Using Flux, a GitOps Tool, with Amazon Elastic Kubernetes Service (EKS) - Part 2

This is the second part of the series on Using Flux, a GitOps Tool, with Amazon Elastic Kubernetes Service (EKS). The first article discussed what GitOps and Flux are, what technologies we will use, the prerequisites and architecture overview, and the configuration and setup process.

In this part two article, we will be working on these tasks.

• Configure access to Amazon EKS Cluster
• Build and push Docker image to Amazon ECR
• Install GitOps and Flux CLI Tools
• Review script to configure Flux Repository
• Install Flux to the Amazon EKS Cluster

You can access all of the code used in my GitHub Repository.

Configure access to Amazon EKS Cluster

Amazon EKS Cluster details can be extracted from terraform output or by accessing the AWS Console to get the name of the cluster. This following command can be used to update the kubeconfig in your local machine where you run kubectl commands to interact with your EKS Cluster. Navigate to the root of the directory of the GitHub repo and run the following commands:

cd terraform

AWS_REGION=$(terraform output -raw aws_region)
EKS_CLUSTER_NAME=$(terraform output -raw eks_cluster_name)
aws eks --region $AWS_REGION update-kubeconfig --name $EKS_CLUSTER_NAME        

Results of configuring kubeconfig.

Create and Push Docker Image to Amazon ECR

Build the Docker Image

Set the variables needed to build and push your Docker image. Navigate to the root of the directory of the GitHub repo and run the following commands:

cd terraform

AWS_REGION=$(terraform output -raw aws_region)
ECR_REPO=$(terraform output -raw ecr_repo_url)        

To build the Docker image, run the following command:

cd ..

docker build --platform linux/amd64 --no-cache --pull -t ${ECR_REPO}:latest ./react-app        

Push the Docker Image to Amazon ECR

To push the Docker image to Amazon ECR, authenticate to your private Amazon ECR registry. To do this, run the following command:

aws ecr get-login-password --region $AWS_REGION | docker login --username AWS --password-stdin $ECR_REPO        

Once authenticated, run the following command to push your Docker image to the Amazon ECR repository:

docker push ${ECR_REPO}:latest        

Install Flux CLI and Weave GitOps CLI

Step 1. Install Flux CLI on macOS, and follow these instructions using?Homebrew. Install instructions for other methods can be found?here.

brew install fluxcd/tap/flux        

Step 2. Install Weave GitOps CLI on macOS, and follow these instructions using?Homebrew. Install instructions for other methods can be found?here.

brew tap weaveworks/tap
brew install weaveworks/tap/gitops        

Configure and Install Flux

Before configuring and installing Flux, we will review the "configure.sh" script and see what it does.

This first section of the "configure.sh" script gathers the AWS resources and names necessary to run the Kubernetes Applications and Services deployed by Flux.

echo "Gathering AWS resources and names necessary to run the Kubernetes Applications and Services deployed by Flux"

cd ../terraform
AWS_REGION=$(terraform output -raw aws_region)
EKS_CLUSTER_NAME=$(terraform output -raw eks_cluster_name)
EXTERNAL_DNS_DOMAIN_FILTER=$(terraform output -raw domain_filter)
SA_ALB_NAME=$(terraform output -raw eks_sa_alb_name)
SA_ALB_IAM_ROLE_ARN=$(terraform output -raw eks_sa_alb_iam_role_arn)
SA_EXTERNAL_DNS_NAME=$(terraform output -raw eks_sa_external_dns_name)
SA_EXTERNAL_DNS_IAM_ROLE_ARN=$(terraform output -raw eks_sa_external_dns_iam_role_arn)
SA_CLUSTER_AUTOSCALER_NAME=$(terraform output -raw eks_sa_cluster_autoscaler_name)
SA_CLUSTER_AUTOSCALER_IAM_ROLE_ARN=$(terraform output -raw eks_sa_cluster_autoscaler_iam_role_arn)
AWS_WEAVE_GITOPS_DOMAIN_NAME=$(terraform output -raw weave_gitops_domain_name)
AWS_ACM_WEAVE_GITOPS_ARN=$(terraform output -raw weave_gitops_acm_certificate_arn)
AWS_PODINFO_DOMAIN_NAME=$(terraform output -raw podinfo_domain_name)
AWS_ACM_PODINFO_ARN=$(terraform output -raw podinfo_acm_certificate_arn)
AWS_REACT_APP_DOMAIN_NAME=$(terraform output -raw react_app_domain_name)
AWS_ACM_REACT_APP_ARN=$(terraform output -raw react_app_acm_certificate_arn)
REACT_APP_GITHUB_URL="https://github.com/junglekid/aws-eks-fluxcd-lab"
ECR_REPO=$(terraform output -raw ecr_repo_url)        

The second section of the "configure.sh" script searches and replaces the variables with the actual values necessary to run the Kubernetes Applications and Services deployed by Flux.

This code block is just a snippet of code in this section. Please see the git repo for the complete code.

echo "Configuring Apps managed by FluxCD..."

cd ..
cp -f ./k8s/templates/apps/base/podinfo.yaml ./k8s/apps/base/podinfo.yaml
replace_in_file 's|AWS_PODINFO_DOMAIN_NAME|'"$AWS_PODINFO_DOMAIN_NAME"'|g' ./k8s/apps/base/podinfo.yaml
replace_in_file 's|AWS_ACM_PODINFO_ARN|'"$AWS_ACM_PODINFO_ARN"'|g' ./k8s/apps/base/podinfo.yaml

cp -f ./k8s/templates/apps/base/weave-gitops.yaml ./k8s/apps/base/weave-gitops.yaml
replace_in_file 's|AWS_WEAVE_GITOPS_DOMAIN_NAME|'"$AWS_WEAVE_GITOPS_DOMAIN_NAME"'|g' ./k8s/apps/base/weave-gitops.yaml
replace_in_file 's|AWS_ACM_WEAVE_GITOPS_ARN|'"$AWS_ACM_WEAVE_GITOPS_ARN"'|g' ./k8s/apps/base/weave-gitops.yaml
...        

The third and final section of the "configure.sh" script will push the changes to the Git repository.

echo "Pushing changes to Git repository..."

git add ./k8s/apps/base/podinfo.yaml
git add ./k8s/apps/base/weave-gitops.yaml
git add ./k8s/apps/base/react-app.yaml
git add ./k8s/apps/sources/react-app.yaml
git add ./k8s/infrastructure/addons/aws-load-balancer-controller.yaml
git add ./k8s/infrastructure/addons/external-dns.yaml
git add ./k8s/infrastructure/addons/cluster-autoscaler.yaml
git commit -m "Updating Apps"
git push        

Now that we have reviewed the "configure.sh" script follow these steps to configure and install Flux.

Step 1. Configure Variables needed to install Flux

export GITHUB_TOKEN='<REPLACE_WITH_GITHHUB_TOKEN>'
export GITHUB_USER='<REPLACE_WITH_GITHUB_USER>'
export GITHUB_OWNER='<REPLACE_WITH_GITHUB_OWNER>'
export GITHUB_REPO_NAME='<REPLACE_WITH_GITHUB_REPO_NAME>'        

Step 2. Configure Flux Repository by running the "configure.sh" script. The "configure.sh" script updates the various applications with the necessary values to run correctly. Navigate to the root of the directory of the GitHub repo and run the following commands:

cd scripts

./configure.sh
cd ..        

Step 3. Results of running the "configure.sh" script.

Step 4. Install Flux on the Amazon EKS Cluster.

flux bootstrap github \
  --components-extra=image-reflector-controller,image-automation-controller \
  --owner=$GITHUB_OWNER \
  --repository=$GITHUB_REPO_NAME \
  --private=false \
  --path=clusters/eks-fluxcd-lab \
  --personal        

Step 5. Results of installing Flux on the Amazon EKS Cluster.

In this article, we configured access to Amazon EKS Cluster and built and pushed the React App Docker image to Amazon ECR. We installed the GitOps and Flux CLI tools. Finally, we reviewed the "configure.sh" script to configure Flux Repository, ran the "configure.sh" script, and installed Flux on the Amazon EKS Cluster.

Please stay tuned for the final and part 3 of the series, where we will complete the following tasks.

• Folder Structure of Flux Git Repository
• Weave GitOps - A Flux Web User Interface
• Review the Addons and Applications managed by Flux
• Access the Applications managed by Flux
• Demonstrate how Flux works
• Clean up apps and infrastructure