Hello learners! In today's s session, we will be learning about the deployment of a 2-tier application on an EKS cluster.
We shall be deploying this application on an EC2 setup and through the EKS cluster. You can also use your local system instead of an EC2 setup. Please remember this EC2 is not a part of the EKS setup.
First, let us install the required components to setup an EKS cluster.
AWS CLI
- 1. Download awscli
curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
unzip awscliv2.zip
sudo ./aws/install
IAM Role
- Create an IAM User:
Go to the AWS IAM console.
Create a new IAM user named "eks-admin."
Attach the "AdministratorAccess" policy to this user.
Create Security Credentials:
- After creating the user, generate an Access Key and Secret Access Key for this user.
awscli configure
Configure aws cli for the above user
kubectl:
- Download kubectl for linux
# Download kubectl
curl -o kubectl https://amazon-eks.s3.us-west-2.amazonaws.com/1.19.6/2021-01-05/bin/linux/amd64/kubectl
# Add execute permissions
chmod +x ./kubectl
# Move kubectl to /usr/local/bin
sudo mv ./kubectl /usr/local/bin
# Check kubectl version
kubectl version -short --client
eksctl
- download eksctl for linux
curl --silent --location "https://github.com/weaveworks/eksctl/releases/latest/download/eksctl_$(uname -s)_amd64.tar.gz" | tar xz -C /tmp
sudo mv /tmp/eksctl /usr/local/bin
eksctl version
Create eks cluster.
Use the below command to create an eks cluster
eksctl create cluster --name sowmyasCluster --region us-east-1 --node-type t2.medium --nodes-min 1 --nodes-max 2
Once you do this, the cluster starts creating ad it takes around 15 to 20. mins for the cluster to create
Deploying the app via EKS
We will be using the same deployments as in the previous blog however, we wil be adding security via secret and passing any required data to the pod via configMap. All the required manifests are in this link
Secrets are used to store passwords in an encrytped format without directly using them in the deployment file.
In the below file, I am encrypting the password for MYSQL in base64 encoded format and adding it to the secret file.
apiVersion: v1 kind: Secret metadata: name: mysql-secret type: Opaque data: MYSQL_ROOT_PASSWORD: YWRtaW4=
ConfigMaps are used to send data to pods.
Now we shall create a configMap
We will include a mysql query that will create the table in the mysql db
apiVersion: v1 kind: ConfigMap metadata: name: mysql-initdb-config data: init.sql: CREATE DATABASE IF NOT EXISTS mydb; USE mydb; CREATE TABLE messages (id INT AUTO_INCREMENT PRIMARY KEY, message TEXT);
We will be using a Loadbalancer service for this deployment so the service for two-tier-app will be as follows
apiVersion: v1 kind: Service metadata: name: two-tier-app-service spec: selector: app: two-tier-app type: LoadBalancer ports: - protocol: TCP port: 80 targetPort: 5000
We shall modify our deployment file to add the above Secret, ConfigMap and LoadBalancer Service
apiVersion: apps/v1 kind: Deployment metadata: name: mysql labels: app: mysql spec: replicas: 1 selector: matchLabels: app: mysql template: metadata: labels: app: mysql spec: containers: - name: mysql image: mysql:latest env: - name: MYSQL_ROOT_PASSWORD valueFrom: secretKeyRef: #secret file used here name: mysql-secret key: MYSQL_ROOT_PASSWORD - name: MYSQL_DATABASE value: "mydb" - name: MYSQL_USER value: "admin" - name: MYSQL_PASSWORD value: "admin" ports: - containerPort: 3306 volumeMounts: - name: mysql-initdb mountPath: docker-entrypoint-initdb.d volumes: - name: mysql-initdb configMap: name: mysql-initdb-config # ConfigMap used here
Now, let us check if our EKS cluster is ready for deployments.
Since, the EKS cluster is up and running, let us go ahead with the app deployment
Copy the Load balancers external IP and check in the browser if the app is running
Application successfully deployed via EKS