Kubernetes Operations (KOPS)
This topic explains how to install Portworx with Kubernetes on AWS (KOPS). Follow the steps in this topic in order.
Prepare
This article assumes that you are familiar with KOPS. For information about using KOPS, see one of the following pages:
Granting Portworx the needed AWS permissions
Portworx creates and attaches EBS volumes. As such, it needs the AWS permissions to do so. Below is a sample policy describing these permissions:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "<stmt-id>",
"Effect": "Allow",
"Action": [
"ec2:AttachVolume",
"ec2:ModifyVolume",
"ec2:DetachVolume",
"ec2:CreateTags",
"ec2:CreateVolume",
"ec2:DeleteTags",
"ec2:DeleteVolume",
"ec2:DescribeTags",
"ec2:DescribeVolumeAttribute",
"ec2:DescribeVolumesModifications",
"ec2:DescribeVolumeStatus",
"ec2:DescribeVolumes",
"ec2:DescribeInstances",
"autoscaling:DescribeAutoScalingGroups"
],
"Resource": [
"*"
]
}
]
}
You can provide these permissions to Portworx in one of following ways:
- Instance Privileges: Provide above permissions for all the instances in the autoscaling cluster by applying the corresponding IAM role. More info about IAM roles and policies can be found here
- Environment Variables: Create a User with the above policy and provide the security credentials (AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY) to Portworx.
Install
If you are not using instance privileges, you must also specify AWS environment variables in the DaemonSet spec file. The environment variables to specify (for the KOPS IAM user) are:
AWS_ACCESS_KEY_ID=<id>,AWS_SECRET_ACCESS_KEY=<key>
If generating the DaemonSet spec via the GUI wizard, specify the AWS environment variables in the List of environment variables field. If generating the DaemonSet spec via the command line, specify the AWS environment variables using the e
parameter.
Generate the specs
To install Portworx with Kubernetes, you must first generate Kubernetes manifests that you will deploy in your cluster:
- Navigate to PX-Central and log in, or create an account
Select Install and Run to open the Spec Generator
Select New Spec
Choose either or , depending on which license you intend to use:
Portworx can also be installed using it’s Helm chart by following instructions here. The above method is recommended over helm as the wizard will guide you based on your environment.
Apply the specs
Apply the generated specs to your cluster.
kubectl apply -f px-spec.yaml
Monitor the Portworx pods
Enter the following
kubectl get
command, waiting until all Portworx pods show as ready in the output:kubectl get pods -o wide -n kube-system -l name=portworx
Enter the following
kubectl describe
command with the ID of one of your Portworx pods to show the current installation status for individual nodes:kubectl -n kube-system describe pods <portworx-pod-id>
Events: Type Reason Age From Message ---- ------ ---- ---- ------- Normal Scheduled 7m57s default-scheduler Successfully assigned kube-system/portworx-qxtw4 to k8s-node-2 Normal Pulling 7m55s kubelet, k8s-node-2 Pulling image "portworx/oci-monitor:2.5.0" Normal Pulled 7m54s kubelet, k8s-node-2 Successfully pulled image "portworx/oci-monitor:2.5.0" Normal Created 7m53s kubelet, k8s-node-2 Created container portworx Normal Started 7m51s kubelet, k8s-node-2 Started container portworx Normal PortworxMonitorImagePullInPrgress 7m48s portworx, k8s-node-2 Portworx image portworx/px-enterprise:2.5.0 pull and extraction in progress Warning NodeStateChange 5m26s portworx, k8s-node-2 Node is not in quorum. Waiting to connect to peer nodes on port 9002. Warning Unhealthy 5m15s (x15 over 7m35s) kubelet, k8s-node-2 Readiness probe failed: HTTP probe failed with statuscode: 503 Normal NodeStartSuccess 5m7s portworx, k8s-node-2 PX is ready on this node
NOTE: In your output, the image pulled will differ based on your chosen Portworx license type and version.
Monitor the cluster status
Use the pxctl status
command to display the status of your Portworx cluster:
PX_POD=$(kubectl get pods -l name=portworx -n kube-system -o jsonpath='{.items[0].metadata.name}')
kubectl exec $PX_POD -n kube-system -- /opt/pwx/bin/pxctl status
Post-Install
Once you have a running Portworx installation, below sections are useful.
-
Storage operations Learn how to perform various storage operations using Portworx on Kubernetes
-
Stateful applications on Kubernetes Learn how to install various applications with Portworx on Kubernetes
-
Operate and Maintain Operations guide for running Portworx in Production with Kubernetes