Versions Compared

Old Version 7

changes.mady.by.user Thomas Sileo

Saved on

compared with

New Version Current

changes.mady.by.user Alexis Pierru

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • Admin access to the Kubernetes cluster.

  • Whitelisting Data Theorem IP’s to allow the Data Theorem’s analyzer to properly talks connect to the Kubernetes API.

Step 1: Generate the service account

In order to complete the onboarding process, you will need to execute a script on your machine in order to generate a new service account.

...

  • cluster-admin access to the Kubernetes cluster.

  • kubectl.

  • Python 3.7+.

View file
namedatatheorem_onboarding_script.py

The script will:

  • Create a service account for Data Theorem.

  • Add a security audit role (with read-only access).

  • Link the security audit role to the service account.

  • Generate a kube config file for the previously generated service account.

...

First you need to retrieve the role ARN of the Kubernetes cluster:

  1. Go to the AWS Console

  2. Go to EKS

  3. On the left hand side, click on Clusters, under Amazon EKS

  4. In the list of clusters, search for the cluster name you want to onboard and click on it

  5. Then click on the Configuration tab

  6. Finally copy the Cluster IAM Role ARN

...

Then run the script as follows:

...

In order to onboard the cluster, it must have the RBAC setting enabled. You can make sure of that by going to the Azure Console and:

  1. Kubernetes Services

  2. Search for the name of the cluster you want to onboard and click on it

  3. Under Settings, click on Cluster configuration

  4. Role-based access control (RBAC) must be Enabled

Code Block
languagebash
python3 datatheorem-k8s-onboarding.py -p azure -o datatheorem_k8s_service_account.yaml

...