Versions Compared

Version Old Version 16 New Version Current
Changes made by

Kevin He

Alex Xie

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Recommended Configuration

Environments

EKS

SQL

Production

Worker node: EC2 T3.large, 2 vCPU, 16 GiB RAM

Worker node count: 3;

 

Amazon RDS for SQL Server

  • collation: SQL_Latin1_General_CP1_CI_AS

  • size: Standard instance, db.

t3

  • t4.

2xlarge

  • large

Databases: 

  • OneList_p

  • RoleManager_p

  • Comms_p

Non-production

Worker node: EC2 T3.large, 2 vCPU, 16 GiB RAM

Worker node count: 3;

Amazon RDS for SQL Server

  • collation: SQL_Latin1_General_CP1_CI_AS

  • size: Standard instance, db.

t3

  • t4.

xlarge

  • large

Databases: the "x" represents the environment tag, e.g. d for Development, q for QA.

  • OneList_x

  • RoleManager_x

  • Comms_x

Connect to EKS cluster

  1. Configure your AWS CLI credential if it is not yet configured.
    Run command below andinput information prompted.
    aws configure
    For more information, see Configuring the AWS CLI.

  2. Set context to the EKS cluster. Run the command below.
    aws eks --region <region> update-kubeconfig --name <cluster_name>

...

  • Config

    • RoleManager__MachineKey 
      The value is the generated machine key.

    • Database__ConnectionString
      The value is the SQL Server connection string. The name of the databases will be automatically specified by the services.

    • ASPNETCORE_ENVIRONMENT
      The value is <environment>.

    • Smtp__UserName 

    • Smtp__Password

    • Smtp__From
      This is the sender email address of notifications from OneList

    • Smtp__Host
      This is the SMTP server OneList use to send notifications.

    • Smtp__Port
      This is the port of SMTP server.

    • Smtp__UseSsl
      Define if SMTP server uses SSL connection. For Office365 SMTP service, the value is always false. 

    • Localization__DefaultCulture
      The default culture. Use the code from: Supported Languages

    • Localization__DefaultTimeZone
      The default time zone. The time zone id is the “TZ database name” from this page: https://en.wikipedia.org/wiki/List_of_tz_database_time_zones

    • supportedCultures

      • Localization__SupportedCultures__0
        The other supported cultures. Use the code from: Supported Languages. When there is more than one supported culture, add another Localization__SupportedCultures__n entry and increase the trailing number n by 1. E.g. Localization__SupportedCultures__1

  • imageCredentials

    • username
      Login username of IQX container registry.

    • password
      Login password of IQX container registry.

    • email
      Your email address.

  • ingress

  • persistentVolumeVolumeHandle
    EFS ID for supporting the EKS persistent volume.
    The ID is in this format: <file system ID>::<access point ID>
    Example: fs-09b1fb3a7c9299901::fsap-07ab32df8345e6591

  • image

    • tag
      Tag name of the images that are going to be deployed.

Save the "values.yaml" file.

3. Install the AWS Load Balancer Controller add-on (if not installed)

  1. Verify that if the controller is installed. Skip this section if already installed.

    Code Block
    kubectl get deployment -n kube-system aws-load-balancer-controller

    If you see the following. The Controller is installed.

    Code Block
    NAME                           READY   UP-TO-DATE   AVAILABLE   AGE
aws-load-balancer-controller   2/2     2            2           20h

  2. Follow this instruction to create a n OIDC provider for the cluster.
    https://docs.aws.amazon.com/eks/latest/userguide/enable-iam-roles-for-service-accounts.html

  3. Skip this step if AWSLoadBalancerControllerIAMPolicy policy already exist.

    Download an IAM policy file.
    https://raw.githubusercontent.com/kubernetes-sigs/aws-load-balancer-controller/v2.4.7/docs/install/iam_policy.json

    Create an IAM policy using the policy downloaded in the previous step.

    Code Block
    aws iam create-policy \
    --policy-name AWSLoadBalancerControllerIAMPolicy \
    --policy-document file://iam_policy.json

  4. Check if role AmazonEKSLoadBalancerControllerRole already exists. If already exists, use another role name.

    a. Create an IAM role. Replace my-cluster with the name of your cluster, 111122223333 with your account ID, AmazonEKSLoadBalancerControllerRole with your role name and then run the command.

    Code Block
    eksctl create iamserviceaccount \
  --cluster=my-cluster \
  --namespace=kube-system \
  --name=aws-load-balancer-controller \
  --role-name AmazonEKSLoadBalancerControllerRole \
  --attach-policy-arn=arn:aws:iam::111122223333:policy/AWSLoadBalancerControllerIAMPolicy \
  --approve

  5. Install the AWS Load Balancer Controller using Helm. Replace region-code, vpc-xxxxxxxx and my-cluster with the correct value.

    Code Block
    helm repo add eks https://aws.github.io/eks-charts
helm repo update eks
helm install aws-load-balancer-controller eks/aws-load-balancer-controller \
  -n kube-system \
  --set clusterName=my-cluster \
  --set serviceAccount.create=false \
  --set serviceAccount.name=aws-load-balancer-controller \
  --set region=region-code \
  --set vpcId=vpc-xxxxxxxx

    Verify that the controller is installed.

    Code Block
    kubectl get deployment -n kube-system aws-load-balancer-controller

4. Deploy OneList Helm chart

...