Overview
Hey Geeks!, We have come up with a new blog, In this blog we will introduce you to Terrateam’s pipeline that will help us to establish EKS(Elastic Kubernetes Service) on AWS.
What we are doing here:
Give Terrateam user ACCESS to our AWS account
Deploy EKS on AWS
Run our MKdocs application on EKS(not part of the pipeline and would be a manual deployment)
What we are going to learn?
We are going to learn how to deploy an application(MKdocs) on EKS with the help of Terrateam.
Let’s think of a scenario
- You have to run an application(docker container) on infra like AWS.
What will you do?
- Here comes Terrateam which runs on GitHub-actions and can streamline your EKS deployment with plan and apply commands.
Terrateam is installed on your GitHub and runs on each PR(pull request) you raise on your repository, Terrateam you just need to look after your Terraform configuration file and Terrateam will take care of your CI/CD pipeline to deploy each configuration you put in.
Intended audience
The intended readership for this blog post consists of Developers heavily involved in Cloud and Infrastructure management. They regularly utilize Terraform and GitHub in their daily workflow and are seeking a solution to streamline their tasks, while also obtaining detailed insights for each Pull Request (PR) made to their GitHub repository.
With Terrateam, you can construct various infrastructures, including Lambda and EC2, much like the approach we demonstrate when setting up EKS in this blog post.
Let’s get started with this tutorial.
But before that, we need to take care of some prerequisites.
Pre-Requisites
AWS account: A freemium version is sufficient for this blog.
GitHub account: Create or use a GitHub account for the blog.
Terrateam is installed on your GitHub account, click here to install it.
Terrateam and AWS connection setup.
Workflow:
Terrateam installation on GitHub.
GitHub repo creation.
Making static credentials for Terrateam.
Setting up EKS module.
Pipeline setup.
Create a branch and push the changes to the repo.
Create a pull request.
Applying changes in infrastructure by commenting on PR.
Manual deployment of MKdocs application.
Let’s get our hands on the tutorial.
Let’s move step-by-step:
Install Terrateam on your GitHub, click here to install it.
Create a repository on your GitHub and clone it on your local.
- Create a new repo by clicking on “new”.
- Give the appropriate name and click on “Create repository”
- Now in the repository click on “Code” click for “HTTPS” and copy the URL to clone on your local machine.
Clone it on your local with the following command:
- “git clone <url>”
- Now open it on your favorite IDE.
- We are using Static Credentials (Static credentials are long-lived credentials safely stored in GitHub Secrets. Terrateam recommends you rotate these credentials regularly) this time to enable the connection between our AWS account and Terrateam, which helps in plan and apply part of the Terraform configuration file.
For this step, we are following Terrateam’s official setup here.
You need AWS CLI installed on your system or you can run the following commands on your AWS shell.
Run the following commands after installing GitHub CLI in your local:
To create a user for Terrateam
aws iam create-user --user-name terrateam
Attach power user access policy to Terrateamuser user
aws iam attach-user-policy \
--policy-arn arn:aws:iam::aws:policy/PowerUserAccess \
--user-name terrateam
- Also, attach the Administrator Access policy to Terrateam users, it will help Terrateam to create EC2 and other services that are required by EKS
aws iam attach-user-policy \
--policy-arn arn:aws:iam::aws:policy/AdministratorAccess \
--user-name terrateam
Create an access key for the Terrateam user and save the output JSON in a separate file *“*aws iam create-access-key --user-name terrateam”
Export your Terraform organization/repo combination as an environment variable export REPO="<OWNER/REPO>"
Create the AWS Access Key ID GitHub Secret “gh secret --repo "$REPO" set AWS_ACCESS_KEY_ID” and put the ACCESS_KEY_ID that you stored in a separate file when prompted.
Create the AWS Secret Access Key GitHub Secret “gh secret --repo "$REPO" set AWS_SECRET_ACCESS_KEY” and put SECRET_ACCESS_KEY that you stored in a separate file when prompted.
All access is given by you at the end of this step.
- Start with setting up the module we are using for the Terraform configuration.
The module is taken from GitHub and is open to contributing as well.
First, create a folder named “AWS-EKS” to store all your Terraform configurations (provider and main file)
Next is to create a file in the folder “AWS-EKS” named provider and another file named main.
- Above is the “provider.tf” which has AWS provider information and a backend S3 bucker name and location to store our state files.
For the complete file (main.tf and provider.tf) visit our GitHub here.
The above configuration is for the “main.tf” file, which has a VPC module to enable incoming and outgoing for the EKS container to run, Also an EKS module is in the file that creates cluster and node groups to run our container on.
All configuration setup is done now.
- Next, set up the files that run the pipeline for you before pushing them to GitHub.
For this, we are following the official document by Terrateam, here.
Run the following commands in your terminal.
Create a .github/workflows directory
mkdir -p .github/workflows
Store the Terrateam GitHub Actions workflow file in the
.github/workflows directory
curl -L -o .github/workflows/terrateam.yml \
https://terrateam.io/.github/workflows/terrateam.yml
- Now push all the files to your main branch of the repo.
- Next, create a branch make changes, and push it to the repo.
Create a new branch in your repository git checkout -b terrateam-setup
Make small changes such as changing tags in the main.tf file to see the workflow of Terrateam, You can make as many changes as you want in your repo Terrateam will work on all types of changes you make on your configuration files.
- After pushing changes to the file, you can either create a pull request from GitHub UI manually or you can do it with a simple command:
Install GitHub CLI in your local before running this command:
gh pr create --fill
Now look into GitHub for the Terrateam magic.
- Check for “Pull Requests” in your GitHub repo.
- You will see one PR open here.
- You can see that the plan is done by Terrateam, and it’s ready to apply changes in the Infrastructure.
- Next, you just need to comment “terrateam apply” to apply changes in your AWS infrastructure.
- Now all your EKS cluster configurations are being made to your AWS account.
- Wait for a few minutes and let the Terrateam run and the pipeline to go green.
Next, we are doing some steps manually, you can do it with the pipeline as well, that is:
- Connecting EKS
aws eks update-kubeconfig --region <your_region> --name <your_cluster_name>
- Connecting EKS
- Apply your namespace file
kubectl apply -f mkdocs-ns.yml
- Apply deployment file
kubectl apply -f deployment.yml
- Apply service file
kubectl apply -f service.yml
Wait for a few minutes and let the server configure all the changes
After a couple of minutes, run
kubectl get svc -n mkdocs
to see the EXTERNAL-IP which in our case is DNS(Domain Name System).
- Copy the URL and write “http://*” at the beginning and port number “8000” at the end. example, **http://<url>:8000.* And run it on your browser, you will see our MKdocs application running on this domain.
Key Points
We installed Terrateam on our GitHub account.
We created a repository and cloned it on our local system.
We set up Static Credentials for Terrateam to work(CI/CD pipeline) on our AWS account.
Then, all configuration files were pushed to the main branch of the repository.
Later we created a branch and made some changes in the Terraform configuration file and pushed it.
We have seen all the checks in our Pull Request that were automatically run and picked up by Terrateam(plan and apply).
Then, our EKS has been deployed to our AWS account.
Finally, we manually deployed our MKdocs application on the EKS cluster.