Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Before You Install

Use this procedure to install the tools and image pull secrets needed to create an Amazon EKS cluster running CN2.

We provide a number of ways for you to create an Amazon EKS cluster and install CN2. You can use our Terraform blueprints to create a ready-made cluster along with our Helm charts and CN2 YAML manifests to install CN2.

This procedure prepares your setup for all of these methods. If you already know the method that you want to use, then skip over the steps that don't apply to you.

Note:

Before installing CN2, disable transmit checksum offload on all your nodes. Disable the offload in a persistent manner (that survives reboots).
  1. Set up an AWS account.
    You'll need an AWS account to create an Amazon EKS cluster.
  2. Set up a Juniper Networks download account. You'll need a Juniper Networks download account to download CN2 YAML manifests from the Juniper Networks download site (https://support.juniper.net/support/downloads/?p=contrail-networking).
  3. Install the AWS CLI. You'll need the AWS CLI to interact with AWS from the command line. See https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html.
  4. Configure the AWS CLI with your AWS access key and secret. See https://awscli.amazonaws.com/v2/documentation/api/latest/reference/configure/index.html.
  5. Install eksctl. Eksctl is a CLI tool for creating and managing Amazon EKS clusters. See https://docs.aws.amazon.com/eks/latest/userguide/eksctl.html.
  6. Install kubectl. See https://kubernetes.io/docs/tasks/tools/.
  7. Install Helm. See https://helm.sh/docs/intro/install/.
  8. If you're planning on using our Terraform blueprints, then install Terraform. See https://developer.hashicorp.com/terraform/tutorials/aws-get-started/install-cli.
  9. Contact your Juniper Networks representative to get your enterprise-hub.juniper.net credentials and store your enterprise-hub.juniper.net image pull secret.
    When you get the credentials, run the following command to store your image pull secret. Enter your credentials when prompted.
    Once you authenticate, your credentials are stored in a docker JSON file on your local computer (typically in ~/.docker/config.json or in the ~/snap/docker directory hierarchy if you installed docker using snap). You will use these credentials when you install CN2 later.
  10. Optionally, install contrailstatus. Contrailstatus is a kubectl plug-in you can use to query CN2 components and resources. Contrailstatus is part of the Contrail tools package that you can download from the Juniper Networks download site. See Manifests.
    Change permissions on the kubectl-contrailstatus executable and copy it somewhere in your path, for example /usr/local/bin.