Contents Menu Expand Light mode Dark mode Auto light/dark mode
Documentation Portal
  • 4k
  • 3.7
  • 3.6 (EOL)
  • 3.5 (EOL)
  • 3.4 (EOL)
  • 3.3 (EOL)
Logo
Mirantis Kubernetes Engine
  • Product Overview
  • Reference Architecture
    • Introduction to MKE
    • MKE hardware requirements
    • MKE software requirements
    • Manager nodes
    • Worker nodes
    • Admission controllers
    • Pause containers
    • Volumes
    • Configuration
    • Web UI and CLI
    • Role-based access control
    • MKE limitations
  • Installation Guide
    • Plan the deployment
      • Default install directories
      • Host name strategy
      • MCR considerations
        • default-address-pools
        • docker0
        • docker_gwbridge
        • Docker swarm
        • Kubernetes
        • docker data-root
        • no-new-privileges
        • Device Mapper storage driver
        • Memory metrics reporting
    • Perform pre-deployment configuration
      • Configure networking
        • IP considerations
        • Open ports to incoming traffic
        • Cluster and service networking options
        • Calico networking
        • Multus CNI installation and enablement
        • Enable ESP traffic
        • Avoid firewall conflicts
        • DNS entry in hosts file
      • Preconfigure an SLES installation
      • Verify the timeout settings
      • Configure time synchronization
      • Configure a load balancer
      • Configure IPVS
      • Use an External Certificate Authority
      • Customize named volumes
      • Configure kernel parameters
      • Set up kernel default protections
    • Install the MKE image
    • Obtain the license
    • Install MKE on AWS
      • Prerequisites
      • Install MKE
    • Install MKE on Azure
      • Prerequisites
      • Networking
      • Azure configuration file
      • Guidelines for IPAM configuration
      • Manually provision IP address pools as part of an Azure VM scale set
      • Adjust the IP count value
      • Azure custom roles
    • Install MKE on Google Cloud Platform
      • Prerequisites
      • Install MKE
      • Google Cloud Platform support limitations
    • MetalLB load-balancer for Kubernetes
    • Install MKE offline
    • Uninstall MKE
    • Deploy Swarm-only mode
      • Swarm-only images
      • Prometheus
  • Operations Guide
    • Access an MKE cluster
      • Access the MKE web UI
      • Download and configure the client bundle
        • Download the client bundle
        • Configure the client bundle
        • Disable Client Bundle
      • Configure kubectl with MKE
    • Administer an MKE cluster
      • Add labels to cluster nodes
        • Apply labels to a node
        • Deploy a service with constraints
        • Add Swarm placement constraints
        • Add or remove a service constraint using the MKE web UI
      • Add SANs to cluster certificates
      • Collect MKE cluster metrics with Prometheus
        • MKE metrics types
        • Metrics labels
        • Core MKE metrics
        • MKE component metrics
        • MKE cAdvsior metrics
        • Deploy Prometheus on worker nodes
        • Configure external Prometheus to scrape metrics from MKE
        • Set up Grafana with MKE Prometheus
      • Configure native Kubernetes role-based access control
        • Create a Kubernetes role
        • Create a Kubernetes role grant
      • MKE audit logging
        • Logging levels
        • Enable MKE audit logging
        • Access audit logs using the docker CLI
        • API endpoints logging constraints
      • Enable MKE telemetry
      • Enable and integrate SAML authentication
        • Configure SAML integration on identity provider
        • Configure SAML integration on MKE
        • SAML security considerations
        • Set up SAML proxy
      • Enable Helm with MKE
      • Integrate SCIM
        • Configure SCIM for MKE
        • Supported SCIM API endpoints
      • Integrate with an LDAP directory
        • MKE integration with LDAP
        • Configure the LDAP integration
      • Configure an OpenID Connect identity provider
      • Use LDAP in conjunction with SAML
      • Manage services node deployment
        • Restrict services deployment to Swarm worker nodes
        • Restrict services deployment to Kubernetes worker nodes
        • Allow services deployment on Kubernetes MKE manager or MSR nodes
      • Run only the images you trust
      • Set user session properties
      • Configure an MKE cluster
        • Use an MKE configuration file
        • Configuration options
      • Scale an MKE cluster
      • Configure KMS plugin for MKE
      • Use a local node network in a swarm
      • Manage MKE certificate authorities
      • Use your own TLS certificates
      • Manage and deploy private images
      • Set the node orchestrator
        • Select the node orchestrator
        • Change the node orchestrator
      • View Kubernetes objects in a namespace
      • Join Nodes
        • Set up high availability
        • Join Linux nodes
        • Join Windows worker nodes
        • Use a load balancer
      • Use two-factor authentication
      • Account lockout
      • Custom kubelet profiles
        • Add custom kubelet profiles
        • Apply kubelet node profiles
        • Modify kubelet node profiles
        • Configure Graceful Node Shutdown with kubelet node profiles
        • Delete kubelet node profiles
      • Configure and use OpsCare
      • Configure cluster and service networking in an existing cluster
      • Schedule image pruning
      • Manage etcd
        • Configure etcd storage quota
        • Cleanse etcd of Kubernetes events
        • Apply etcd defragmentation
        • etcd alarms response
      • Operate a hybrid Windows cluster
        • Run hybrid workloads in Kubernetes
        • Run hybrid workloads in Swarm
      • Manage NodeLocalDNS
        • Enable and disable NodeLocalDNS
        • Run DNS queries
    • Authorize role-based access
      • Create organizations, teams, and users
      • Enable LDAP and sync teams and users
      • Define roles with authorized API operations
        • Default roles
        • Create a custom Swarm role
        • Swarm operations roles
      • Use collections and namespaces
        • Swarm collection labels
        • Default and built-in Swarm collections
        • Group and isolate cluster resources
      • Create grants
      • Grant users permission to pull images
      • Reset passwords
      • RBAC tutorials
        • Deploy a simple stateless app with RBAC
        • Isolate volumes to specific teams
        • Isolate nodes
          • Isolate cluster nodes with Swarm
          • Isolate cluster nodes with Kubernetes
        • Set up access control architecture
        • Set up access control architecture with additional security requirements
    • Upgrades and migrations
      • Upgrade an MKE installation
        • Verify your environment
        • Perform the upgrade
        • Troubleshoot the upgrade process
      • Upgrade nodes to Windows Server 2022
      • Migrate an MKE cluster to a new OS
    • Deploy applications with Swarm
      • Deploy a single-service application
      • Deploy a multi-service application
      • Deploy services to a Swarm collection
      • Use secrets in Swarm deployments
      • Interlock
        • Layer 7 routing
        • Single Interlock deployment
        • Deploy
          • Deploy a layer 7 routing solution
          • Configure layer 7 routing for production
          • Offline installation considerations
        • Configure
          • Configure layer 7 routing service
            • Configure the Interlock service
            • Configuration file options for layer 7 routing
            • Create a proxy service
          • Configure host mode networking
          • Configure NGINX
          • Tune the proxy service
          • Update Interlock services
        • Routing traffic to services
          • Route traffic to a Swarm service
          • Publish a service as a canary instance
          • Use context or path-based routing
          • Configure a routing mode
            • Routing modes
            • Specify a routing mode
          • Use service labels
          • Configure redirects
          • Service clusters
            • Configure service clusters
            • Deploy services in separate service clusters
            • Remove a service cluster
          • Use persistent sessions
          • Secure services with TLS
            • Proxy-managed TLS
            • Service-managed TLS
            • Deploy services with mTLS enabled
          • Use websockets
    • Deploy applications with Kubernetes
      • Use Kubernetes on Windows Server nodes
      • Access Kubernetes resources
      • Deploy a workload to a Kubernetes cluster
        • Deploy a workload using the MKE web UI
        • Deploy a workload using the CLI
      • Deploy OPA Gatekeeper for policy enforcement
        • Install OPA Gatekeeper
        • Use OPA Gatekeeper
      • Use admission controllers for access
      • Create a service account for a Kubernetes app
      • Install an unmanaged CNI plugin
      • Kubernetes network encryption
      • Persistent Kubernetes Storage
        • Use NFS Storage
        • Use Azure Disk Storage
        • Use Azure Files Storage
        • Configure iSCSI
        • Use CSI drivers
      • GPU support for Kubernetes workloads
      • NGINX Ingress Controller
        • Configure NGINX Ingress Controller
        • Create a Kubernetes Ingress
        • Configure a canary deployment
        • Configure a sticky session
        • TLS termination
        • TLS passthrough
        • Expose TCP and UDP services
      • Deploy MetalLB
        • Create LoadBalancer services
        • Request from a specific IP pool
        • Add IP address pools
        • Modify IP address pools
        • Delete IP address pools
      • Use Multus CNI to create multi-homed Pods
    • Monitor an MKE cluster
    • Troubleshoot an MKE cluster
      • Troubleshoot MKE node states
      • Troubleshoot using logs
      • Troubleshoot cluster configurations
      • Troubleshoot root certificate authorities
      • Troubleshoot NodeLocalDNS
    • MKE virtualization
      • Prepare Kubevirt deployment
      • Deploy Kubevirt
      • Install virtctl CLI
      • MKE virtualization deployment scenario
    • Disaster recovery
      • Swarm disaster recovery
        • Recover from losing the quorum
        • Force the swarm to rebalance
      • MKE disaster recovery
      • Back up Swarm
      • Back up MKE
        • Backup considerations
        • Backup procedure
      • Restore Swarm
      • Restore MKE
    • Customer feedback
  • Launchpad
    • System requirements
    • Get started with Launchpad
    • Networking considerations
    • Upgrade components with Launchpad
    • Manage nodes
    • Launchpad CLI reference
    • Launchpad Configuration File
  • MKEx
    • MKEx installation
    • MKEx reference architecture
    • rpm-ostree operation
      • Basic use
      • Advanced use
    • OSTree components detail
    • rpm-ostree troubleshooting
  • Get support

Reference documentation

  • API Reference
  • CLI Reference
    • backup
    • ca
    • dump-certs
    • example-config
    • id
    • images
    • install
    • port-check-server
    • restore
    • support
    • uninstall-ucp
    • upgrade
  • CIS Benchmarks

Release notes

  • Release Notes
    • 3.8.5
      • Enhancements
      • Addressed issues
      • Known issues
      • Major component versions
      • Security information
    • 3.8.4
      • Enhancements
      • Addressed issues
      • Known issues
      • Major component versions
      • Security information
    • 3.8.3
      • Enhancements
      • Addressed issues
      • Known issues
      • Major component versions
      • Security information
    • 3.8.2
      • Enhancements
      • Addressed issues
      • Known issues
      • Major component versions
      • Security information
    • 3.8.1
      • Enhancements
      • Addressed issues
      • Known issues
      • Major component versions
      • Security information
    • 3.8.0
      • New features
      • Enhancements
      • Addressed issues
      • Known issues
      • Major component versions
      • Security information
    • Deprecation notes
  • Release Compatibility Matrix
    • MKE 3.8 Compatibility Matrix
    • MKE and MSR Browser compatibility
    • MKE, MSR, and MCR Maintenance Lifecycle
  • Release Cadence and Support Lifecycle
  • Open Source Components and Licenses

Install MKE on AWS¶

This section describes how to customize your MKE installation on AWS.

Note

You may skip this topic if you plan to install MKE on AWS with no customizations or if you will only deploy Docker Swarm workloads. Refer to Install the MKE image for the appropriate installation instruction.

  • Prerequisites
  • Install MKE

See also

  • Release Compatibility Matrix

  • Kubernetes

Next
Prerequisites
Previous
Obtain the license
  • Multi-page view
  • Single-page view

Mirantis Inc. 900 E Hamilton Avenue, Suite 650, Campbell, CA 95008 +1-650-963-9828

© 2005 - 2025 Mirantis, Inc. All rights reserved. "Mirantis" and "FUEL" are registered trademarks of Mirantis, Inc. All other trademarks are the property of their respective owners.