# AWS ## Overview Using Diarkis is easy if you make use of our provided k8s configurations. However, please note that these configurations are in a primitive state, so feel free to modify them as necessary. *** ### Requirements 1. **Docker** with one of the following configurations: 1. **MacOS** - Install Docker for MacOS. See the installation guide [here](https://docs.docker.com/desktop/setup/install/mac-install/). 2. **Linux** - Install Docker for your particular distribution of Linux according to the installation guide [here](https://docs.docker.com/desktop/setup/install/linux/). **Note**: Docker provides `.deb` and `.rpm` packages for major distributions of Linux on `x86_64/amd64` architecture, as well as [experimental support ](https://docs.docker.com/desktop/setup/install/linux/#supported-platforms)for Arch-based distributions. 3. **Windows** (with WSL2 or Hyper-V backend) - See the installation guide [here](https://docs.docker.com/desktop/setup/install/windows-install/). If installing Docker for the first time, please consider your use-case prior to backend selection. 2. **AWS account** with billing enabled. If you do not have an AWS account nor project created already, please see [here](https://aws.amazon.com/getting-started/) to get started. 3. **AWS CLI** (`aws` command) with proper authentication. See the installation guide [here](https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html) (**Note**: AWS CLI supports all major operating systems). Please check [here](https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-authentication.html) for help on CLI authentication. 4. **Kubernetes CLI** (`kubectl` command) available for download [here](https://kubernetes.io/docs/tasks/tools/#kubectl). 5. **EKS CLI** (`eksctl` command) available for download on the AWS Workshop [here](https://eksctl.io/installation/). *** ## Setup Guide In the following steps we will guide you through the process of building, deploying, and orchestrating a template Diarkis server cluster. These instructions should be enough to help you get started. ### Create ECR for Diarkis Images Before we can push our Diarkis component images for deployment, we must first prepare remote ECR registries. As a base image we make use of `alpine` by default, it can be retrieved from [Docker Hub](https://hub.docker.com/_/alpine/). ```bash aws sts get-caller-identity # Verify the correct target aws ecr create-repository --repository-name http aws ecr create-repository --repository-name udp aws ecr create-repository --repository-name tcp aws ecr create-repository --repository-name mars ``` *** ### Create and Connect to EKS for Diarkis ```bash eksctl create cluster -f cloud/aws/cluster_config.yaml # takes about 10 minutes ``` **Note**: If an error occurs regarding NAT gateway compatibility in the selected AZ, choose a different AZ ```bash aws eks --region ap-northeast-1 update-kubeconfig --name diarkis # Get k8s credentials ``` *** ### Open EKS Firewall Allow TCP and UDP traffic for ports `7000-8000` from `0.0.0.0/0` to EKS nodes.\ We recommend setting this in the security group named: `eks-cluster-sg-diarkis-*`. *** ### Tag the Server Image and Push From the project root generated by `server-template`, run the following commands: ```bash make build-local ``` After generating server executables (`udp`, `tcp`, `http`, `mars`) in `./remote_bin`, build the container image: ```bash make setup-aws make build-container-aws make push-container-aws ``` *** ### Apply Manifest ```bash kustomize build k8s/aws/overlays/dev0 | kubectl apply -f - ``` Check if the following four components are running: ```bash $ kubectl get po -n dev0 NAME READY STATUS RESTARTS AGE http-5c7dbbb6d7-lhjlm 1/1 Running 0 3d14h mars-0 1/1 Running 0 3d14h tcp-88dc5f97d-7sqk9 1/1 Running 0 3d14h udp-fdc6bbccc-dwc5w 1/1 Running 0 3d14h ``` *** ### Check Diarkis Cluster First, retrieve the public endpoint: ```bash EXTERNAL_IP=$(kubectl get svc http -o json -n dev0 | jq -r '.status.loadBalancer.ingress[].hostname') kubectl get svc -n dev0 -o wide # Alternatively, use this command ``` Send an HTTP GET request to the obtained `EXTERNAL_IP`: ```bash curl ${EXTERNAL_IP}/auth/1 ``` If you receive a response like the following, it is working correctly: ```json { "TCP": "ec2-xx-xx-xx-xx.ap-northeast-1.compute.amazonaws.com:7201", "UDP": "ec2-yy-yy-yy-yy.ap-northeast-1.compute.amazonaws.com:7101", "sid": "xxxxxxxxxx", "encryptionKey": "xxxxxxxxxx", "encryptionIV": "xxxxxxxxxx", "encryptionMacKey": "xxxxxxxxxx" } ``` If there are missing items, there may be an issue with one of the deployed components. At this point, we recommend you to contact Diarkis support for further assistance. *** ### Setup Cluster Autoscaler ```bash kubectl apply -f cluster-autoscaler-autodiscover.yaml ``` This file is pre-configured for the cluster name `diarkis`. If using a different cluster name, modify references to `diarkis` in the manifest. *** ### Setup Log Collector Logs from containers can be aggregated using CloudWatch Logs.\ `fluent-bit` is already deployed in the `amazon-cloudwatch` namespace, but permissions are not set. Assign the `CloudWatchAgentServerPolicy` to `diarkis-public` and `diarkis-private` nodes to aggregate logs. Logs will appear under `/aws/containerinsights/Cluster_Name/application`, allowing for filtering. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://help.diarkis.io/en/diarkis-server/setup-cloud/aws.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.