EKS Add On
Using Calyptia Fluent Bit directly through AWS marketplace
Calyptia Fluent Bit is provided as an AWS marketplace offering either by directly running the container images or using the dedicated EKS Add On.
To deploy, first assign an IAM policy with appropriate IAM permission to a Kubernetes service account before starting the deployment.
By default, the namespace and service account are set to
calyptia-fluentbit
.This service account needs to be assigned AWS managed policy
arn:aws:iam::aws:policy/AWSMarketplaceMeteringRegisterUsage
(or an equivent one).Here is an example IAM policy:
{
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"aws-marketplace:RegisterUsage"
],
"Effect": "Allow",
"Resource": "*"
}
]
}
The Amazon EKS cluster needs to have IAM OIDC provider enabled.
Remember to replace
CLUSTER_NAME
with your actual Amazon EKS cluster name.eksctl utils associate-iam-oidc-provider --cluster="$CLUSTER_NAME" --approve
The command below helps to automate these manual steps:
- 1.Create an IAM role with AWS-managed IAM policy.
- 2.Create a service account named
calyptia-fluentbit
in thecalyptia-fluentbit
namespace within the Amazon EKS cluster. - 3.Set up a trust relationship between the created IAM role with
calyptia-fluentbit
. - 4.Modify
calyptia-fluentbit
by associating it with the created IAM role
Remember to replace
CLUSTER_NAME
with your actual Amazon EKS cluster name.eksctl create iamserviceaccount \
--name calyptia-fluentbit \
--namespace calyptia-fluentbit \
--cluster CLUSTER_NAME \
--attach-policy-arn arn:aws:iam::aws:policy/AWSMarketplaceMeteringRegisterUsage \
--approve \
--override-existing-serviceaccounts
Deploy the helm chart using the pre-created service account in the right region.
Remember to replace
AWS_REGION
with your actual Amazon region.helm repo add calyptia https://helm.calyptia.com --force-update
helm repo update
helm upgrade --install calyptia-fluentbit calyptia/fluent-bit-eks-addon \
--set serviceAccount.create=false,region="$AWS_REGION" \
--wait
Calyptia Core integration
Remember to replace
PROJECT_TOKEN
with your actual Calyptia Core token.helm upgrade --install calyptia/fluent-bit-eks-addon \
--set serviceAccount.create=false,region="$AWS_REGION" \
-set project_token="$PROJECT_TOKEN" \
--wait
Modify version deployed
To deploy with different versions of the Calyptia Fluent Bit AWS marketplace offering, just configure the
image.tag
key:helm upgrade --install calyptia-fluentbit calyptia/fluent-bit-eks-addon \
--set serviceAccount.create=false,region="$AWS_REGION" \
--set image.tag="23.4.5" \
--wait
A separate helm chart is provided to deploy the AWS marketplace offering of Calyptia Fluent Bit directly. Refer to the installation instructions for the helm chart: https://github.com/calyptia/charts/tree/master/charts/aws-fluent-bit.
The container image can also be directly consumed in ECS or EKS pods, ensuring the IAM role is set up to allow it.
Last modified 1mo ago