DEV Community

OMAR EL AALLAOUI for AWS Community Builders

Posted on

Manage AWS services directly from Kubernetes ☸️

Manage AWS services directly from Kubernetes ☸️

Using Kubernetes in production often requires integration with various AWS services such as S3, RDS, SQS, etc. Developers or Kubernetes cluster admins have had to manage the containerized application and the associated AWS services separately.

To solve this complexity, the AWS team has released the ACK project, which allows users to control both the application and AWS services from a single location using the Kubernetes CLI.

*AWS Controllers for Kubernetes (ACK) *⤵️​

AWS Controllers for Kubernetes (ACK) is an open-source project which defines a framework to build custom controllers (or Kubernetes Operators) for AWS services. Developers or cluster admins can define, create, deploy, control, update, delete, and manage Amazon services directly from within Kubernetes clusters using these custom controllers.

ACK controllers now allow centralized management through the Kubernetes CLI. You can now manage both Kubernetes-native applications and the associated AWS services, using the same Kubernetes API.

🚀 Demo : Creating S3 Bucket From Kubernetes

🚀 Install the ACK service controller for S3 with helm

Before installing a Helm chart, you must first make the Helm chart available on the deployment host. To do so, use the helm pull command and then extract the chart:

export HELM_EXPERIMENTAL_OCI=1

export HELM_EXPERIMENTAL_OCI=1 
export SERVICE=s3 
export RELEASE_VERSION=`curl -sL https://api.github.com/repos/aws-controllers-k8s/s3-controller/releases/latest | grep '"tag_name":' | cut -d'"' -f4` 
export CHART_EXPORT_PATH=/tmp/chart 
export CHART_REF=$SERVICE-chart 
export CHART_REPO=public.ecr.aws/aws-controllers-k8s/$CHART_REF export CHART_PACKAGE=$CHART_REF-$RELEASE_VERSION.tgz  
mkdir -p $CHART_EXPORT_PATH  
helm pull oci://$CHART_REPO --version $RELEASE_VERSION -d $CHART_EXPORT_PATH 
tar xvf $CHART_EXPORT_PATH/$CHART_PACKAGE -C $CHART_EXPORT_PATH
Enter fullscreen mode Exit fullscreen mode

Once the Helm chart is downloaded and exported, you can install a particular ACK service controller using the helm install command:

export ACK_SYSTEM_NAMESPACE=ack-system 
export AWS_REGION=us-west-2  
helm install --create-namespace --namespace $ACK_SYSTEM_NAMESPACE ack-$SERVICE-controller \     
--set aws.region="$AWS_REGION" \     
$CHART_EXPORT_PATH/$SERVICE-chart
Enter fullscreen mode Exit fullscreen mode

The commands above set the target service region of the S3 controller to us-west-2. Be sure to specify your target service region in the AWS_REGION variable. This will be the default AWS region in which resources will be created by the ACK service controller.

🚀 Configuring credentials

There are multiple ways in which you can configure an ACK service controller to use a particular set of AWS credentials:

  • Web identity token file (recommended) #

  • Shared credentials file

  • Access key and secret access key environment variables

in our case, we will use the third method.

Use access key and secret access key environment variables

you set manually the AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY environment variables on the ACK service controller’s Pod:

kubectl -n ack-system set env deployment/ack-s3-controller-s3-chart
\     
AWS_ACCESS_KEY_ID="$AWS_ACCESS_KEY_ID" \     AWS_SECRET_ACCESS_KEY="$AWS_SECRET_ACCESS_KEY"
Enter fullscreen mode Exit fullscreen mode

🚀 Create an ACK Resource

⚡️ Create a S3 Bucket

Create and apply the manifest ​​​⤵️



✔️ Check created S3Bucket

-

Conclusion

➡️ Using ACK to create AWS resources is a huge plus for those who love managing AWS resources via k8s manifests within the Kubernetes Cluster.

— — — — — — — — — — — — — — — — — — — — — — — — — — — — OMAR

Top comments (0)