Set up Kubernetes cluster on AWS EKS
The Deployments guide uses minikube kubernetes cluster which is recommended only for learning and test purposes. Below are instructions for creating production ready kubernetes cluster on AWS using Amazon's managed kubernetes offering (AWS EKS) and DynamoDB backend.
For more details about EKS please visit Getting Started with Amazon EKS
For more details about DynamoDB please visit Getting Started with Amazon DynamoDB
Set up Kubernetes cluster on AWS EKS
We will use eksctl tool for a simple kubernetes setup on EKS.
Prerequisites
- Amazon AWS account
- AWS CLI
- Amazon EKS-vended kubectl
- eksctl
To install the latest version of eksctl locally:
curl --silent --location "https://github.com/weaveworks/eksctl/releases/download/latest_release/eksctl_$(uname -s)_amd64.tar.gz" | tar xz -C /tmp
sudo mv /tmp/eksctl /usr/local/bin
eksctl version
You will also need to have AWS CLI credentials configured. To create the configuration files for AWS on your machine, invoke aws configure
and manually enter the requested data. For example:
$ aws configure
AWS Access Key ID [None]: AKIAIOSFODNN7EXAMPLE
AWS Secret Access Key [None]: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
Default region name [None]: us-west-2
Default output format [None]: json
This command generates a configuration file on your machine ~/.aws/credentials
we will use later to establish communication between Microkubes and DynamoDB.
Kubernetes cluster Setup
To get info about all available options of eksctl:
eksctl --help
To create kubernetes cluster with default parameters:
eksctl create cluster --name=microkubes-cluster
When you execute eksctl create cluster
, it will take care of creating the initial AWS Identity and Access Management (IAM) Role used to allow the master control plane to connect to EKS. It will then create the base Amazon VPC architecture, and then the master control plane. Once the control plane is active, it will create a node group to bring up instances, then deploy the ConfigMap that allows the nodes to join the cluster, and, finally, create a pre-configured kubeconfig that will give you access to the cluster. Also, a default StorageClass (gp2 volume type provisioned by EBS) will be added automatically.
To check if kubectl can connect to the new cluster:
kubectl get nodes
Backend setup
We will use Amazon DynamoDB as backend in this setup. DynamoDB is a fully managed NoSQL database service from Amazon.
Microkubes does the provisioning and configuration of the DynamoDB backend automatically. We just need to provide it with the AWS credentials file. We will do this later in this text.
Microkubes setup using helm charts
Helm chart for Microkubes is located at https://github.com/Microkubes/microkubes/tree/helm/kubernetes/helm/microkubes
Examine the values file and make modifications if neccesary. Ingress is supported if enabled there.
Prerequisites for helm
- Kubernetes
- Helm
- Make sure that you have helm tiller running in your cluster, if not run
helm init
- Make sure that you have helm tiller running in your cluster, if not run
- kubectl and kubeconfig configured correctly
Create keys for authorization servers
./keys/create.sh
Create secrets
If you recall, earlier we used aws configure
to generate ~/.aws/credentials
. We need this file inside our pod to be able to connect to DynamoDB. We include it with the other keys in microkubes-secrets:
kubectl -n microkubes create secret generic microkubes-secrets \
--from-file=keys/default \
--from-file=keys/default.pub \
--from-file=keys/private.pem \
--from-file=keys/public.pub \
--from-file=keys/service.cert \
--from-file=keys/service.key \
--from-file=keys/system \
--from-file=keys/system.pub \
--from-file=~/.aws/credentials
This will get it automatically mounted inside the pod together with the other secrets.
Make sure to update the values.yaml file of the helm chart and put the correct path to the newly mounted secret like:
microkubes:
database: dynamodb
awsDatabaseCredentials: /run/secrets/microkubes/credentials
...
awsDatabaseEndpoint
and awsDatabaseRegion
don't have effect when we use credentials file and can be ignored.
Deploy Microkubes on kubernetes cluster
To deploy Microkubes on kubernetes cluster with the release name <release-name>
within namespace <namespace-name>
:
$ cd kubernetes/helm
$ helm dependency update microkubes/
$ helm install microkubes/ --namespace <namespace-name> --name <release-name> \
--set postgresql.postgresUser=kong,postgresql.postgresPassword=<secretpassword>,postgresql.postgresDatabase=kong
Note: PostgreSQL user should be kong
and database name should also be kong
.
The platform takes about 5 minutes to start, depending on your cluster power. You can follow the progress with kubectl -n microkubes get pods -w
.
Once all services are running, you can start using microkubes.