帮助改进此页面
要帮助改进本用户指南,请选择位于每个页面右侧窗格中的在 GitHub 上编辑此页面链接。
Amazon EKS 预置式控制面板入门
本指南将逐步引导您完成借助 Amazon CLI 及Amazon Web Services 管理控制台,搭建并使用 EKS 预置式控制面板的操作流程。
先决条件
在开始之前,请确保您满足以下条件:
-
Amazon CLI – 与 Amazon 服务(包括 Amazon EKS)结合使用的命令行工具。有关更多信息,请参阅《Amazon 命令行界面用户指南》中的安装。在安装 Amazon CLI 后,建议您还要对其进行配置。有关更多信息,请参阅《Amazon 命令行界面用户指南》中的使用 aws configure 快速配置。请注意,需要 Amazon CLI v2 才能使用本页中显示的 update-kubeconfig 选项。
-
所需的 IAM 权限 – 您正在使用的 IAM 安全主体必须具有使用 Amazon EKS IAM 角色、服务相关角色、Amazon CloudFormation、VPC 和相关资源的权限。有关更多信息,请参阅《IAM 用户指南》中的操作和使用服务相关角色。您必须以同一用户身份完成本指南中的所有步骤。要查看当前用户,请运行以下命令:
aws sts get-caller-identity
注意
我们建议您在 Bash Shell 中完成本主题中的步骤。如果您没有使用 Bash Shell,则某些脚本命令(例如行延续字符以及变量的设置和使用方式)需要调整 Shell。此外,您的 Shell 的引用和转义规则可能有所不同。有关更多信息,请参阅《Amazon 命令行界面用户指南》中的在 Amazon CLI 中将引号和字符串结合使用。
EKS 预置式控制面板:Amazon CLI
创建搭载 EKS 预置式控制面板扩展层级的集群
aws eks create-cluster --name prod-cluster \ --role-arn arn:aws:iam::012345678910:role/eks-service-role-AWSServiceRoleForAmazonEKS-J7ONKE3BQ4PI \ --resources-vpc-config subnetIds=subnet-6782e71e,subnet-e7e761ac,securityGroupIds=sg-6979fe18 \ --control-plane-scaling-config tier=tier-xl
响应:
{ "cluster": { "name": "my-eks-cluster", "arn": "arn:aws:eks:us-east-2:111122223333:cluster/my-eks-cluster", "createdAt": "2024-03-14T11:31:44.348000-04:00", "version": "1.26", "endpoint": "https://JSA79429HJDASKJDJ8223829MNDNASW.yl4.us-east-2.eks.amazonaws.com", "roleArn": "arn:aws:iam::111122223333:role/eksctl-my-eks-cluster-cluster-ServiceRole-zMF6CBakwwbW", "resourcesVpcConfig": { "subnetIds": [ "subnet-0fb75d2d8401716e7", "subnet-02184492f67a3d0f9", "subnet-04098063527aab776", "subnet-0e2907431c9988b72", "subnet-04ad87f71c6e5ab4d", "subnet-09d912bb63ef21b9a" ], "securityGroupIds": [ "sg-0c1327f6270afbb36" ], "clusterSecurityGroupId": "sg-01c84d09d70f39a7f", "vpcId": "vpc-0012b8e1cc0abb17d", "endpointPublicAccess": true, "endpointPrivateAccess": true, "publicAccessCidrs": [ "22.19.18.2/32" ] }, "controlPlaneScalingConfig": { "tier": "tier-xl" }, "kubernetesNetworkConfig": { "serviceIpv4Cidr": "10.100.0.0/16", "ipFamily": "ipv4" }, "logging": { "clusterLogging": [ { "types": [ "api", "audit", "authenticator", "controllerManager", "scheduler" ], "enabled": true } ] }, "identity": { "oidc": { "issuer": "https://oidc.eks.us-east-2.amazonaws.com/id/JSA79429HJDASKJDJ8223829MNDNASW" } }, "status": "CREATING", "certificateAuthority": { "data": "CA_DATA_STRING..." }, "platformVersion": "eks.14", "tags": { "aws:cloudformation:stack-name": "eksctl-my-eks-cluster-cluster", "alpha.eksctl.io/cluster-name": "my-eks-cluster", "karpenter.sh/discovery": "my-eks-cluster", "aws:cloudformation:stack-id": "arn:aws:cloudformation:us-east-2:111122223333:stack/eksctl-my-eks-cluster-cluster/e752ea00-e217-11ee-beae-0a9599c8c7ed", "auto-delete": "no", "eksctl.cluster.k8s.io/v1alpha1/cluster-name": "my-eks-cluster", "EKS-Cluster-Name": "my-eks-cluster", "alpha.eksctl.io/cluster-oidc-enabled": "true", "aws:cloudformation:logical-id": "ControlPlane", "alpha.eksctl.io/eksctl-version": "0.173.0-dev+a7ee89342.2024-03-01T03:40:57Z", "Name": "eksctl-my-eks-cluster-cluster/ControlPlane" }, "health": { "issues": [] }, "accessConfig": { "authenticationMode": "API_AND_CONFIG_MAP" } } }
查看集群的控制面板扩展层级
aws eks describe-cluster --name prod-cluster
响应:
{ "cluster": { "name": "my-eks-cluster", "arn": "arn:aws:eks:us-east-2:111122223333:cluster/my-eks-cluster", "createdAt": "2024-03-14T11:31:44.348000-04:00", "version": "1.26", "endpoint": "https://JSA79429HJDASKJDJ8223829MNDNASW.yl4.us-east-2.eks.amazonaws.com", "roleArn": "arn:aws:iam::111122223333:role/eksctl-my-eks-cluster-cluster-ServiceRole-zMF6CBakwwbW", "resourcesVpcConfig": { "subnetIds": [ "subnet-0fb75d2d8401716e7", "subnet-02184492f67a3d0f9", "subnet-04098063527aab776", "subnet-0e2907431c9988b72", "subnet-04ad87f71c6e5ab4d", "subnet-09d912bb63ef21b9a" ], "securityGroupIds": [ "sg-0c1327f6270afbb36" ], "clusterSecurityGroupId": "sg-01c84d09d70f39a7f", "vpcId": "vpc-0012b8e1cc0abb17d", "endpointPublicAccess": true, "endpointPrivateAccess": true, "publicAccessCidrs": [ "22.19.18.2/32" ] }, "controlPlaneScalingConfig": { "tier": "tier-xl" }, "kubernetesNetworkConfig": { "serviceIpv4Cidr": "10.100.0.0/16", "ipFamily": "ipv4" }, "logging": { "clusterLogging": [ { "types": [ "api", "audit", "authenticator", "controllerManager", "scheduler" ], "enabled": true } ] }, "identity": { "oidc": { "issuer": "https://oidc.eks.us-east-2.amazonaws.com/id/JSA79429HJDASKJDJ8223829MNDNASW" } }, "status": "ACTIVE", "certificateAuthority": { "data": "CA_DATA_STRING..." }, "platformVersion": "eks.14", "tags": { "aws:cloudformation:stack-name": "eksctl-my-eks-cluster-cluster", "alpha.eksctl.io/cluster-name": "my-eks-cluster", "karpenter.sh/discovery": "my-eks-cluster", "aws:cloudformation:stack-id": "arn:aws:cloudformation:us-east-2:111122223333:stack/eksctl-my-eks-cluster-cluster/e752ea00-e217-11ee-beae-0a9599c8c7ed", "auto-delete": "no", "eksctl.cluster.k8s.io/v1alpha1/cluster-name": "my-eks-cluster", "EKS-Cluster-Name": "my-eks-cluster", "alpha.eksctl.io/cluster-oidc-enabled": "true", "aws:cloudformation:logical-id": "ControlPlane", "alpha.eksctl.io/eksctl-version": "0.173.0-dev+a7ee89342.2024-03-01T03:40:57Z", "Name": "eksctl-my-eks-cluster-cluster/ControlPlane" }, "health": { "issues": [] }, "accessConfig": { "authenticationMode": "API_AND_CONFIG_MAP" } } }
更新集群以启用 EKS 预置式控制面板
aws eks update-cluster-config --name prod-cluster \ --control-plane-scaling-config tier=tier-2xl
响应:
{ "update": { "id": "7551c64b-1d27-4b1e-9f8e-c45f056eb6fd", "status": "InProgress", "type": "ScalingTierConfigUpdate", "params": [ { "type": "UpdatedTier", "value": "tier-2xl" }, { "type": "PreviousTier", "value": "tier-xl" } ], "createdAt": 1565807210.37, "errors": [] } }
查看控制面板扩展配置的更新状态
aws eks list-updates --name example
响应:
{ "updateIds": [ "7551c64b-1d27-4b1e-9f8e-c45f056eb6fd1" ] }
从预置式控制面板切换到标准控制面板
aws eks update-cluster-config --name prod-cluster \ --control-plane-scaling-config tier=standard
响应:
{ "update": { "id": "7551c64b-1d27-4b1e-9f8e-c45f056eb6fd", "status": "InProgress", "type": "ScalingTierConfigUpdate", "params": [ { "type": "UpdatedTier", "value": "standard" }, { "type": "PreviousTier", "value": "tier-2xl" } ], "createdAt": 1565807210.37, "errors": [] } }
EKS 预置式控制面板:Amazon Web Services 管理控制台
-
打开 Amazon EKS 控制台
。 -
选择创建集群。
-
在配置选项下,选择自定义配置。
-
向下滚动到控制面板扩展层级选项。勾选启用扩展层级,以此开启预置式控制面板功能。
-
从各类扩展层级选项(如 XL、2XL、4XL)中,选择要为集群配置的控制面板扩展层级。
-
根据需求选择其他集群配置项。在最后一步中,点击创建集群。请注意,集群创建过程可能需要数分钟才能完成。