gitpod-eks-guide icon indicating copy to clipboard operation
gitpod-eks-guide copied to clipboard

Published 20 hours ago verified publisher icon gitpod-io

Various fixes & improvements, EKS 1.22, Gitpod 2022.06.0

Open szab100 opened this issue 3 years ago • 3 comments

Description

This PR is based on the latest commit (https://github.com/gitpod-io/gitpod-eks-guide/commit/16929769ee29f4ba0ba2494076b4ce61f2f4f8b7) in mrz/alb-ingress.

It fixes all current issues we have been experiencing lately and - optionally - provides a fully guided installation with no additional manual steps required from users (dealing with load balancers, dns and ssl certs).

Includes:

  • fixes outdated helm chart issues
  • fixes nodes unable to pull images from registry-facade due to unknown CA (via bootstrap override)
  • use latest "Ubuntu 2004" AMI (need to specify a specific AMI ID due to bootstrap override)
  • fixes object storage S3 connection / permission issue (when using the bucket & iam user of registry)
  • tested with latest Gitpod release (2022.06.0)
  • auto-create load balancers (alb & nlb) with automatic dns, certificate and firewall rules - optional
  • auto-create a Let's Encrypt cert-manager ClusterIssuer - optional
  • enable SSH access on nodes using default private key in ~/.ssh - optional

How to test

  1. Configure .env - provide your target namespace, ACM certificate ARN, R53 hosted-zone ID and CREATE_LB=true.
  2. Run 'make build' & 'make install' on a clean AWS account.
  3. Install & run KOTS in the target namespace.
  4. Provide all KOTS configuration options as directed by the guide's output (incl. uploading 'extra-config-patch.yaml')
  5. Verify all pre-flight checks are green and the installation is fully working and the proxy service type is NodePort.

Release Notes

Documentation

The EKS guide should already be linked from the Gitpod Docs page.

szab100 avatar Jun 30 '22 21:06 szab100

This is nice PR. I'm waiting for this to be merged

glendmaatita avatar Jul 07 '22 06:07 glendmaatita

Sorry for the delay, aiming to get this done this week, incl. updating to the latest release. As well as planning to add aws ecb (and maybe efs) csi drivers for the upcoming pvc support for self hosted.

szab100 avatar Jul 27 '22 14:07 szab100

Hey @mrzarquon, can you try verify this again? I pushed a small change that should fix the race condition between the creation of namespace & ingress + service.

If works well, let's merge and will open a new PR with updating to the latest version & add the AWS EBS CSI storage driver and CSI Snapshotter addons that will be needed for PVCs (once the feature is ready). We will also be migrating to the gitops method with kots, will be looking for a way to support that too from this guide (like make gitops-install to run both the CDK part & the gitops kots installer).

szab100 avatar Aug 10 '22 18:08 szab100