Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Info

While creating this guide, our Kubernetes Version is v1.27.9, it might be different in your case

Requirements

  • Kubectl, Helm and MQTT CLI https://hivemq.atlassian.net/wiki/spaces/HMS/pages/2700902571

  • Amazon Account

  • HiveMQ License (optional)

  • Install Amazon CLI installed and configured

    • The AWS Command Line Interface is an open-source tool that enables you to interact with AWS services using commands in your command-line shell.
      To install the AWS CLI on macOS with Homebrew, open a terminal and enter the following. For other operating systems, see AWS CLI installation.

      Code Block
      brew install awscli
    • Verify AWS CLI Installation: Open a new terminal or command prompt and run :the following command. This should display the installed AWS CLI version.(For us , its aws-cli/2.15.17 Python/3.11.7 Darwin/23.3.0 source/arm64 prompt/off)

      Code Block
      aws --version
  • Configure AWS CLI: After installing the AWS CLI, do the following steps to configure it. (For more information, see Configure the AWS CLI in the AWS Command Line Interface User Guide.

    AWS IAM User: You can also create IAM user from AWS Management console. For this procedure, we are creating an IAM user using AWS CLI.
    You can skip the following steps if you already have a IAM user with the right access.

    )

    • If you do not have existing access keys, please use the steps here to create new access key and note it or download the csv file.

    • Run the following command

      Code Block
      aws configure
      • Optionally, you can configure a named profile, such as --profile cluster-admin. If you configure a named profile in the AWS CLI, you must always pass this flag in subsequent commands. E.g. aws configure --profile cluster-admin

    • This command will prompt you to enter the following information:

      • AWS Access Key ID: Enter your AWS access key.

      • AWS Secret Access Key: Enter your AWS secret key.

      • Default region name: Enter the AWS region you want to use (e.g., us-west-1).

      • Default output format: You can leave this as json.
        For example:

        Code Block
        AWS Access Key ID [None]: AKIAI#####LE
        AWS Secret Access Key [None]: wJal####KEY
        Default region name [None]: us-west-1
        Default output format [None]: json
  • EKS CLI (eksctl)
    eksctl is a command line tool for working with EKS clusters that automates many individual tasks. To install the AWS CLI on macOS with Homebrew, open a terminal and enter the following. For other operating systems, see the installation in eksctl documentation.

    Code Block
    brew tap weaveworks/tap && brew install weaveworks/tap/eksctl

Set Up Your Kubernetes Cluster With Elastic Kubernetes Service (EKS)

  1. Create a New IAM User

    1. Run the following command to create a new IAM user:

      Code Block
      aws iam create-user --user-name hivemq-user
    2. Attach AdministratorAccess Policy

      Run the following command to attach the AdministratorAccess policy to the newly created user:

      Code Block
      aws iam attach-user-policy --user-name hivemq-user --policy-arn arn:aws:iam::aws:policy/AdministratorAccess
    3. Create Access Key

      Run the following command to create an access key for the user:

      Code Block
      aws iam create-access-key --user-name hivemq-user
    4. Following is the output

...

    1. displayed after the successful creation of the access key, Please copy and save AccessKeyId and SecretAccessKey values for the next steps.

      Code Block
      {
      

...

    1.     "AccessKey": {
      

...

    1.         "UserName": "test-user",
      

...

    1.         "AccessKeyId": "

...

    1. AKIXXXXXXF2PH",
      

...

    1.         "Status": "Active",
      

...

    1.         "SecretAccessKey": "

...

    1. cRIs2aXXXXXXAEi",
      

...

    1.         "CreateDate": "2024-02-01T11:10:59+00:00"
      

...

    1.     }
      }
    2. Run the following command:

      Code Block
      aws configure
      1. Optionally, you can configure a named profile, such as --profile cluster-admin. If you configure a named profile in the AWS CLI, you must always pass this flag in subsequent commands.

    3. This command will prompt you to enter the following information:

      1. AWS Access Key ID: Enter your AWS access key.

      2. AWS Secret Access Key: Enter your AWS secret key.

      3. Default region name: Enter the AWS region you want to use (e.g., us-

...

      1. west-1).

      2. Default output format: You can leave this as json.
        For example:

        Code Block
        AWS Access Key ID [None]: AKIAIOSFODNN7EXAMPLE
        AWS Secret Access Key [None]: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
        Default region name [None]: us-

...

      1. west-1
        Default output format [None]: json

Create EKS

...

Code Block
brew tap weaveworks/tap
brew install weaveworks/tap/eksctl

...

IAM permissions – The IAM security principal that you're using must have permissions to work with Amazon EKS IAM roles, service linked roles, AWS CloudFormation, a VPC, and related resources. For more information, see Actions, resources, and condition keys for Amazon Elastic Container Service for Kubernetes and Using service-linked roles in the IAM User Guide.

...

Kubectl, Helm and MQTT CLI https://hivemq.atlassian.net/wiki/spaces/HMS/pages/2700902571

...

Cluster

In case of errors in the following command “request send failed, Post "https://sts.eu-east-1.amazonaws.com/", please try changing some other region e.g. eu-west-1

  1. To create an EKS cluster with all the necessary resources for your cluster, enter the following command with the desired location (in this procedure, we use eu-west-1) and instance type c5.2xlarge (8 CPUs, 16 GiB RAM), enter the following command and wait until the process completes. Processing time take up to ~5 minutes and can vary:

Code Block
eksctl create cluster \
  --name HiveMQCluster \
  --region eu-west-1 \
  --node-type c5.2xlarge \
  --version 1.27 \
  --nodes 4
Info

Above command will also create IAM role and required permissions for eksctl.

Your AWS account bills you for all resources you create.

Manage the cluster

  1. To manage the resulting Kubernetes cluster with kubectl, download the access credentials of the cluster: (region eu-west-1 in our case, please replace it with your region)

    Code Block
    aws eks --region eu-west-1 update-kubeconfig --name HiveMQCluster
  2. To verify that all three nodes are available, enter:

    Code Block
    kubectl get nodes
  3. The output from the command is similar to the following: (k8s v1.27.9 in our case, it might be different for you)

...

In case you do not see the right nodes, please check and fix the current context

  1. Check the current context, this should be set to HiveMQCluster in this case
    kubectl config current-context

  2. Fix the context
    kubectl config use-context HiveMQCluster

Delete Cluster

If you do not need your cluster anymore, please use the following commands to delete the cluster.

  1. List all services running in your cluster.

    Code Block
    kubectl get svc --all-namespaces
  2. Delete any services that have an associated EXTERNAL-IPvalue. These services are fronted by an Elastic Load Balancing load balancer, and you must delete them in Kubernetes to allow the load balancer and associated resources to be properly released.

    Code Block
    kubectl delete svc service-name
  3. Delete the load balancer from AWS console.

  4. Delete the cluster and its associated nodes with the following command,

    Code Block
    eksctl delete cluster --name HiveMQCluster  --region eu-west-1

Next steps

https://hivemq.atlassian.net/wiki/spaces/HMS/pages/2691039283