../_images/preview.png

Kubernetes Clusters

Definition and Scope

SCOPE_ACC

Scalr provides a built-in integration with Kubernetes to manage existing clusters and give a view into the overall health, capacity and workloads on the cluster. Currently, Scalr supports:

  • GKE Kubernetes
  • Amazon EKS
  • Native Kubernetes

The following Kubernetes offerings will be supported soon:

  • Azure AKS

Google GKE

The integration of GKE Permissions NEWWIN clusters requires a few permissions to be granted for the service account that is used to add Kubernetes clusters in Scalr:

  • roles/container.viewer role permission (could also be visible as Kubernetes Engine Clusters Viewer)
  • roles/compute.viewer role permissions to view list of instances where the Kubernetes cluster is running
  • container.clusters.getCredentials (to obtain cluster credentials)

Here is more info on permissions to call Google GKE NEWWIN

These are the permissions needed for upgrading the master node:

  • container.clusters.update on the requested cluster
  • container.operations.get on the requested operations (included by roles/container.viewer)
  • container.operations.list on the requested Cloud project (included by roles/container.viewer)

GKE Kube-Config

In order to use the kube-config file downloaded from Kubernetes page you need gcloud NEWWIN to be installed in your system. Configure gcloud to use your service account. If you have access to the service-account file you can use gcloud auth activate-service-account --key-file=<path_to_file>. Then to connect to the cluster you can either export the config path as environment variable(export KUBECONFIG=<path_to_config>) or specify it directly in kubectl command: kubectl --kubeconfig=<path_to_config>>.

Resources:

Here is some more information that can be referenced on GKE:

Amazon EKS

There are few things need to be done before you can add a EKS Cluster to your Scalr account:

  • Your AWS cloud credential has to have EKS view permissions.
  • The IAM entity of your AWS cloud credentials has to be added to cluster RBAC (EKS IAM Userguide) NEWWIN.

When an Amazon EKS cluster is created, the IAM entity (user or role) that creates the cluster is added to the Kubernetes RBAC authorization table as the administrator. Initially, only that IAM user can make calls to the Kubernetes API server using kubectl.

Note

In order to collect nodes CPU/MEM metrics heapster or merics-server need to be deployed on the cluster.

AWS Kube-Config

In order to use the kube-config file downloaded from the Kubernetes page you need aws-iam-authenticator NEWWIN to be installed and added to $PATH on your system. Make sure you are using correct credentials while calling aws-iam-credentials.

Resources:

Here is some more information that can be referenced on AWS EKS:

Self - Managed Kubernetes Clusters

Scalr supports the following authorization for native Kubernetes clusters:

  • Basic: username + password + cluster_ca_cert - basic authorization should be enabled in order for this method to work.
  • x509 client certs: client_key + client_cert + cluster_ca_cert.

Depending on the type of authorization kube-config will contain either username + pass or client x509 certs.

Resources:

Here is some more information that can be referenced on native Kubernetes:

Adding a Cluster to Scalr

To add a cluster into Scalr, go to the Account scope and click on the Scalr menu on the top left of the screen MENU_ACC and then down to Kubernetes (Preview):

../_images/menu_kubernetes.png

To discover a new cluster, click on New Cluster, select your cluster type and enter the details:

../_images/new_cluster1.png

Once it is successfully added the cluster operation dashboard will appear:

../_images/ops_dashboard1.png

From here you can look into cluster details, download the kubeconfig, upgrade the master, etc:

../_images/cluster_details.png

You can also drill down into each cluster and look at the pods within it:

../_images/pods.png

By clicking on the Pod dashboard you will be able to see the details per Pod as well as manage them:

../_images/manage_pods.png