Pre-requisites
brew install eksctl, kubectl, awscli, yqDeploys a cluster based around the bottlerocket-quickstart-eks.yaml config. This deploys 5 m5.2xlarge nodes using the bottle rocket AMI and CloudFormation templates.
eksctl create cluster -f bottlerocket-quickstart-eks.yamlAdd and install the OpenSearch Operator.
helm repo add opensearch-operator https://opster.github.io/opensearch-k8s-operator/
helm install opensearch-operator opensearch-operator/opensearch-operatorDeploy the cluster according to the config.
kubectl apply -f opensearch-cluster.yamlWait for all 3 OpenSearch nodes and 1 OpenSearch dashboard nodes to be ready.
watch -n 2 kubectl get podsCreate the policy for EKS to be able to create application load balanacers.
aws iam create-policy \
--policy-name AWSLoadBalancerControllerIAMPolicy \
--policy-document file://iam_policy.jsonQuick stript to get the caller identity for use in the next step.
export DEMOACCOUNT=$(aws sts get-caller-identity | yq e '.Account' -)Create a service account that will allow EKS to spin up load balancers.
eksctl create iamserviceaccount \
--cluster=bottlerocket-opensearch \
--namespace=kube-system \
--name=aws-load-balancer-controller-beta \
--role-name "AmazonEKSLoadBalancerControllerRole" \
--attach-policy-arn=arn:aws:iam::$(echo $DEMOACCOUNT):policy/AWSLoadBalancerControllerIAMPolicy \
--region=us-east-2 \
--override-existing-serviceaccounts \
--approveAssociate the identity provider.
eksctl utils associate-iam-oidc-provider \
--region=us-east-2 \
--cluster=bottlerocket-opensearch \
--approveAdd the EKS charts for the load balancers.
helm repo add eks https://aws.github.io/eks-charts
helm install aws-load-balancer-controller eks/aws-load-balancer-controller \
-n kube-system \
--set clusterName=bottlerocket-opensearch \
--set serviceAccount.create=false \
--set serviceAccount.name=aws-load-balancer-controller-betaValidate they are deployed
kubectl describe deploy aws-load-balancer-controllerCreate ingress for the dashboards.
kubectl apply -f dashboards-ingress.yamlFind the ingress URL for OpenSearch
kubectl get ingress/ingress-dashboards -n default -o yaml | yq e '.status.loadBalancer.ingress[0].hostname' -Add opensearch username/pw for Fluent-Bit to consume
kubectl create secret generic opensearchpass \
--from-literal=username=admin \
--from-literal=password=adminInstall the fluentbit operator
helm install fluent-operator --create-namespace -n fluent charts/fluent-operator/ --set containerRuntime=containerdDeploy the fluentbit daemonset
kubectl apply -f fluentbit-daemonset.yaml kubectl port-forwardGetting the Kubeconfig
eksctl utils write-kubeconfig -f bottlerocket-quickstart-eks.yaml