Deploying to AWS ¶
Cdev uses stack templates to generate projects in a desired cloud. This section describes the steps necessary to start working with cdev in AWS cloud using AWS-EKS stack template.
Prerequisites to use AWS-EKS stack template ¶
Cdev requires cloud credentials to manage and provision resources. You can configure access to AWS in two ways:
Please note that you have to use IAM user with granted administrative permissions.
Environment variables: provide your credentials via the
AWS_SECRET_ACCESS_KEY, the environment variables that represent your AWS Access Key and AWS Secret Key. You can also use the
AWS_REGIONenvironment variable to set region, if needed. Example usage:
export AWS_ACCESS_KEY_ID="MYACCESSKEY" export AWS_SECRET_ACCESS_KEY="MYSECRETKEY" export AWS_DEFAULT_REGION="eu-central-1"
Shared Credentials File (recommended): set up an AWS configuration file to specify your credentials.
[cluster-dev] aws_access_key_id = MYACCESSKEY aws_secret_access_key = MYSECRETKEY
[profile cluster-dev] region = eu-central-1
Install AWS client and check access ¶
If you do not have the AWS CLI installed, refer to AWS CLI official installation guide, or use commands from the example:
curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" unzip awscliv2.zip sudo ./aws/install aws s3 ls
Create S3 bucket for states ¶
Cdev uses S3 bucket for storing states. Create the bucket with the command:
aws s3 mb s3://cdev-states
DNS Zone ¶
In AWS-EKS stack template example you need to define a Route 53 hosted zone. Options:
You already have a Route 53 hosted zone.
Create a new hosted zone using a Route 53 documentation example.
Use "cluster.dev" domain for zone delegation.
AWS-EKS is a cdev stack template that creates and provisions Kubernetes clusters in AWS cloud by means of Amazon Elastic Kubernetes Service (EKS).
AWS-EKS starting guide ¶
Configure access to AWS and export required variables.
Create locally a project directory, cd into it and execute the command:
cdev project create https://github.com/shalb/cdev-aws-eks
The stack template's repo could contain several options for project generation. To list available generators, use
cdev project create https://github.com/shalb/cdev-aws-eks --list-templates
Then you can specify which generator to use, for example:
cdev project create https://github.com/shalb/cdev-aws-eks minimal
If you leave it unspecified, cdev will generate a default project for you. You can also opt for an interactive mode with the extended menu:
cdev project create https://github.com/shalb/cdev-aws-eks --interactive
Edit variables in the example's files, if necessary:
project.yaml - main project config. Sets common global variables for current project such as organization, region, state bucket name etc. See project configuration docs.
backend.yaml - configures backend for cdev states (including Terraform states). Uses variables from project.yaml. See backend docs.
infra.yaml - describes stack configuration. See stack docs.
cdev planto build the project. In the output you will see an infrastructure that is going to be created after running
Prior to running
cdev applymake sure to look through the infra.yaml file and replace the commented fields with real values. In case you would like to use existing VPC and subnets, uncomment preset options and set correct VPC ID and subnets' IDs. If you leave them as is, cdev will have VPC and subnets created for you.
We highly recommend to run
cdev applyin a debug mode so that you could see cdev logging in the output:
cdev apply -l debug
cdev applyis successfully executed, in the output you will see the ArgoCD URL of your cluster. Sign in to the console to check whether ArgoCD is up and running and the stack template has been deployed correctly. To sign in, use the "admin" login and the bcrypted password that you have generated for the infra.yaml.
Displayed in the output will be also a command on how to get kubeconfig and connect to your Kubernetes cluster.
Destroy the cluster and all created resources with the command
Resources to be created ¶
(optional, if you use cluster.dev domain) Route53 zone
(optional, if vpc_id is not set) VPC for EKS cluster
EKS Kubernetes cluster with addons:
AWS IAM roles for EKS IRSA cert-manager and external-dns