Flask Application deployment via EKS

Flask Application deployment via EKS

·

3 min read

Hello learners! In today's s session, we will be learning about the deployment of a 2-tier application on an EKS cluster.

We shall be deploying this application on an EC2 setup and through the EKS cluster. You can also use your local system instead of an EC2 setup. Please remember this EC2 is not a part of the EKS setup.

First, let us install the required components to setup an EKS cluster.

AWS CLI

  1. 1. Download awscli
curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
unzip awscliv2.zip
sudo ./aws/install
  1. IAM Role

    1. Create an IAM User:
    1. Go to the AWS IAM console.

      1. Create a new IAM user named "eks-admin."

      2. Attach the "AdministratorAccess" policy to this user.

  • Create Security Credentials:

    1. After creating the user, generate an Access Key and Secret Access Key for this user.

awscli configure

    1. Configure aws cli for the above user

kubectl:

  1. Download kubectl for linux
# Download kubectl
curl -o kubectl https://amazon-eks.s3.us-west-2.amazonaws.com/1.19.6/2021-01-05/bin/linux/amd64/kubectl

# Add execute permissions
chmod +x ./kubectl

# Move kubectl to /usr/local/bin
sudo mv ./kubectl /usr/local/bin

# Check kubectl version
kubectl version -short --client

eksctl

  1. download eksctl for linux
curl --silent --location "https://github.com/weaveworks/eksctl/releases/latest/download/eksctl_$(uname -s)_amd64.tar.gz" | tar xz -C /tmp
sudo mv /tmp/eksctl /usr/local/bin
eksctl version

Create eks cluster.

    1. Use the below command to create an eks cluster

        eksctl create cluster --name sowmyasCluster --region us-east-1 --node-type t2.medium --nodes-min 1 --nodes-max 2
      
      1. Once you do this, the cluster starts creating ad it takes around 15 to 20. mins for the cluster to create

Deploying the app via EKS

    1. We will be using the same deployments as in the previous blog however, we wil be adding security via secret and passing any required data to the pod via configMap. All the required manifests are in this link

      1. Secrets are used to store passwords in an encrytped format without directly using them in the deployment file.

      2. In the below file, I am encrypting the password for MYSQL in base64 encoded format and adding it to the secret file.

        apiVersion: v1
        kind: Secret
        metadata:
         name: mysql-secret
        type: Opaque
        data:
         MYSQL_ROOT_PASSWORD: YWRtaW4=
        
      3. ConfigMaps are used to send data to pods.

      4. Now we shall create a configMap

      5. We will include a mysql query that will create the table in the mysql db

        apiVersion: v1
        kind: ConfigMap
        metadata:
         name: mysql-initdb-config
        data:
         init.sql:
           CREATE DATABASE IF NOT EXISTS mydb;
           USE mydb;
           CREATE TABLE messages (id INT AUTO_INCREMENT PRIMARY KEY, message TEXT);
        
      6. We will be using a Loadbalancer service for this deployment so the service for two-tier-app will be as follows

        apiVersion: v1
        kind: Service
        metadata:
         name: two-tier-app-service
        spec:
         selector:
           app: two-tier-app
         type: LoadBalancer
         ports:
           - protocol: TCP
             port: 80
             targetPort: 5000
        
      7. We shall modify our deployment file to add the above Secret, ConfigMap and LoadBalancer Service

        apiVersion: apps/v1
        kind: Deployment
        metadata:
         name: mysql
         labels:
           app: mysql
        spec:
         replicas: 1
         selector:
           matchLabels:
             app: mysql
         template:
           metadata:
             labels:
               app: mysql
           spec:
             containers:
               - name: mysql
                 image: mysql:latest
                 env:
                   - name: MYSQL_ROOT_PASSWORD
                     valueFrom:  
                       secretKeyRef:  #secret file used here
                         name: mysql-secret
                         key: MYSQL_ROOT_PASSWORD
                   - name: MYSQL_DATABASE
                     value: "mydb"
                   - name: MYSQL_USER
                     value: "admin"
                   - name: MYSQL_PASSWORD
                     value: "admin"
                 ports:
                   - containerPort: 3306
                 volumeMounts:
                   - name: mysql-initdb
                     mountPath: docker-entrypoint-initdb.d
             volumes:
               - name: mysql-initdb
                 configMap:
                   name: mysql-initdb-config    # ConfigMap used here
        
      8. Now, let us check if our EKS cluster is ready for deployments.

      9. Since, the EKS cluster is up and running, let us go ahead with the app deployment

      10. Copy the Load balancers external IP and check in the browser if the app is running

      11. Application successfully deployed via EKS