This article instructs on how to integrate Kubernetes Clusters (EKS or AKS) with Cloudaware.
Adding Kubernetes Cluster
1. Log in to your Cloudaware account. Select Admin under your username in the upper right corner.
2. Locate Kubernetes in the list of Cloud Integrations. Click +Add.
3. Click Get New Certificate Request.
Insert the username that will be utilized in Kubernetes. Click Generate.
As a result, a certificate will be generated in .csr format (e.g. cloudaware_test.csr)
4. Sign the Cloudaware certificate request that will be used by Kubernetes control plane node - see the example below:
openssl x509 -req -in cloudaware_test.csr -CA /etc/kubernetes/pki/ca.crt -CAkey /etc/kubernetes/pki/ca.key -CAcreateserial -out cloudaware_test.crt -days 3650
5. Set up authorization for the user on RBAC level. Create a custom Cluster role node-reader
for Cloudaware to be able to fetch the information about Cluster nodes:
apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: node-reader rules: - apiGroups: [""] resources: ["nodes"] verbs: ["get", "watch", "list"]
Create a RoleBinding - see the sample command below:
kubectl create -f cloudaware-user.yaml
Two bindings are in use, the first one binds the default role view
, the second one binds the custom Cluster role node-reader
:
apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: cloudaware_test-binding subjects: - kind: User name: cloudaware_test namespace: default apiGroup: "" roleRef: kind: ClusterRole name: view apiGroup: "" --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: cloudaware_test-binding2 subjects: - kind: User name: cloudaware_test namespace: default apiGroup: "" roleRef: kind: ClusterRole name: node-reader apiGroup: ""
5. Once the certificate is signed, go back to Cloudaware. Insert Cluster URL and click Upload Signed Certificate to upload the certificate. Click Save.
List of Kubernetes Cluster Objects
Cloudaware supports the following Kubernetes Cluster objects (to be updated):
Kubernetes Cluster Kubernetes Cluster Config Map Kubernetes Cluster Daemon Set Kubernetes Cluster Deployment Kubernetes Cluster Endpoint Kubernetes Cluster Limit Range Kubernetes Cluster Namespace Kubernetes Cluster Node Kubernetes Cluster Node Address Kubernetes Cluster Pod Kubernetes Cluster Pod Container Kubernetes Cluster Replica Set Kubernetes Cluster Resource Quota Kubernetes Cluster Service Kubernetes Cluster Stateful Set |