The following guide will show steps to deploy Joget on EKS using Terraform
Prerequisites
- Ensure that you have these CLI tools installed:
- Configured AWS CLI with Access Keys or assumed role with sufficient permissions
- You have downloaded the Terraform IaC from here
Configuring Terraform Remote Backend
Disclaimer: The Terraform code provisions the minimum required infrastructure. You may have to modify some of the parameters to ensure that it is working in your environment. You may refer to the official AWS and Hashicorp documentation for more details
- Create a terraform.tfvars file in the backend directory and ensure the following variables are included
app_name=”<your-app-name>”
- Run terraform init
- Run terraform plan to observe the resources that will be deployed (optional)
- Once verified, run terraform apply -auto-approve
- Once the backend has been deployed, go to the infrastructure directory and open main.tf
- Find the block:
backend "s3" {
bucket = "xxx"
key = "terraform.infrastructure.tfstate"
region = "xxx"
dynamodb_table = "xxx"
}
- Fill in the marked with xxx with the ones that you have created on step 1 - 5
Note: This process will create a local Terraform state. The remote state will only apply for infrastructure
Deploying AWS Infrastructure
- Create a terraform.tfvars file and ensure the following variables are included
app_name=”<your-app-name>”
cluster_name=”<your-eks-cluster-name>”
rds_username=”<your-rds-username>”
rds_password=”<your-rds-password>”
- Run terraform init
- Run terraform plan to observe the resources that will be deployed (optional)
- Once verified, run terraform apply -auto-approve
Note: This step will take some time, around 20-30 minutes
Deploying Joget DX 8
- Download the Kubernetes manifest here
- Run kubectl apply -f joget-dx8-tomcat9-deployment.yaml
- Wait for the containers to initialize. Run kubectl get pods -A to obtain the status of the pods
Accessing Joget through Load Balancer
- Run kubectl get ingress -A. You should see the DNS under Address column like so:
k8s-namespace-RANDOM-STRING.REGION.elb.amazonaws.com
- Use the Address and go to /jw. It will redirect you to the database setup
- Input your database information on the above page
Note: The Terraform IaC has RDS Aurora Serverless included in the Infrastructure and as such, it will be deployed alongside the EKS. You may use the RDS to better synergize with the VPC configuration
- Click Save. Wait for the database to be setup
- Once the setup is complete, click Done. It will redirect you to the Joget main page
Common Errors
Terraform
- Error: error configuring S3 Backend: no valid credential sources for S3 Backend found.
- You may have not setup your AWS Credentials yet, or if you are assuming role, your session may have expire
- Solution: Run aws configure and input the Access Keys or export the Access Keys into your terminal environment or assume the previous role once again to get new session credentials
Kubernetes/EKS
- Unable to locate credentials. You can configure credentials by running "aws configure".
- You may have not setup your AWS Credentials yet, or if you are assuming role, your session may have expire
- Solution: Run aws configure and input the Access Keys or export the Access Keys into your terminal environment or assume the previous role once again to get new session credentials
- You must be logged in to the server (Unauthorized)
- This happens when you are using different credentials - different users or roles to access the cluster. If you are the cluster creator, you should be able to access the cluster
- Solution:
- In the Terraform Iac, go to infrastructure/compute/eks/eks.tf
- Under the module “eks”, add the following
- If you are using users credential:
aws_auth_users= [
{
userarn = "arn:aws:iam::<account-id>:user/<username>"
username = "<username>"
groups = ["system:masters"]
}
]
- If you are using roles, you may append the aws_auth_roles block like so:
{
rolearn = “arn:aws:iam::<account-id>:role/<role-name>”
username = "<role-name>"
groups = ["system:masters"]
}