Kubernetes Clusters
Overview
Humanitec is designed to integrate with your existing Kubernetes clusters in the cloud provider of your choice. You can use it to run your application in single or multi cloud, while having an all-in-one solution for managing what is running where.
To connect your cluster to Humanitec you will have to use Static Resource Definition.
This page explains how to:
Connect your GKE cluster
Overview
Humanitec is designed to integrate with your existing Kubernetes clusters. You can use it to deploy your apps to your own Kubernetes cluster in Google Kubernetes Engine (GKE). This page explains how.
Prerequisites
- You must provide access to a service account with the Kubernetes Engine Admin role (
roles/container.admin
), or a role with the equivalent set of permissions.- You must create a key for this service account in JSON form. See Google’s account keys documentation for more information. The access key must use the GCP Console/gcloud format (i.e., the first example in the linked documentation).
- You must have set up a cluster in Google Kubernetes Engine (GKE).
- Note: Humanitec has no resource requirements for the cluster where it will deploy your app. However, you must choose a machine type for the node pool that suits the needs of your app. See Google’s machine types documentation for recommendations.
- You must have the following APIs enabled for your project:
Prepare your GKE cluster
To prepare your cluster to support Humanitec app deployments, you need to install an NGINX Ingress Controller. Please follow the steps provided at kubernetes.github.io/ingress-nginx/deploy.
Connect your GKE Cluster as a static resource to Humanitec
Now that your cluster is ready, you need to connect your cluster as a static resource to Humanitec.
- Log in to Humanitec.
- Click the Profile icon in the top right.
- Click Organization Settings. You see your Organization’s settings
- Click Static Resources. Here you find an overview of static resources
- Click Kubernetes Cluster, which opens a dialog to define your cluster as a static resource.
- Select gke as a Driver and define an ID for your cluster resource.
- Next Resource data, Driver data and Secrets need to be defined for your resource.
- In Resource data you define the external IP of your Nginx Loadbalanacer, running in your cluster. You can find it by executing
kubectl get services -n ingress-nginx
while connected to your cluster. - In addition you’ll need to define your cluster name. Which you see in your Google Cloud Console
- In Driver Data you fill in your GCP Project ID as well as your GCP Zone. Both can be found through the Google Cloud Console.
- Finally you fill in the Secrets with the details of your service account as a Json object.
- In Resource data you define the external IP of your Nginx Loadbalanacer, running in your cluster. You can find it by executing
Here is an example:
{
"auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
"auth_uri": "https://accounts.google.com/o/oauth2/auth",
"client_email": "[email protected]",
"client_id": "123456789123456789",
"client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/account%40gcp-project-id.iam.gserviceaccount.com",
"private_key": "-----BEGIN PRIVATE KEY-----\nYOUR-PRIVATE-KEY\n-----END PRIVATE KEY-----\n",
"private_key_id": "abcdefgh1234567890abcdefgh",
"project_id": "gcp-project-id",
"token_uri": "https://oauth2.googleapis.com/token",
"type": "service_account"
}
Now you have a GKE cluster as a static resource registered in Humanitec.
Assign an environment type to your resource
Next, you need to define an environment type for your GKE cluster resource. This enables you to define a specific application environment to be deployed to this cluster.
Next to your GKE cluster in the list of static resources you add the envrionment type by clicking on the plus icon.
Either you define a new environment type or choose that all environments of the type development
should use this resource.
Deploy your app to your GKE cluster
Navigate to your application and deploy the environment of the type that you associated with your GKE cluster. Once you deployed this environment your application will be running on your GKE cluster.
Connect your EKS cluster
Overview
Humanitec is designed to integrate with your existing Kubernetes clusters. You can use it to deploy your apps to your own Kubernetes cluster in Amazon Elastic Kubernetes Service (Amazon EKS). This page explains how.
Prerequisites
- You must set up an EKS Service Role that Humanitec will use to connect and deploy to your cluster. See the AWS documentation for instructions. It must include the following policies:
- AWS managed policies:
AmazonEKSClusterPolicy
,AmazonEKSServicePolicy
- Inline policies:
EKS-list-full
,EKS-read-full
- AWS managed policies:
- You must provide Humanitec with access to an IAM user.
- This IAM user must have your EKS Service Role attached.
- You must provide an access key for the IAM user. Humanitec needs both the access key ID and the secret access key.
- If necessary, you must create a cluster with a node pool in Amazon EKS.
- Note: We recommend using your Humanitec IAM user to create the cluster. We also recommend using eksctl.
- If you must use a different IAM user to create the cluster, then make sure that your Humanitec IAM user has access to the cluster where you want to deploy your app. Note that in AWS, cluster access is managed separately from policies.
Humanitec has no resource requirements for the cluster where it will deploy your app. However, you must choose a machine type for the node pool that suits the needs of your app.
Prepare your EKS cluster
To prepare your cluster to support Humanitec app deployments, you need to install an NGINX Ingress Controller. Please follow the steps provided at kubernetes.github.io/ingress-nginx/deploy/#aws.
Connect your EKS Cluster as a static resource to Humanitec
Now that your cluster is ready, you need to connect your cluster as a static resource to Humanitec.
- Log in to Humanitec.
- Click the Profile icon in the top right.
- Click Organization Settings. You see your Organization’s settings
- Click Static Resources. Here you find an overview of static resources
- Click Kubernetes Cluster, which opens a dialog to define your cluster as a static resource.
- Select eks as a Driver and define an ID for your cluster resource.
- Next Resource data, Driver data and Secrets need to be defined for your resource.
- In Resource data you define the DNS name of the Amazon Load Balancer, running in your cluster. You can find it by executing
kubectl get services -n ingress-nginx
while connected to your cluster. - In addition you’ll need to define your cluster name. Which you see in your AWS Management Console.
- In Driver Data you fill in the hosted zone of your loadbalancer as well as your AWS region. Both can be found through the AWS Management Console. In particular, load balancer data can be found under the section EC2 -> Load Balancing.
- Finally you fill in the Secrets with the details of your AWS account as a Json object.
- In Resource data you define the DNS name of the Amazon Load Balancer, running in your cluster. You can find it by executing
Here is an example:
{
"aws_access_key_id": "AAABBBCCCDDDEEEFFFGGG",
"aws_secret_access_key": "zZxXyY123456789aAbBcCdD"
}
Now you have an EKS cluster as a static resource registered in Humanitec.
Assign an environment type to your resource
Next, you need to define an environment type for your EKS cluster resource. This enables you to define a specific application environment to be deployed to this cluster.
Next to your EKS cluster in the list of static resources you add the envrionment type by clicking on the plus icon.
Either you define a new environment type or choose that all environments of the type development
should use this resource.
Deploy your app to your EKS cluster
Navigate to your application and deploy the environment of the type that you associated with your EKS cluster. Once you deployed this environment your application will be running on your EKS cluster.
Connect your AKS cluster
Overview
Humanitec is designed to integrate with your existing Kubernetes clusters. You can use it to deploy your apps to your own Kubernetes cluster in Microsoft Azure Kubernetes Service (AKS). This page explains how.
Prerequisites
- You must have created a cluster in Microsoft Azure Kubernetes Engine (AKS)
- Note: Humanitec has no resource requirements for the cluster where it will deploy your app. However, you must choose a machine type for the node pool that suits the needs of your app. See Microsoft Azure’s sizes for cloud services documentation for more information.
- You must provide access to the AKS cluster via service principal. Typically, a service principal is created automatically when you create a new AKS cluster.
- You need to provide the service principal credentials according to the output from the az ad sp command (incl.
appId
,name
,password
, andtenant
). - Please refer to the documentation for az ad sp credential for more information how to list, create, and reset service principal credentials.
- You need to provide the service principal credentials according to the output from the az ad sp command (incl.
Prepare your cluster
To prepare your cluster to support Humanitec app deployments, you need to install an NGINX Ingress Controller. Please follow the steps provided at kubernetes.github.io/ingress-nginx/deploy.
Connect your AKS Cluster as a static resource to Humanitec
Now that your cluster is ready, you need to connect your cluster as a static resource to Humanitec.
- Log in to Humanitec.
- Click the Profile icon in the top right.
- Click Organization Settings. You see your Organization’s settings
- Click Static Resources. Here you find an overview of static resources
- Click Kubernetes Cluster, which opens a dialog to define your cluster as a static resource.
- Select aks as a Driver and define an ID for your cluster resource.
- Next Resource data, Driver data and Secrets need to be defined for your resource.
- In Resource data you define the external IP of your Nginx Loadbalanacer, running in your cluster. You can find it by executing
kubectl get services -n ingress-nginx
while connected to your cluster. - In addition you’ll need to define your cluster name. Which you see in your Azure Portal
- In Driver Data you fill in your Azure Resources Group as well as your Azure Subscription ID. Both can be obtained via the Azure CLI in the output of
az aks list
. - Finally you fill in the Secrets with the details of your service principal as a Json object.
- In Resource data you define the external IP of your Nginx Loadbalanacer, running in your cluster. You can find it by executing
Here is an example:
{
"appId": "559513bd-0c19-4c1a-87cd-851a26afd5fc",
"displayName": "myAKSClusterServicePrincipal",
"name": "http://myAKSClusterServicePrincipal",
"password": "e763725a-5eee-40e8-a466-dc88d980f415",
"tenant": "72f988bf-86f1-41af-91ab-2d7cd011db48"
}
Now you have an AKS cluster as a static resource registered in Humanitec.
Assign an environment type to your resource
Next, you need to define an environment type for your AKS cluster resource. This enables you to define a specific application environment to be deployed to this cluster.
Next to your AKS cluster in the list of static resources you add the envrionment type by clicking on the plus icon.
Either you define a new environment type or choose that all environments of the type development
should use this resource.
Deploy your app to your AKS cluster
Navigate to your application and deploy the environment of the type that you associated with your AKS cluster. Once you deployed this environment your application will be running on your AKS cluster.