Versions Compared

Old Version 31

changes.mady.by.user Yajing Wang

Saved on

compared with

New Version Current

changes.mady.by.user Yajing Wang

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Scroll Documents: Update page title prefix

The x-install tool is the newest Exostellar installer designed to simplify the setup process. It offers a variety of subcommands to provision a sandbox environment, install Exostellar products, and verify post-installation readiness.

Prerequisites

Before using the x-install tool, ensure that your environment meets the following requirements:

...

Expand
titleIAM Permissions for the AWS Account
Code Block
languagejson
{
	"Version": "2012-10-17",
	"Statement": [
		{
			"Effect": "Allow",
			"Action": [
				"ssm:ListAssociations",
				"ec2:RunInstances",
				"ec2:DescribeSubnets",
				"ec2:DescribeKeyPairs",
				"ec2:DescribeVpcs",
				"ec2:DescribeSecurityGroups",
				"ec2:DescribeSecurityGroupRules",
				"ec2:AuthorizeSecurityGroupIngress",
				"ec2:CreateTags",
				"ec2:CreateSecurityGroup",
				"sns:ListTopics",
				"s3:CreateBucket",
				"iam:AttachRolePolicy",
				"iam:CreateRole",
				"iam:ListRoles",
				"iam:TagRole",
				"iam:PutRolePolicy",
				"iam:CreateInstanceProfile",
				"iam:AddRoleToInstanceProfile",
				"iam:PassRole",
				"ec2:DescribeInstances",
				"ec2:DescribeInstanceTypes",
				"ec2:RunInstances",
				"ec2:DescribeImages",
				"ec2:DescribeImageAttribute",
				"ec2:DescribeAvailabilityZones",
				"ec2:DescribeAccountAttributes",
				"ec2:DescribeRouteTables",
				"ec2:DescribeNetworkAcls",
				"ec2:DescribeInstanceStatus",
				"ec2:DescribeAddresses",
				"ec2:DescribeDhcpOptions",
				"ec2:DescribeSnapshots",
				"ec2:DescribeVolumes",
				"ec2:DescribeVolumeStatus",
				"ec2:DescribeVolumesModifications",
				"cloudwatch:DescribeAlarms",
				"cloudwatch:ListMetrics",
				"iam:ListUsers",
				"iam:ListAccessKeys",
				"iam:CreateAccessKey",
				"ec2:AuthorizeSecurityGroupEgress",
				"iam:ListPolicyVersions",
				"eks:ListClusters",
				"eks:DescribeCluster",
				"eks:ListNodegroups",
				"eks:DescribeNodegroup",
				"eks:DescribeAddon",
				"eks:ListAddons",
				"eks:DescribeIdentityProviderConfig"
			],
			"Resource": "*"
		},
		{
			"Effect": "Allow",
			"Action": [
				"s3:PutObject",
				"s3:GetObject"
			],
			"Resource": "arn:aws:s3:::cf-template*"
		},
		{
			"Sid": "Statement1",
			"Effect": "Allow",
			"Action": [
				"eks:CreateCluster",
				"eks:DescribeCluster",
				"eks:DeleteCluster",
				"eks:ListClusters",
				"eks:UpdateClusterConfig",
				"eks:UpdateClusterVersion",
				"eks:CreateNodegroup",
				"eks:DescribeNodegroup",
				"eks:ListNodegroups",
				"eks:UpdateNodegroupConfig",
				"eks:UpdateNodegroupVersion",
				"eks:DescribeAddonVersions",
				"eks:CreateAddon",
				"eks:DeleteAddon",
				"eks:DescribeAddon",
				"eks:ListAddons",
				"eks:UpdateAddon",
				"eks:AccessKubernetesApi",
				"eks:ListAccessPolicies",
				"eks:ListAccessEntries",
				"eks:ListIdentityProviderConfigs",
				"eks:DescribeAccessEntry",
				"eks:ListPodIdentityAssociations",
				"eks:ListAssociatedAccessPolicies",
				"eks:CreateAccessEntry",
				"eks:AssociateAccessPolicy"
			],
			"Resource": "*"
		},
		{
			"Effect": "Allow",
			"Action": [
				"iam:DeleteRolePolicy",
				"iam:DeleteRole",
				"iam:GetRole",
				"iam:ListPolicies",
				"iam:ListAttachedRolePolicies",
				"iam:CreateServiceLinkedRole",
				"iam:RemoveRoleFromInstanceProfile",
				"iam:DeleteInstanceProfile",
				"iam:ListEntitiesForPolicy",
				"iam:GetInstanceProfile",
				"iam:ListInstanceProfiles",
				"iam:ListInstanceProfilesForRole",
				"iam:ListOpenIDConnectProviders",
				"iam:GetOpenIDConnectProvider",
				"iam:GetRolePolicy",
				"ec2:RevokeSecurityGroupIngress",
				"ec2:DeleteSecurityGroup",
				"ec2:StopInstances",
				"ec2:TerminateInstances",
				"ec2:DescribeVpcAttribute",
				"ec2:DescribeTags",
				"ec2:DescribeNetworkInterfaces",
				"cloudformation:DeleteStack",
				"ec2:RevokeSecurityGroupEgress",
				"iam:ListRolePolicies",
				"iam:CreatePolicy",
				"iam:GetPolicy",
				"ec2:DescribeInstanceAttribute",
				"iam:GetPolicyVersion"
			],
			"Resource": "*"
		},
		{
			"Sid": "AdditionalPermissions",
			"Effect": "Allow",
			"Action": [
				"iam:DetachRolePolicy",
				"ec2:CreateVpc",
				"ec2:DeleteVpc",
				"ec2:CreateSubnet",
				"ec2:DeleteSubnet",
				"ec2:CreateRouteTable",
				"ec2:CreateRoute",
				"ec2:AssociateRouteTable",
				"ec2:ReplaceRouteTableAssociation",
				"ec2:DeleteRouteTable",
				"ec2:CreateInternetGateway",
				"ec2:AttachInternetGateway",
				"ec2:AllocateAddress",
				"ec2:ReleaseAddress",
				"ec2:CreateNatGateway",
				"ec2:DeleteNatGateway",
				"cloudformation:UpdateStack",
				"cloudformation:DeleteChangeSet",
				"cloudformation:DescribeChangeSet",
				"cloudformation:ExecuteChangeSet",
				"cloudtrail:DescribeTrails",
				"cloudtrail:GetTrailStatus",
				"cloudtrail:GetEventSelectors",
				"logs:DescribeLogGroups",
				"logs:DescribeLogStreams",
				"logs:GetLogEvents",
				"logs:FilterLogEvents",
				"iam:GetUserPolicy",
				"iam:GetGroupPolicy",
				"iam:GetPolicyVersion",
				"ec2:CreateLaunchTemplate",
				"ec2:DescribeLaunchTemplates",
				"ec2:DescribeInternetGateways",
				"ec2:ModifyVpcAttribute",
				"ec2:ModifySubnetAttribute",
				"ec2:DescribeNatGateways",
				"ec2:DescribeInstanceTypeOfferings",
				"ec2:DescribeEgressOnlyInternetGateways",
				"ec2:DescribeLaunchTemplateVersions",
				"ec2:DeleteLaunchTemplate",
				"eks:TagResource",
				"elasticloadbalancing:CreateLoadBalancer",
				"elasticloadbalancing:DescribeLoadBalancers",
				"elasticloadbalancing:DeleteLoadBalancer",
				"elasticloadbalancing:CreateTargetGroup",
				"elasticloadbalancing:DescribeTargetGroups",
				"elasticloadbalancing:RegisterTargets",
				"autoscaling:CreateAutoScalingGroup",
				"autoscaling:UpdateAutoScalingGroup",
				"autoscaling:DeleteAutoScalingGroup",
				"autoscaling:DescribeAutoScalingGroups",
				"autoscaling:DescribeScalingActivities",
				"cloudformation:DescribeChangeSet",
				"cloudformation:ExecuteChangeSet",
				"s3:CreateBucket",
				"s3:DeleteBucket",
				"s3:ListBucket",
				"s3:GetBucketLocation",
				"s3:GetBucketPolicy",
				"s3:PutBucketPolicy",
				"aws-marketplace:ViewSubscriptions",
				"ec2:DescribeKeyPairs",
				"ec2:CreateKeyPair"
			],
			"Resource": "*"
		}
	]
}

...

Expand
titleSSH Key Creation

Use the following command to create a new SSH key pair:

Code Block
languagebash
aws ec2 create-key-pair --key-name 'my-dev-key' --query 'KeyMaterial' --output text --region us-east-2 > my-dev-key.pem

Modify the permission to secure the key:

Code Block
languagebash
chmod 400 my-dev-key-new.pem

  • x-install tool: Version 0.0.10+

Expand
titlex-install Download Options

Platform

Architecture

File

Release Date

macOS

ARM64

View file
namex-install-darwin-arm64-.0.0.10.tar.gz

macOS

x86_64

View file
namex-install-darwin-x86_64-.0.0.10.tar.gz

Linux

ARM64

View file
namex-install-linux-arm64-.0.0.10.tar.gz

Linux

i386

View file
namex-install-linux-i386-.0.0.10.tar.gz

Linux

x86_64

View file
namex-install-linux-x86_64-.0.0.10.tar.gz

Windows

ARM64

View file
namex-install-windows-arm64-.0.0.10.zip

Windows

i386

View file
namex-install-windows-i386-.0.0.10.zip

Windows

x86_64

View file
namex-install-windows-x86_64-.0.0.10.zip

Info

For macOS users, please grant x-install permissions by clicking the “Allow Anyway” button in the Security settings. This button is available for about an hour after you try to open the app. You can access the Security settings by choosing Apple Menu System Settings, then clicking Privacy & Security in the sidebar.

Installation Steps

1. Create a Standalone Stack

Use Go to the directory where x-install is downloaded and use the following command to create a standalone stack:

...

  • The new VPC and EKS cluster will inherit the stack name.

  • The VPC will be assigned the CIDR block 10.0.0.0/16.

  • The EC2 SSH key pair, my-dev-key, will be used to access the Exostellar Management Server.

2. Verify Post-Installation Readiness

After the standalone stack is successfully created, use the following command to check if the stack is ready:

...

Info

It might take a few attempts for post-install to pass all system units and containers readiness checks, due to infrastructure readiness latency.

3. Add an X-Compute Node to the Standalone EKS Cluster

To add an X-Compute node to the newly created standalone EKS cluster, first SSH into the Exostellar Management Server:

...

By default, the EKS token used to access the standalone EKS cluster expired after 60 minutes. Following that, all attempts to access the cluster will fail with Unauthorized errors.

To generate a new EKS token and use it with your existing kubeconfig file, run:

Code Block
languagebash
x-install update-kubeconfig --stack-name=xio-standalone

4. Clean Up

Once the free trial period is over, the entire standalone stack can be deleted with the destroy command:

...

Info

In some cases, Terraform might time out during the destroy process. If this happens, simply re-run the command to allow Terraform to reconcile its final state.

At this time, all controllers and workers EC2 instances need to be manually terminated.

Additional Help and Support

To explore other subcommands, use the following command for a list of available options:

...