cluster or create a new one.

  

• Network: Select Network -> Guest networks. Choose a network to use for your cluster or create a new one.

Here is what some of that information would look like in a cluster configuration:

apiVersion: anywhere.eks.amazonaws.com/v1alpha1
kind: CloudStackDatacenterConfig
metadata:
  name: my-cluster-name-datacenter
spec:
  availabilityZones:
  - account: admin
    credentialsRef: global
    domain: eksa
    managementApiEndpoint: ""
    name: az-1
    zone:
      name: Zone2
      network:
        name: "SharedNet2"

MachineConfig information

Here is how to get information to go into CloudStackMachineConfig sections of the CloudStack cluster configuration file:

• computeOffering: Select Service Offerings -> Compute Offerings to see a list of available combinations of CPU cores, CPU, and memory to apply to your node instances. See the following figure for an example:

  

• template: Select Images -> Templates to see available operating system image templates.

• diskOffering: Select Storage -> Volumes, the select Create Volume, if you want to create disk storage to attach to your nodes (optional). You can use this to store logs or other data you want saved outside of the nodes. When you later create the cluster configuration, you can identify things like where you want the device mounted, the type of file system, labels and other information.

• AffinityGroupIds: Select Compute -> Affinity Groups, then select Add new affinity group (optional). By creating an affinity group, you can tell all VMs from a set of instances to either all run on different physical hosts (anti-affinity) or just run anywhere they can (affinity).

Here is what some of that information would look like in a cluster configuration:

apiVersion: anywhere.eks.amazonaws.com/v1alpha1
kind: CloudStackMachineConfig
metadata:
  name: my-cluster-name-cp
spec:
  computeOffering:
    name: "Medium Instance"
  template:
    name: "rhel8-kube-1.23-eksa"
  diskOffering:
    name: "Small"
    mountPath: "/data-small"
    device: "/dev/vdb"
    filesystem: "ext4"
    label: "data_disk"
  symlinks:
    /var/log/kubernetes: /data-small/var/log/kubernetes
  affinityGroupIds:
  - control-plane-anti-affinity