docs: create hybrid pool cluster profile

spectrocloud · Dec 11, 2024 · cf08f9f · cf08f9f
1 parent 5945ab8
commit cf08f9f
Show file tree

Hide file tree

Showing 3 changed files with 85 additions and 35 deletions.
diff --git a/docs/docs-content/clusters/public-cloud/aws/eks-hybrid-nodes/architecture.md b/docs/docs-content/clusters/public-cloud/aws/eks-hybrid-nodes/architecture.md
@@ -121,10 +121,10 @@ If using provider images, you must include the following in your `.arg` file dur
 
 ```shell
 K8S_DISTRIBUTION=nodeadm
-K8S_VERSION=1.29.0  # supported versions: [ 1.28.0 | 1.29.0 | 1.30.0 | 1.31.0 ]
+K8S_VERSION=<kubernetesVersion>  # supported versions: [ 1.28.0 | 1.29.0 | 1.30.0 | 1.31.0 ]
 ```
 
-Replace the `K8S_VERSION` value with your version of Kubernetes.
+Replace `<kubernetesVersion>` with your version of Kubernetes. For example, `1.29.0`.
 
 :::
 

diff --git a/...-content/clusters/public-cloud/aws/eks-hybrid-nodes/create-hybrid-node-pools.md b/...-content/clusters/public-cloud/aws/eks-hybrid-nodes/create-hybrid-node-pools.md
@@ -15,24 +15,26 @@ hybrid node pools and add your edge hosts to them.
 - Overall cluster health is determined by the Amazon EKS cluster's status. While unhealthy edge hosts will appear as
   unhealthy nodes in Palette, this does not change the Amazon EKS cluster's overall health status.
 
-## Create Cluster Profile for Hybrid Nodes
+## Create Cluster Profile for Hybrid Node Pools
 
 ### Prerequisites
 
 - Edge hosts have been registered with Palette through
   [Agent Mode](../../../../deployment-modes/agent-mode/agent-mode.md) or by using
-  [Provider Images](../../../edge/edgeforge-workflow/palette-canvos/build-provider-images.md).
+  [provider images](../../../edge/edgeforge-workflow/palette-canvos/build-provider-images.md).
 
   :::warning
 
-  If using Provider Images, you must include the following in your `.arg` file during the
+  If using provider images, you must include the following in your `.arg` file during the
   [build steps](../../../edge/edgeforge-workflow/palette-canvos/build-provider-images.md#build-provider-images).
 
   ```shell
   K8S_DISTRIBUTION=nodeadm
-  K8S_VERSION=1.29.0  # supported versions: [ 1.29.0 | 1.30.0 ]
+  K8S_VERSION=<kubernetesVersion>  # supported versions: [ 1.28.0 | 1.29.0 | 1.30.0 | 1.31.0 ]
   ```
 
+  Replace `<kubernetesVersion>` with your version of Kubernetes. For example, `1.29.0`.
+
   :::
 
 - Your Palette account role must have the `clusterProfile.create` permission to create a cluster profile. Refer to the
@@ -41,17 +43,59 @@ hybrid node pools and add your edge hosts to them.
 
 ### Create Profile
 
-OS:
+1. Log in to [Palette](https://spectrocloud.com).
+
+2. From the left **Main Menu**, select **Profiles**.
+
+3. On the **Profiles** page, click **Add Cluster Profile**.
+
+4. Fill out the basic information and ensure **Type** is set to **Full**. Click **Next** when done.
+
+5. Select **Edge Native** from the **Infrastructure provider** list, and click **Next**.
+
+6. Select your base OS pack depending on how you have registered your edge hosts.
+
+   - For Agent Mode, select **BYOS - Agent Mode**.
+   - For provider images, select **BYOS - Edge OS**.
+
+7. If selecting **BYOS - Agent Mode**, on the **Configure Pack** page, click **Values** under **Pack Details**.
+
+   Click on **Presets** on the right-hand side, and select **Agent Mode**.
+
+8. Click **Next layer** to continue.
+
+9.  Select **Nodeadm** as your base Kubernetes pack, and click **Next**.
+
+10. On the **Configure Pack** page, under **Pack Version**, select your Kubernetes version from the **drop-down Menu**.
+
+11. In the YAML editor, make any changes you need for the kubelet or containerd configuration. Refer to [Amazon EKS Hybrid Nodes Configuration](https://github.com/aws/eks-hybrid?tab=readme-ov-file#configuration) for guidance on the available options.
 
-- Agent Mode = `byoi-agent-mode 1.0.0`
-- Provider Images = `Kairos Edge OS Pack`
+12. Click **Next layer** to continue.
 
-Kubernetes = `edge-nodeadm 1.29.x` or `edge-nodeadm 1.30.x`
+13. Select **Custom CNI** as your base Network pack, and click **Next**.
 
-Network = `cni-custom 0.1.0` (dummy)
+14. In the YAML editor on the **Configure Pack** page, change the value of `manifests.byo-cni.contents.data.custom-cni` from `calico` to `dummy`.
+
+    While this change is not required for the pack to function, setting it to 'dummy' better indicates that this pack serves as a placeholder only.
+
+15. Click **Confirm** when complete.
+
+16. In **Profile Layers**, click **Next** to continue.
+
+17. Click **Finish Configuration**.
+
+Your cluster profile for hybrid nodes is now created and can be used in the [Create Hybrid Node Pool](#create-hybrid-node-pool) steps.
 
 ### Validate
 
+1. Log in to [Palette](https://spectrocloud.com).
+
+2. From the left **Main Menu**, select **Profiles**.
+
+3. On the **Profiles** page, click on your newly created profile.
+
+4. Check that your profile layers are present and correct.
+
 ## Create Hybrid Node Pool
 
 ### Prerequisites
@@ -61,3 +105,9 @@ Network = `cni-custom 0.1.0` (dummy)
 ### Create Node Pool
 
 ### Validate
+
+## Resources
+
+- [Agent Mode](../../../../deployment-modes/agent-mode/agent-mode.md)
+
+- [Build Provider Images](../../../edge/edgeforge-workflow/palette-canvos/build-provider-images.md)
diff --git a/...ters/public-cloud/aws/eks-hybrid-nodes/import-eks-cluster-enable-hybrid-mode.md b/...ters/public-cloud/aws/eks-hybrid-nodes/import-eks-cluster-enable-hybrid-mode.md
@@ -66,7 +66,6 @@ Import your Amazon EKS cluster and enable hybrid mode to be able to create edge
 
   If you are using IAM Roles Anywhere, you will need to provide the following details during the import steps:
 
-  - The ARN of the IAM role that the hybrid node _directly assumes_ to access AWS services and perform operations.
   - The ARN of the IAM Roles Anywhere profile that defines which roles can be assumed.
   - The ARN of the IAM role specified in the IAM Roles Anywhere profile that defines the permissions and policies for
     roles that can be assumed by hybrid nodes.
@@ -186,7 +185,6 @@ Import your Amazon EKS cluster and enable hybrid mode to be able to create edge
 
     | **Field**           | **Description**                                                                                                                                                                                                                        | **Example**                                                                                      |
     | ------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------ |
-    | Assume Role ARN     | The ARN of the IAM role that the hybrid node _directly assumes_ to access AWS services and perform operations.                                                                                                                         | `arn:aws:iam::123456789012:role/AmazonEKSHybridNodesRole`                                        |
     | Profile ARN         | The ARN of the IAM Roles Anywhere profile that defines which roles can be assumed.                                                                                                                                                     | `arn:aws:rolesanywhere:us-east-2:123456789012:profile/abcd1234-5678-90ef-ghij-klmnopqrstuv`      |
     | Role ARN            | The ARN of the IAM role specified in the IAM Roles Anywhere profile that defines the permissions and policies for roles that can be assumed by hybrid nodes.                                                                           | `arn:aws:iam::123456789012:role/IRAHybridNodesRole`                                              |
     | Trust Anchor ARN    | The ARN of the IAM Roles Anywhere trust anchor that contains your certificate authority configuration.                                                                                                                                 | `arn:aws:rolesanywhere:us-east-2:123456789012:trust-anchor/abcd1234-5678-90ef-ghij-klmnopqrstuv` |
@@ -214,7 +212,7 @@ Import your Amazon EKS cluster and enable hybrid mode to be able to create edge
 15. If the `aws-auth` ConfigMap does not exist, create the following ConfigMap in the `kube-system` namespace using the
     following command.
 
-    Ensure to replace `<assumeRoleArn>` with the **Assume Role ARN** entry from step 12.
+    Ensure to replace `<roleArn>` with the **Role ARN** entry from step 12.
 
     ```shell
     kubectl create -f=/dev/stdin <<-EOF
@@ -228,7 +226,7 @@ Import your Amazon EKS cluster and enable hybrid mode to be able to create edge
         - groups:
           - system:bootstrappers
           - system:nodes
-          rolearn: <assumeRoleArn>
+          rolearn: <roleArn>
           username: system:node:{{SessionName}}
     EOF
     ```
@@ -242,7 +240,7 @@ Import your Amazon EKS cluster and enable hybrid mode to be able to create edge
     ```
 
     The following example shows the `mapRoles` entry appended below an existing entry. Ensure to replace
-    `<assumeRoleArn>` with the **Assume Role ARN** entry from step 12.
+    `<roleArn>` with the **Role ARN** entry from step 12.
 
     ```yaml {13-17} hideClipboard
     apiVersion: v1
@@ -260,7 +258,7 @@ Import your Amazon EKS cluster and enable hybrid mode to be able to create edge
         - groups:
           - system:bootstrappers
           - system:nodes
-          rolearn: <assumeRoleArn>
+          rolearn: <roleArn>
           username: system:node:{{SessionName}}
     ```
 
@@ -339,33 +337,35 @@ must also complete the following prerequisites:
 
 ### Add CNI Cluster Profile
 
-1. From the left **Main Menu**, select **Profiles**.
+1. Log in to [Palette](https://spectrocloud.com).
+
+2. From the left **Main Menu**, select **Profiles**.
 
-2. On the **Profiles** page, click **Add Cluster Profile**.
+3. On the **Profiles** page, click **Add Cluster Profile**.
 
-3. Fill out the basic information and ensure **Type** is set to **Add-on**. Click **Next** when done.
+4. Fill out the basic information and ensure **Type** is set to **Add-on**. Click **Next** when done.
 
-4. In **Profile Layers**, click **Add New Pack**.
+5. In **Profile Layers**, click **Add New Pack**.
 
-5. Enter **Cilium** in the search box, and select it. It appears in the **System App** category and must be version
+6. Enter **Cilium** in the search box, and select it. It appears in the **System App** category and must be version
    **1.16.0** or above.
 
-6. Click the **Presets drop-down Menu**.
+7. Click the **Presets drop-down Menu**.
 
-7. For **IPAM mode**, select **Cluster Pool**.
+8. For **IPAM mode**, select **Cluster Pool**.
 
-8. In the YAML editor, search for **clusterPoolIPv4PodCIDRList**. This parameter specifies the overall IP ranges
+9.  In the YAML editor, search for **clusterPoolIPv4PodCIDRList**. This parameter specifies the overall IP ranges
    available for pod networking across all your hybrid nodes.
 
    Adjust the pod CIDR list for hybrid pods in other networks that need to connect to this cluster. For example,
    `192.168.0.0`.
 
-9. In the YAML editor, search for **clusterPoolIPv4MaskSize**. This parameter determines the subnet mask size used for
+10. In the YAML editor, search for **clusterPoolIPv4MaskSize**. This parameter determines the subnet mask size used for
    pod IP allocation within each hybrid node.
 
    Adjust the mask size based on your required pods per hybrid node. For example, `/25`.
 
-10. In the Presets, find the **cilium-agent - Hybrid Nodes Affinity** option, and select **Amazon EKS**.
+11. In the Presets, find the **cilium-agent - Hybrid Nodes Affinity** option, and select **Amazon EKS**.
 
     This will add the following entry to `charts.cilium.affinity`. No changes are required afterwards.
 
@@ -387,21 +387,21 @@ must also complete the following prerequisites:
 
     :::
 
-11. Click **Confirm & Create**.
+12. Click **Confirm & Create**.
 
-12. Click **Next**, and then click **Finish Configuration**.
+13. Click **Next**, and then click **Finish Configuration**.
 
-13. From the left **Main Menu**, select **Clusters**.
+14. From the left **Main Menu**, select **Clusters**.
 
-14. Select your cluster to view its **Overview** tab.
+15. Select your cluster to view its **Overview** tab.
 
-15. Click **Attach Profile**.
+16. Click **Attach Profile**.
 
-16. Select the **Cilium** add-on profile that was created, and click **Confirm**.
+17. Select the **Cilium** add-on profile that was created, and click **Confirm**.
 
-17. In the **Cluster profiles** page, click **Save**. This will add the profile to your cluster.
+18. In the **Cluster profiles** page, click **Save**. This will add the profile to your cluster.
 
-18. If enabling [Cilium Envoy](https://docs.cilium.io/en/latest/security/network/proxy/envoy/) or other Cilium add-ons,
+19. If enabling [Cilium Envoy](https://docs.cilium.io/en/latest/security/network/proxy/envoy/) or other Cilium add-ons,
     you must apply the following label to all AWS cloud worker nodes.
 
     ```yaml