AWS EKS Setup
Generate Access keys for CLI, SDK, & API access
- Create Access Key
aws configure
- Set
AWS Access Key ID
- Set
AWS Secret Access Key
- Set
Default region name
- Set
- Create Access Key
Create the Cluster
- See cluster.yaml
eksctl create cluster -f cluster.yaml
Create Kubernetes Namespaces
kubectl create namespace pyrsia-node
kubectl create namespace external-dns
Create Route 53 Policy
- See route53-policy.json
aws iam create-policy --policy-name "AllowExternalDNSUpdates" --policy-document file://route53-policy.json
Attach Route 53 Policy
aws iam attach-role-policy --role-name $(aws eks describe-nodegroup --cluster-name pyrsianode --nodegroup-name ng-1 --query nodegroup.nodeRole --out text | awk -F/ '{print $2}') --policy-arn $(aws iam list-policies --query 'Policies[?PolicyName==
AllowExternalDNSUpdates].Arn' --output text)
Setup Route 53 Domain
aws route53 create-hosted-zone --name "pyrsia-aws.link." --caller-reference "external-dns-$(date +%s)"
Get DNS Server List
aws route53 list-resource-record-sets --output text --hosted-zone-id $(aws route53 list-hosted-zones-by-name --output json --dns-name "pyrsia-aws.link." | jq -r ".HostedZones[0].Id") --query "ResourceRecordSets[?Type == 'NS'].ResourceRecords[*].Value | []" | tr '\t' '\n'
Generate Pyrsia Keys using openssl v3
openssl genpkey -algorithm Ed25519 -out ed25519.pem
openssl pkey -in ed25519.pem -pubout -outform DER | tail -c +13 > id_ed25519.pub
openssl pkey -in ed25519.pem -out - -outform DER | tail -c +17 > id_ed25519.pri
cat id_ed25519.pri id_ed25519.pub > ed25519.serCreate DNS Alias
route53-alias.json
aws route53 change-resource-record-sets \
--hosted-zone-id $(aws route53 list-hosted-zones-by-name --output json --dns-name "pyrsia-aws.link." | jq -r ".HostedZones[0].Id" | cut -d/ -f3) \
--change-batch '
{
"Comment": "Creating Alias resource for boot.nightly.pyrsia-aws.link",
"Changes": [
{
"Action": "CREATE",
"ResourceRecordSet": {
"Name": "boot.nightly.pyrsia-aws.link",
"Type": "A",
"AliasTarget": {
"DNSName": "pyrsia-node-0.nightly.pyrsia-aws.link",
"EvaluateTargetHealth": false,
"HostedZoneId": "'$(aws route53 list-hosted-zones-by-name --output json --dns-name "pyrsia-aws.link." | jq -r ".HostedZones[0].Id" | cut -d/ -f3 )'"
}
}
}
]
}'
Deploy Pyrsia via Helm
helm repo update pyrsia-nightly
helm upgrade node1 --install -n pyrsia-node pyrsia-nightly/pyrsia-node --set k8s_provider=eks --set "dnsname=nightly.pyrsia-aws.link" --set bootdns=boot.nightly.pyrsia-aws.link --set keys.p2p=$(cat ed25519.ser | base64) --set keys.blockchain=$(cat ed25519.ser | base64) --version "0.2.4+2856
Note: The above helm command does not setup the Pyrsia Node to use a Build Node.
--set "buildnode=http://35.193.148.20:8080"
parameter is needed for build node configuraion.