Install Bastion Server for EKS Deployment
Quote from moshe on 15/10/2020, 2:33 pmOverview
Amazon Elastic Kubernetes Service (Amazon EKS) is a managed Kubernetes service. EKS integrates with AWS App Mesh and provides a Kubernetes native experience to consume service mesh features and bring rich observability, traffic controls and security features to applications.
Linux bastion host in an Auto Scaling group to allow inbound Secure Shell (SSH) access to Amazon Elastic Compute Cloud (Amazon EC2) instances in private subnets. An Amazon EKS cluster, which provides the Kubernetes control plane. In the private subnets, a group of Kubernetes nodes.
Install Bastion Host
Bastion Server is based on Ami Linux first install a standard AMI Linux 2 t2.medium should be sufficient for basic operations. Give Proper permissions and add to VPC and Security Groups so you can access it using SSH
Note: This step assumes you are using the Bash shell; if you are using another shell, change the command to use your specific shell initialisation file.
Configure your AWS CLI credentials
Get key from IAM services
Choose User and Add new User type your username
Eks-bastion-server
And choose Access Type: Programmatic access
Press next and choose existing EKS group or create a new one
Type Group name
EKS-Bastion
In the filter policies search for EKS and choose the following Policies
- AdministratorAccess
- AmazonEKS_CNI_Policy
- AmazonEKSClusterPolicy
- AmazonEKSFargatePodExecutionRolePolicy
- AAmazonEKSServicePolicy
- AAmazonEKSVPCResourceController
- AmazonEKSWorkerNodePolicy
Upon creation copy and save your AWS Access Key ID and Secret access key should look like this
Access key ID: A***************
Secret Access Key: v******************
Run the command to configure AWS on your Bastion Machine
$ aws configure
AWS Access Key ID [None]: A***************
AWS Secret Access Key [None]: v***************
Default region name [None]: region-code (Example: us-east-2)
Default output format [None]: json
Overview
Amazon Elastic Kubernetes Service (Amazon EKS) is a managed Kubernetes service. EKS integrates with AWS App Mesh and provides a Kubernetes native experience to consume service mesh features and bring rich observability, traffic controls and security features to applications.
Linux bastion host in an Auto Scaling group to allow inbound Secure Shell (SSH) access to Amazon Elastic Compute Cloud (Amazon EC2) instances in private subnets. An Amazon EKS cluster, which provides the Kubernetes control plane. In the private subnets, a group of Kubernetes nodes.
Install Bastion Host
Bastion Server is based on Ami Linux first install a standard AMI Linux 2 t2.medium should be sufficient for basic operations. Give Proper permissions and add to VPC and Security Groups so you can access it using SSH
Note: This step assumes you are using the Bash shell; if you are using another shell, change the command to use your specific shell initialisation file.
Configure your AWS CLI credentials
Get key from IAM services
Choose User and Add new User type your username
Eks-bastion-server
And choose Access Type: Programmatic access
Press next and choose existing EKS group or create a new one
Type Group name
EKS-Bastion
In the filter policies search for EKS and choose the following Policies
- AdministratorAccess
- AmazonEKS_CNI_Policy
- AmazonEKSClusterPolicy
- AmazonEKSFargatePodExecutionRolePolicy
- AAmazonEKSServicePolicy
- AAmazonEKSVPCResourceController
- AmazonEKSWorkerNodePolicy
Upon creation copy and save your AWS Access Key ID and Secret access key should look like this
Access key ID: A***************
Secret Access Key: v******************
Run the command to configure AWS on your Bastion Machine
$ aws configure
AWS Access Key ID [None]: A***************
AWS Secret Access Key [None]: v***************
Default region name [None]: region-code (Example: us-east-2)
Default output format [None]: json