►
From YouTube: Amazon EKS Anywhere and Envoy Proxy API gateways
Description
Amazon EKS Anywhere (EKS-A) works best with an Envoy Proxy API gateway to manage and secure connections to your applications at the edge. Solo's Gloo Edge solves this need.
Learn more: https://www.solo.io/blog/eks-a-and-envoy-proxy/
A
Hello
and
welcome
to
this
short
demo
on
how
to
get
started
with
blue
edge
on
ekaza
myself
kamish
a
field
engineer
at
solo,
happy
to
share
this
short
demo
and
show
you
show
you
how
to
get
install
blue
edge
on
ekazam.
So
what
you're
going
to
do
today
is
install
eksa
on
my
vsphere
cluster,
which
I
have
and
then
install
blue
h
on
top
of
it
and
use
the
aws
lambda
function
and
use
blue
edge
to
connect
to
aws
lambda
function.
So
this
is
going
to
be
the
simple
agenda
for
today.
A
Before
for
the
delay,
I
would
like
to
get
started,
so
I'm
going
to
use
my
instructions
here.
Obviously
this
is
going
to
be
a
new
blog,
that's
going
to
be
published
soon,
but
for
my
convenience,
I'm
going
to
use
this
thing
to
avoid
any
typographical
errors
that
you
might
get
while
typing
and
save
our
time
as
well.
So
before
we
get
started
installing
the
cluster,
so
we
want
to
check
if
we
got
all
the
tools
ready.
So
there
are
a
bunch
of
tools
which
I
have
listed
here.
A
The
very
primary
tool
is
eksa
and
let
me
check
if
ksa
is
installed.
Yes,
I
do
have
0.2.0
version
and
then
let
me
check
if
I
have
glue
curtail
install,
which
is
one
which
to
interact
with
glue
and
install
glue.
Yes,
I
do
have,
but
I
don't
have
server
version.
Obviously
we
don't
have
a
cluster.
So
that's
what
we're
going
to
do
soon,
obviously
I'll
check
with
jq
version
as
well.
I
got
jq
as
well
and
cube
cuddle
very
important,
so
let
me
check
if
we
have
cube
curl
as
well.
A
Yes,
I
do
have
cube
cotton
and
then
I
use
http
ie
for
doing
some
curl
interactions.
Instead
of
call,
I
use
httpi
to
give
a
neatly
formatted
adjacent
response.
It's
also
there
we
do
have
and
last
but
not
the
least.
I'm
also
want
to
check
if
I
have
aws
version
2
installed.
So
this
is
very
important
because
the
instructions,
the
demo
instructions
talk
about
us
using
version
two.
So
we
need
version
two
of
aws
cli.
A
If
you
have
one
just
make
sure
that
you
have
another
environment
where
you
can
try
with
two
as
well
all
right.
So,
with
the
tools
installed,
we
are
all
good
to
start.
So
what
I'm
going
to
do
right
next
is
that
I've
already
cloned
the
folder
right
here.
So
that's
what
I'm
saying
to
clone
the
demo
sources.
The
demo
servers
are
available
here.
Github.Com
comment:
samper
blue
edge,
ekaza
demo.
A
A
Yes,
I
do
have
demo
home
setup
as
well,
so
it's
there.
So
we
got
everything
ready.
So
I
have
all
the
other
keys.
These
are
very
important
keys
that
you
require.
When
you
create
aws,
cli
functions
or
if
you're
very
familiar
with
aws
cli,
then
they
should
be
the
default
ones.
You
have
as
part
of
your
credentials,
so
I
I
do
export
this
just
for
convenience
sake
to
have
a
clarity
that
what
variables
we
are
using
for
this
particular
demo
right.
A
So
I'm
not
going
to
talk
about
how
do
we
actually
create
this
glue
edge,
yaml
here,
so
this
could
be.
You
can
check
with
the
ek's
a
docs
which
talks
about
how
do
we
actually
generate
this
glue,
hdml
file,
which
is
the
cluster
resource
that
is
used
to
spin
up
our
cluster,
so
I
have
already
have
a
pre-baked
one,
so
I'm
just
going
to
use
that
one
to
create
a
three
node
kubernetes
cluster,
which
is
going
to
have
kubernetes
1.2.0,
so
this
is
going
to
take
a
bit
of
time.
A
Let
me
kick
start
it,
so
this
is
what
it's
going
to
take.
It
will
take
a
bit
of
time,
as
I
told
earlier,
going
to
go
over
to
my
glue
edge
console
if
I
just
expand
this
a
little
bit
so
we'll
be
seeing
some
amount
of
what
he
calls
few
of
the
vms,
getting
spun
up
inside
glue
edge
cluster
vms.
So
we'll
wait
for
that.
A
Let
me
go
and
see
if
I
can
start
the
timer
as
well.
So
let
me
do
that
to
see
how
long
we
take
to
build
this
one.
Okay,
so
let
me
start
the
stopwatch
just
for
fun
reset.
Last
time
it
took
me
nine
minutes.
Let
me
see
how
long
it
takes
this
time
unless
you
see
like
we
are
almost
at
the
end
of
creating
the
classroom.
So
you
see
there's
there
are
a
bunch
of
commands.
As
I
said,
it
takes
around
eight
minutes
and
nine
minutes.
A
Yes,
and
you
should
see
your
vsphere
control
center
having
three
vm
spun
up.
These
are
three
vms,
which
is
the
eks
a
cluster
vms.
These
are
the
nodes,
one
master
and
two
worker
nodes.
That's
what
we
spawn
around.
As
you
see,
the
warning
above
here
says:
okay
recommended
is
replicas
three
or
five
so
because,
since
the
demo,
I
just
brought
down
the
the
number
of
masters
to
one
otherwise
cube
kubernetes
expose
you
to
have
three
or
five
node
quorum.
A
A
So
let's
go
back
and
make
this
one
say:
like
my
timer,
let's
see
what
my
timer
says.
Let
me
follow
this
up
to
the
right
side
see
I
can
hit
here
all
right
and
then
that
should
be
easy
for
me
to
run
my
commands
and
show
you
what
I'm
doing
so.
We
got
nine
minutes
33
seconds
right.
So
that's
what
we
see
right
now.
A
That's
good,
you're,
moving
things
to
management
cluster
and
then
it's
clear
a
few
things
in
the
background
that
is
created
and
everything
done
and
then
you
should
have
a
cube,
cuddle,
cube,
config
and
then,
given
to
you,
we'll
see
that
as
well,
once
it's
done
so
now,
it's
taking
10
minutes
for
us.
In
this
case.
A
Let's
wait
for
a
couple
of
more
minutes:
yeah,
it's
deleting
the
bootstrap
cluster,
which
means
that
it's
done
with
the
cluster
creation.
Let's
wait,
yeah!
We
are
done
okay,
so
let
me
stop.
It
took
us
10
minutes,
16
seconds
for
us
to
create
this
cluster,
so
we
got
the
cluster
ready
and
we
are
good
to
go
further
with
the
instructions.
So,
let's
see,
let
me
clear
the
screen
for
now
and
then
just
do
k
get
nodes.
I'm
nodes,
sorry!
A
A
So
if
you
go
to
the
eks
docs,
the
eks
dock
stocks
a
case,
a
dots,
I'm
sorry,
the
ek's,
a
docs
talks
more
about.
How
do
we
actually
do
this
all
right
so
before
we
actually
install
glue
edge?
So
one
of
the
things
which
we
need
to
do
is
like
we
need.
We
need
to
install
the
storage
class
by
default.
The
eka
cluster
does
not
have
any
storage
class.
That's
what
you
get
no
resources
found
k
is
my
allies
for
cubecuttle.
A
A
So
it's
going
to
have
a
local
path
volume
mounted
as
a
spot
for
a
pvc
and
then
let's
wait
to
see
if
ma,
if
the
provisioner
is
up
and
running
it's
done,
and
so
we
need
to
make
it
default
so
that,
when
glue
edge
installs
the
request
for
pvc,
it's
able
to
use
this
one.
That's
what
I'm
going
to
do
right
now.
So
let
me
copy
this
command
and
paste
it
here
and
then,
when
I
go
to
a
get
a
c
again,
you
should
see
the
local
path
being
a
default
one.
A
So
any
pvc
request
which
comes
in
right
now,
it's
going
to
be
automatically
provisioned
as
a
local
path,
so
we
already
have
blue
edge
cattle
already
installed.
So
I'm
not
going
to
download
this.
So
these
are
the
instructions
to
download
that
stuff,
and
then
I
have
a
setting
which
says
that
okay,
I
point
it
to
3880
so
that
we
can
access
using
node
port,
we'll
see
that
in
later
part
of
section
right
and
all
I'm
going
to
do
right
now
is
I'm
just
going
to
go.
A
Click
create
this
is
a
values
file
which
you
have
so
that's
going
to
get
created
and
then
it's
going
to
start
delay.
It's
going
to
start
installing
glue
into
the
cluster
okay,
so
it
takes
a
bit
of
time.
So
what
we
do
until
then
is
that
let's
go
jump
out
and
create
our
aws
stuff
right.
That's
what
we'll
do
while
glue
gets
installed,
so
you
can
ignore
these
warnings.
These
bondings
are
some
hell,
more
links
which
is
there.
So,
let's
go
and
install
a
few
stuff
here,
I'm
just
going
to
do
clear
screen.
A
What
I'm
going
to
do
is
like
let's
go
and
start
doing
stuff
which
is
required
for
aws
lambda.
So
the
very
first
thing
I
require
is
that
I
need
to
create
a
role
because
the
troll
is
required
for
you
to
bind
this
stuff.
Let
me
go
and
put
this
one.
The
role
is
there,
let's
get,
let's
get
the
on
for
the
role
so
that
we'll
use
it
up
coming
the
the
glue
resource
section.
So
let's
wait
for
some
time.
A
Let's
try
again
okay,
so
it
takes
a
bit
of
time.
So,
but
let
me
check
which
region
I
am
in
right
now:
aws
aws
default
region.
Okay,
I
mean
ap
south,
which
is
which
is
mumbai,
which
is
close
to
me.
So
I'm
just
going
to
do
it
again,
just
get
the
on
here
just
to
see.
If
I
think
we
got
it
now.
Okay,
it
takes
some
time
for
the
for
the
roll
to
be
created.
Reflector.
Let's
do
an
echo
of
roll
on
just
to
see
it.
It's
there.
A
So
let's
do
that
and
we
are
done
with
that,
so
we
need
to
provide
the
execution
role
basically
for
this
lambda
to
get
executed.
So
what
we
are
going
to
do
is
like
it's
going
to
be
a
simple
lambda.
As
you
see
in
my
screen
right
now,
let
me
make
this
little
bit
bigger
show
what
we're
doing
so.
It's
just
going
to
show
you
we'll
send
a
username
to
this
and
then
it's
going
to
show
you
hello,
welcome
to
the
blue
edge
lambda.
So
that's
as
simple
as
that.
A
Okay,
let's
go
copy
this
one
and
go
here
and
wait
for
the
thing
to
be
created
there
we
go.
Let
me
go
and
make
this
smaller
again,
so
we
got
our
functions
created.
Let's
check
if
function
works
right.
So
what
I'm
basically
going
to
do
right
now
is
going
to
call
the
function
and
the
function
is
going
to
throw
out
and
the
response
is
going
to
be
done.
A
It's
the
success
response
here
so
which
means
that
the
function
executed
successfully
so
I'll
just
say,
get
response.json
just
to
make
it
a
little
bit
neater
I'll,
just
use
to
jq,
and
there
you
go
right.
So
we
just
say
hello:
tom
welcome
to
blue
edge
with
lambda,
so
the
function
is
working
right
now
we
have
created
a
lambda
function
and,
and
the
function
is
node.jsimple
node.js
function
here
the
function
is
up
and
running
and
we
are
all
good
to
connect
blue
edge
with
lambda
now,
okay.
A
So
what
do
we
do?
Let's
go
back
and
see
where
we
are
right.
I
think
the
installation
succeeded
so
let's
clear
that,
so
how
do
I
check
whether
my
installation
is
good
right,
so,
with
blue
edge
glue
cutter,
we
provide
a
sanity
check
mechanism
like
you
can
just
go
to
glue
cuttle
check.
It
goes
checks,
your
deployment
to
see.
Okay,
if
deployment
is
good
pause
is
good,
upstream
groups,
earth
conflicts,
etc,
etc.
A
All
the
glue
resources,
it
makes
sure
that
everything
is
good
and
obviously
we'll
get
one
probably
a
morning
saying
that
the
federation
is
not
there.
So
we
are
not
concentrating
on
federation
as
part
of
this
thing.
Okay,
so
since
we
are
deploying
edge
thing,
so
we
are
all
good
and
then
the
cluster
is
up
and
ready
okay,
so
we
can
even
connect
multiple
blue
clusters
together
as
part
of
federation,
so
probably
we'll
park
that
for
another
demo,
okay,
good.
A
So
what
we
have
done
so
far,
we
created
the
cluster.
We
installed
blue
edge.
We
created
a
lambda
function
separately.
Now.
The
point
is
that
we
have
to
connect
these
two
things
to
work
together.
That's
the
focus
of
this
demo
as
well.
Let's
do
that
so
to
do
that.
Let
me
go
down
to
my
instruction.
The
very
first
thing
I
need
to
do.
Obviously
you
would
have
known
that
for
glue
edge
to
interact
with
eks.
I
need
to
have
the
eks
access
key.
A
I
mean
aws
access
key
and
secret
key
to
be
available
for
glue.
That's
what
I
did
using
glue
cutting
create
secret.
I
call
it
as
aws
aws
secret,
which
has
a
name
called
as
glue
eksdemo,
and
it
gives
you
an
access
key,
we'll
be
using
this
secret
as
part
of
our
upcoming
resource
creation
right.
So
obviously,
you
can
also
check
if
the
secret
sits
there
to
see
if
it's
all
has
nice
value.
Okay.
A
So
now
the
very
the
very
basic
resource
that
we
need
to
create
right
now
is
an
upstream
upstream
is
basically
the
one
that
interfaces
with
the
aws
lambda
and
make
things
work
for
you,
okay,
so
that's
what
we're
going
to
do.
First,
now
we're
just
going
to
create
an
upstream
and
use
the
default
region.
As
you
see
right
now,
the
upstream
is
created,
but
the
status
is
still
pending.
So
it
takes
few
seconds
for
the
controller,
glue
and
glue
controller
to
come
up
and
create
the
necessary
resources.
Let's
go
and
check
it
again.
A
A
We
are
good
right
now,
just
to
create
the
functions,
the
another
one,
more
thing
we
need
to
do.
We
got
a
function.
We
know
the
upstream
upstream
talks
to
function,
but
how
does
the
external
world
talk
to
your
function?
Right?
That's
what
blue
edge
principle!
Primary
purpose
is
I'm
sorry.
The
primary
purpose
of
blue
edge
is
to
make
external
world
talk
to
your
thing,
the
not
soft
traffic
that
exactly
is
done
using
what
we
call
as
route.
In
other
words,
in
a
technical
terms,
we
call
them
as
a
virtual
service.
A
I
see
an
example
here
of
the
virtual
search
that
we
were
going
to
create
in
second,
like
it's
going
to
call
us
prefix
greet
the
logical
name.
I'm
going
to
connect
to
the
lambda
function,
name
which
I
created
there
and
how
do
I'm
going
to
route
it
I'm
going
to
route
through
my
upstream,
my
my
upstream
mistake.
I'm
going
to
delegate
this
to
my
upstream.
My
upstream
talks
to
aws
lambda
function,
get
the
response
and
send
it
back
to
me.
A
That's
that's
as
simple
as
that
and
I'm
going
to
use
a
dummy
domain
name
right
so
called
example.com,
so
that
only
this
host
can
access
this
function.
All
right,
that's
as
simple
as
that.
Let's
go
and
create
this
one
again.
So
it's
going
to
take
another
few
seconds
for
us
to
do
this.
So
the
thing
is
created.
Let's
see,
what's
the
status
of
that
as
well,
and
we
are
good
right,
it's
accepted
it's
ready,
we
don't
have
any
ssl.
I
see
the
domain
is
coming
here.
It's
going
to
upstream
all
right.
A
So
how
do
I
call
so
to
call
this?
I
need
what
I
use
from
glue
curl,
the
proxy
url
right,
so
that
gives
you
there's
a
proxy
thing
service
which
is
running
here.
So
if
I
go,
okay
get
svc,
iphone
n
glue
system.
If
I
do
this
command,
I
should
see
a
lot
of
services,
but
one
of
the
services
is
a
gateway
proxy.
Here,
that's
what
is
used.
If
you
remember
that
when
you
install,
I
added
a
node
port
for
this
to
connect.
A
But
if
you
have
a
load
balancer,
then
you
can
directly
connect
this
to
load
balancer
so
that
you
can
access
from
outside
world.
For
this
demo,
we
are
going
to
use
the
node
port
here
right
and
now
it
got
a
glue
proxy
here
and
the
thing
connected
here.
That's
where
you're
going
to
access
this.
Let
me
clear
the
screen
for
a
second,
but
one
thing
you
have
to
note.
If
I
do
an
echo
of
glue
proxy,
what
basically
happens
is,
let
me
do
a
sql
proxy
url.
A
So
this
gives
me
the
node
name
right.
This
is
not
an
ipv,
because
if
you
have
a
resolver,
then
this
should
work
perfectly,
but
if
you
don't
have
a
resolver
like
what
I'm
having
in
my
right
in
my
demo
environment.
So
I
have
to
add
these
to
the
thing
right.
Basically,
I
can
use
any
of
the
node
ips
to
get
this
one.
So
that's
what
I'm
going
to
do
right
now,
I'm
going
to
get
the
node
ips
and
map
them
to
the
blue
edge
cluster
right.
It
will
create
something
like
that.
A
Let
me
do
a
cad,
slash,
etc,
host
file,
and
you
should
see
this.
This
one
demo
is
added
here
right.
The
blue
edge
demos,
33
34
35,
and
I
had
few
other
things
earlier
as
well
right,
so
this
got
added
here
so
which
means
that
I'm
able
to
access
this
url
using
the
node
name.
Otherwise
what
it
can
do
is
like
cube,
get
nodes
and
then
do
oh
white.
A
So
if
you
do
this,
you'll
get
the
ip
address,
you
can
use
any
one
of
the
external
or
internal
ipad.
Obviously,
internal
should
also
work
in
this
case.
Both
are
same.
If
any
one
of
these
ip
addresses
you
can
just
grab
them
and
then
use
them
as
part
of
the
thing
so
to
save
energy.
I
just
added
them
to
the
e
to
z
o,
so
I
can
use
any
node
names
I
want.
A
And
lastly,
let's
do
the
same
thing,
what
we
did
earlier,
calling
the
function
right
now.
What
I'm
doing
is.
I'm
using
a
glue
proxy
url
and
slash
greed.
If
you
remember
the
slash,
greed
is
the
prefix
that
I
used
for
my
gateway
to
get
into
this
lambda
function
and
it
goes
back
to
the
lambda
and
calls
it
right.
So,
let's
do
one
more
call,
let
me
say
hello,
nikki
and
you
should
see
like
okay,
so
it
also
gives
you
a
nickel
welcomes
you
to
do
lambda
as
well.
So
it
goes
goes
back
to
aws.
A
Lambda
calls
the
function
gets
the
response
back
as
a
json
figure.
So
that's
how
we
connected
the
aws
lambda
function
from
using
blue
air
right.
We
just
use
blue
at
semantics,
which
means
that
if
I,
if
you
have
to
show
you
a
quick
picture,
so
it
means
that
this
is
how
your
entire
stuff
looks
like.
Let
me
make
this
a
little
bit
bigger
so
that
so
glue
8
sits
right
here.
It
can
have
any
clients
any
consumers
coming
here.
I
can
go
to
a
vm
or
a
microservice.
A
In
this
case
I
went
to
a
lambda
or
a
service
running
inside
a
vm
or
a
microservice,
that's
deployed
inside
kubernetes.
I
can
go
call
any
of
them
with
the
same
semantics,
the
upstream
virtual
routes
and
all
of
the
stuff
that
we
created.
So
it's
as
simple
as
that
with
blue
edge
things,
become
super
easy
for
your
knots
out
traffic
to
enter
inside
your
cluster.
A
I
hope
you
enjoyed
this
a
small
demo
of
how
do
we
create
eksa,
set
up
blue
h
on
top
of
it
and
deploy
aws
lambda
function
and
connect
the
aws
lambda
function
with
blue
edge
to
make
things
work
best
for
you
and
that's
pretty
much
it.
If
you
have
any
questions,
obviously
you
can
reach
out
to
our
social
handlers.