AWS Prerequisites

Before getting started with Platform9 Managed Kubernetes (PMK) you will need to prepare some infrastructure that you’d use to work with PMK. Make sure to read through these requirements carefully as a successful deployment of PMK depends on it. PMK supports creating Kubernetes clusters on AWS using assume role credentials.

AWS: PMK provides native integration with Amazon AWS to create Kubernetes clusters using AWS EC2 instances. In this model, PMK manages the lifecycle of the nodes on EC2. It also integrates with other AWS services such as Route53, ELB, EBS to create a fully production-ready Kubernetes cluster that can auto-scale based on workload requirements. (NOTE: PMK does not support integration with AWS EKS today)

Pre-requisites for an AWS cluster

PMK requires that you specify the AWS access key ID and the secret access key for an IAM user in your AWS account in order to authenticate with your AWS environment. PMK securely stores these credentials once specified.

To delete the credentials remove the ‘cloud provider’.

Following permissions are required on your AWS account.

  • ELB Management
  • Route 53 DNS Configuration
  • Access to two or more Availability Zones within the region
  • EC2 Instance Management
  • EBS Volume Management
  • VPC Management

Refer to this AWS article for more info on how to create and manage AWS access key ID and secret access key for your AWS account.

Choose a compatible set of AWS credentials

The account that these credentials are associated with must have at least one Route 53 hosted zone registered. When creating a cluster, the API FQDN and Service FQDN should be of that hosted zone.

For example, if the hosted zone is of domain name “platform9.systems” then the API and Service FQDN should be of the form xxx.platform9.systems

The credentials must also be capable of adding/deleting the following artifacts.

  • VPC (Only if deploying a cluster to a new VPC)
  • Subnets in each AZ (Only if deploying a cluster to a new VPC. In an existing VPC, the first subnet of each AZ is used)
  • Security Group (For cluster connectivity)
  • ELB (For HA Kubernetes API)
  • Auto Scaling Groups (For creation of ASGs for master and worker nodes)
  • Route 53 Hosted Zone Record sets (For API and Service FQDNs)
  • Launch Configuration (For creating EC2 instances)
  • Internet Gateway (For exposing the Kubernetes API with HTTPS)
  • Routes (For the Internet Gateway)
  • IAM Roles and Instance Profiles (For deployment of highly available etcd and Kubernetes AWS integration)

Download pre-configured policy with required AWS credentials

You can download a pre-configured AWS Policy with the above requirements from here, then import and apply it to your credentials’ IAM Role.

Make sure that the default limits for your region are configured properly

All AWS resources are configured by default with limits. As your usage of Kubernetes on AWS grows, you might run into some of them.

For example, the AWS default limit for number of VPCs in a region is 5, as stated in AWS documentation on VPC limits

To see the default limit values for all your EC2 resources within a given region:

  • Log into your AWS console
  • Navigate to Services > EC2
  • Once in EC2, on the left hand side menu panel, click on limits

This will show you all default limits for your AWS resources.

Any specific limit can be raised by submitting a ‘Service limit increase’ request with AWS.

Supported Operating Systems

Regardless of what infrastructure or cloud provider you are creating the PMK clusters on, PMK supports the following operating systems for the nodes of those Kubernetes clusters.

  • CentOS 7+ (64-bit)
  • RHEL 7+ (64-bit)
  • Ubuntu LTS 16.04 (64-bit) (NOTE: support for Ubuntu 18.04 coming soon!)