Skip to content

Latest commit

 

History

History
109 lines (75 loc) · 6.77 KB

module-1-connect-calicocloud.md

File metadata and controls

109 lines (75 loc) · 6.77 KB

Module 1 - Connect your EKS cluster to Calico Cloud

Note: To complete this module, you will need a Calico Cloud account. If you are participating in a live workshop, you will receive an invite with the information to login into an active Calico Cloud environment. Once logged in, join your EKS cluster there. If you are running this workshop in a self-paced mode, you can create a Calico Cloud environment following the steps here.

Issues with being unable to navigate menus in the UI are often due to browsers blocking scripts - please ensure that you disable all blocker scripts.

Step 1 - Accept the Invitation

  1. During the workshop, you will receive an invitation to connect to a Calico Cloud organization, just like in the picture below:

    accept_invitation

  2. Click on the link ACCEPT INVITATION and create a password to access the Calico Cloud.

    create a password
  3. Once you have access to your Calico Cloud environment, go to step 2:

Step 2 - Connecting your cluster to Calico Cloud

  1. The welcome screen will allow you to choose among four use cases and will provide a guided tour for each use case. After that, you can proceed to connect your first cluster. This option directs you to the Managed Clusters section. Click on the "Connect Cluster" button to start the process.

    The Connect Cluster window will allow you to choose a name to identify your cluster in Calico Cloud and select which platform you are running the cluster on. The next window presents a link for you to review the cluster requirements for Calico Cloud. Calico Cloud will generate a kubectl command to run the installation script, and you need to copy and apply this command in your cluster.

    ⚠️ Attention: During the live workshop, the Calico Cloud cluster will be shared. To avoid confusion, you can create a random prefix for your cluster name. This name can be achieved using the following command on the Azure Cloud Shell prompt:

    echo $RANDOM-tigera-workshop

    05-connect-cluster

  2. Run the installation script in your cluster. Script should look similar to this:

    kubectl apply -f https://installer.calicocloud.io/manifests/cc-operator/lat
    est/deploy.yaml && curl -H "Authorization: Bearer a7c2oex34:00llxrhcq:1ga2c
    z69d7ug81yjgakpyclv6o3eu8o97kp7t2483lmwajslu47xed94e4ic8ywn" "https://www.c
    alicocloud.io/api/managed-cluster/deploy.yaml" | kubectl apply -f -

    Output should look similar to:

    namespace/calico-cloud created
    customresourcedefinition.apiextensions.k8s.io/installers.operator.calicocloud.io created
    serviceaccount/calico-cloud-controller-manager created
    role.rbac.authorization.k8s.io/calico-cloud-leader-election-role created
    clusterrole.rbac.authorization.k8s.io/calico-cloud-metrics-reader created
    clusterrole.rbac.authorization.k8s.io/calico-cloud-proxy-role created
    rolebinding.rbac.authorization.k8s.io/calico-cloud-leader-election-rolebinding created
    clusterrolebinding.rbac.authorization.k8s.io/calico-cloud-installer-rbac created
    clusterrolebinding.rbac.authorization.k8s.io/calico-cloud-proxy-rolebinding created
    configmap/calico-cloud-manager-config created
    service/calico-cloud-controller-manager-metrics-service created
    deployment.apps/calico-cloud-controller-manager created
    % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                    Dload  Upload   Total   Spent    Left  Speed
    100   355  100   355    0     0    541      0 --:--:-- --:--:-- --:--:--   541
    secret/api-key created
    installer.operator.calicocloud.io/aks-cc-repo created

    Joining the cluster to Calico Cloud can take a few minutes. Meanwhile the Calico resources can be monitored until they are all reporting Available as True.

    kubectl get tigerastatus                             

    Output should look similar to:

    NAME                            AVAILABLE   PROGRESSING   DEGRADED   SINCE
    apiserver                       True        False         False      96s
    calico                          True        False         False      16s
    compliance                      True        False         False      21s
    intrusion-detection             True        False         False      41s
    log-collector                   True        False         False      21s
    management-cluster-connection   True        False         False      51s
    monitor                         True        False         False      2m1s

    You can also monitor your cluster installation on the Calico Cloud UI. Go to the "Managed Clusters" section, select your cluster and expand the timestamp dropdown to see the installation logs. In a few minutes, the status will change from Installing to Done. Congratulations! You successfully connected your cluster to Calico Cloud.

    11-connected-cluster

STEP 3 - Selecting your cluster

Once the installation is completed, you can to start interacting with your cluster from the Calico Cloud interface. Calico Cloud provides a single pane of glass for managing multiple clusters. If you followed the previous steps, you would have two clusters connected to Calico Cloud at this point: Your cluster and a pre-configured lab cluster that allows you to explore some of the features in Calico Cloud.

You can switch between clusters by following the steps below:

  1. Navigate to the Dashboard section - the first icon under the Calico Cat on the top-left of the UI.

  2. Click on the Cluster dropdown button on the top-right of the UI.

  3. Select your recently added cluster.

    select_cluster

The "Cluster" dropdown button will always be visible across the Calico Cloud UI, no matter which section you are viewing. You can change the cluster you want to interact with at any moment. When you change the cluster, the whole Calico Cloud context will change immediately to reflect the information regarding the currently selected cluster.


➡️ Module 2 - Workload Access Control with Namespace Isolation Recommendation
↩️ Back to Main