Enterprise Managed Kubernetes
      Back to home
      1. Academy
      2. Enterprise Managed Kubernetes

      How to create an EMK cluster with the CLI?

      In this tutorial you will learn how to create an EMK cluster through an EMK service account in the CLI.

      Preconditions:

      Here's a short explanation on what you are going to learn in this tutorial:

      1. Create an EMK cluster with kubectl
      2. Describe the cluster

      Step 1.

      There are two ways to configure an EMK cluster within Fuga Cloud. The easiest way is through our dashboard with clickable options and a yaml editor to add in some extras.

      • You can use our 'default' cluster configurations to be sure you are using the latest version, to create a simple default cluster.
      • Or you maintain your own version of a cluster configuration and use that one to create a cluster through kubectl.
      You can find a basic example of the yaml here (click in the upper right corner on "Show Yaml").

      Below you see the settings for the configurations for an EMK cluster while using kubectl.

      % cat > shoot-config.json <<EOF
      apiVersion: core.gardener.cloud/v1beta1
      kind: Shoot
      metadata:
      namespace: garden-<EMK Project name>
      name: my-cluster
      spec:
        provider:
          type: openstack
          infrastructureConfig:
            apiVersion: openstack.provider.extensions.gardener.cloud/v1alpha1
            kind: InfrastructureConfig
            floatingPoolName: public
          controlPlaneConfig:
            apiVersion: openstack.provider.extensions.gardener.cloud/v1alpha1
            kind: ControlPlaneConfig
            loadBalancerProvider: amphora
          workers:
            - name: worker-xs8oh-1
              minimum: 2
              maximum: 4
              maxSurge: 1
              cri:
                name: containerd
              machine:
                type: emk1.small
                image:
                  name: gardenlinux
                  version: 576.10.0
        cloudProfileName: fugacloud
        kubernetes:
          version: 1.25.4
          enableStaticTokenKubeconfig: true
        networking:
          nodes: 10.250.0.0/16
          type: calico
        secretBindingName: <my-secretbinding>
        region: ams2
      EOF

      This is a default example, get one from the dashboard fitted for your environment.
      You can get the secret binding with the following:

      % kubectl get secretbindings \
          --kubeconfig ~/Downloads/kubeconfig.yaml | grep emk-project
      NAME               SECRET                               PROVIDER              AGE
      my-secretbinding   garden-emkproject/my-secretbinding   openstack             95d

      This secret binding can be filled in on the spot: <my-secretbinding>.

      Next, you want to get the machine type. This can be retrieved from the cloudprofile:

      % kubectl describe cloudprofile fugacloud \
          --kubeconfig ~/Downloads/kubeconfig.yaml

      From the same file is it possible to retrieve the supported Kubernetes versions.

      When all are filled, you can create the cluster with:

      % kubectl apply -f shoot-config.json \
      --kubeconfig ~/Downloads/kubeconfig.yaml
      shoot.core.gardener.cloud/yih8z7wkv6 created

      Congratulations! You have made your first EMK cluster through the command line.

      Be aware that, with the basic settings, we have created a simple EMK cluster with static kubeconfig. For a production-safe cluster it's recommended not to use static, but rotating. More about getting credentials for this can be found in the tutorial "Rotating kubeconfig for my EMK Cluster".

      Step 2.

      Verify the state of your EMK cluster. Before requesting a kubeconfig to your cluster it has to be in a finished state.

      % kubectl get shoots
          --kubeconfig ~/Downloads/kubeconfig.yaml
      NAME         CLOUDPROFILE   PROVIDER    REGION   K8S VERSION   HIBERNATION   LAST OPERATION            STATUS    AGE
      yih8z7wkv6   fugacloud      openstack   ams2     1.25.4        Awake         Create Processing (26%)   healthy   2m

      When it is in a finished state you can request a kubeconfig to access the Kubernetes cluster with:

      % cat > kubeconfig-request.json <<EOF
      {
          "apiVersion": "authentication.gardener.cloud/v1alpha1",
          "kind": "AdminKubeconfigRequest",
      }
      EOF

      % NAMESPACE=garden-<your_emk_project_name>
      % SHOOT=<your_shoot_name>

      % kubectl create \
      --kubeconfig ~/Downloads/kubeconfig.yaml \
      --filename ./kubeconfig-request.json \
      --raw /apis/core.gardener.cloud/v1beta1/namespaces/${NAMESPACE}/shoots/${SHOOT}/adminkubeconfig \
      | jq -r ".status.kubeconfig | @base64d" \
      > config-${SHOOT}.yaml

      Then test if you can get info from the cluster about the nodes with:

      % kubectl top nodes \
          --kubeconfig=config-${SHOOT}.yaml
      NAME              CPU(cores)   CPU%   MEMORY(bytes)   MEMORY%
      shoot--xxx--xxx   208m         10%    1796Mi          66%
      shoot--yyy--yyy   180m         9%     1903Mi          70%

      Final word

      In this walkthrough, you learned how to create an EMK cluster with a service account with kubectl. The next step can be to use a more advanced configuration or a rotating kubeconfig instead of the static one used in this example.