The aws-operator manages Kubernetes clusters running on AWS.
Download the latest release: https://github.com/giantswarm/aws-operator/releases/latest
Clone the git repository: https://github.com/giantswarm/aws-operator.git
Download the latest docker image from here: https://quay.io/repository/giantswarm/aws-operator
How to build
Build the standard way.
go build github.com/giantswarm/aws-operator
The operator provisions guest Kubernetes clusters running on AWS. It runs in a host Kubernetes cluster also running on AWS.
The guest Kubernetes clusters are provisioned using AWS CloudFormation. The resources are split between 3 CloudFormation stacks.
- guest-main manages the guest cluster resources.
- host-setup manages an IAM role used for VPC peering.
- host-main manages network routes for the VPC peering connection.
The host cluster may run in a separate AWS account. If so resources are created in both the host and guest AWS accounts.
Other AWS Resources
As well as the CloudFormation stacks we also provision a KMS key and S3 bucket per cluster. This is to upload cloudconfigs for the cluster nodes. The cloudconfigs contain TLS certificates which are encrypted using the KMS key.
The operator also creates a Kubernetes namespace per guest cluster with a service and endpoints. These are used by the host cluster to access the guest cluster.
Here the AWS IAM credentials have to be inserted.
service: aws: accesskey: id: 'TODO' secret: 'TODO'
Here the base64 representation of the data structure above has to be inserted.
apiVersion: v1 kind: Secret metadata: name: aws-operator-secret namespace: giantswarm type: Opaque data: secret.yml: 'TODO'
To create the secret manually do this.
kubectl create -f ./path/to/secret.yml
We also need a key to hold the SSH public key
apiVersion: v1 kind: Secret metadata: name: aws-operator-ssh-key-secret namespace: giantswarm type: Opaque data: id_rsa.pub: 'TODO'
Contributing & Reporting Bugs
See CONTRIBUTING for details on submitting patches, the contribution workflow as well as reporting bugs.
aws-operator is under the Apache 2.0 license. See the LICENSE file for details.