Kublr Platform on Amazon Web Services

Prerequisites

Install Kublr-in-a-Box. Please refer to Installation Guide for Kublr-in-a-Box.

Overview

This document describes the steps necessary to deploy the Kublr Platform in an Amazon Web Services infrastructure. It contains the following steps:

  1. Create AWS API credentials and create AWS IAM Policy
  2. Deploy Kublr Platform to AWS infrastructure
  3. Open deployed Kublr Platform
  4. (Optional) Setup custom DNS name for Kublr Platform

Create AWS API Credentials and Create AWS IAM Policy

Create AWS Policy and AWS API credentials for Kublr

For Kublr to create a cluster in your AWS account, you’ll need to create an AWS policy as well as an AWS API Access Key. All cluster resources, such as EC2 Instances, Load Balancers, Security Groups, Autoscaling Groups are created in your Amazon AWS account using the AWS API and will be managed by Kublr.

Use your AWS root account credential to sign in to the AWS Management Console. If you previously signed into the console with your IAM user credentials, your browser might open the IAM user sign-in page. To avoid that, choose sign in using your root account credentials to access the AWS account sign-in page.

Create the AWS Security Policy for Kublr API Access

  1. IAM console: choose Policies, in the navigation column on the left.
  2. At the top of the page, choose Create Policy. Create Policy
  3. On the Create Policy page, select Create Your Own Policy. Create Your Own Policy
  4. Enter the Policy Name.
  5. In the Policy Document section, enter this policy profile.
  6. Click Create Policy to generate the policy.
  7. Choose Users in the navigation column on the left.
  8. At the top of the page, select Add User Add User
  9. Enter your username and select Programmatic Access.
  10. Click Next Permissions.
  11. Select Attach Existing Policy Directly Attach Existing Policy
  12. Select the policy you created. Select the policy
  13. Click Next Review.
  14. Click Create User.

Done! You’ve successfully created the user.

Create a new AWS Access Key

  1. On the top right of the console, click on your account name or number. Then choose My Security Credentials.
  2. Choose Continue to Security Credentials.
  3. Expand the Access Keys (Access Key ID and Secret Access Key) section.
  4. Choose Create New Access Key. Create New Access Key Create New Access Key Success

Connect AWS and Kublr

  1. Log into Kublr using your credentials.
  2. Click on the Credentials menu in the left navigation menu bar. Credentials
  3. Click Add Credentials Add Credentials
  4. Under credential type, select AWS Credentials.
  5. Enter Credentials Name (e.g. Test).
  6. Enter Access Key from AWS Management Console / IAM (see above).
  7. Enter Secret Key from AWS Management Console / IAM (see above).
  8. Click Save Credentials.
  9. “Credentials have been successfully created” popup appears.
  10. Click to verify if credentials are valid and ready to be used. Verify Credentials Verify Credentials Success

Deploying Kublr Platform to AWS infrastructure

  1. Click on Cluster Menu in the left navigation menu bar. Cluster Menu
  2. Click on Add Kublr Platform or Deploy Full Kublr Platform. Add New Cluster
  3. You may see short Kublr Platform description. Add New Cluster
  4. Enter Kublr Platform name.
  5. Select Provider: Amazon Web Services and region. AWS Provider
  6. Select credentials created and/or saved on previous step. Credentials
  7. Select operating system to be used for Kublr cluster instances. Select OS
  8. Select number of master nodes and instance type. Select Instance Type
  9. Select number of worker nodes and instance type. Select Word Nodes
  10. Select credentials for accessing newly deployed Kublr platform. Credentials
  11. Click Confirm and Install. A “congratulations” box will appear “Your cluster is being created. It might take a few minutes.”.

Opening deployed Kublr Platform

The Kublr Platform creation may take up to 30 minutes to complete.

  1. Once it’s done, on the Clusters page you will see: Kublr Platform
  2. Click on “Open Kublr Platform” button to open Kublr platform.
  3. Please allow it to use self-signed SSL certificate. SSL Certificate error
  4. Sign In to the Kublr Platform using the admin Username and Password provided while creating Kublr Platform above.

Now you can use Kublr Platform!

(Optional) Setting up custom DNS name for Kublr Platform

This optional step is for if you want a user-friendly DNS name such as https://kublr.example.com/ instead of the default loadbalancer address, which looks like “https://a3730363410f511e8bfd502a4587192e-67484441.us-east-1.elb.amazonaws.com/".

In order to do this, please create a new DNS A record with type Alias for kublr.example.com pointing to LoadBalancer DNS Name.

Instructions on how to setup SSL certificate for this domain are provided in the article: Ingress TLS/SSL Setup.


Questions? Suggestions? Need help? Contact us.