Skip to content

Commit

Permalink
Updated EKS docs (Mirantis#13)
Browse files Browse the repository at this point in the history
  • Loading branch information
slysunkin authored Nov 15, 2024
1 parent dfd8770 commit 83dd095
Show file tree
Hide file tree
Showing 10 changed files with 62 additions and 0 deletions.
Binary file added docs/assets/delete-endpoint-ok.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added docs/assets/delete-vpc-fail.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added docs/assets/delete-vpc-ok.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added docs/assets/delete-vpce.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added docs/assets/detach-network-interface-fail.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added docs/assets/no-network-interfaces.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
19 changes: 19 additions & 0 deletions docs/clustertemplates/aws/template-parameters.md
Original file line number Diff line number Diff line change
Expand Up @@ -72,3 +72,22 @@ spec:
enabled: true
...
```

## EKS templates

EKS templates use the parameters similar to AWS and resulting EKS `ManagedCluster` can look like this:

```yaml
apiVersion: hmc.mirantis.com/v1alpha1
kind: ManagedCluster
metadata:
name: cluster-1
spec:
template: aws-eks-0-0-2
credential: aws-cred
config:
sshKeyName: foobar
region: ${AWS_REGION}
workersNumber: 1
...
```
36 changes: 36 additions & 0 deletions docs/clustertemplates/aws/vpc-removal.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
# Non-removed VPC

A bug was fixed in CAPA (Cluster API Provider AWS) for VPC removal: [kubernetes-sigs/cluster-api-provider-aws#5192](https://github.com/kubernetes-sigs/cluster-api-provider-aws/issues/5192)

It is possible to deal with non-deleted VPCs the following ways:

## Applying ownership information on VPCs

When VPCs have owner information, all AWS resources will be removed when 2A ESK cluster is deleted.
So, after provisioning EKS cluster the operator can go and set tags (i.e. `tag:Owner`) and it will be sufficient for CAPA to manage them.

## GuardDuty VPCE

Another way to prevent an issue with non-deleted VPCs is to disable GuardDuty.
GuardDuty creates an extra VPCE (VPC Endpoint) not managed by CAPA and when CAPA starts EKS cluster removal, this VPCE is not removed.

## Manual removal of VPCs

When it is impossible to turn off GuardDuty or applying ownership tags is not permitted, it is needed to remove VPCs manually.

The sign of “stuck” VPC looks like a hidden “Delete” button.
![Failed VPC deletion](../../assets/delete-vpc-fail.png)

Opening “Network Interfaces” and attempting to detach an interface shows disable “Detach” button:
![detach-network-interface-fail](../../assets/detach-network-interface-fail.png)

It is required to get to VPC endpoints screen and remove the end-point:
![delete-vpce](../../assets/delete-vpce.png)

![OK Endpoint deletion](../../assets/delete-endpoint-ok.png)

Wait until VPCE is completely removed, all network interfaces disappear.
![No Network Interfaces](../../assets/no-network-interfaces.png)

Now VPC can be finally removed:
![Failed VPC OK](../../assets/delete-vpc-ok.png)
4 changes: 4 additions & 0 deletions docs/quick-start/aws.md
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,10 @@ You need a Kubernetes cluster with [2A installed](2a-installation.md).
The AWS `clusterawsadm` tool is required to bootstrap an AWS Account. Install it
by following the [AWS clusterawsadm installation instructions](https://github.com/kubernetes-sigs/cluster-api-provider-aws?tab=readme-ov-file#clusterawsadm).

## EKS Deployment

- Additional EKS steps and verifications are described in [EKS clusters](../eks/main.md).

### Configure AWS IAM

Before launching a cluster on AWS, you need to set up your AWS infrastructure
Expand Down
3 changes: 3 additions & 0 deletions mkdocs.yml
Original file line number Diff line number Diff line change
Expand Up @@ -91,6 +91,9 @@ nav:
- vSphere:
- Template Parameters: clustertemplates/vsphere/template-parameters.md
- Hosted Control Plane: clustertemplates/vsphere/hosted-control-plane.md
- EKS:
- Template Parameters: clustertemplates/aws/template-parameters.md#eks-templates
- Troubleshooting: clustertemplates/aws/vpc-removal.md
- Credentials:
- Overview: credential/main.md
- Architecture: architecture.md
Expand Down

0 comments on commit 83dd095

Please sign in to comment.