PNDA
Space shortcuts
Page tree

Versions Compared

Old Version 12

changes.mady.by.user sreenivasa.gopireddy@xoriant.com

Saved on

compared with

New Version Current

changes.mady.by.user sreenivasa.gopireddy@xoriant.com

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Run the following commands to setup load balncerbalancer,

IAM Console --> Roles --> search for the NodeInstanceRole.

(Example: eksctl-pnda-eks-NodeInstanceRole-xxxxxx.) --> Attach policy select ingressController-iam-policy.

...

  • kubectl apply -f alb-ingress-controller.yaml
  • kubectl get pods -n kube-system à This should return running alb ingress controller pod.

 Step 3) Helm tiller Installation on EKS cluster:

$helm init

Create rbac-config.yaml

apiVersion: v1

kind: ServiceAccount

metadata:

  name: tiller

  namespace: kube-system

---

apiVersion: rbac.authorization.k8s.io/v1beta1

kind: ClusterRoleBinding

metadata:

  name: tiller

roleRef:

  apiGroup: rbac.authorization.k8s.io

  kind: ClusterRole

  name: cluster-admin

subjects:

  - kind: ServiceAccount

    name: tiller

    namespace: kube-system

$kubectl create -f rbac-config.yaml

$helm init --service-account tiller --upgrade

$helm version               

Note: Default EBS General Purpose SSD(gp2) volume types only supports read-write-once persistent volume (PV) access-mode. The PV which we create for Deployment Manager requires read-write-many access-mode, as multiple pods (Deployment Manager, Spark Operatoretc..) share same PV. Hence, we have to create/setup EFS CSI driver which supports read-write-many access-mode for a PV.

Step 4) To deploy Amazon EFS CSI driver to an Amazon EKS cluster

               

  1.   kubectl apply -k "github.com/kubernetes-sigs/aws-efs-csi-driver/deploy/kubernetes/overlays/stable/?ref=master"
  2. aws eks describe-cluster --name pnda --query "cluster.resourcesVpcConfig.vpcId" --output

...

  1. text 
    1. (Above command will return VPC ID and use the same in below command)
  2. aws ec2 describe-vpcs --vpc-ids vpc-exampledb76d3e813 --query "Vpcs[].CidrBlock" --output text

...

  1. (Above command returns VPC CODR range and use the same while adding rule for NFS inbound traffic)
    1. Create a security group that allows inbound NFS traffic for your Amazon EFS mount points.
    2. Open the Amazon VPC console at https://console.aws.amazon.com/vpc/
    3. Choose Security Groups in the left navigation pane, and then Create security group.
    4. Enter a name and description for your security group, and choose the VPC that your Amazon EKS cluster is using.
    5. Choose Create and then Close to finish.
  2. Add a rule to your security group to allow inbound NFS traffic from your VPC CIDR range.
    1. Choose the security group that you created in the previous step.
    2. Choose the Inbound Rules tab and then choose Edit rules.
    3. Choose Add Rule, fill out the following fields, and then choose Save rules.

      ...

          1. Type: NFS

      ...

          1. Source: Custom. Paste the VPC CIDR range.
          2. Description: Add a description, such as "Allows inbound NFS traffic from within the VPC."

      Step 5) Create AWS EFS

      (https://us-east-2.console.aws.amazon.com/efs/home?region=us-east-2#/get-started)

       Note: Use same region as EKS cluster created region in above URL 

      There are 2 ways to create AWS elastic file system

      1. Using GUI:
        1. Open the Amazon Elastic File System console at https://console.aws.amazon.com/efs/ .
        2. Choose File systems in the left navigation pane, and then choose Create file system.
        3. On the Create file system page, choose Customize.
        4. On the File system settings page, you don't need to enter or select any information, but can if desired, and then select Next.
        5. On the Network access page, for Virtual Private Cloud (VPC), choose your VPC.
        1. Note: If you don't see your VPC, at the top right of the console, make sure that the region that your VPC is in is selected.
        2. Under Mount targets, if a default security group is already listed, select the X in the top right corner of the box with the default security group name to remove it from each mount point, select the security group that you created in a previous step for each mount target, and then select Next.
        3. On the File system policy page, select Next.
        4. On the Review and create page, select Create.

      (Or)

      2. Using CLI:

          Follow the steps from following link,

          https://docs.aws.amazon.com/efs/latest/ug/wt1-create-efs-resources.html

       Step 6) Setup K8S-EFS provisioner

      1. Download k8s-efs repository from git,
        1. git clone https://github.com/kubernetes-incubator/external-storage
      2. Switch to the deploy directory
        1. cd external-storage/aws/efs/deploy/
      3. Apply rbac permissions
        1. Kubectl apply -f rbac.yaml
      4. Modify manifest.yaml. In the configmap section change the system.id: and aws.region: to match the details of the EFS you created. Change dns.name if you want to mount by your own DNS name and not by AWS's *file-system-id*.efs.*aws-region*.amazonaws.com.

      ...

      1. See following attachment for manifest.yaml,

      View file
      namemanifest.yaml
      height250

      5. Apply the manifest

      kubectl apply -f manifest.yaml

      6. Check PV and PVC created properly

      kubectl get pv,

      ...

      pvc  (should return efs volume with aws-efs storage class)

      Step 7) Setup Console/Kafka/Grafana/etc.. service types as load balancer for Helm charts

       

      ...

      Console: ~/pnda/pnda-helm-chart/cloud-pnda/values.yaml

      ...

                Image Added

                      Kafka: ~/pnda/pnda-helm-chart/cloud-pnda/charts/kafka-manager                                

                      Image Added                              

                     Grafana: ~/pnda/pnda-helm-chart/cloud-pnda/charts/grafana/values.yaml                            

         Image Added

      Step 8) Add storage class as gp2 for all other pvc and aws-efs for deployment manager pvc.

      ...

      Step 9) Install PNDA on eks with helm

      Image Added

      (helm install --name pnda --namespace pnda cloud-pnda)

      Step 10) Setup DNS alias for external IP’s in Route 53 to access the DNS like console.pnda.io within private network

       

      Step 11) Access the console front end from any one of the ec2 instance.

      ...

      Step 12) Testing the deployment of SparkStreaming

      1.  

      ...

      1. To test the deployment of SparkStreaming we have created an example app literary-word-count-app-wf-0.3.2.tar.gz.

      ...

      1.  To upload the package to the cloud-pnda platform: 
        1. kubectl -n pnda port-forward service/pnda-package-repository 8888
      2. It is possible to temporarily expose the package repository API with kubectl port forwarding:
        1. curl -XPUT "http://localhost:8888/packages/literary-word-count-app-     wf-0.3.2.tar.gz?user.name=" --data-binary "@literary-word-count-app- wf-0.3.2.tar.gz"
      3. You can see the uploaded package details under available packages in Package Management and then deploy the package by clicking Deploy button.

                  Image Added

      5. After successfully deploying the package, create/install the application in the Apps Tab

                 Image Added

                    

      6. Verify the application on K8S cluster(Tested on Rancher cluster).

                 Image Added

                    

      7. To delete the application, you have to click on delete button of particular application under Apps Tab,

           Image Added


      Sample Spark Streaming example is in following Git repo,

      https://github.com/sreenivasa-xor/SparkStreaming-Example-Application.git

      Step 13) Clean-up

       Delete PNDA on eks cluster

      % helm del –purge pnda

      Delete EKS Cluster:

      % eksctl delete cluster --region=us-east-2 --name=pnda