gopaddle User Guide
  • 👋Welcome to gopaddle
  • Overview
    • 💡Getting Started
    • Register a Cluster
      • Register Rancher Prime - RKE2
      • Register K3S
      • Register MicroK8s
      • Register Kind
      • Register minikube
      • Register Kubeadm Cluster
      • Register AWS EKS Cluster
        • EKS Cluster with public or public/private access point
        • EKS Cluster with private access endpoint and a bastion host
        • Validate Cluster Connectivity
      • Register Azure AKS Cluster
      • Register Google GKE Cluster
      • Register Huawei Cloud Container Engine
    • Register GitHub Account
    • Register Jira Account
    • Register ChatGPT Assistant
    • 💻Kubernetes IDE
      • Filters
      • Editor
      • Flat vs Tree View
      • Developer Tools
    • 🙋AI Assistant
      • Chat with AI
      • Raise a Jira Ticket from Chat Window
      • Create Runbook from Chat Window
    • 📖Runbook Hub
      • Create Runbook Hub
      • Attach Runbook Hub to Cluster
      • Enhancing contents of Runbooks with AI
      • Detach Runbook Hub from Cluster
      • Syncing Runbook Hub with GitHub
      • Delete Runbook / Runbook Hub
    • ⏱️Installing Community Edition
      • MicroK8s Addon
        • On Ubuntu
        • On MacOS
      • Docker Desktop
      • SUSE Rancher Prime
      • Digital Ocean
      • Akamai Linode
      • Kind Cluster
      • Helm
      • Docker Compose
      • Accessing gopaddle UI
    • 📈Improving performance of resource discovery
    • Provision new Cluster
      • Register Cloud Account
        • AWS
          • Quickstart AWS Setup
          • IAM Access Policies
          • AWS Setup Script
        • Azure
          • Create Azure Application
          • Register Azure Cloud Authenticator
          • Register Azure Account
        • Google
      • Provision Clusters on Cloud
        • AWS EKS
          • AWS EKS Reference Architecture
          • Adding an AWS IAM Role (EKS Master / Node Pool)
          • Public EKS Cluster
          • All Private EKS Cluster (beta)
          • Creating a Node Pool
        • Azure AKS
          • Creating a Node Pool
          • Enable Public IP Node Access for Azure Deployments
          • VMSS Autoscaling Rules
        • Google GKE
          • Creating a Node Pool
  • 🔎Troubleshooting
    • Cluster Resource View Issues
      • Network Error ! ServerError: Response not successful: Received status code 503
      • Network Error ! TypeError: Failed to fetch
      • Network Error ! ServerParseError: Unexpected token 'j', "json: erro"... is not valid JSON
      • Updating Labels and Annotations does not get reflected in resources list
      • Filtered resources are not fully listed
    • Runbook Issues
      • Deleting a runbook from .gp.yaml does not detach annotation in resources
      • Deleting a Code Account from gopaddle UI does not detach annotation in resources
    • Jira Issues
      • Creating, Updating or Appending a Jira issue fails with error INVALID_INPUT
    • EKS Issues
    • Deployment Issues
    • Node Issues
    • Huawei Issues
Powered by GitBook
On this page
  • Provision all private EKS cluster
  • Step - 1 (Cloud Account, VPC/Subnet, Access & Master Role)
  • Step - 2 (Bastion Host)
  • Step - 3 (Node Pool Configuration)
  • Troubleshooting a cluster provision error
  • Cluster Activities
  • Cloud Formation Stack Logs
  1. Overview
  2. Provision new Cluster
  3. Provision Clusters on Cloud
  4. AWS EKS

All Private EKS Cluster (beta)

Provisioning a secure, all private AWS EKS Cluster within a private VPC

PreviousPublic EKS ClusterNextCreating a Node Pool

Last updated 1 year ago

gopaddle cluster provisioning provides multiple options to provision an AWS EKS cluster in a customer's AWS cloud account. In an all private EKS cluster, the access ends points of the cluster are private and the nodepools and the nodes within the cluster are provisioned in private subnets without an Internet gateway. Since there is no external access, the cluster resources are accessible within a private VPC.

In gopaddle v4.2.6, it is possible to provision an all private EKS cluster. You can use an existing VPC with all private subnets (a minimum of 3 subnets requried) or you can let gopaddle provision a new VPC and 3 new subnets within the VPC;

Currently, this capability requires an IAM user with Administrator Access. We are working on granular access privileges to streamline the access control. Hence please use this capability only in test environments.

Multi-cloud Cluster Provisioning and external Cluster Registration capability is available only on gopaddle SaaS and Enterprise editions.

Provisioning Clusters on Cloud Required corresponding Cloud Accounts to be registered first.

Provision all private EKS cluster

Under the Environments section, choose Add a Cluster and then Create new Cluster.

Step - 1 (Cloud Account, VPC/Subnet, Access & Master Role)

a) Cloud Account and Kubernetes Configuration

  • Provide a Cluster Name

  • Choose the Cloud Provider type as AWS EKS

  • Select the AWS Cloud Account

  • Choose the Kubernetes version

  • Select a Region

b) Access Configuration

  • Select the Cluster Access Type as Private

c) VPC and Subnet Configuration

  • Existing VPC: In order to use an existing VPC, select Use Existing VPC and provide the VPC ID. gopaddle will auto-discover the subnets within the VPC. Select the subnets to be used.

  • Create new VPC: By default, gopaddle provides the option to create a new VPC. Provide the CIDR for the VPC and subnets.

d) Master Role Configuration

  • Click on Add Master Role to create a role in the AWS account. Copy the role ARN from the stack output from the AWS console and paste in the gopaddle cluster creation wizard.

    Make sure there are no trailing spaces in the role ARN.

Step - 2 (Bastion Host)

In the next step, provide the bastion host configuration,

  • Select the AWS Instance Key, AMI ID, Availability zone and the subnet CIDR where the bastion host needs to be created

    Only Ubuntu 18.04 images are supported

  • The AWS Instance Key and the private PEM file will will be used to access the bastion host and register the cluster with gopaddle. You can use the PEM file to SSH to the bastion host and access the cluster once the cluster is ready.

  • Click on Add Automation Role to add bastion host instance profile to the cluster. Copy the role ARN from the stack output from the AWS console and paste in the gopaddle cluster creation wizard.

    Make sure there are no trailing spaces in the role ARN.

Step - 3 (Node Pool Configuration)

In the last step, provide the node pool details:

  • Provide a node pool name, minimum/maximum/desired node count and the disk space required

  • Choose a minimum of 2 availability zones.

  • Click on Create Node Role to create a node instance role. Copy the role ARN from the stack output from the AWS console and paste in the gopaddle cluster creation wizard. Make sure there are no trailing spaces in the role ARN.

Click on finish to create the EKS cluster. This process may take 20 - 30 minutes to complete.

Once the cluster is provisioned, gopaddle will automatically trigger a discovery process to discover existing resources in the EKS cluster. Once the discovery is complete, you can view the Kubernetes specifications under the Design Studio and the namespaces under the Applications tab.

Troubleshooting a cluster provision error

If the cluster provisioning fails, you can find more logs under the Cluster Activities.

Cluster Activities

Cloud Formation Stack Logs

You can find the AWS Cloud Formation stack logs under the logs tab.

Click on view option to view a specific stack log.

Page cover image