Set up qTest with Amazon Elastic Kubernetes Service
This chapter explains how to set up qTest with the Amazon Elastic Kubernetes Service (AWS EKS) S3 and the AWS LB Controller.
Set up IAM Policy for ServiceAccount for qTest Manager
To set up with S3, the controller needs access to the AWS S3 resources via IAM permissions. You can set up the IAM permissions via IAM roles for ServiceAccount or directly in the IAM roles of the worker node.
The following policies are required:
Policies:
- PolicyName: 'policy-name'
PolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: 'Allow'
Action:
- 's3:AbortMultipartUpload'
- 's3:DeleteObject'
- 's3:DeleteObjectTagging'
- 's3:DeleteObjectVersion'
- 's3:DeleteObjectVersionTagging'
- 's3:Get*'
- 's3:PutObject'
- 's3:PutObjectTagging'
- 's3:RestoreObject'
- 's3:ListMultipartUploadParts'
- 's3:ListBucket'
You can find more information on creating an IAM role and policy for your service account in the Amazon EKS documentation.
Set up AWS Load Balancer Controller for ALB Ingress
AWS Load Balancer Controller is a controller which helps manage Elastic Load Balancers for a Kubernetes cluster. To install it, perform the following command lines:
helm repo add eks https://aws.github.io/eks-charts
//If using IAM Roles for service account install as follows - NOTE: you need to specify both of the chart values "serviceAccount.create=false" and "serviceAccount.name=aws-load-balancer-controller"
helm install aws-load-balancer-controller eks/aws-load-balancer-controller --set clusterName=my-cluster -n kube-system --set serviceAccount.create=false --set serviceAccount.name=aws-load-balancer-controller
//If not using IAM Roles for service account
helm install aws-load-balancer-controller eks/aws-load-balancer-controller --set clusterName=my-cluster -n kube-system
You can find more information on the AWS Load Balancer Controller here.