英文:
Is it possible to deploy an existing container via EKS using AWS Console only?
问题
- 不使用AWS CLI或kubectl,您是否可以通过AWS控制台仅使用AWS控制台部署现有容器到EKS集群?
- 我们可以在哪里找到关于如何执行此操作的逐步说明?
英文:
So I created my first ever EKS Cluster (this URL is for illustration only):
https://us-east-1.console.aws.amazon.com/eks/home?region=us-east-1#/clusters/MyEksClusterName?selectedTab=cluster-overview-tab
and I would like to use it to practice Docker
container deployment via EKS.
I looked for step by step instructions on how to accomplish that using AWS Console operations only (i.e. no kubctl
, no aws
CLI) but all the instructions that I have been able to find involve some necessary CLI interaction. For example:
https://towardsdatascience.com/kubernetes-application-deployment-with-aws-eks-and-ecr-4600e11b2d3c
I did manage to create a kubeconfig file (including role-arn
) and
set KUBECONFIG=C:\Users\Me\mydockercontainer\kubeconfig
but when I tried to run kubectl get componentstatuses
, I received:
Unable to connect to the server: getting credentials: exec: executable aws not found
It looks like you are trying to use a client-go credential plugin that is not installed.
I am not using anything related to Go
in my environment... I researched this error message and found: "Make sure you have installed AWS CLI."
I therefore went ahead and installed AWS CLI:
aws --version
aws-cli/2.11.22 Python/3.11.3 Windows/10 exe/AMD64 prompt/off
but when I tried now to run kubectl get componentstatuses
, I received:
Unable to locate credentials. You can configure credentials by running "aws configure".
Unable to locate credentials. You can configure credentials by running "aws configure".
Unable to locate credentials. You can configure credentials by running "aws configure".
Unable to locate credentials. You can configure credentials by running "aws configure".
Unable to locate credentials. You can configure credentials by running "aws configure".
Unable to connect to the server: getting credentials: exec: executable aws failed with exit code 253
I did find instructions on aws configure
: https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-files.html
but at this point, I feel that I overcomplicated things and that I have been delving too deep into a procedure that would have been much simpler. That is, compared to just point and click various options on AWS Console (just like when creating an IAM role, user, EC2 instance, etc.).
So my questions are:
- Is it possible to deploy an existing container via EKS using AWS Console only?
- Where can I find step by step instructions on how to accomplish that?
答案1
得分: 2
I don't think that is possible. You need to know more about how Kubernetes and IAM roles work, rather than how EKS works. EKS is just a way to have your own K8s cluster with all its needed underlying infrastructure (Network, storage, computing, etc.) on the Cloud. And the console page you see for EKS is just a UI to check your resources deployed and the cluster information as an API endpoint.
The entry point for any K8s cluster (regardless of whether it's local or on AWS/Azure/GCP, etc.) is the API server, which is an actual endpoint (on EKS you would find it in the overview
tab, under the API server endpoint
parameter) that you reach and where you can perform any API request. In order to do so, you need to be authenticated and authorized.
In AWS EKS, the cluster authenticates based on IAM roles. So, in the link you provided for the kubeconfig, in the users
definition, kubectl authenticates by running aws eks get-token
. And in order to be able to run this command, you need to have the right permissions attached to the AWS profile that is used in your shell to run the previous command. Please refer to How to configure aws-cli.
After you configure your AWS profile in your shell, run the aws eks get-token --cluster-name <<name>> --region <<region>>
manually, and see if it works. If it does, then kubectl will work as well.
英文:
I don't think that is possible. You need to know more about how kubernetes and iam roles works, rather how EKS works
. EKS is just a way to have your own K8s cluster with all its needed underlying infrastructure (Network, storage, computing, ect) on the Cloud. And the console page you see for EKS, is just a UI to check your resources deployed and the cluster information as api endpoint.
The entry point for any K8s cluster (regardless locally, on AWS/Azure/GCP/ect), is the api server, which is an actual endpoint (on eks you would find in the overview
tab, under API server endpoint
parameter) that you reach and you can perform any API request. In order to do so, you need to be authenticated and authorized.
In AWS EKS, the cluster authenticate based on IAM role. So in the link you provided for the kubeconfig, in the users
definition, kubectl authenticate by running aws eks get-token
. And in order to be able to run this command, you need to have right permissions attached to the aws profile that is used in your shell to run the previous command. Please refer to How to configure aws-cli
After you configure your aws profile in your shell, run the aws eks get-token --cluster-name <<name>> --region <<region>>
manually, and see if it works. If it does, then kubectl will work as well.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论