This section explains how to create and configure a cluster in Amazon EKS.
To deploy Kaspersky Scan Engine Docker images to AWS, a cluster must be present in Amazon EKS. If there is no cluster or if the existing clusters cannot be used for Kaspersky Scan Engine, perform the actions below.
To create and configure a cluster in Amazon EKS:
The Cluster configuration window opens.
For example, specify scanengine
.
1.16
For more information, refer to the AWS documentation: Amazon EKS cluster IAM role.
Cluster configuration window
For more information about Amazon VPC, refer to the AWS documentation: Cluster VPC considerations.
For more information, refer to the AWS documentation: Working with VPCs and subnets.
For more information about Amazon EKS security groups, refer to the AWS documentation: Amazon EKS security group considerations.
For more information about AWS types of access, refer to the AWS documentation: Amazon EKS cluster endpoint access control.
Wait until the status of the cluster changes from Creating to Active. Sometimes this process may take longer than five minutes.
Creating a configuration
Active configuration
The Group configuration window opens.
For example, specify httpd
.
For more information about the Amazon EKS node IAM roles, refer to the AWS documentation: Amazon EKS node IAM role.
If you want to allow remote access to the nodes, refer to the AWS documentation: Connecting to your Linux instance using SSH.
AMI settings
The Group size window opens.
1
1
1
You can change these settings according to your needs after the installation is finished.
Group size window
Wait until the status of Node Group changes from Creating to Active. Sometimes this process may take longer than five minutes.
Creating a configuration
Active configuration
After these actions are performed, the Kubernetes cluster with Node Group will be available in AWS, so you can deploy Kaspersky Scan Engine.
In the LoadBalancer settings, specify the 300
value in the Idle timeout field. This might be done to prevent Amazon LoadBalancer from interrupting the connection while scanning large objects in Kaspersky Scan Engine. For more information, refer to the AWS documentation: Connection idle timeout.