Deploy AWS EC2 Instances with Meshery
Introduction
Meshery is a powerful multi-cloud management platform that enables you to configure, deploy, and manage AWS resources, such as EC2 instances. In order to manage AWS resources, Meshery uses AWS Controllers for Kubernetes (ACK). ACK facilitates the bridge between Kubernetes and AWS services, enabling Meshery to manage AWS resources and Meshery enabling you to benefit from the enhanced experience that Meshery and its extensions offer.
Meshery has a number of extensions, adapters, and plugins. In this tutorial, we will use the Kanvas extension to provide an intuitive, visual experience for configuring and deploying an AWS EC2 instance. Among other aspects, Kanvas provides an alternative to command-line tools like kubectl
by offering infrastructure as design. Once you connect your Kubernetes cluster to Meshery, you can configure, deploy, and manage AWS resources directly from the Kanvas interface, making deployments more intuitive and collaborative
In this guide, you’ll explore how to deploy AWS resources, including setup and architecture details. This guide also covers how to access pre-configured designs from Meshery Catalog and demonstrates how to visualize deployed resources using Kanvas’ operator mode, offering a comprehensive understanding of AWS resource management.
Prerequisites
- Self Hosted Meshery Installation.
- AWS Account: An active AWS account is required for accessing AWS resources.
- Kubernetes Cluster: A running Kubernetes cluster, such as Minikube or EKS.
Table of Contents
- Overview of Deployment Steps
- Connect your Kubernetes Cluster to Meshery
- Configure and Deploy the EC2 Controller
- Deploy the VPC Workflow
- Deploy EC2 Instance
- Conclusion
Overview of Deployment Steps
1. Integrate Your Kubernetes Cluster with Meshery
Begin by connecting your Kubernetes cluster to Meshery, establishing the foundation for interaction with AWS resources via ACK.
2. Set Up Essential AWS Resources
Use Meshery to deploy foundational resources such as VPCs, subnets, and other networking components necessary for your EC2 instance within AWS.
3. Verify and Monitor Deployment
Once deployment is complete, verify the EC2 instances via the AWS Management Console or Meshery’s visualization mode, where you’ll gain an interactive view of your deployed resources.
1. Connect your Kubernetes Cluster to Meshery
To begin, connect your Kubernetes cluster to Meshery. This guide uses minikube
, which supports two deployment options for Meshery:
-
In-Cluster Deployment: Deploys Meshery within the Kubernetes cluster using Helm inside the meshery namespace.
-
Out-of-Cluster Deployment: Runs Meshery in Docker containers, allowing external connectivity to the Minikube cluster.
For this guide, the in-cluster deployment
method is used. Follow this setup guide for Meshery on Minikube to deploy Meshery in-cluster. After the deployment, open the Meshery UI at localhost:9081
to verify that the cluster is listed. Click on the cluster name to ping and confirm connectivity.
2. Configure and Deploy the EC2 Controller
In this section, you will set up the EC2 controller and configure it to connect to your AWS account. This process involves creating a Kubernetes secret that contains your AWS access keys and configuring the controller pod to consume this secret. While these configurations are already included in our designs, the steps will be demonstrated for clarity.
-
Clone the EC2 Controller Design: Start by cloning the EC2 controller design from the catalog. To do this, click on Clone on the catalog page. Once cloned, open the design in the playground, and you will see it displayed on the Kanvas.
-
Set the Deployment Namespace: This design has been configured to be deployed in the
ack-system
namespace.
This EC2 controller design includes:
- The EC2 Controller Pod: This runs the main EC2 controller. This pod is responsible for managing the lifecycle of EC2 instances and their associated resources.
- Custom Resource Definitions (CRDs): These CRDs define the desired state of various AWS resources, such as VPCs, subnets, NAT gateways, and other networking components.By utilizing these CRDs, the EC2 controller can interact with the AWS API to create, update, and manage these resources.
- Service Account: The service account associated with the controller pod has the necessary IAM permissions. These permissions allow the controller to perform essential functions, such as creating and managing AWS resources.
- AWS Credentials secret: The AWS credentials secret stores your AWS access keys and secret access keys securely. This secret is essential for authenticating the AWS controller with your AWS account.
Configure the AWS Secret
To connect the EC2 controller to AWS, create a Kubernetes secret containing your AWS credentials.
-
Double-click the Secret component to open its configuration.
-
Under Data, add the base 64 encoded values of your AWS keys.
- AWS_ACCESS_KEY_ID:
<base64-encoded-key>
- AWS_SECRET_ACCESS_KEY:
<base64-encoded-secret>
Encode your AWS key and secret with a base64 encoder, then enter them in the configuration.
- AWS_ACCESS_KEY_ID:
Configure the EC2 Controller Pod to Use the Secret
While this step is already handled in the design, but it’s worth clarifying how the controller pod connects to the secret through environment variables.
-
Double-click the EC2 controller pod to open its configuration tab.
-
In the Containers section, scroll to env and click the + to add two environment variables:
- AWS_ACCESS_KEY_ID: For the name, put in
AWS_ACCESS_KEY_ID
, click on thesecret Key Ref
dropdown and put in the key asAWS_ACCESS_KEY_ID
and the secret resource name asaws_creds
. - AWS_SECRET_ACCESS_KEY: Set the
AWS_SECRET_ACCESS_KEY
similarly, using the same secret key reference.
- AWS_ACCESS_KEY_ID: For the name, put in
Deploy EC2 Controller Design
After configuring your design, the next step is deployment. To learn more about deploying your designs in Meshery, see Deploying Meshery Designs. To deploy the resources, follow these steps:
-
Click the Actions button at the top of the Kanvas and click Deploy.
-
Once the deployment is complete, click Open in Visualizer to switch to Operator mode and see a pre-filtered view of your just deployed resources in the cluster. Alternatively, you can click Operate at the top of the Kanvas to enter Operater mode.
To get the filtered view shown above, click the filter icon and adjust the following settings:
- For
view Selector
selectsingle namespace
- For
Kinds
selectDeployment, Pod, secret
- For
namspace
selectack-system
3. Deploy the VPC Workflow
This step involves deploying all the necessary resources to create the VPC and other networking components for the EC2 instance. The resources included in this network toplology include:
- 1 VPC
- 1 Internet Gateway
- 1 NAT Gateway
- 1 Elastic IP
- 2 Route Tables (Public and Private)
- 2 Subnets (1 Public, 1 Private)
- 1 Security Group
-
Start by cloning the design from the catalog.
-
Once cloned, open the design in the playground, and you will see it displayed on the Kanvas.
-
You can adjust CIDR blocks, region, and other parameters as needed through the configuration tab. This design is configured to be deployed in the
us-east-1
region. -
Click the Actions button to deploy.
-
After deployment, verify the setup in your AWS Management Console.
4. Deploy EC2 Instance
With the VPC and networking resources set up, deploy the EC2 instances within the VPC using the following steps.
-
Clone the EC2 instances design from the catalog.
-
Open the design on the Playground and deploy the instances.
-
Navigate to the AWS Management Console to confirm the instances’ successful deployment.
Conclusion
This guide covered the steps to deploy and manage EC2 instances using Meshery. It demonstrated how to leverage pre-configured catalog designs, configure and deploy resources, set up the controller and necessary secrets, configure VPC networking resources, and ultimately deploy the EC2 instances. It also showed how to visualize Kubernetes resources using Kanvas’s operator mode. This process highlights the ease of managing AWS resources visually through Meshery’s Kanvas interface, eliminating the need for CLI commands.
Suggested Reading
- Deploying Apache Cassandra with a StatefulSet in Meshery Playground - Deploy Apache Cassandra with a StatefulSet using Meshery Playground in an interactive live cluster environment.
- Exploring Kubernetes CronJobs - In this tutorial, we will explore how to use Meshery Playground, an interactive live cluster environment, to perform hands-on labs for managing Kubernetes CronJobs.
- Understanding Kubernetes ConfigMaps and Secrets with Meshery - In this tutorial, we will explore how to effectively use Kubernetes ConfigMaps and Secrets for managing configuration data and sensitive information. Leveraging Meshery Playground, an interactive live cluster environment, we'll perform hands-on labs to understand the practical aspects of working with ConfigMaps and Secrets in Kubernetes.
- Exploring Kubernetes Pods with Meshery - Explore Kubernetes Pods using Meshery in an interactive live cluster environment, through a series of hands-on excercises.
- Publishing Meshery Designs to ArtifactHub - Step by step example for how to export Meshery Designs and publish them to an ArtifactHub repository.
- Deploying WordPress and MySQL with Persistent Volumes with Meshery - Deploy a WordPress site and a MySQL database with Persistent Volumes using Meshery Playground in an interactive live cluster environment.