In this directory you can find instructions for deploying Kubeflow on Amazon Elastic Kubernetes Service (Amazon EKS). Depending upon your use case you may choose to integrate your deployment with different AWS services. Following are various deployment options:
Installation steps can be found here
Installation steps can be found here
Installation steps can be found here
Installation steps can be found here
Installation steps can be found here
Installation steps can be found here
Amazon EKS offers Container Insights using Amazon CloudWatch which monitors your Amazon Web Services (AWS) resources and the applications you run on AWS in real time. You can use CloudWatch to collect and track metrics, which are variables you can measure for your resources and applications. FluentBit is used as the DaemonSet to send logs to CloudWatch Logs. Install AWS CloudWatch by following their documentation.
Installation steps can be found here
The scripts in this repository are meant to be used for development/testing purposes. We highly recommend to follow AWS security best practice documentation while provisioning AWS resources. We have added few references below.
Security best practices for Amazon Elastic Kubernetes Service (EKS)
Security best practices for AWS Secrets Manager
Security best practices for Amazon Relational Database Service (RDS)
Security best practices for Amazon Simple Storage Service (S3)
Security in Amazon Route53
Security in Amazon Certificate Manager (ACM)
Security best practices for Amazon Cognito user pools
Security in Amazon Elastic Load Balancing (ELB)
AWS uses customer feedback and usage information to improve the quality of the services and software we offer to customers. We have added usage data collection to the AWS Kubeflow distribution in order to better understand customer usage and guide future improvements. Usage tracking for Kubeflow is activated by default, but is entirely voluntary and can be deactivated at any time.
Usage tracking for Kubeflow on AWS collects the instance ID used by one of the worker nodes in a customer’s cluster. This data is sent back to AWS once per day. Usage tracking only collects the EC2 instance ID where Kubeflow is running and does not collect or export any other data to AWS. If you wish to deactivate this tracking, instructions are below.
Usage tracking is activated by default. If you deactivated usage tracking for your Kubeflow deployment and would like to activate it after the fact, you can do so at any time with the following command:
-
kustomize build distributions/aws/aws-telemetry | kubectl apply -f -
Before deploying Kubeflow:
You can deactivate usage tracking by skipping the telemetry component installation in one of two ways:
- For single line installation, comment out the
aws-telemetryline in thekustomization.yamlfile. e.g. in cognito-rds-s3 kustomization.yaml file:# ./../aws-telemetry - For individual component installation, do not install the
aws-telemetrycomponent:# AWS Telemetry - This is an optional component. See usage tracking documentation for more information kustomize build distributions/aws/aws-telemetry | kubectl apply -f -
After deploying Kubeflow:
To deactivate usage tracking on an existing deployment, delete the aws-kubeflow-telemetry cronjob with the following command:
kubectl delete cronjob -n kubeflow aws-kubeflow-telemetry
- Instance ID - We collect the instance ID used by one of the worker nodes in the customer’s EKS cluster. This collection occurs once per day.
The telemetry data we collect is in accordance with AWS data privacy policies. For more information, see the following: