Deploying the EKS Platform
Quick Start
| Steps | Example |
|---|---|
| 1. Vendor EKS components | atmos workflow vendor -f quickstart/platform/eks |
| 2. Connect to the VPN | |
| 3. Deploy roles for each EKS stack | atmos workflow deploy/iam-service-linked-roles -f quickstart/platform/eks |
| 4. Deploy cluster into each stack | atmos workflow deploy/cluster -s plat-use1-dev -f quickstart/platform/eks |
| 5. Deploy resources into each stack | atmos workflow deploy/resources -s plat-use1-dev -f quickstart/platform/eks |
Repeat steps 4 and 5 for each EKS stack, typically plat-dev, plat-staging, and plat-prod
Requirements
In order to deploy EKS, Networking must be fully deployed and functional. In particular, the user deploying the cluster must have a working VPN connection to the targeted account. See the network documentation for details.
All deployment steps below assume that the environment has been successfully set up with the following steps.
- Sign into AWS via Atmos Auth
- Connect to the VPN
- Open Geodesic
Steps
2 Vendor Components
EKS adds many components required to set up a cluster. With EKS Auto Mode, AWS manages compute, networking, and
storage automatically, reducing the number of components to deploy. Components are contained in the EKS
components and catalog folders, under components/terraform/eks and catalog/stacks/eks respectively.
Vendor these components with the included Atmos Workflows.
3 Deploy EKS Cluster
EKS provisioning includes many components packaged together into a single import per stack. Leveraging Atmos
inheritance, we have defined a baseline set of required components for all EKS deployments and a unique set of
additional components for a particular stack's EKS deployment. Find these catalog set definitions under
catalog/stacks/eks/clusters.
To provision a cluster, these components need to be deployed in order. The included Atmos Workflows will carry out this deployment in the proper order, but any of these step can be run outside of a workflow if desired.
See the eks workflow (stacks/workflows/eks.yaml) for each individual deployment step.
4 Deploy IAM Service Linked Roles
The cluster needs IAM Service-Linked Roles for various AWS services. Deploy these to all cluster accounts with
iam-service-linked-roles
5 Deploy Initial Platform Dev Cluster
First deploy the cluster and AWS EFS. With EKS Auto Mode enabled, the cluster automatically provisions nodes as
needed. The cluster deployment also includes the eks/ingress-class component for ALB-based routing.
Change use1 to your cluster's environment!
6 Deploy Platform Dev Cluster Resources
Once the cluster is up and running, continue with the EKS plat resources deployment. With EKS Auto Mode,
compute and networking are managed by AWS automatically. The resources workflow deploys additional node pools,
DNS, certificate management, and other shared addons. For additional details on each component, see the included
README.md for the individual component.
Run the Atmos Workflow to deploy all required plat components.
Validate the cluster deployment with eks/echo-server and the targeted service domain. The following URL should return
a success message for dev:
7 Deploy Staging
Once the dev cluster is deployed and validated, continue with staging and then prod.
Repeat the same deployment steps in staging
Validate staging: https://echo.use1.staging.plat.acme-svc.com/
8 Deploy Production
Then deploy prod
Validate prod: https://echo.use1.prod.plat.acme-svc.com/