Versions Compared

Version Old Version 24 New Version Current
Changes made by

Yajing Wang

Yajing Wang

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Scroll Documents: Update page title prefix

The x-install tool is the newest Exostellar installer designed to simplify the setup process. It offers a variety of subcommands to provision a sandbox environment, install Exostellar products, and verify post-installation readiness.

Prerequisites

Before using the x-install tool, ensure that your environment meets the following requirements:

  • Terraform: Version 1.8+

  • kubectl: Version 1.28+

  • Helm: Version 3.14.2+

  • AWS CLI

  • AWS Authentication, Credentials, and CredentialsRegion
    Please properly configure AWS authentication and default region in your local environment.

Expand
titleAWS Authentication and Credentials Setup Methods
Expand
titleIAM Permissions for the AWS Account

You can set up credentials using various methods such as command-line options, environment variables, assume role, credentials files, configuration files, etc.

  • Command-line Options

    Code Block
    languagebash
    aws configure sso
    Code Block
    languagebash
    aws s3 ls --profile profile1

  • Environment Variables

    Code Block
    languagebash
    export AWS_ACCESS_KEY_ID=<AccessKeyId>
export AWS_SECRET_ACCESS_KEY=<SecretAccessKey>
export AWS_SESSION_TOKEN=<SessionToken>

  • Assume role

    Code Block
    aws sts assume-role \
    --role-arn arn:aws:iam::123456789012:role/xaccounts3access \
    --role-session-name s3-access-example

  • Credentials and Configuration File:
    Update in ~/.aws/credentials and ~/.aws/config

    Code Block
    languagebash
    aws configure

  • AWS Account
    Ensure the following IAM permissions are in place:

json
Info

Please ensure the default region is set for deployment. If not set above, use the following command:

Code Block
language
bash
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action
aws configure set default.region us-east-2

Ensure the account has the following IAM permissions:

Expand
titleIAM Permissions for the AWS Account - Standalone Flow

When working with standalone flow i.e., deploying everything from scratch using the create-standalone command, use the following IAM policy.

Please add your AWS account ID and cluster name to the policy below.

Code Block
languagejson
{
	"Version": "2012-10-17",
	"Statement": [
		{
			"Effect"ssm:ListAssociations "Allow",
				"Action"ec2:RunInstances", [
				"ec2autoscaling:DescribeSubnetsCompleteLifecycleAction",
				"ec2autoscaling:DescribeKeyPairsCreateAutoScalingGroup",
				"ec2autoscaling:DescribeVpcsDeleteAutoScalingGroup",
				"ec2autoscaling:DescribeSecurityGroupsEnableMetricsCollection",
				"ec2autoscaling:DescribeSecurityGroupRulesPutNotificationConfiguration",
				"ec2autoscaling:AuthorizeSecurityGroupIngressUpdateAutoScalingGroup"
			],
				"Resource"ec2:CreateTags" "*"
		},
		{
			"ec2:CreateSecurityGroupEffect": "Allow",
				"Action"sns:ListTopics", [
				"s3ec2:CreateBucketAllocateAddress",
				"iamec2:AttachRolePolicyAssignPrivateIpAddresses",
				"iamec2:CreateRoleAssociateRouteTable",
				"iamec2:ListRolesAttachInternetGateway",
				"iamec2:TagRoleAttachNetworkInterface",
				"iamec2:PutRolePolicyAuthorizeSecurityGroupEgress",
				"iamec2:CreateInstanceProfileAuthorizeSecurityGroupIngress",
				"iamec2:AddRoleToInstanceProfileCreateFleet",
				"iamec2:PassRoleCreateInternetGateway",
				"ec2:DescribeInstancesCreateLaunchTemplate",
				"ec2:DescribeInstanceTypesCreateLaunchTemplateVersion",
				"ec2:RunInstancesCreateNatGateway",
				"ec2:DescribeImagesCreateNetworkAclEntry",
				"ec2:DescribeImageAttributeCreateNetworkInterface",
				"ec2:DescribeAvailabilityZonesCreateNetworkInterfacePermission",
				"ec2:DescribeAccountAttributesCreateRoute",
				"ec2:DescribeRouteTablesCreateRouteTable",
				"ec2:DescribeNetworkAclsCreateSecurityGroup",
				"ec2:DescribeInstanceStatusCreateSubnet",
				"ec2:DescribeAddressesCreateTags",
				"ec2:DescribeDhcpOptionsCreateVpc",
				"ec2:DescribeSnapshotsDeleteInternetGateway",
				"ec2:DescribeVolumesDeleteLaunchTemplate",
				"ec2:DescribeVolumeStatusDeleteNatGateway",
				"ec2:DescribeVolumesModificationsDeleteNetworkAclEntry",
				"cloudwatchec2:DescribeAlarmsDeleteNetworkInterface",
				"cloudwatchec2:ListMetricsDeleteRoute",
				"iamec2:ListUsersDeleteRouteTable",
				"iamec2:ListAccessKeysDeleteSecurityGroup",
				"iamec2:CreateAccessKeyDeleteSubnet",
				"ec2:AuthorizeSecurityGroupEgressDeleteTags",
				"iamec2:ListPolicyVersionsDeleteVpc",
				"eksec2:ListClustersDescribeAddresses",
				"eksec2:DescribeClusterDescribeAddressesAttribute",
				"eksec2:ListNodegroupsDescribeAvailabilityZones",
				"eksec2:DescribeNodegroupDescribeDhcpOptions",
				"eksec2:DescribeAddonDescribeImages",
				"eksec2:ListAddonsDescribeInstanceAttribute",
				"eksec2:DescribeIdentityProviderConfigDescribeInstances",
			]	"ec2:DescribeInstanceTypes",
				"Resource"ec2: "*"
		}DescribeInternetGateways",
		{
			"Effect": "Allowec2:DescribeLaunchTemplates",
				"Action": [ec2:DescribeLaunchTemplateVersions",
				"s3ec2:PutObjectDescribeNatGateways",
				"s3ec2:GetObjectDescribeNetworkAcls",
			],
			"Resource"ec2: "arn:aws:s3:::cf-template*"
		}DescribeNetworkInterfaces",
		{
			"Sid": "Statement1ec2:DescribeRouteTables",
				"Effect": "Allowec2:DescribeSecurityGroupRules",
				"Action": [ec2:DescribeSecurityGroups",
				"eksec2:CreateClusterDescribeSnapshots",
				"eksec2:DescribeClusterDescribeSubnets",
				"eksec2:DeleteClusterDescribeTags",
				"eksec2:ListClustersDescribeVolumes",
				"eksec2:UpdateClusterConfigDescribeVpcAttribute",
				"eksec2:UpdateClusterVersionDescribeVpcs",
				"eksec2:CreateNodegroupDetachInternetGateway",
				"eksec2:DescribeNodegroupDetachNetworkInterface",
				"eksec2:ListNodegroupsDisassociateAddress",
				"eksec2:UpdateNodegroupConfigDisassociateRouteTable",
				"eksec2:UpdateNodegroupVersionModifyInstanceAttribute",
				"eksec2:DescribeAddonVersionsModifyLaunchTemplate",
				"eksec2:CreateAddonModifyNetworkInterfaceAttribute",
				"eksec2:DeleteAddonModifySubnetAttribute",
				"eksec2:DescribeAddonModifyVpcAttribute",
				"eksec2:ListAddonsReleaseAddress",
				"eksec2:UpdateAddonRevokeSecurityGroupEgress",
				"eksec2:AccessKubernetesApiRevokeSecurityGroupIngress",
				"eksec2:ListAccessPoliciesRunInstances",
				"eksec2:ListAccessEntriesTerminateInstances"
			],
				"Resource"eks:ListIdentityProviderConfigs" "*"
		},
		{
			"eks:DescribeAccessEntryEffect": "Allow",
			"Action": [
				"eks:ListPodIdentityAssociationsAssociateAccessPolicy",
				"eks:ListAssociatedAccessPoliciesCreateAccessEntry",
				"eks:CreateAccessEntryCreateAddon",
				"eks:AssociateAccessPolicyCreateCluster",
				]"eks:CreateNodegroup",
				"Resource": "*"
		}eks:DeleteAccessEntry",
		{
			"Effect"eks: DeleteAddon"Allow",
				"Actioneks:DeleteCluster":,
[
				"iameks:DeleteRolePolicyDeleteNodegroup",
				"iameks:DeleteRoleDescribeAccessEntry",
				"iameks:GetRoleDescribeAddon",
				"iameks:ListPoliciesDescribeAddonVersions",
				"iameks:ListAttachedRolePoliciesDescribeCluster",
				"iameks:CreateServiceLinkedRoleDescribeNodegroup",
				"iameks:RemoveRoleFromInstanceProfileDisassociateAccessPolicy",
				"iameks:DeleteInstanceProfileListAssociatedAccessPolicies",
				"iameks:ListEntitiesForPolicyListNodegroups",
				"iameks:GetInstanceProfileTagResource",
				"iam:ListInstanceProfiles"],
				"Resource"iam:ListInstanceProfilesForRole" "*"
		},
		{
			"iam:ListOpenIDConnectProvidersEffect": "Allow",
				"Action"iam:GetOpenIDConnectProvider", [
				"iamevents:GetRolePolicyPutRule",
				"ec2events:RevokeSecurityGroupIngressPutTargets",
				"ec2:DeleteSecurityGroup"],
				"Resource"ec2:StopInstances" "*"
		},
		{
			"ec2:TerminateInstancesEffect": "Allow",
				"Action"ec2:DescribeVpcAttribute", [
				"ec2iam:DescribeTagsAddRoleToInstanceProfile",
				"ec2iam:DescribeNetworkInterfacesAttachRolePolicy",
				"cloudformationiam:DeleteStackCreateInstanceProfile",
				"ec2iam:RevokeSecurityGroupEgressCreateOpenIDConnectProvider",
				"iam:ListRolePoliciesCreatePolicy",
				"iam:CreatePolicyCreateRole",
				"iam:GetPolicyDeleteInstanceProfile",
				"ec2iam:DescribeInstanceAttributeDeleteOpenIDConnectProvider",
				"iam:GetPolicyVersionDeletePolicy",
			],
			"Resource"iam: "*"
		}DeleteRole",
		{
			"Sid": "AdditionalPermissionsiam:DeleteRolePolicy",
				"Effect"iam: DetachRolePolicy"Allow",
				"Actioniam:GetInstanceProfile":,
[
				"iam:DetachRolePolicyGetOpenIDConnectProvider",
				"ec2iam:CreateVpcGetPolicy",
				"ec2iam:DeleteVpcGetPolicyVersion",
				"ec2iam:CreateSubnetGetRole",
				"ec2iam:DeleteSubnetGetRolePolicy",
				"ec2iam:CreateRouteTableListAttachedRolePolicies",
				"ec2iam:CreateRouteListInstanceProfilesForRole",
				"ec2iam:AssociateRouteTableListPolicyVersions",
				"ec2iam:ReplaceRouteTableAssociationListRolePolicies",
				"ec2iam:DeleteRouteTablePutRolePolicy",
				"ec2iam:CreateInternetGatewayRemoveRoleFromInstanceProfile",
				"ec2iam:AttachInternetGatewayTagInstanceProfile",
				"ec2iam:AllocateAddressTagOpenIDConnectProvider",
				"ec2iam:ReleaseAddressTagRole",
				"ec2:CreateNatGateway"],
				"Resource"ec2:DeleteNatGateway "*",
		},
		"cloudformation:UpdateStack",{
				"Effect"cloudformation:DeleteChangeSet", 				"cloudformation:DescribeChangeSet"Allow",
				"Action"cloudformation:ExecuteChangeSet", [
				"cloudtrailiam:DescribeTrailsPassRole",
				"cloudtrail:GetTrailStatus"],
				"Resource"cloudtrail:GetEventSelectors", [
				"logs:DescribeLogGroupsarn:aws:iam::<account-id>:role/<cluster-name>*",
				"logs:DescribeLogStreams",
	arn:aws:iam::<account-id>:role/terraform-*"
			]
		},
		{
			"logs:GetLogEventsEffect": "Allow",
				"Action"logs:FilterLogEvents", [
				"iamkms:GetUserPolicyCreateAlias",
				"iamkms:GetGroupPolicyCreateGrant",
				"iamkms:GetPolicyVersionCreateKey",
				"ec2kms:CreateLaunchTemplateDeleteAlias",
				"ec2kms:DescribeLaunchTemplatesEnableKeyRotation",
				"ec2kms:DescribeInternetGatewaysListAliases",
				"ec2kms:ModifyVpcAttributeRetireGrant",
				"ec2kms:ModifySubnetAttributeScheduleKeyDeletion",
				"ec2kms:DescribeNatGatewaysTagResource",
				"ec2:DescribeInstanceTypeOfferings"],
				"Resource"ec2:DescribeEgressOnlyInternetGateways" "*"
		},
		{
			"Effect"ec2:DescribeLaunchTemplateVersions "Allow",
				"Action"ec2:DeleteLaunchTemplate", [
				"ekslogs:TagResourceCreateLogGroup",
				"elasticloadbalancinglogs:CreateLoadBalancerCreateLogStream",
				"elasticloadbalancinglogs:DescribeLoadBalancersDeleteLogGroup",
				"elasticloadbalancinglogs:DeleteLoadBalancerDescribeLogGroups",
				"elasticloadbalancinglogs:CreateTargetGroupListTagsForResource",
				"elasticloadbalancinglogs:DescribeTargetGroupsPutRetentionPolicy",
				"elasticloadbalancinglogs:RegisterTargetsTagResource",
				"autoscaling:CreateAutoScalingGroup"],
				"Resource"autoscaling:UpdateAutoScalingGroup" "*"
		},
		{
			"autoscaling:DeleteAutoScalingGroupEffect": "Allow",
				"Action"autoscaling:DescribeAutoScalingGroups", [
				"autoscalingaws-marketplace:DescribeScalingActivitiesListEntities",
				"cloudformation:DescribeChangeSet"],
				"Resource"cloudformation:ExecuteChangeSet "*",
		},
		"s3:CreateBucket",{
				"Effect"s3:DeleteBucket "Allow",
				"Action"s3:ListBucket", [
				"s3ssm:GetBucketLocationRegisterManagedInstance",
				"s3ssm:GetBucketPolicyUpdateInstanceInformation",
				"s3:PutBucketPolicy"],
				"Resource"aws-marketplace:ViewSubscriptions",: "*"
				"ec2:DescribeKeyPairs",
				"ec2:CreateKeyPair"
			],
			"Resource": "*"
		}
	]
}
Expand
titleSSH Key Creation

Use the following command to create a new SSH key pair:

Code Block
aws ec2 create-key-pair --key-name 'my-dev-key' --query 'KeyMaterial' --output text > my-dev-key.pem

Modify the permission to secure the key:

Code Block
chmod 400 my-dev-key-new.pem

  • x-install tool: Version 0.0.10+

...

titlex-install Download Options

...

Platform

...

Architecture

...

File

...

Release Date

...

macOS

...

ARM64

...

View file
namex-install-darwin-arm64-.0.0.10.tar.gz

...

...

macOS

...

x86_64

...

View file
namex-install-darwin-x86_64-.0.0.10.tar.gz

...

...

Linux

...

ARM64

...

View file
namex-install-linux-arm64-.0.0.10.tar.gz

...

...

Linux

...

i386

...

View file
namex-install-linux-i386-.0.0.10.tar.gz

...

...

Linux

...

x86_64

...

View file
namex-install-linux-x86_64-.0.0.10.tar.gz

...

...

Windows

...

ARM64

...

View file
namex-install-windows-arm64-.0.0.10.zip

...

...

Windows

...

i386

...

View file
namex-install-windows-i386-.0.0.10.zip

...

...

Windows

...

x86_64

...

View file
namex-install-windows-x86_64-.0.0.10.zip

...

Info

For macOS users, please grant x-install permissions by clicking the “Allow Anyway” button in the Security settings. This button is available for about an hour after you try to open the app. You can access the Security settings by choosing Apple Menu System Settings, then clicking Privacy & Security in the sidebar.

Installation Steps

1. Create a Standalone Stack

Use the following command to create a standalone stack:

(Please modify the stack name, VPC CIDR, SSH key pair, and region to suit your environment.)

Code Block
languagebash
x-install create-standalone \
  --stack-name=xio-standalone \
  --vpc-cidr=10.0.0.0/16 \
  --ssh-key-pair-name=my-dev-key \
  --region=us-east-2

  • The new VPC and EKS cluster will inherit the stack name.

  • The VPC will be assigned the CIDR block 10.0.0.0/16.

  • The EC2 SSH key pair, my-dev-key, will be used to access the Exostellar Management Server.

2. Verify Post-Installation Readiness

After the standalone stack is successfully created, use the following command to check if the stack is ready:

Code Block
languagebash
x-install post-install --stack-name=xio-standalone --ssh-private-key-file=my-dev-key.pem --ssh-username=rocky
Info

It might take a few attempts for post-install to pass all system units and containers readiness checks, due to infrastructure readiness latency.

3. Add an X-Compute Node to the Standalone EKS Cluster

To add an X-Compute node to the newly created standalone EKS cluster, first SSH into the Exostellar Management Server:

Code Block
ssh -i "my-dev-key.pem" rocky@<management-server-public-ip>

On the server, run the following command to add a new node to the EKS cluster:

Code Block
languagebash
eks-node-cli add -n node-00 -c 1 -m 4096 -p pool-a -r az1 -k xio-standalone
Tip

The new node can be verified using the kubectl command:

Code Block
kubectl get node -l eks.amazonaws.com/nodegroup=x-compute

Please ensure ~/.kube/config is set up properly. It takes a couple of minutes for the x-compute node to boot and show up.

The output should display the new nodes as ready:

Code Block
NAME
}
	]
}
Expand
titleIAM Permissions for the AWS Account - Using an Existing Cluster

When working with existing EKS clusters, use the following IAM policy.

Please add your AWS account ID and cluster name to the policy below.

Code Block
languagejson
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "aws-marketplace:ListEntities"
			],
			"Resource": "*"
		},
		{
			"Effect": "Allow",
			"Action": [
                "ec2:ModifyInstanceAttribute",
                "ec2:AuthorizeSecurityGroupEgress",
                "ec2:AuthorizeSecurityGroupIngress",
                "ec2:CreateSecurityGroup",
                "ec2:CreateTags",
                "ec2:DeleteSecurityGroup",
                "ec2:DescribeDhcpOptions",
                "ec2:DescribeImages",
                "ec2:DescribeInstanceAttribute",
                "ec2:DescribeInstances",
                "ec2:DescribeInstanceTypes",
                "ec2:DescribeInternetGateways",
                "ec2:DescribeNatGateways",
                "ec2:DescribeNetworkInterfaces",
                "ec2:DescribeRouteTables",
                "ec2:DescribeSecurityGroups",
                "ec2:DescribeSnapshots",
                "ec2:DescribeSubnets",
                "ec2:DescribeTags",
                "ec2:DescribeVolumes",
                "ec2:DescribeVpcAttribute",
                "ec2:DescribeVpcs",
                "ec2:RevokeSecurityGroupEgress",
                "ec2:RunInstances",
                "ec2:TerminateInstances"
			],
			"Resource": "*"
		},
		{
			"Effect": "Allow",
			"Action": [
                "eks:DescribeCluster",
                "eks:DescribeNodegroup",
                "eks:ListNodegroups"
			],
			"Resource": "*"
		},
		{
			"Effect": "Allow",
			"Action": [
                "iam:AddRoleToInstanceProfile",
                "iam:AttachRolePolicy",
                "iam:CreateInstanceProfile",
                "iam:CreateRole",
                "iam:DeleteInstanceProfile",
                "iam:DeleteRole",
                "iam:DeleteRolePolicy",
                "iam:DetachRolePolicy",
                "iam:GetInstanceProfile",
                "iam:GetPolicy",
                "iam:GetPolicyVersion",
                "iam:GetRole",
                "iam:GetRolePolicy",
                "iam:ListAttachedRolePolicies",
                "iam:ListInstanceProfilesForRole",
                "iam:ListRolePolicies",
                "iam:PutRolePolicy",
                "iam:RemoveRoleFromInstanceProfile",
                "iam:TagInstanceProfile",
                "iam:TagRole"
			],
			"Resource": "*"
		},
		{
			"Effect": "Allow",
			"Action": [
				"iam:PassRole"
			],
			"Resource": [
				"arn:aws:iam::<account-id>:role/<cluster-name>*",
				"arn:aws:iam::<account-id>:role/terraform-*"
			]
		}
    ]
}
Expand
titleSSH Key Creation

Use the following command to create a new SSH key pair:

Code Block
languagebash
aws ec2 create-key-pair --key-name 'my-dev-key' --query 'KeyMaterial' --output text --region us-east-2 > my-dev-key.pem

Modify the permission to secure the key:

Code Block
languagebash
chmod 400 my-dev-key.pem

  • x-install tool: Version 0.0.15+

Expand
titlex-install Download Options

Platform

Architecture

File

Release Date

macOS

ARM64

View file
namex-install-darwin-arm64-.0.0.15.tar.gz

macOS

x86_64

View file
namex-install-darwin-x86_64-.0.0.15.tar.gz

Linux

ARM64

View file
namex-install-linux-arm64-.0.0.15.tar.gz

Linux

i386

View file
namex-install-linux-i386-.0.0.15.tar.gz

Linux

x86_64

View file
namex-install-linux-x86_64-.0.0.15.tar.gz

Windows

ARM64

View file
namex-install-windows-arm64-.0.0.15.zip

Windows

i386

View file
namex-install-windows-i386-.0.0.15.zip

Windows

x86_64

View file
namex-install-windows-x86_64-.0.0.15.zip

Info

For macOS users, please grant x-install permissions by clicking the “Allow Anyway” button in the Security settings. This button is available for about an hour after you try to open the app. You can access the Security settings by choosing Apple Menu System Settings, then clicking Privacy & Security in the sidebar.

Installation Steps

Creating a Sandbox EKS Cluster and Deploying the Management Server

1. Create a Standalone Stack

Navigate to the directory where x-install is downloaded and use the following command to create a standalone stack, customizing the cluster name, VPC CIDR, SSH key pair, and region to suit your environment:

Code Block
languagebash
x-install create-standalone \
  --cluster=xio-standalone \
  --vpc-cidr=10.0.0.0/16 \
  --ssh-key-pair-name=my-dev-key \
  --region=us-east-2

  • The new VPC and EKS cluster will inherit the stack name.

  • The VPC will be assigned the CIDR block 10.0.0.0/16.

  • The EC2 SSH key pair, my-dev-key, will be used to access the Exostellar Management Server.

By default, x-install auto-detects the latest Management Server AMI in the region within the AWS account. To specify a version or custom AMI ID, use --mgmt-server-ami-id:

Code Block
languagebash
x-install create-standalone \
  --cluster=xio-standalone \
  --vpc-cidr=10.0.0.0/16 \
  --ssh-key-pair-name=my-dev-key \
  --region=us-east-2 \
  --mgmt-server-ami-id=ami-053b51fb9abf27xxx

2. Verify Post-Installation Readiness

After the standalone stack is successfully created, use the following command to check if the stack is ready:

Code Block
languagebash
x-install post-install --cluster=xio-standalone --ssh-private-key-file=my-dev-key.pem --ssh-username=rocky
Info

It might take a few attempts for post-install to pass all system units and containers readiness checks, due to infrastructure readiness latency.

Deploying the Management Server into an Existing EKS Cluster

1. Add Necessary IAM Permissions

Ensure all required IAM resources are present by running:

Code Block
languagebash
x-install apply-iam --cluster xio-standalone --region us-east-2

2. Check the Target Environment

Verify the existing EKS cluster meets installation prerequisites:

Code Block
languagebash
x-install precheck --cluster xio-standalone --region us-east-2 --ssh-key-pair-name=my-dev-key.pem
Info

Please refer to this for the IAM roles required for the cluster’s node group.

3. Install the Management Server

Deploy the Management Server into the existing EKS Cluster:

Code Block
languagebash
x-install apply --cluster xio-standalone

4. Integrate the Management Server with the Existing EKS Cluster

Run the following command to complete the integration:

Code Block
languagebash
x-install eksconfig --cluster xio-standalone

To update the integration configurations:

Code Block
languagebash
x-install eksconfig --cluster xio-standalone --override-existing-params

Adding X-Compute Nodes to the EKS Cluster via eks-node-cli

1. Access the Management Server

SSH into the Exostellar Management Server using:

Code Block
languagebash
ssh -i "my-dev-key.pem" rocky@<management-server-public-ip>

2. Add a New Node

Run this command on the server to add a new node to the EKS cluster:

Code Block
languagebash
eks-node-cli add -n node-00 -c 1 -m 4096 -p pool-a -r az1 -k xio-standalone
Tip

The new node can be verified using the kubectl command:

Code Block
kubectl get node -l eks.amazonaws.com/nodegroup=x-compute

The output should display the new nodes as ready:

Code Block
NAME                                          STATUS   ROLES    AGE     VERSION
ip-10-0-39-220.us-west-1.x-compute.internal   Ready    <none>   4m17s   v1.29.3-eks-ae9a62a

Please ensure ~/.kube/config is set up properly. It takes a couple of minutes for the x-compute node to boot and show up.

By default, the EKS token used to access the standalone EKS cluster expired after 60 minutes. Following that, all attempts to access the cluster will fail with Unauthorized errors.

To generate a new EKS token and use it with your existing kubeconfig file, run:

Code Block
languagebash
x-install update-kubeconfig --cluster=xio-standalone

Adding X-Compute Nodes to the EKS Cluster via Exostellar Karpenter

Reference deployment example:

Code Block
languagebash
cat <<EOF | kubectl apply -f -
apiVersion: apps/v1
kind: Deployment
metadata:
  name: nginx
spec:
  selector:
    matchLabels:
      app: nginx
  replicas: 2
  template:
    metadata:
      labels:
        app: nginx
    spec:
      tolerations:
      - key: "exokarpenter.sh/x-compute"
        operator: "Exists"
        effect: "NoSchedule"
      affinity:
        nodeAffinity:
          requiredDuringSchedulingIgnoredDuringExecution:
            nodeSelectorTerms:
            - matchExpressions:
              - key: exokarpenter.sh/nodepool
                operator: In
                values:
                - pool-a
      containers:
      - name: nginx
         STATUSimage: nginx:1.14.2
       ROLES ports:
  AGE     VERSION ip-10-0-39-220.us-west-1.x-compute.internal   Ready- containerPort: 80
        resources:
          <none>  requests:
4m17s   v1.29.3-eks-ae9a62a

By default, the EKS token used to access the standalone EKS cluster expired after 60 minutes. Following that, all attempts to access the cluster will fail with Unauthorized errors.

To generate a new EKS token and use it with your existing kubeconfig file, run:

Code Block
languagebash
x-install update-kubeconfig --stack-name=xio-standalone

4. Clean Up

...

              cpu: 1
EOF

Cleaning Up

The entire standalone stack can be deleted with the destroy command:

Code Block
languagebash
x-install destroy --stack-name cluster=xio-standalone
Info

In some cases, Terraform might time out during the destroy process. If this happens, simply re-run the command to allow Terraform to reconcile its final state.

At this time, all controllers and workers EC2 instances need to be manually terminated.

Additional Help and Support

To explore other subcommands, use the following command for a list of available options:

Code Block
x-install --help
Info

If you encounter any issues, please take a screenshot of your x-install output and download your ~/.xio/ folder. Then, submit both to Exostellar Customer Support for further assistance.