From fe98b045c619331aeca211b4392db7b6c2f23a4a Mon Sep 17 00:00:00 2001 From: Mark Bishop Date: Fri, 19 Oct 2018 14:00:04 -0700 Subject: [PATCH] making big edits --- .../hosted-kubernetes-clusters/eks/_index.md | 80 ++++++++++++++++--- 1 file changed, 70 insertions(+), 10 deletions(-) diff --git a/content/rancher/v2.x/en/cluster-provisioning/hosted-kubernetes-clusters/eks/_index.md b/content/rancher/v2.x/en/cluster-provisioning/hosted-kubernetes-clusters/eks/_index.md index ae2cc49c9d0..7193162ff62 100644 --- a/content/rancher/v2.x/en/cluster-provisioning/hosted-kubernetes-clusters/eks/_index.md +++ b/content/rancher/v2.x/en/cluster-provisioning/hosted-kubernetes-clusters/eks/_index.md @@ -48,19 +48,79 @@ Use {{< product >}} to set up and configure your Kubernetes cluster. 4. {{< step_create-cluster_member-roles >}} -5. Enter your **Access Key**. +1. Configure **Account Access** for the EKS cluster. Complete each drop-down and field. -6. Enter your **Secret Key** + | Setting | Description | + | ---------- | -------------------------------------------------------------------------------------------------------------------- | + | Region | From the drop-down choose the geographical region in which to build your cluster. | + | Access Key | Enter the access key that you created in [2. Create Access Key and Secret Key](#2-create-access-key-and-secret-key). | + | Secret Key | Enter the secret key that you created in [2. Create Access Key and Secret Key](#2-create-access-key-and-secret-key). | + +1. Click **Next: Select Service Role**. Then choose a service role. -7. Click **Next: Authenticate & configure nodes**. + Service Role | Description + -------------|--------------------------- + Standard: Rancher generated service role | placeholder + Custom: Choose from your existing service roles | placeholder -8. Specify any additional options (such as instance type or minimum and maximum number of nodes). Then click **Create**. +1. Click **Next: Select VPC and Subnet**. + +1. Choose an option for **Public IP for Worker Nodes**. Your selection for this option determines what options are available for **VPC & Subnet**. + + Option | Description + -------|------------ + Yes | When your cluster nodes are provisioned, they're assigned a both a private and public IP address. + No: Private IPs only | When your cluster nodes are provisioned, they're assigned only a private IP address.

If you choose this option, you must also choose a **VPC & Subnet** that allow your instances to access the internet. This access is required so that your worker nodes can connect to the Kubernetes control plane. + +1. Now choose a **VPC & Subnet**. Follow one of the sets of instructions below based on your selection from the previous step. + + + {{% accordion id="yes" label="Public IP for Worker Nodes—Yes" %}} +If you choose to assign a public IP address to your cluster's worker nodes, you have the option of choosing between a VPC that's automatically generated by Rancher (i.e., **Standard: Rancher generated VPC and Subnet**), or a VPC that you're already created with AWS (i.e., **Custom: Choose from your existing VPC and Subnets**). Choose the option that best fits your use case. + +1. Choose a **VPC and Subnet** option. + + Option | Description + -------|------------ + Standard: Rancher generated VPC and Subnet | While provisioning your cluster, Rancher generates a new VPC and Subnet. + Custom: Choose from your exiting VPC and Subnets | While provisioning your cluster, Rancher configures your nodes to use a VPC and Subnet that you've already created in AWS. If you choose this option, complete the remaining steps below. + +1. If you're using **Custom: Choose from your existing VPC and Subnets**: + + (If you're using **Standard**, skip to [step 10](#security-group)) + + 1. Make sure **Custom: Choose from your existing VPC and Subnets** is selected. + + 1. From the drop-down that displays, choose a VPC. + + 1. Click **Next: Select Subnets**. Then choose one of the **Subnets** that displays. + + 1. Click **Next: Select Security Group**. + {{% /accordion %}} + {{% accordion id="no" label="Public IP for Worker Nodes—No: Private IPs only" %}} +If you chose this option, you must also choose a **VPC & Subnet** that allow your instances to access the internet. This access is required so that your worker nodes can connect to the Kubernetes control plane. Follow the steps below. + +>**Tip:** When using only private IP addresses, you can provide your nodes internet access by creating a VPC constructed with two subnets, a private set and a public set. The private set should have its route tables configured to point toward a NAT in the public set. For more information on routing traffic from private subnets, please see the [official AWS documentation](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_NAT_Instance.html). + + 1. From the drop-down that displays, choose a VPC. + + 1. Click **Next: Select Subnets**. Then choose one of the **Subnets** that displays. + + 1. Click **Next: Select Security Group**. + {{% /accordion %}} + +1. Choose a **Security Group**. + +1. Click **Select Instance Options**, and then edit the node options available. + + Option | Description + -------|------------ + Instance Type | placeholder + Custom AMI Override | placeholder + Minimum ASG Size | placeholder + Maximum ASG Size | placeholder + +1. Click **Create**. {{< result_create-cluster >}} -# Note on Public IP for Worker Notes - -If you specify `Public IP for Worker Nodes` as `false`, you must also specify a VPC with subnets that allow your instances to access the internet. This access is required so that your worker nodes can connect to the Kubernetes control plane. - -One possible configuration solution is a VPC constructed with two subnets, a private set and a public set. The private set should have its route tables configured to point toward a NAT in the public set. For more information on routing traffic from private subnets, please see the [official AWS documentation](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_NAT_Instance.html). -