Using EKS and Gitlab CI to deploy applications
Setup EKS using Terraform and Ansible. Deploy applications on EKS using Gitlab CI and Helm.
The main goal is to have a production-ready environment, showcasing AWS architecture, Terraform, Ansible, Kubernetes (EKS), Gitlab CI, DockerHub and Helm.
Key aspects:
- All resources are managed in code. Even the bootstrap of the project .
- HA where applicable (EKS Load Balancer)
- The application is deployed from code.
The process described on this tutorial show how to:
- 1.
- 2.
- 3.
- 4.Ansible: setup VM swap, hostname and packages. Also, create a Docker container which runs the EKS setup process, setup kubeconfig and Helm (here).
- AWS
- Terraform
- Ansible
- Gitlab CI
- Dockerhub
- EKS
- K8s
- Helm
Make sure you have an AWS account. AWS will host the Kubernetes cluster (EKS) and a small Virtual Machine.
This tutorial does not fit the AWS free tier. Make sure you delete all resources to avoid charges.
Make sure you have a Gitlab account to commit your code and use pipelines.
The stack bootstrap is done using Docker, so make sure you have Docker installed on your workstation.
You need to create an IAM user which will be used with Terraform.
Login to you AWS console, go to Services, IAM.
IAM Service
Go to Users, Add user.
Add IAM user
Add a user called
iac (stands for Infra as Code) with Programmatic Access.
iac user
Attach AdministratorAccess and click on Next: Tags button.
policy
You can use restricted policies if you want. In this example we are using AdministratorAccess to keep it simple.
Optionally add tags then click on Next: Review.
IAM tags
Review and create user.
Create user
Click on
Show in Secret access key section. Copy and save in a safe place your Access key ID and Secret access key.
Credentials
The credentials are displayed just once. Save them now or you will have to create a new user.
From now on, the
Access key ID and Secret access key will be referenced in this tutorial as iac IAM user credentials. Clone or fork
eintopf repository (Terraform and Ansible scripts): https://gitlab.com/tadeugr/eintopfUse your iac IAM user credentials.
Once your have your AWS credentials setup, run the Terraform scripts.
To do so, follow the instructions here: https://gitlab.com/tadeugr/eintopf#provision-the-infrastructure-with-terraform
At this point, if you go to you AWS console, you should have:
- An S3 bucket;
- A DynamoDB table;
- A Virtual Machine.
eintopf also has Ansible playbooks and roles do setup the infrastructure. The playbook playbooks/mgmt.yaml setup a Virtual Machine with a Docker container. This container is responsible for setting up the EKS cluster.First, make sure you have ansible-vault configured: https://gitlab.com/tadeugr/eintopf?nav_source=navbar#setup-ansible-vault-key
Then, setup the infrastructure: https://gitlab.com/tadeugr/eintopf?nav_source=navbar#setup-the-infrastructure-with-ansible
At this point, if you go to you AWS console, you should have:
- An EKS cluster.
Also, the Virtual Machine called
mgmt hosts a Docker container called devops. Inside this container you will find you Kubernetes cluster kubeconfig file, which is used with kubectl and also must be configured on your Gitlab CI variables to run the deployment test. More info here: https://gitlab.com/tadeugr/eintopf?nav_source=navbar#how-to-use-kubectlYou can copy the
kubeconfig file content and paste and save it in a safe place, specially if you want o use kubectl from your workstation and not form the VM.To convert the
kubeconfig content in the format to be used on Gitlab CI variable, run:cat /root/.kube/config | base64
Push a change and watch the deployment logs.
Last modified 4yr ago