Using managed EKS clusters¶
To use Amazon Elastic Kubernetes Service (EKS), begin by installing the “EKS clusters” plugin from the Plugins store in Dataiku DSS. For more details, see the instructions for installing plugins.
Follow the AWS documentation to ensure the following on your local machine (where DSS is installed):
awscommand has credentials that give it write access to Amazon Elastic Container Registry (ECR) and full control on EKS.
kubectlcommand is installed.
dockercommand is installed and can build images.
Go to Administration > Settings > Containerized execution, and add a new execution configuration of type “Kubernetes”.
- The image registry URL is the one given by
aws ecr describe-repositories, without the image name. It typically looks like
XXXXXXXXXXXXis your AWS account ID,
us-east-1is the AWS region for the repository, and
PREFIXis an optional prefix to triage your repositories.
- Set “Image pre-push hook” to Enable push to ECR.
The connection is where you define how to connect to AWS. Instead of providing a value here, we recommend that you leave it empty, and use the AWS credentials found by the
aws command in
The connection can be defined either inline in each cluster (not recommended), or as a preset in the plugin’s settings (recommended).
EKS requires two subnets in the same virtual private cloud (VPC). Your AWS administrator needs to provide you with two subnet identifiers. We strongly recommend that these subnets reside in the same VPC as the DSS host. Otherwise, you have to manually set up some peering and routing between VPCs.
Additionally, you must indicate security group ids. These security groups will be associated with the EKS cluster nodes. The networking requirement is that the DSS machine has full inbound connectivity from the EKS cluster nodes. We recommend that you use the
default security group.
Network settings can be defined either inline in each cluster (not recommended), or as a preset in the plugin’s settings (recommended).