Deploy the elastic runtime environment on AWS to make the Kubernetes cluster available to process data from IDMC.
Complete the following tasks:
1SSH into the master node so that you can download and run the cluster installer.
2If you're redeploying an elastic runtime environment, run the cluster uninstaller to clean up AWS and Kubernetes resources.
3Download the cluster installer to a directory for the elastic runtime environment on the master node.
4Optionally, download certificates on the master node for third-party software that your organization requires.
5Update the configuration file to provide details about the deployment to the cluster installer.
6Run the cluster installer to deploy the elastic runtime environment.
7Mount each EFS file system on the master node.
8Verify that the elastic runtime environment is running by checking the status of the Secure Agent services and cluster nodes in Administrator.
Step 1. SSH into the master node
SSH into the master node so that you can download and run the cluster installer.
1Optionally, SSH into the jump host.
aContact your organization's IT team to create a passphrase for the private key on your local machine and configure the jump host to authenticate using the public key.
bSSH into the jump host from your local machine by running the following command:
ssh -i <private key name>.pem <user name>@<jump host public IP address>
2SSH into the master node by running the following command:
ssh -i <private key name>.pem cloud-user@<master node private IP address>
Step 2. Clean up resources
If you're redeploying an elastic runtime environment, run the cluster uninstaller to clean up AWS and Kubernetes resources.
Note: Run the cluster uninstaller only after you have run the cluster installer. If you haven't run the cluster installer, the uninstaller fails.
1Before you run the uninstaller, verify that there are no jobs running on the elastic runtime environment. Running the uninstaller is irreversible and terminates any running jobs.
2To run the uninstaller, run the following command on the master node:
sudo ./cluster_uninstall.sh
The cluster uninstaller deletes resources including Auto Scaling groups, EC2 instances, launch templates, and secrets.
3In AWS, manually delete the inbound rules that a previous cluster installation created for the security groups.
Step 3. Download the cluster installer
Download the cluster installer to a directory for the elastic runtime environment on the master node.
1On the master node, create a directory for the elastic runtime environment by running the following command:
mkdir ert
2Download the cluster installer.
- To download the cluster installer from Administrator, open the Runtime Environments page. Select Download Runtime Installer. Then, select Elastic as the Environment Type and select Download. The cluster installer downloads as a ZIP file to the machine.
- To download the cluster installer using the command line, run the following command on the machine:
Note: To find the version number to use, download the cluster installer from Administrator and check the version number.
3Copy the cluster installer to the elastic runtime environment directory that you created.
4In the directory, unzip the cluster installer by running the following command:
unzip cluster-installer.<version>.zip
Step 4. Download certificates on the master node (optional)
Optionally, download certificates on the master node for third-party software that your organization requires.
For example, you can download certificates for software that inspects network traffic.
1In the elastic runtime environment directory, create a directory to store certificates by running the following command:
mkdir certs
2Download the certificates to the certs directory.
Step 5. Update the configuration file
Update the configuration file to provide details about the deployment to the cluster installer.
1In the elastic runtime environment directory, open the config.txt file by running the following command:
vi config.txt
2In the config.txt file, read the environment variable descriptions and update the variables.
Note: If your organization uses an outgoing proxy server to connect to the internet, the elastic runtime environment connects to IDMC through the proxy server. You can configure the proxy server settings in the config.txt file. When the cluster installer runs, it prompts you for the proxy server password. The proxy server settings can't be changed after the elastic runtime environment is deployed.
Step 6. Run the cluster installer
Run the cluster installer to deploy the elastic runtime environment.
1In the elastic runtime environment directory, run the following command:
sudo ./cluster-installer.sh
2Enter the following details when the cluster installer prompts you to enter them:
- IDMC user name.
- IDMC password.
- Optionally, path to the certificates on the master node, such as ert/certs. After you provide the path, the installer validates the certificates and stores them as secrets in AWS Secrets Manager.
- Proxy password if you configured proxy server settings in the config.txt file.
Warning: Using Ctrl + C terminates the installation.
If cluster installation fails and installs a partial cluster, you need to uninstall the cluster before trying to install it again. To uninstall the cluster, see Step 2. Clean up resources.
Step 7. Mount the EFS file systems on the master node
Mount each EFS file system on the master node. For information about mounting an EFS file system, refer to the AWS documentation.
Step 8. Verify that the elastic runtime environment is running
Verify that the elastic runtime environment is running by checking the status of the Secure Agent services and cluster nodes in Administrator.
1In Administrator, open the Runtime Environments page.
2Expand the elastic runtime environment.
3Verify that the Secure Agent services are running and that one or more instances are running.
Note: It might take a few minutes for a Secure Agent service to start the instances.