Manage AWS services directly from Kubernetes ☸️
Using Kubernetes in production often requires integration with various AWS services such as S3, RDS, SQS, etc. Developers or Kubernetes cluster admins have had to manage the containerized application and the associated AWS services separately.
To solve this complexity, the AWS team has released the ACK project, which allows users to control both the application and AWS services from a single location using the Kubernetes CLI.
*AWS Controllers for Kubernetes (ACK) *⤵️
AWS Controllers for Kubernetes (ACK) is an open-source project which defines a framework to build custom controllers (or Kubernetes Operators) for AWS services. Developers or cluster admins can define, create, deploy, control, update, delete, and manage Amazon services directly from within Kubernetes clusters using these custom controllers.
ACK controllers now allow centralized management through the Kubernetes CLI. You can now manage both Kubernetes-native applications and the associated AWS services, using the same Kubernetes API.
🚀 Demo : Creating S3 Bucket From Kubernetes
🚀 Install the ACK service controller for S3 with helm
Before installing a Helm chart, you must first make the Helm chart available on the deployment host. To do so, use the helm pull command and then extract the chart:
export HELM_EXPERIMENTAL_OCI=1 export HELM_EXPERIMENTAL_OCI=1 export SERVICE=s3 export RELEASE_VERSION=`curl -sL https://api.github.com/repos/aws-controllers-k8s/s3-controller/releases/latest | grep '"tag_name":' | cut -d'"' -f4` export CHART_EXPORT_PATH=/tmp/chart export CHART_REF=$SERVICE-chart export CHART_REPO=public.ecr.aws/aws-controllers-k8s/$CHART_REF export CHART_PACKAGE=$CHART_REF-$RELEASE_VERSION.tgz mkdir -p $CHART_EXPORT_PATH helm pull oci://$CHART_REPO --version $RELEASE_VERSION -d $CHART_EXPORT_PATH tar xvf $CHART_EXPORT_PATH/$CHART_PACKAGE -C $CHART_EXPORT_PATH
Once the Helm chart is downloaded and exported, you can install a particular ACK service controller using the helm install command:
export ACK_SYSTEM_NAMESPACE=ack-system export AWS_REGION=us-west-2 helm install --create-namespace --namespace $ACK_SYSTEM_NAMESPACE ack-$SERVICE-controller \ --set aws.region="$AWS_REGION" \ $CHART_EXPORT_PATH/$SERVICE-chart
The commands above set the target service region of the S3 controller to us-west-2. Be sure to specify your target service region in the AWS_REGION variable. This will be the default AWS region in which resources will be created by the ACK service controller.
🚀 Configuring credentials
There are multiple ways in which you can configure an ACK service controller to use a particular set of AWS credentials:
Web identity token file (recommended) #
Shared credentials file
Access key and secret access key environment variables
in our case, we will use the third method.
Use access key and secret access key environment variables
you set manually the AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY environment variables on the ACK service controller’s Pod:
kubectl -n ack-system set env deployment/ack-s3-controller-s3-chart \ AWS_ACCESS_KEY_ID="$AWS_ACCESS_KEY_ID" \ AWS_SECRET_ACCESS_KEY="$AWS_SECRET_ACCESS_KEY"
🚀 Create an ACK Resource
⚡️ Create a S3 Bucket
Create and apply the manifest ⤵️
✔️ Check created S3Bucket
➡️ Using ACK to create AWS resources is a huge plus for those who love managing AWS resources via k8s manifests within the Kubernetes Cluster.
— — — — — — — — — — — — — — — — — — — — — — — — — — — — OMAR
Top comments (0)