Huawei Container Service can be securely registered with gopaddle as an external cluster via Bastion Host. To use the Huawei Cloud Container Engine with gopaddle, a Bastion host needs to be created in the same region and VPC as the Cloud Container Engine.
Create an Elastic Cloud Server as bastion host
a) From the Huawei cloud console, create an Elastic Cloud Server. While creating an Elastic Cloud Server, choose the VPC where the Cloud Container Engine exists or is about to be created.
b) Choose the Public sub-net to access the Cloud Server.
c) Add tcp:5443 in the inbound security group rules to forward the requests on port 5443 to kubernetes API server.
d) Assign an EIP to the Elastic Cloud Server, so that it can be accessed publicly.
e) Generate a keypair to access the Elastic Cloud Server
Create a Cloud Container Engine cluster
f) From the Huawei console, create a Cloud Container Engine cluster. While creating the cluster, choose the Automatically assign EIP to the nodes.
g) Once the cluster moves to Running state, download the kubeconfig file from the kubectl section
Ensure the Public API Server address is NOT bound before downloading the kubeconfig file.
h) Once the kubeconfig file is downloaded, note down the cluster Internal API Server Address address
Create a Load Balancer with Elastic IP
i) If you wish to deploy applications with Ingress and Loadbalancer, create a Loadbalancer from the Huawei cloud console and note down the Loadbalancer ID and the IP Address.
Register the ECS cluster in gopaddle portal via bastion host
j) From the gopaddle console, navigate to the cluster section to register an external cluster.
In the registration wizard, provide the kubernetes master IP address noted from the earlier step (h) as the Host IP Address and the port.
k) Select the Provider Type as Huawei.
l) Choose the Bastion Host Connection type
m) In the Kubernetes API Server details, choose the Authentication Type as config
n) Choose the kubeconfig file downloaded in step (g)
o) Provide the EIP of the Elastic Container Server, its SSH User, SSH Port 22 and the SSH Key file generated in step (e). Register the cluster.
Once the cluster is registered, it can be used for build and deploying applications.
p) While launching an application on Huewai cluster, if you choose to access the application using ingress and LoadBalancer, provide the LoadBalancer ID and IP created in step (i) in the Deployment Template launch wizard.
Once the application is launched, map the public IP of the Huawei load balancer to the domain name in your domain service provider.
Launching a stateful application in Huawei Container Service
a) Create an EVS Volume in the Huawei cloud console. Under the Elastic Container Service, choose the Resource Management Option and select storage to provision an EVS Volume.
b) From the gopaddle console, create a Provision Policy by choosing the region and the zone where the Cloud Container Engine exists.
c) At the time of launching the application from the gopaddle portal, choose the Huawei provision policy created in the earlier step.