Install an ACK Controller
The following guide will walk you through the installation of an ACK service controller.
Individual ACK service controllers may be in different maintenance phases and follow separate release cadences. Please check the project stages and maintenance phases of the ACK service controllers you wish to install, including how controllers are released and versioned. Controllers in a preview maintenance phase have at least one container image and Helm chart released to a public repository.
Install an ACK service controller with Helm (Recommended)
The recommended way to install an ACK service controller for Kubernetes is to use Helm 3.8+.
Each ACK service controller has a separate Helm chart that installs the necessary supporting artifacts as a Kubernetes
Deployment. This includes the ACK service controller, custom resource definitions (CRDs), and Kubernetes Role-Based Access Control (RBAC) manifests.
Helm charts for ACK service controllers can be found in the ACK registry within the Amazon ECR Public Gallery. To find a Helm chart for a specific service, you can go to
gallery.ecr.aws/aws-controllers-k8s/$SERVICENAME-chart. For example, the link to the ACK service controller Helm chart for Amazon Simple Storage Service (Amazon S3) is
Helm charts for individual ACK service controllers are tagged with their release version. You can find charts for different releases under the
Image tags section in the chart repository on the ECR Public Gallery.
Before installing a Helm chart, you can query the controller repository to find the latest release tag. This tag will correspond with a version of the Helm chart and a controller image. Then, you can use the Helm CLI to log into the ECR public Helm registry and install the chart.
export SERVICE=s3 export RELEASE_VERSION=`curl -sL https://api.github.com/repos/aws-controllers-k8s/$SERVICE-controller/releases/latest | grep '"tag_name":' | cut -d'"' -f4` export ACK_SYSTEM_NAMESPACE=ack-system export AWS_REGION=us-west-2 aws ecr-public get-login-password --region us-east-1 | helm registry login --username AWS --password-stdin public.ecr.aws helm install --create-namespace -n $ACK_SYSTEM_NAMESPACE ack-$SERVICE-controller \ oci://public.ecr.aws/aws-controllers-k8s/$SERVICE-chart --version=$RELEASE_VERSION --set=aws.region=$AWS_REGION
RELEASE_VERSIONvariable and execute the commands again.
us-west-2. Be sure to specify your target service region in the
AWS_REGIONvariable. This will be the default AWS region in which resources will be created by the ACK service controller. Note that a single ACK service controller can manage the lifecycle of resources in multiple AWS regions: simply add the
services.k8s.aws/region=$REGIONannotation to your resource. Alternately, you can add the
services.k8s.aws/region=$REGIONannotation to a Kubernetes
Namespaceand any resource launched in that
Namespacewill be created in that region by default.
helm install command should return relevant installation information:
NAME: ack-s3-controller LAST DEPLOYED: Thu Jun 16 19:30:16 2022 NAMESPACE: ack-system STATUS: deployed REVISION: 1 TEST SUITE: None NOTES: ...
To verify that the Helm chart was installed, use the
helm list command:
helm list --namespace $ACK_SYSTEM_NAMESPACE -o yaml
helm list command should return your newly-deployed Helm chart release information:
app_version: v0.1.1 chart: s3-chart-v0.1.1 name: ack-s3-controller namespace: ack-system revision: "1" status: deployed updated: 2022-06-16 19:30:16.260012435 +0000 UTC
s3-controllershould be installed now, but it is NOT yet fully functional. ACK controllers need access to AWS IAM credentials to manage AWS resources. See Next Steps for configuring AWS IAM credentials for ACK controller.
Install an ACK service controller with static Kubernetes manifests
If you prefer not to use Helm, you may install an ACK service controller using static Kubernetes manifests that are included in the source repository.
Static Kubernetes manifests install an individual service controller as a Kubernetes
Deployment, including the relevant Kubernetes RBAC resources. Static Kubernetes manifests are available in the
config/ directory of the associated ACK service controller’s source repository.
Install an ACK service controller with OperatorHub in Red Hat OpenShift
Navigate to the Catalog -> OperatorHub page in the OpenShift web console and then search for the ACK service controller operator you wish to install. Click Install and ensure you use the All Namespaces install mode, if prompted.
For more information, see the official documentation for installing Operators into an OpenShift cluster.
Once you have installed your ACK service controllers, you can create an IAM role to provide AWS access.
And learn the different ways that AWS credentials can be supplied to the ACK controller.