Skip to main content
Version: Deploy 23.3

Install or Upgrade—Deploy or Release—on Amazon EKS

Note: Here is a basic setup for the AWS EKS cluster, use it as a guideline to create K8s cluster to have minimal K8s environment for Digital.ai Deploy or Release installation.

Prerequisites

Important: If you want to enable the TLS protocol in your cluster, you must have the TLS secret created in the namespace before you start the installation or upgrade. This means that you must create the namespace first, create the TLS secret in that namespace, and use the same namespace and TLS secret during the installation or upgrade of Digital.ai Deploy or Release.

The xl kube install and xl kube upgrade options reference let you go with the default (latest) docker image tags available when you install or upgrade Digital.ai Deploy or Release. However, here are the Docker Hub links to verify all the available image tags.

Step 1—Prepare for Installation

You must set up your system for installation, which includes installing the kubectl, the required CLIs, and so on.

Install kubectl, XL CLI, eksctl, and yq

See:

Note: You can also use AWS CLI instead of eksctl to create and work with an EKS cluster. However, eksctl automates a few steps, which you would otherwise be completing manually if you were to use AWS CLI.

Step 2—Set up Your Amazon Account and EKS Cluster

Note: The instructions to set up the cluster are indicative of the process. You may have to keep abreast of the latest developments with regards to the cloud platform you work with and set up the cluster to suit your requirements.

  1. Sign up for an AWS account if you do not have one. For more information, see Create an AWS Account.
  2. Log on to your AWS account and gather the AWSAccessKeyId and AWSSecretKey.
  3. Create an access key if you do not have one already. For more information, see Managing access keys.

Important: It is recommended to download and save the AWS access key file immediately after creating the access key as you cannot retrieve your Secret Access Key later.

Create VPC and Subnets

Use existing VPC or create new VPC and Subnets. For more information, see Creating a VPC for your Amazon EKS cluster.

For more information, see Amazon EKS VPC and subnet requirements and considerations

Create AWS EKS Cluster Role

Create an IAM role for your EKS cluster. For more information see Create AWS EKS cluster role.

Create EC2 Node Group Role

See Create EC2 node group role.

Create the Amazon EKS Cluster

  1. See Creating an Amazon EKS cluster.

  2. Gather the following information about your Amazon EKS cluster and keep them handy.

    • Your Amazon account's AWSAccessKeyId and AWSSecretKey
    • The AWS region code (for example, eu-west-2) that hosts the EKS cluster
    • The EKS cluster's name
    • The API server endpoint URL
    • The Certificate Authority (CA) cert

Note: If you created your cluster using eksctl, you can skip Creating a kubeconfig for Amazon EKS. The eksctl would have completed the step for you already.

Create Node Group

See Create node group.

Verify the Connection to the Cluster

Run the following command from your system to verify the connection to the Amazon EKS cluster.

kubectl get nodes

1664786699719

Update the kube config of aws-auth

  1. Edit the configmap.

    kubectl edit configmap -n kube-system aws-auth

    For AWS SSO user:

    mapRoles:
    ----
    - groups:
    - system:bootstrappers
    - system:nodes
    rolearn: arn:aws:iam::932770550094:role/aws-reserved/sso.amazonaws.com/us-west-2/AWSReservedSSO_XLD-XXXXXXX
    username: AWSReservedSSO_XLD-XXXXXXX

    For normal users:

    mapUsers: |
    - userarn: arn:aws:iam::932770550094:user/<userName>
    username: <username>
    groups:
    - system:masters
  2. Verify the updated configmap.

    kubectl describe configmap -n kube-system aws-auth

Register the Domain Name Using Route 53

  1. Go to the Route 53 console.
  2. Select hostedZone.
  3. Create hosted zone or select an available one (for example, digitalai-testing.com).
  4. Create a new Route 53 record.
    1. Turn on the Alias toggle.

    2. Type a record name. deploy.digitalai-testing.com in the following example.

    3. Leave the default values for Record type and Routing policy fields.

    4. Set Route Traffic to to Alias to Application and Classic Load Balancer.

      1664787655491

Set up the Ingress Controller

  1. Validate the ingress and service.

    kubectl get ing
  2. Edit the Route 53 record you just created.

  3. Update the region where your cluster is running.

  4. Select the load balancer.

    1664790125276

Step 3—Install Digital.ai Deploy or Release

  1. Run the xl kube install command. For more information about flags to skip prompts, enable additional logging, and so on, see xl kube install Command Reference.
  2. Answer the questions in the installation options reference.
  3. When prompted, select AWS EKS as the Kubernetes setup where the Digital.ai Devops Platform will be installed. For more information, see:
  4. Complete the installation.
  5. Log on to the Deploy or Release server and verify the installation.

Upgrade Deploy or Release on Amazon EKS

The following upgrade scenarios are supported:

  • Upgrading existing sites created using Helm Charts
  • Upgrading existing sites created using Operator

Backup and Restore

  • Before you upgrade existing Deploy or Release sites using the Operator-based installer, you must back up your volumes, databases, and file systems so that you can revert to the earlier state in case of upgrade failures.
  • Back up and restore your data according to your organization's backup policies.
  • For more information, see AWS Backup.

Upgrade Digital.ai Deploy or Release

  1. Run the xl kube upgrade command. For more information about flags to skip prompts, enable additional logging, and so on, see xl kube upgrade command reference
  2. Answer the questions in the upgrade options reference.
  3. When prompted, select AWS EKS as the Kubernetes setup where the Digital.ai Devops Platform will be upgraded. For more information, see:
  4. Complete the upgrade.
  5. Log on to the Deploy or Release server and verify the installation.