通过AWS控制台仅部署现有容器是否可能?

huangapple go评论56阅读模式
英文:

Is it possible to deploy an existing container via EKS using AWS Console only?

问题

  1. 不使用AWS CLI或kubectl,您是否可以通过AWS控制台仅使用AWS控制台部署现有容器到EKS集群?
  2. 我们可以在哪里找到关于如何执行此操作的逐步说明?
英文:

So I created my first ever EKS Cluster (this URL is for illustration only):

https://us-east-1.console.aws.amazon.com/eks/home?region=us-east-1#/clusters/MyEksClusterName?selectedTab=cluster-overview-tab

and I would like to use it to practice Docker container deployment via EKS.

I looked for step by step instructions on how to accomplish that using AWS Console operations only (i.e. no kubctl, no aws CLI) but all the instructions that I have been able to find involve some necessary CLI interaction. For example:

https://towardsdatascience.com/kubernetes-application-deployment-with-aws-eks-and-ecr-4600e11b2d3c

I did manage to create a kubeconfig file (including role-arn) and

set KUBECONFIG=C:\Users\Me\mydockercontainer\kubeconfig

but when I tried to run kubectl get componentstatuses, I received:

Unable to connect to the server: getting credentials: exec: executable aws not found

It looks like you are trying to use a client-go credential plugin that is not installed.

I am not using anything related to Go in my environment... I researched this error message and found: "Make sure you have installed AWS CLI."

I therefore went ahead and installed AWS CLI:

aws --version
aws-cli/2.11.22 Python/3.11.3 Windows/10 exe/AMD64 prompt/off

but when I tried now to run kubectl get componentstatuses, I received:

Unable to locate credentials. You can configure credentials by running "aws configure".

Unable to locate credentials. You can configure credentials by running "aws configure".

Unable to locate credentials. You can configure credentials by running "aws configure".

Unable to locate credentials. You can configure credentials by running "aws configure".

Unable to locate credentials. You can configure credentials by running "aws configure".
Unable to connect to the server: getting credentials: exec: executable aws failed with exit code 253

I did find instructions on aws configure: https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-files.html

but at this point, I feel that I overcomplicated things and that I have been delving too deep into a procedure that would have been much simpler. That is, compared to just point and click various options on AWS Console (just like when creating an IAM role, user, EC2 instance, etc.).

So my questions are:

  1. Is it possible to deploy an existing container via EKS using AWS Console only?
  2. Where can I find step by step instructions on how to accomplish that?

答案1

得分: 2

I don't think that is possible. You need to know more about how Kubernetes and IAM roles work, rather than how EKS works. EKS is just a way to have your own K8s cluster with all its needed underlying infrastructure (Network, storage, computing, etc.) on the Cloud. And the console page you see for EKS is just a UI to check your resources deployed and the cluster information as an API endpoint.

The entry point for any K8s cluster (regardless of whether it's local or on AWS/Azure/GCP, etc.) is the API server, which is an actual endpoint (on EKS you would find it in the overview tab, under the API server endpoint parameter) that you reach and where you can perform any API request. In order to do so, you need to be authenticated and authorized.

In AWS EKS, the cluster authenticates based on IAM roles. So, in the link you provided for the kubeconfig, in the users definition, kubectl authenticates by running aws eks get-token. And in order to be able to run this command, you need to have the right permissions attached to the AWS profile that is used in your shell to run the previous command. Please refer to How to configure aws-cli.

After you configure your AWS profile in your shell, run the aws eks get-token --cluster-name <<name>> --region <<region>> manually, and see if it works. If it does, then kubectl will work as well.

英文:

I don't think that is possible. You need to know more about how kubernetes and iam roles works, rather how EKS works. EKS is just a way to have your own K8s cluster with all its needed underlying infrastructure (Network, storage, computing, ect) on the Cloud. And the console page you see for EKS, is just a UI to check your resources deployed and the cluster information as api endpoint.

The entry point for any K8s cluster (regardless locally, on AWS/Azure/GCP/ect), is the api server, which is an actual endpoint (on eks you would find in the overview tab, under API server endpoint parameter) that you reach and you can perform any API request. In order to do so, you need to be authenticated and authorized.

In AWS EKS, the cluster authenticate based on IAM role. So in the link you provided for the kubeconfig, in the users definition, kubectl authenticate by running aws eks get-token. And in order to be able to run this command, you need to have right permissions attached to the aws profile that is used in your shell to run the previous command. Please refer to How to configure aws-cli

After you configure your aws profile in your shell, run the aws eks get-token --cluster-name &lt;&lt;name&gt;&gt; --region &lt;&lt;region&gt;&gt; manually, and see if it works. If it does, then kubectl will work as well.

huangapple
  • 本文由 发表于 2023年5月25日 17:41:57
  • 转载请务必保留本文链接:https://go.coder-hub.com/76330907.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定