Onboarding Kubernetes Clusters

After your Kubernetes Clusters have been discovered as part of your AWS or Azure cloud account onboarding, you onboard the clusters from the Cloud Resources > Cloud Assets > Kubernetes Clusters tab.

You can onboard Azure clusters manually or via a preconfigured kubeconfig file.

You can onboard AWS clusters manually or via an authentication method.

Onboarding a Cluster Manually

Onboard a Kubernetes cluster manually if you built it without using AKS or EKS. These clusters are not discoverable at the cloud service provider and are therefore not displayed on the Kubernetes Clusters tab until you onboard them.

You cannot manually onboard non-cloud based Kubernetes clusters.

Ensure that the necessary permissions are configured in your kubeconfig file before onboarding.

  1. On the Cloud Resources > Cloud Assets > Kubernetes Clusters tab, click Manually Onboard a Cluster.

  2. In the Manually Onboard a Cluster dialog, enter the following information:

    Field Description

    Name

    A custom name for the Cluster.

    Cloud

    AWS or Azure

    Cloud Account

    Select the AWS or Azure cloud account where Kubernetes clusters were discovered.

    Region

    Select the region related to the above.

    VPC/VNet

    Select the VPC/VNet related to the above.

    Kubeconfig file

    Select the kubeconfig file that provides access to the cluster. If the kubeconfig is not configured correctly you will be unable to manually onboard the cluster.

    Proper configuration of a kubeconfig file

  3. Click Onboard.

Onboarding a Cluster via Authentication Method (AWS only)

Select this option to onboard clusters created with AWS (EKS) and managed by your cloud provider. Onboarding via authentication method gives the Controller permissions to query the status of the cluster.

Since these clusters were created with AWS (EKS) they are displayed on the Kubernetes Clusters tab after you onboard an AWS account that contains Kubernetes clusters.

To onboard an AWS (EKS) cluster using an authentication method:

  1. On the Cloud Assets > Kubernetes Clusters tab, click Onboard next to a discovered AWS (EKS) Kubernetes cluster.

  2. In the Onboard Cluster dialog, select one of the following onboarding methods:

    • Terraform

    • Command Line

    • Kubeconfig File

    See below for the configuration steps for each method.

  1. Click Onboard.

Terraform

The Terraform prerequisites must be met before attempting to onboard clusters using Terraform.

After selecting the Terraform option in the Onboard Cluster dialog, the Terraform script is generated and shown in the Onboard Cluster dialog.

  1. Copy the Terraform script text to your clipboard.

  2. Paste the Terraform script into the main.tf file.

  3. Edit the script to point to the credentials in the providers.tf file.? Provider information for AWS (EKS) and Kubernetes must be in this file.

  4. Run terraform.init within the Terraform directory.

  5. Run terraform apply within the Terraform directory.

  6. Go back to Onboarding a Cluster via Authentication Method (AWS only) to complete the onboarding process.

  7. Check AWS to see creation/updating of resources for Kubernetes.

Command Line

The eksctl and kubectl tools must be installed before attempting to onboard clusters using Command Line.

After selecting the Command Line option, the Command Line script is generated and shown in the Onboard Cluster dialog.

  1. In the Onboard Cluster dialog, copy the first section of the command to the clipboard.

    k8s onboarding command line1

  2. Paste the command into eksctl.

  3. Apply the configuration in eksctl to create the accessentry.yaml file (you can copy this from the Onboard Cluster dialog):

    eksctl create accessentry -f accessentry.yaml

  4. In the Onboard Cluster dialog, copy the cluster-role.yaml command.

    k8s onboarding command line2

  5. Paste the command into kubectl.

    If desired, you can run the kubectl config command now to make sure you are in the correct cluster before applying the configuration.

  6. Apply the configuration in kubectl to create the cluster-role.yaml file (you can copy this from the Onboard Cluster dialog). This gives the Controller permission to view the individual nodes in the cluster.

    kubectl apply -f cluster.role.yaml

  7. Go back to Onboarding a Cluster via Authentication Method (AWS only) to complete the onboarding process.

Upload Kubeconfig File

Ensure that the kubeconfig file has the proper permissions before attempting to onboard the cluster.

  1. In the Onboard Cluster dialog, select the kubeconfig file to upload.

  2. Click Onboard.

Onboarding an Azure (AKS) Cluster

Ensure that the kubeconfig file has the proper permissions before attempting to onboard the cluster.

  1. On the Cloud Assets > Kubernetes Clusters tab, click Onboard next to a discovered Azure (AKS) Kubernetes cluster.

  2. In the Onboard Cluster dialog, select a kubeconfig file to upload.

  3. Click Onboard.

You can now create Kubernetes SmartGroups.