Skip to content
/ infrahub Public

An example starter template that contains terraform scripts and kubernetes configuration files to deploy a simple web application to AWS EKS Cluster

License

MIT license
5 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

dockup/infrahub

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits
kubernetes
kubernetes
 
 
terraform
terraform
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

InfraHub

Terraform scripts and Kubernetes scripts.

Prerequisites:

  1. AWS cli
  2. Install kubectl
  3. Install helm
  4. Install terraform cli
  5. Install aws-iam-authenticator

Input variables for terraform script:

Copy app.auto.tfvars.example to app.auto.tfvars and edit it with the actual values for the following variables:

aws_region : The AWS Region where you wish to have all the resources created, eg: "us-west-2"

project_name : A project name that will be used on many AWS resources for easier naming conventions and better classification of resources in AWS Console.

cluster_admins_arns : A list of AWS User ARNs who need admin access to the EKS cluster eg:

[
  {
    userarn = "arn:aws:iam::1263631783679131273129:root",
    username = "root",
    groups = ["system:masters"]
  }
]

database_name : Name of the RDS database which is used by the application

database_username : RDS Postgres username

database_password : RDS Postgres password

project_env : Deployment environment used for tagging resources in AWS. eg: "production", "staging"

codebuild_github_repo : The GitHub repo url for building images

github_personal_access_token : The GitHub personal access token for CodeBuild to pull source code. This token needs the following scopes: repo and admin:repo_hook. More info here

dockerfile_path : Path to Dockerfile relative to the root directory of source, eg: "./"

AWS_ACCESS_KEY_ID : AWS ACCESS KEY ID of the user running terraform.

AWS_SECRET_ACCESS_KEY : AWS SECRET ACCESS KEY of the user running terraform.

Usage:

# For the first time
$ terraform init

# This credentials will be used by terraform while performing the commands below
$ export AWS_ACCESS_KEY_ID="you key id"
$ export AWS_SECRET_ACCESS_KEY="you secret key"
  1. Planning the infra - This will list all the resources that will be created by Terraform
$ terraform plan -out plan.txt
  1. Create or Apply changes to infra - This will actually create the resources in AWS
$ terraform apply "plan.txt"

Make note of the output. It will be containing Endpoints for RDS, Redis, ElasticSearch.

  1. Destroy infra - WARNING: This will destroy all the resources in AWS. Use this only when testing.
$ terraform destroy "plan.txt"

Verifying that Kubernetes is running

  1. Update the kubeconfig using aws cli.
$ aws eks --region us-west-2 update-kubeconfig --name my-app-cluster
  1. Verify ec2 nodes are registered under Kubernetes
$ kubectl get nodes -A

As per the script, we should have 3 nodes

Setup Traefik (Load Balancer for Kubernetes) and Metrics Server (used for Horizontal Pod Autoscaling)

Helm is like Homebrew for Kubernetes

  1. Setup the helm stable repo
$ helm repo add stable https://kubernetes-charts.storage.googleapis.com/
  1. Install Traefik Helm Chart
$ helm install traefik stable/traefik --set rbac.enabled=true --namespace kube-system
  1. Install Metrics Server
$ helm install metrics-server stable/metrics-server --namespace kube-system

Deploying the App to Kubernetes

Kubernetes deployment configurations can be found inside kubernetes folder. Instructions given below will be referencing files from this folder.

Deploying the app:
  1. Create a namespace in Kubernetes for the app:
# The namespace "my-app" is used in the Kubernetes scripts present in this repo.
# If you prefer a different name, please change it accordingly in the scripts as well.
$ kubectl create namespace my-app
  1. Get Traefik external IP. The app once deployed, will be exposed through the External IP provided by the command below
$ kubectl get svc traefik -n kube-system

Replace <traeifk-elb-endpoint-similar-to...> in ingress.yaml with External IP from above command's result.

  1. Manually update app-secrets.yaml with appropriate values for the Environment Variables. Make sure to add RDS, Redis and ElasticSearch hosts (You would have seen these after running terraform apply) Now, apply it to Kubernetes.
$ kubectl apply -f app-secrets.yaml

  1. Head over to AWS CodeBuild Console, run a build - This builds the docker image and pushes it to ECR.

  2. Once the build is finished, head over to ECR Console and get the latest build image URL.

  3. Replace <image-pull-url-from-ecr-here> in deployment.yaml with the image URL.

  4. Deploy:

$ kubectl apply -f deployment.yaml
$ kubectl apply -f service.yaml
$ kubectl apply -f ingress.yaml
  1. Check logs and deployment status
# You should see a pod with name like: my-app-deployment-67fd46d678-rzdg2
$ kubectl -n my-app get pod

# Check logs
$ kubectl -n my-app logs -f my-app-deployment-67fd46d678-rzdg2

# Statuses
$ kubectl -n my-app get deploy
  1. Additionlly, you can also add Horizontal Pod Autoscaling based on CPU and Memory usages.
$ kubectl apply -f autoscale.yaml

About

An example starter template that contains terraform scripts and kubernetes configuration files to deploy a simple web application to AWS EKS Cluster

Topics

kubernetes template aws terraform eks

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

5 stars

Watchers

2 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages