Skip to content

Commit 3e8e35e

Browse files
d-padmanabhand-padmanabhan
authored
fix formatting issues in deploy.md
1 parent 13a3eb3 commit 3e8e35e

File tree

1 file changed

+12
-12
lines changed

1 file changed

+12
-12
lines changed

docs/guides/deploy.md

Lines changed: 12 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -19,8 +19,8 @@ Install these tools before proceeding:
1919
Set your AWS Region and Cluster Name as environment variables. See the [Amazon VPC Lattice FAQs](https://aws.amazon.com/vpc/lattice/faqs/) for a list of supported regions.
2020

2121
```bash
22-
export AWS_REGION=<cluster_region>
23-
export CLUSTER_NAME=<cluster_name>
22+
export AWS_REGION=<eks_cluster_region>
23+
export EKS_CLUSTER_NAME=<EKS_CLUSTER_NAME>
2424
```
2525

2626
**Install Gateway API CRDs**
@@ -32,7 +32,7 @@ The latest Gateway API CRDs are available [here](https://gateway-api.sigs.k8s.io
3232
You can easily create a cluster with `eksctl`, the CLI for Amazon EKS:
3333

3434
```bash
35-
eksctl create cluster --name $CLUSTER_NAME --region $AWS_REGION
35+
eksctl create cluster --name ${EKS_CLUSTER_NAME} --region $AWS_REGION
3636
```
3737

3838
**Allow traffic from Amazon VPC Lattice**
@@ -46,10 +46,10 @@ CLUSTER_SG=<your_node_security_group>
4646
```
4747

4848
!!!Note
49-
If you have created the cluster with the `eksctl create cluster --name $CLUSTER_NAME --region $AWS_REGION` command, you can use the following command to export the Security Group ID:
49+
If you have created the cluster with the `eksctl create cluster --name ${EKS_CLUSTER_NAME} --region $AWS_REGION` command, you can use the following command to export the Security Group ID:
5050

5151
```bash
52-
CLUSTER_SG=$(aws eks describe-cluster --name $CLUSTER_NAME --output json | jq -r '.cluster.resourcesVpcConfig.clusterSecurityGroupId')
52+
CLUSTER_SG=$(aws eks describe-cluster --name ${EKS_CLUSTER_NAME} --output json | jq -r '.cluster.resourcesVpcConfig.clusterSecurityGroupId')
5353
```
5454

5555
```bash
@@ -78,6 +78,7 @@ export VPCLatticeControllerIAMPolicyArn=$(aws iam list-policies --query 'Policie
7878
2. Create the `aws-application-networking-system` namespace:
7979

8080
```bash
81+
curl -o aws-application-networking-system.yaml https://raw.githubusercontent.com/aws/aws-application-networking-k8s/main/files/controller-installation/deploy-namesystem.yaml
8182
kubectl apply -f https://raw.githubusercontent.com/aws/aws-application-networking-k8s/main/files/controller-installation/deploy-namesystem.yaml
8283
```
8384

@@ -95,7 +96,7 @@ To use Pod Identities, set up the [Pod Identity Agent](https://docs.aws.amazon.c
9596
1. Run the following AWS CLI command to create the Pod Identity addon:
9697

9798
```bash
98-
aws eks create-addon --cluster-name $CLUSTER_NAME --addon-name eks-pod-identity-agent --addon-version v1.0.0-eksbuild.1
99+
aws eks create-addon --cluster-name ${EKS_CLUSTER_NAME} --addon-name eks-pod-identity-agent --addon-version v1.0.0-eksbuild.1
99100
```
100101

101102
```bash
@@ -120,7 +121,7 @@ kubectl apply -f gateway-api-controller-service-account.yaml
120121
2. Create a trust policy file for the IAM role:
121122

122123
```bash
123-
cat >trust-relationship.json <<EOF
124+
cat > eks-pod-identity-trust-relationship.json <<EOF
124125
{
125126
"Version": "2012-10-17",
126127
"Statement": [
@@ -143,15 +144,15 @@ EOF
143144
3. Create the role:
144145

145146
```bash
146-
aws iam create-role --role-name VPCLatticeControllerIAMRole --assume-role-policy-document file://trust-relationship.json --description "IAM Role for AWS Gateway API Controller for VPC Lattice"
147+
aws iam create-role --role-name VPCLatticeControllerIAMRole --assume-role-policy-document file://teks-pod-identity-trust-relationship.json --description "IAM Role for AWS Gateway API Controller for VPC Lattice"
147148
aws iam attach-role-policy --role-name VPCLatticeControllerIAMRole --policy-arn=$VPCLatticeControllerIAMPolicyArn
148149
export VPCLatticeControllerIAMRoleArn=$(aws iam list-roles --query 'Roles[?RoleName==`VPCLatticeControllerIAMRole`].Arn' --output text)
149150
```
150151

151152
4. Create the association:
152153

153154
```bash
154-
aws eks create-pod-identity-association --cluster-name $CLUSTER_NAME --role-arn $VPCLatticeControllerIAMRoleArn --namespace aws-application-networking-system --service-account gateway-api-controller
155+
aws eks create-pod-identity-association --cluster-name ${EKS_CLUSTER_NAME} --role-arn ${VPCLatticeControllerIAMRoleArn} --namespace aws-application-networking-system --service-account gateway-api-controller
155156
```
156157

157158
=== "IRSA"
@@ -161,14 +162,14 @@ You can use AWS IAM Roles for Service Accounts (IRSA) to assign the controller n
161162
1. Create an IAM OIDC provider. See [Creating an IAM OIDC provider for your cluster](https://docs.aws.amazon.com/eks/latest/userguide/enable-iam-roles-for-service-accounts.html) for details.
162163

163164
```bash
164-
eksctl utils associate-iam-oidc-provider --cluster $CLUSTER_NAME --approve --region $AWS_REGION
165+
eksctl utils associate-iam-oidc-provider --cluster ${EKS_CLUSTER_NAME} --approve --region $AWS_REGION
165166
```
166167

167168
2. Create an IAM service account for pod-level permission:
168169

169170
```bash
170171
eksctl create iamserviceaccount \
171-
--cluster=$CLUSTER_NAME \
172+
--cluster=${EKS_CLUSTER_NAME} \
172173
--namespace=aws-application-networking-system \
173174
--name=gateway-api-controller \
174175
--attach-policy-arn=$VPCLatticeControllerIAMPolicyArn \
@@ -207,4 +208,3 @@ kubectl apply -f https://raw.githubusercontent.com/aws/aws-application-networkin
207208
```bash
208209
kubectl apply -f https://raw.githubusercontent.com/aws/aws-application-networking-k8s/main/files/controller-installation/gatewayclass.yaml
209210
```
210-

0 commit comments

Comments
 (0)