Deploying Galileo - EKS (Zero Access)
Create a private Kubernetes Cluster with EKS in your AWS Account, upload containers to your container registry, and deploy Galileo.
⏱ Total time for deployment: 45-60 minutes
# Create directory
mkdir -p $HOME/.local/bin
curl --silent --location "https://github.com/weaveworks/eksctl/releases/latest/download/eksctl_$(uname -s)_amd64.tar.gz" | tar xz -C /tmp
sudo mv /tmp/eksctl $HOME/.local/bin
The rest of the installation deployment can now be run from the CloudShell session. You can use
vimto create/edit the required yaml and json files within the shell session.
Galileo recommends the following Kubernetes deployment configuration:
With the yaml file saved, run the following command to deploy the cluster:
eksctl create cluster -f galileo-cluster.yaml
Customer specific cluster values (e.g. domain name, slack channel for notifications etc) will be placed in a base64 encoded string, stored as a secret in GitHub that Galileo’s deployment automation will read in and use when templating a cluster’s resource files.\
Mandatory fields the Galileo team requires:
VPN access is required to connect to the Kubernetes API when interacting with a private cluster. If you do not have appropriate VPN access with private DNS resolution, you can use a bastion machine with public ssh access as a bridge to the private cluster. The bastion will only act as a simple shell environment, so a machine type of
t3.microor equivalent will suffice.
Except where specifically noted, these steps are to be performed on a machine with internet access
- 2.Generate the cluster config file by running
aws eks update-kubeconfig --name $CLUSTER_NAME --region $REGION
- 3.If using a bastion machine, prepare the required environment with the following:
scpor copy and paste the contents of
~/.kube/configfrom your local machine to the same directory on the bastion
deployment-manifest.yamlfile to the working directory of the bastion
- 4.With your VPN connected, or if using a bastion, ssh'ing into the bastion's shell:
kubectl cluster-infoto verify your cluster config is set appropriately. If the cluster information is returned, you can proceed with the deployment.
kubectl apply -f deployment-manifest.yamlto deploy the Galileo applications. Re-run this command if there are errors related to custom resources not being defined as there are sometimes race conditions when applying large templates.
Galileo has 4 main URLs (shown below). In order to make the URLs accessible across the company, you have to set the following DNS addresses in your DNS provider after the platform is deployed.
⏱ Time taken : 5-10 minutes (post the ingress endpoint / load balancer provisioning)
Each URL must be entered as a CNAME record into your DNS management system as the ELB address. You can find this address by running
kubectl -n galileo get svc/ingress-nginx-controllerand looking at the value for