Setup Central Instance Infra
Overview
This page provides the step-by-step process for setting up the central-instance infra.
Pre-reads
Know about EKS: https://www.youtube.com/watch?v=SsUnPWp5ilc
Know about Taints and Tolerations https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/
Know about node-affinity https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity
Know what is terraform: https://youtu.be/h970ZBgKINg
Pre-requisites
AWS account with admin access to provision EKS Service, you can always subscribe to a free AWS account to learn the basics and try, but there is a limit to what is offered as free, for this demo you need to have a commercial subscription to the EKS service.
Install terraform version (0.14.10) for the Infra-as-code (IaC) to provision cloud resources as code and with desired resource graph and also it helps to destroy the cluster in one go.
Install kubectl on your local machine which helps you interact with the Kubernetes cluster
Install Helm that helps you package the services along with the configurations, environments, secrets, etc into a kubernetes manifests
Install AWS CLI on your local machine so that you can use AWS CLI commands to provision and manage the cloud resources on your account.
Install AWS IAM Authenticator which helps you authenticate your connection from your local machine so that you should be able to deploy DIGIT services.
Use the AWS IAM User credentials provided for the Terraform (Infra-as-code) to connect to your AWS account and provision the cloud resources.
You'll get a Secret Access Key and Access Key ID. Save them safely.
Open the terminal and run the following command. The AWS CLI is already installed and the credentials are saved. (Provide the credentials and you can leave the region and output format blank).
aws configure --profile central-instance-account AWS Access Key ID []:<Your access key> AWS Secret Access Key []:<Your secret key> Default region name []: ap-south-1 Default output format []: text
The above will create the following file In your machine as /Users/.aws/credentials
[mgramseva-infra-account] aws_access_key_id=*********** aws_secret_access_key=****************************
Before we provision the cloud resources, we need to understand and be sure about what resources need to be provisioned by Terraform to deploy DIGIT. The following picture shows the various key components. (EKS, Worker Nodes, Postgres DB, EBS Volumes, Load Balancer).
The following are the resources that we are going to provision using Terraform in a standard way so that every time and for every environment, it'll have the same infra.
EKS Control Plane (Kubernetes Master)
Work node group (VMs with the estimated number of vCPUs and memory)
Node-Groups
EBS Volumes (persistent volumes)
RDS (Postgresql)
VPCs (private network)
Users to access, deploy and read only
Provisioning Central Instance Infra Using Terraform
Fork the DIGIT-DevOps repository into your organization account using the GitHub web portal. Make sure to add the right users to the repository. Clone the forked DIGIT-DevOps repository. Navigate to the sample-central-instance
directory which contains the sample AWS infra provisioning script.
git clone --branch release https://github.com/egovernments/DIGIT-DevOps.git
cd DIGIT-DevOps/infra-as-code/terraform/sample-central-instance/remote-state
cd DIGIT-DevOps/infra-as-code/terraform/sample-central-instance/
terraform init
terraform plan
terraform apply
Last updated
Was this helpful?