Deploy Galileo on Amazon EKS with a step-by-step guide for configuring, managing, and scaling Galileo’s infrastructure using Kubernetes clusters.
kubectl
installed on your local machine
aws-cli
version 2 installed and configured
aws eks create-cluster
with the necessary parameters.
kubectl
to communicate with your EKS cluster by running aws eks update-kubeconfig --region <region> --name <cluster_name>
.
kubectl apply
to deploy your Galileo applications onto the EKS cluster. Monitor the deployment status to ensure they are running as expected.
eksctl
via CloudShell in the AWS console, open a CloudShell session and do the following:
vim
to create/edit the required yaml and json files within the shell session.
Configuration | Recommended Value |
---|---|
Nodes in the cluster’s core nodegroup | 4 (min) 5 (max) 4 (desired) |
CPU per core node | 4 CPU |
RAM per core node | 16 GiB RAM |
Number of nodes in the cluster’s runners nodegroup | 1 (min) 5 (max) 1 (desired) |
CPU per runner node | 8 CPU |
RAM per runner node | 32 GiB RAM |
Minimum volume size per node | 200 GiB |
Required Kubernetes API version | 1.21 |
Storage class | gp2 |
galileo-policy.json
galileo-trust-policy.json
create-galileo-role-and-policies.sh
, make it executable with chmod +x create-galileo-role-and-policies.sh
and run it. Make sure to run in the same directory as the json files created in the above steps.galileo-cluster.yaml
file and edit the contents to replace CUSTOMER_NAME
with your company name like galileo
. Also check and update all availabilityZones
as appropriate.
With the yaml file saved, run the following command to deploy the cluster:
Mandatory Field | Description |
---|---|
AWS Account ID | The Customer’s AWS Account ID that the customer will use for provisioning Galileo |
Galileo IAM Role Name | The AWS IAM Role name the customer has created for the galileo deployment account to assume. |
EKS Cluster Name | The EKS cluster name that Galileo will deploy the platform to. |
Domain Name | The customer wishes to deploy the cluster under e.g. google.com |
Root subdomain | e.g. “galileo” as in galileo.google.com |
Trusted SSL Certificates (Optional) | By default, Galileo provisions Let’s Encrypt certificates. But if you wish to use your own trusted SSL certificates, you should submit a base64 encoded string of 1. the full certificate chain, and 2. another, separate base64 encoded string of the signing key. |
AWS Access Key ID and Secret Access Key for Internal S3 Uploads (Optional) | If you would like to export data into an s3 bucket of your choice. Please let us know the access key and secret key of the account that can make those upload calls. |
eksctl
, a command line tool for creating and managing Kubernetes clusters on Amazon EKS.
eksctl
to create a node pool with an Amazon Machine Image (AMI) that supports GPUs. This example uses the g6.2xlarge
instances and specifies a GPU-compatible AMI.
your-cluster-name
and your-region-id
with your specific details. The --node-ami
option is used to specify the exact AMI that supports CUDA and GPU workloads.
g4dn.2xlarge
. Note that it only saves costs when the usage is too low to saturate one GPU, otherwise it would even cost more. And don’t choose this option if you use Protect that requires low real-time latency.
Field | Recommended Value |
---|---|
Engine Version | 16.x |
DB Instance class | db.t3.medium |
VPC | EKS cluster VPC ID |
DB Subnet Group | Select subnet group created in step 1 |
Security Group ID | Select Primary EKS cluster SG |
Enable Encryption | true |
galileo-rds-details.yaml
. Update all marker $ text with appropriate values. Then run kubectl apply -f galileo-rds-details.yaml