This is an example showing how to deploy a Todo application integrated with DocDB(MongoDB) on to multiple AZs using EKS.
- Here application and dataBase are deployed in different private subnets which are not directly accessible to outside world.
- For deploying application on to EKS we need Docker Images for both Todo-App & Edge-Services.
- To access todo application in outside world we need deploy External-DNS, Ingress Controller(Using nginx-ingress-controller) and Route53
-
Install AWS CLI
https://cloudaffaire.com/how-to-install-aws-cli/ -
Install Terraform
https://learn.hashicorp.com/tutorials/terraform/install-cli -
Setup AWS credentials
https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-quickstart.html
- Deploy AWS stack
$ export AWS_REGION=<region>
# create remote state using dynamoDB & s3
$ terraform -chdir=remote-state/<account>/<region> plan -out <account>-<region>-remote-state.plan
$ terraform -chdir=remote-state/<account>/<region> apply <account>-<region>-remote-state.plan
# Create VPC
$ terraform -chdir=<account>/<region>/<envionment>/vpc plan -out <account>-<region>-<envionment>-vpc.plan
$ terraform -chdir=<account>/<region>/<envionment>/vpc apply <account>-<region>-<envionment>-vpc.plan
# Create ECR for todo app
$ terraform -chdir=<account>/<region>/<envionment>/apps/todo/v2/ecr plan -out <account>-<region>-<envionment>-ecr-todo.plan
$ terraform -chdir=<account>/<region>/<envionment>/apps/todo/v2/ecr apply <account>-<region>-<envionment>-ecr-todo.plan
# Create DocDB(MongoDB) cluster for todo app
$ terraform -chdir=<account>/<region>/<envionment>/apps/todo/v2/mongo plan -out <account>-<region>-<envionment>-db-todo-mongo.plan
$ terraform -chdir=<account>/<region>/<envionment>/apps/todo/v2/mongo apply <account>-<region>-<envionment>-db-todo-mongo.plan
# Create Redis(Cluster configuration) cluster for todo app
$ terraform -chdir=<account>/<region>/<envionment>/apps/todo/v2/redis plan -out <account>-<region>-<envionment>-db-todo-redis.plan
$ terraform -chdir=<account>/<region>/<envionment>/apps/todo/v2/redis apply <account>-<region>-<envionment>-db-todo-redis.plan
# Create EKS cluster
$ terraform -chdir=<account>/<region>/<envionment>/eks/cluster plan -out <account>-<region>-<envionment>-eks.plan
$ terraform -chdir=<account>/<region>/<envionment>/eks/cluster apply <account>-<region>-<envionment>-eks.plan
$ aws eks update-kubeconfig --region <region> --name <envionment> # update ~/.kube/config
# Create KMS keys for todo app
$ terraform -chdir=<account>/<region>/<envionment>/apps/todo/v2/kms plan -out <account>-<region>-<envionment>-kms-todo.plan
$ terraform -chdir=<account>/<region>/<envionment>/apps/todo/v2/kms apply <account>-<region>-<envionment>-kms-todo.plan
# Create Route53 zone
$ terraform -chdir=<account>/global/route53 plan -out <account>-global-route53.plan
$ terraform -chdir=<account>/global/route53 apply <account>-global-route53.plan
# Deploy apps external-dns & ingress-controller
$ terraform -chdir=<account>/<region>/<envionment>/eks/services/external-dns plan -out <account>-<region>-<envionment>-apps-external-dns.plan
$ terraform -chdir=<account>/<region>/<envionment>/eks/services/external-dns apply <account>-<region>-<envionment>-apps-external-dns.plan
$ terraform -chdir=<account>/<region>/<envionment>/eks/services/ingress-nginx plan -out <account>-<region>-<envionment>-apps-ingress-nginx.plan
$ terraform -chdir=<account>/<region>/<envionment>/eks/services/ingress-nginx apply <account>-<region>-<envionment>-apps-ingress-nginx.plan -
Push Docker image into ECR
http://edge-service.todo.tmp.dev.farm # get access_token
http://todo-app.todo.tmp.dev.farm/webjars/swagger-ui/index.html # use access_token to access the API(s)
- AWS EBS (Elastic Block Storage)
- AWS EKS (Elastic Kubernetes Service)
- AWS DocumentDB (Database Service)
- AWS VPC (Virtual Private Cloud)
- AWS IGW (Internet GateWay)
- AWS ALB (Application Load Balancer)
- AWS ASG (Auto Scaling Group)
- AWS NAT (Network Address Translation)
- AWS SG (Security Group)
- AWS Route53 (DNS service)
- AWS KMS (Key management service)
- AWS ElastiCache-Redis(Cache service)
- AWS ECR(Container registry)
- External DNS (https://github.com/kubernetes-sigs/external-dns)
- Nginx Ingress Controller (https://docs.nginx.com/nginx-ingress-controller/)