Skip to content

Commit

Permalink
Merge branch 'main' into sje/das-kapital
Browse files Browse the repository at this point in the history
  • Loading branch information
@fharper
fharper authored Nov 13, 2024
2 parents 64d6dd7 + 4f5925c commit 8a6e596
Show file tree
Hide file tree
Showing 6 changed files with 165 additions and 2 deletions.
5 changes: 5 additions & 0 deletions .vscode/settings.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
{
"cSpell.words": [
"Kubefirst"
]
}
4 changes: 2 additions & 2 deletions charts/kubefirst-docs/Chart.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
apiVersion: v2
appVersion: 7b03983
appVersion: 558b1e1
description: Kubefirst documentation Helm chart
name: kubefirst-docs
type: application
version: 1.185.0
version: 1.186.0
77 changes: 77 additions & 0 deletions docs/aws/advanced/multi-account.mdx
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,77 @@
---
title: AWS Multi-Account Support
description: Install and explore details about using Kubefirst with AWS multi-account
---

## Summary

Kubefirst supports AWS Multi-account to deploy and manage workload clusters across multiple AWS accounts. Using multi-account you can manage and deploy workloads in multiple AWS accounts without the need to log in and configure each account individually. In addition, take advantage of consolidated billing to improve budgeting and resource allocation for your AWS footprint.

## Prerequisites

This installation assumes you already have Kubefirst installed. In addition, before getting started you will need to have Terraform installed and generate a Role ARN.

You can [run this Terraform script](https://github.com/konstructio/aws-arn/tree/main/examples/kubefirst-pro-role) locally with the following steps.

1. Create a `terraform.tfvars` file with the OIDC endpoint from management cluster and cluster name.

```text
oidc_endpoint = "value"
mgmt_cluster_name = "value"
```

2. Run `terraform init` to download the AWS provider and configure the local state file.

```bash
terraform init
```

3. Run `terraform apply` to create an identity provider and role. This allows crossplane and Kubefirst to access the downstream account in `us-east-1`.

```bash
terraform apply
```

4. To view your new role ARN run the following

```bash
terraform output
```

## Installing AWS Multi-Account Support

Refer to the following steps to install this feature.

1. Clone the repository.

```bash
git clone https://github.com/konstructio/aws-arn.git
cd aws-arn/examples/kubefirst-pro-role
```

2. Install Terraform with [their instructions here.](https://developer.hashicorp.com/terraform/tutorials/aws-get-started/install-cli)

3. Configure your AWS credentials by setting your environment variables as follows (update the example with your values):

```bash
export AWS_ACCESS_KEY_ID=<your-access-key-id>
export AWS_SECRET_ACCESS_KEY=<your-secret-access-key>
```

4. Gather the required information for installation, you will need:
- **OIDC Endpoint**: The OIDC endpoint for the management cluster. You can find this in the AWS console under the EKS cluster details.
- **Management Cluster Name**: The name of your management cluster.

5. Plan the Terraform deployment by running this command and reviewing the changes Terraform will make.

```bash
terraform plan
```

6. Apply the Terraform configuration by running the following command to apply the configuration and create the IAM role.

``` bash
terraform apply --auto-approve
```

When you've completed these steps you should have a Role ARN that you can use to provision physical clusters across multiple AWS accounts.
2 changes: 2 additions & 0 deletions docs/aws/partials/common/_prerequisites.mdx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,4 +9,6 @@
If you are not sure how to generate the role that will be assume, you can use [this Terraform plan](https://github.com/kubefirst/kubefirst/blob/main/tools/aws-create-role.tf). Please read the comments before proceeding.

If you want to easily assume the role from your terminal, you can use [this bash script](https://github.com/kubefirst/kubefirst/blob/main/tools/aws-assume-role.sh).

For users interested in AWS Multi-Account support, check out [additional details here.](/docs/aws/advanced/multi-account.mdx)
:::
77 changes: 77 additions & 0 deletions versioned_docs/version-2.7/aws/advanced/multi-account.mdx
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,77 @@
---
title: AWS Multi-Account Support
description: Install and explore details about using Kubefirst with AWS multi-account
---

## Summary

Kubefirst supports AWS Multi-account to deploy and manage workload clusters across multiple AWS accounts. Using multi-account you can manage and deploy workloads in multiple AWS accounts without the need to log in and configure each account individually. In addition, take advantage of consolidated billing to improve budgeting and resource allocation for your AWS footprint.

## Prerequisites

This installation assumes you already have Kubefirst installed. In addition, before getting started you will need to have Terraform installed and generate a Role ARN.

You can [run this Terraform script](https://github.com/konstructio/aws-arn/tree/main/examples/kubefirst-pro-role) locally with the following steps.

1. Create a `terraform.tfvars` file with the OIDC endpoint from management cluster and cluster name.

```text
oidc_endpoint = "value"
mgmt_cluster_name = "value"
```

2. Run `terraform init` to download the AWS provider and configure the local state file.

```bash
terraform init
```

3. Run `terraform apply` to create an identity provider and role. This allows crossplane and Kubefirst to access the downstream account in `us-east-1`.

```bash
terraform apply
```

4. To view your new role ARN run the following

```bash
terraform output
```

## Installing AWS Multi-Account Support

Refer to the following steps to install this feature.

1. Clone the repository.

```bash
git clone https://github.com/konstructio/aws-arn.git
cd aws-arn/examples/kubefirst-pro-role
```

2. Install Terraform with [their instructions here.](https://developer.hashicorp.com/terraform/tutorials/aws-get-started/install-cli)

3. Configure your AWS credentials by setting your environment variables as follows (update the example with your values):

```bash
export AWS_ACCESS_KEY_ID=<your-access-key-id>
export AWS_SECRET_ACCESS_KEY=<your-secret-access-key>
```

4. Gather the required information for installation, you will need:
- **OIDC Endpoint**: The OIDC endpoint for the management cluster. You can find this in the AWS console under the EKS cluster details.
- **Management Cluster Name**: The name of your management cluster.

5. Plan the Terraform deployment by running this command and reviewing the changes Terraform will make.

```bash
terraform plan
```

6. Apply the Terraform configuration by running the following command to apply the configuration and create the IAM role.

``` bash
terraform apply --auto-approve
```

When you've completed these steps you should have a Role ARN that you can use to provision physical clusters across multiple AWS accounts.
2 changes: 2 additions & 0 deletions versioned_docs/version-2.7/aws/partials/common/_prerequisites.mdx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,4 +9,6 @@
If you are not sure how to generate the role that will be assume, you can use [this Terraform plan](https://github.com/kubefirst/kubefirst/blob/main/tools/aws-create-role.tf). Please read the comments before proceeding.

If you want to easily assume the role from your terminal, you can use [this bash script](https://github.com/kubefirst/kubefirst/blob/main/tools/aws-assume-role.sh).

For users interested in AWS Multi-Account support, check out [additional details here.](/docs/aws/advanced/multi-account.mdx)
:::

0 comments on commit 8a6e596

Please sign in to comment.