Versions Compared

Old Version 8

changes.mady.by.user Muhammad Owais

Saved on

compared with

New Version 9

changes.mady.by.user Muhammad Owais

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Don't select cluster auto-scaling settings while creating the cluster on the cluster creation pages. Cluster auto-scaling is enabled by adding EWC Cluster Autoscaler application during cluster creation or after cluster creation.

Application NameDescriptionHome Page/DocumentationNotesEWC specific configuration
Ingress-Nginx ControllerIngress controller for Kubernetes using NGINX as a reverse proxy and load balancer supporting HTTP and HTTPS protocols.

https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/

 

already configured when you deploy the cluster

External SecretsExternal Secrets management for Kubernetes.

https://external-secrets.io

Only the External Secrets Operator is installed. The secret store (vault) is to be provided and configured by the users.

 N/A

Cert-ManagerA Kubernetes addon to automate the management and issuance of TLS certificates from various issuing sources.

https://cert-manager.io

Only cert-manager deployed, no ClusterIssuer added. Users can deploy what they prefer.

Users can decide which clusterissuer to use. 

For example, for HTTP ACME and letsencrypt you can create the following clusterIssuer (place your email in the correct value):

Code Block
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
  name: letsencrypt-prod
spec:
  acme:
    email: <random email here>
    privateKeySecretRef:
      name: letsencrypt-prod-acme-account-key
    server: https://acme-v02.api.letsencrypt.org/directory
    solvers:
    - http01:
        ingress:
          class: nginx
          serviceType: ClusterIP

Then you can deploy an ingress using that cluster issuer for the certificate. For example:

Code Block
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  annotations:
    certmanager.k8s.io/cluster-issuer: letsencrypt-prod
  labels:
    app: yourapp
    component: ingress
  name: yourapp
  namespace: yournamespace
spec:
  ingressClassName: nginx
  rules:
    - host: app.yourtenancy.s.ewcloud.host
      http:
        paths:
          - backend:
              service:
                name: proxy-public
                port:
                  name: http
            path: /
            pathType: Prefix
  tls:
    - hosts:
        - app.yourtenancy.s.ewcloud.host
      secretName: app-certificate
ExternalDNSExternalDNS synchronizes exposed Kubernetes Services and Ingresses with DNS providers.

https://kubernetes-sigs.github.io/external-dns/

Default External-DNS is deployed. It's up to the users to configure the integration with the DNS system of their choice.

In Morpheus, in your tenancy you find under Cypher the following credentials:

  1. aws_access_key_id → secret/dns_route53_access_key

  2. aws_secret_access_key → secret/dns_route53_secret_key

Warning

If you don't find the credentials in Morpheus Cypher, please raise a Jira ticket in the EWC support page!


During the deployment of external-dns application, you can input these in the values file to integrate external-dns with EWC DNS - European Weather Cloud Knowledge Base - ECMWF Confluence Wiki.:
Code Block
env:
  - name: AWS_ACCESS_KEY_ID
    value: "aws_access_key_id"

  - name: AWS_SECRET_ACCESS_KEY
    value: "aws_secret_access_key"

  - name: AWS_REGION
    value: "eu-central-1"


GPU OperatorA customized NVIDIA GPU Operator Helm Chart preconfigured for the use of the Time-slicing GPU sharing feature on EWC machines.

https://docs.nvidia.com/datacenter/cloud-native/gpu-operator/latest/index.html

A EWC-specific configuration for time-slicing GPU sharing feature on Ubuntu worker nodes is provided. Other GPU sharing features are currently not supported in the EUMETSAT side of the EWC.

Note: Only Ubuntu GPU nodes are currently available in the EUMETSAT side of the EWC.

already configured when you deploy if the app is selected

EWC Cluster AutoscalerA component that automatically adjusts the size of a Kubernetes Cluster so that all pods have a place to run and there are no unneeded nodes.

https://github.com/kubernetes/autoscaler/tree/master/cluster-autoscaler

EUMETSAT EWC Managed Kubernetes Service - Enable Cluster Autoscaling

Warning

EWC specific values are provided for autoscaling of KKP clusters.

...