Need Clarification: Installing KNIME Business Hub on AWS EKS (UAT Setup with Trial License)

KNIME Business Hub
1

Hello KNIME Team and Community,

I am planning to set up KNIME Business Hub for a UAT environment on AWS EKS, using the official installation guide:

:link: KNIME Business Hub Installation Guide

To ensure I’m proceeding correctly, I’ve outlined the following high-level steps based on the guide and general Kubernetes best practices. I would appreciate it if the KNIME team or anyone with similar experience could confirm if these steps are accurate or suggest improvements.

UAT Setup Context:

  • Platform: AWS EKS (trial environment)
  • License: Trial .yaml license from KNIME
  • Cluster Type: Non-air-gapped, Internet-accessible
  • Purpose: UAT validation for workflows and data apps

Proposed Installation Steps:

  1. Provision EKS Cluster using eksctl (3-node setup, t3.large or similar).
  2. Ensure EBS CSI driver is installed for persistent volumes.
  3. Install KOTS Admin Console using kubectl kots install knime-hub.
  4. **Upload the trial license via KOTS Admin UI and proceed with configuration:
  • Set DNS (e.g., uat.knime.mycompany.com)
  • Use self-signed or Let’s Encrypt cert for TLS
  • Use built-in Keycloak for authentication (no LDAP integration yet)
  1. Install ingress controller (e.g., NGINX) and expose the Hub via LoadBalancer.
  2. Access KNIME Hub UI and complete post-install steps:
  • Add teams/users
  • Upload executors (execution contexts)
  • Upload sample workflows

Few Questions:

  1. Are the steps above valid for deploying KNIME Business Hub on AWS EKS in a UAT scenario?
  2. Is the built-in Keycloak sufficient for UAT testing, or do you recommend integrating SSO from the beginning?
  3. Any specific configuration I should be aware of when using a trial license?
  4. Does the installation via kubectl kots install support all features of the trial license?
  5. For DNS/TLS setup, is there a recommended best practice for UAT (e.g., Let’s Encrypt with Route 53)?
  6. Any known limitations or caveats when deploying KNIME Hub on EKS specifically?
2

Hi @avisekswain,

For the most part, the steps you specified above are correct with a few details missing that would benefit you. Let’s go over the points you provided:

UAT Setup Context:

  • Platform: AWS EKS (trial environment) :heavy_check_mark:
  • License: Trial .yaml license from KNIME + .xml license from KNIME
  • Cluster Type: Non-air-gapped, Internet-accessible :heavy_check_mark:
  • Purpose: UAT validation for workflows and data apps :heavy_check_mark:

Proposed Installation Steps:

  1. Provision EKS Cluster using eksctl (3-node setup, t3.large or similar). You will need bigger intances. There will be a pre-flight check that looks for atleast 16 CPU cores across all the nodes. Usually we recommend 24-32, but 16 is the bare minimum. Additionally, we mostly use m,c, or r type instances for node pools.
  2. Ensure EBS CSI driver is installed for persistent volumes. :heavy_check_mark: Also, make sure there’s a default storageclass defined in the cluster. This should happen automatically but good to check
  3. Install KOTS Admin Console using kubectl kots install knime-hub. :heavy_check_mark:
  4. **Upload the trial license via KOTS Admin UI and proceed with configuration:
    You will first upload the .yaml license and then you’ll be asked for the .xml license when you begin configuring the Hub.
  • Set DNS (e.g., uat.knime.mycompany.com)Additionally, please do not forget the required subdomains.
  • Use self-signed or Let’s Encrypt cert for TLS. This should work. Another maybe easier option is to create the certificates in ACM, enable the option for them to be exportable, and then export the full chain and unencrypted key to your KOTS config page.Make sure the subdomains are also secified in the certificate and everything is unencrypted.
  • Use built-in Keycloak for authentication (no LDAP integration yet) :heavy_check_mark:
  1. Install ingress controller (e.g., NGINX) and expose the Hub via LoadBalancer.KNIME Hub comes with an ingress controller that can be installed on the initial configuration. You can disable this when going through the config and deploy your own if needed. If you’re using an external LB, make sure to disable the “coreDNS update job” in KOTS. (You will need to make sure your license has this feature visible for you. Usually someone from the KNIME side can enable it for you from their end). For installing your own ingress, please review this bitbucket repo. We have templates and documentation for deploying your own ingress.
  2. Access KNIME Hub UI and complete post-install steps: :heavy_check_mark:
  • Add teams/users :heavy_check_mark:
  • Upload executors (execution contexts) :heavy_check_mark:
  • Upload sample workflows :heavy_check_mark:

Few Questions:

  1. Are the steps above valid for deploying KNIME Business Hub on AWS EKS in a UAT scenario? Please review the text in bold.
  2. Is the built-in Keycloak sufficient for UAT testing, or do you recommend integrating SSO from the beginning? Keycloak should be fine. If you want to try setting up SSO, it will help speed up the setup later on as you’ll know what to expect, but shouldn’t be necessary.
  3. Any specific configuration I should be aware of when using a trial license?This one, I am not too sure.
  4. Does the installation via kubectl kots install support all features of the trial license?Again, I’m not too sure with a trial license. I believe EKS is marked for enterprise customers so as long as your license is capable of that, it should be no problem.
  5. For DNS/TLS setup, is there a recommended best practice for UAT (e.g., Let’s Encrypt with Route 53)? Whatever you’re most comfortable with is the best imo. For example, my test instances usually use Route 53 and ACM.
  6. Any known limitations or caveats when deploying KNIME Hub on EKS specifically?Nothing I can think of at the moment. As long as the CNI is provisioned correctly as well as the cluster/SAs, I think it should be rather smooth, especially since it’s not airgapped.

Hopefully this answers your questions for the most part. Good luck!

2 Likes
3

Thank you so much @michael_rader for your prompt response. Much appreciated. It helps !!

One last kind ask, do we have any documentations and/or videos for setting up Knime Business Hub on Kubernetes cluster ? May be some installation guide.

Thank you in advance
Avisek Swain

4

Of course! Happy to help.

Unfortunately, I don’t think we have any videos for setting up KNIME Business Hub on a k8s clusters. We do have documentation for an “existing cluster” install which the term we use for EKS/AKS/GKE implementations.

However, if you have some more questions, feel free to reach out with more questions! :slight_smile: