我的书签
添加书签
移除书签Import an AWS EKS Cluster
- You have a Kubernetes cluster with KubeSphere installed, and prepared this cluster as the host cluster. For more information about how to prepare a host cluster, refer to Prepare a host cluster.
- You have an EKS cluster to be used as the member cluster.
Import an EKS Cluster
You need to deploy KubeSphere on your EKS cluster first. For more information about how to deploy KubeSphere on EKS, refer to Deploy KubeSphere on AWS EKS.
In order to manage the member cluster from the host cluster, you need to make the same between them. Therefore, get it first by executing the following command on your host cluster.
The output is similar to the following:
jwtSecret: "QVguGh7qnURywHn2od9IiOX6X8f8wK8g"
Log in to the KubeSphere console of the EKS cluster as
admin. Click Platform in the upper-left corner and then select Cluster Management.Go to CRDs, enter
ClusterConfigurationin the search bar, and then press Enter on your keyboard. Click ClusterConfiguration to go to its detail page.Click on the right and then select Edit YAML to edit
ks-installer.-
authentication:jwtSecret: QVguGh7qnURywHn2od9IiOX6X8f8wK8g
Note
Make sure you use the value of your own
jwtSecret. You need to wait for a while so that the changes can take effect.
doesn’t provide a built-in kubeconfig file as a standard kubeadm cluster does. Nevertheless, you can create a kubeconfig file by referring to this document. The generated kubeconfig file will be like the following:
apiVersion: v1clusters:- cluster:server: <endpoint-url>certificate-authority-data: <base64-encoded-ca-cert>name: kubernetescontexts:- context:cluster: kubernetesuser: awsname: awskind: Configpreferences: {}users:user:exec:apiVersion: client.authentication.k8s.io/v1alpha1command: awsargs:- "eks"- "get-token"- "--cluster-name"- "<cluster-name>"# - "--role"# - "<role-arn>"# env:# - name: AWS_PROFILE# value: "<aws-profile>"
However, this automatically generated kubeconfig file requires the command
aws(aws CLI tools) to be installed on every computer that wants to use this kubeconfig.Run the following commands on your local computer to get the token of the ServiceAccount
kubespherecreated by KubeSphere. It has the cluster admin access to the cluster and will be used as the new kubeconfig token.TOKEN=$(kubectl -n kubesphere-system get secret $(kubectl -n kubesphere-system get sa kubesphere -o jsonpath='{.secrets[0].name}') -o jsonpath='{.data.token}' | base64 -d)kubectl config set-credentials kubesphere --token=${TOKEN}kubectl config set-context --current --user=kubesphere
Retrieve the new kubeconfig file by running the following command:
apiVersion: v1clusters:- cluster:certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZ...S0tLQo=server: https://*.sk1.cn-north-1.eks.amazonaws.com.cn- context:cluster: arn:aws-cn:eks:cn-north-1:660450875567:cluster/EKS-LUSLVMT6user: kubespherename: arn:aws-cn:eks:cn-north-1:660450875567:cluster/EKS-LUSLVMT6current-context: arn:aws-cn:eks:cn-north-1:660450875567:cluster/EKS-LUSLVMT6kind: Configpreferences: {}users:- name: arn:aws-cn:eks:cn-north-1:660450875567:cluster/EKS-LUSLVMT6user:exec:apiVersion: client.authentication.k8s.io/v1alpha1args:- --region- cn-north-1- eks- get-token- --cluster-name- EKS-LUSLVMT6command: awsenv: null- name: kubesphereuser:token: eyJhbGciOiJSUzI1NiIsImtpZCI6ImlCRHF4SlE5a0JFNDlSM2xKWnY1Vkt5NTJrcDNqRS1Ta25IYkg1akhNRmsifQ.eyJpc3M................9KQtFULW544G-FBwURd6ArjgQ3Ay6NHYWZe3gWCHLmag9gF-hnzxequ7oN0LiJrA-al1qGeQv-8eiOFqX3RPCQgbybmix8qw5U6f-Rwvb47-xA
You can run the following command to check that the new kubeconfig does have access to the EKS cluster.
kubectl get nodes
The output is simialr to this:
Log in to the KubeSphere console on your host cluster as
admin. Click Platform in the upper-left corner and then select Cluster Management. On the Cluster Management page, click Add Cluster.Enter the basic information based on your needs and click Next.
Wait for cluster initialization to finish.
