Uncategorized

Deploy GitOps configurations on EKS

This post is part of the Azure Arc for Kubernetes series, in this post, we will create Helm-based GitOps configuration on a Elastic Kubernetes Service (Amazon EKS) cluster which is connected as an Azure Arc connected cluster resource.

GitOps for Kubernetes is the practice of declaring the desired state of Kubernetes cluster configurations (deployments, namespaces, etc.) in a Git repo. The Git repository can contain YAML manifests (describing any valid Kubernetes resources, including Namespaces, ConfigMaps, Deployments, DaemonSets, etc.) and Helm charts for deploying applications. This declaration is followed by a polling and pull-based deployment of these cluster configurations using an operator. Flux, a popular open-source tool in the GitOps space, can be deployed on the Kubernetes cluster to ease the flow of configurations from a Git repository to a Kubernetes cluster.

Configurations architecture
conceptual-configurations.png (2252×1088) (microsoft.com)

We will deploy & attach 2 GitOps configuration to your cluster, a cluster-level config to deploy nginx-ingress controller and a namespace-level config to deploy the “Hello Arc” web application in your Kubernetes cluster.

Prerequisites:

Deployment:

  • Currently no GitOps configuration exist on the EKS cluster.
  • Set environment variables for the Azure, ARC and repo
export spappId='<Service Principal App ID>'
export spsecret='<Service Principal Client Secret>'
export tenantId='<Tenant ID>'
export resourceGroup='zc-arc-series'
export arcClusterName='zc-aws-eks-01-arc'
export appClonedRepo='https://github.com/zaidmohd/hello_arc'
  • Deploy Cluster-level config to deploy nginx-ingress controller Helm chart
    • The nginx-ingress controller (a Cluster-level component) will be deployed with 3 replicas to the cluster-mgmt namespace.
az k8s-configuration create \
--name nginx-ingress \
--cluster-name $arcClusterName --resource-group $resourceGroup \
--operator-instance-name cluster-mgmt --operator-namespace cluster-mgmt \
--enable-helm-operator \
--helm-operator-params='--set helm.versions=v3' \
--repository-url $appClonedRepo \
--scope cluster --cluster-type connectedClusters \
--operator-params="--git-poll-interval 3s --git-readonly --git-path=releases/nginx"
Note: For the purpose of this guide, notice how the “git-poll-interval 3s” is set. The 3 seconds interval is useful for demo purposes since it will make the git-poll interval to rapidly track changes on the repository but it is recommended to have longer interval in your production environment
  • The helm chart deploys the Cluster-level config “nginx-ingress” at cluster scope
  • The Cluster level config initiates the Flux nginx-ingress pods and service deployment. Get the details below.
kubectl get pods,svc -n cluster-mgmt
  • Confirm the config deployed on the Azure portal. It takes few min for the configuration change it’s “Operator State” from “Pending” to “Installed”
  • Deploy Namespace-level config to deploy the “Hello Arc” application Helm chart
    • The “Hello Arc” application (a Namespace-level component) will be deployed with 1 replica to the prod namespace.
az k8s-configuration create \
--name hello-arc \
--cluster-name $arcClusterName --resource-group $resourceGroup \
--operator-instance-name hello-arc --operator-namespace prod \
--enable-helm-operator \
--helm-operator-params='--set helm.versions=v3' \
--repository-url $appClonedRepo \
--scope namespace --cluster-type connectedClusters \
--operator-params="--git-poll-interval 3s --git-readonly --git-path=releases/prod"
  • The helm chart deploys the Namespace-level config to deploy the demo “Hello Arc” application
  • The Cluster level config initiates the Flux nginx-ingress pods and service deployment. Get the details below.
kubectl get ing,pods,svc -n prod
  • Confirm the config deployed on the Azure portal.

Test “Hello Arc” application GitOps flow

  • Run below command to watch the pods status
kubectl get pods -n prod -w
  • Browse to the forked repo yaml (hello_arc/releases/prod/hello-arc.yaml)
  • Browse to the External IP of the Hello Arc application, get the details below
kubectl get svc -n prod
  • Change the Replica count and the Message in the yaml. Commit the changes.
  • After committing the changes, new pods are created and old pods terminated to match the replica count, showing the rolling upgrade is completed and the GitOps flow is successful
  • Refresh the Hello Arc application (You can use Auto refresh extensions for the browser to see real time change to the app)

Reference: EKS cluster Terraform plan | Azure Arc Jumpstart

1 thought on “Deploy GitOps configurations on EKS”

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s