Nothing Special   »   [go: up one dir, main page]

Skip to content

Latest commit

 

History

History
80 lines (53 loc) · 2.89 KB

README.md

File metadata and controls

80 lines (53 loc) · 2.89 KB

Flightdeck for AWS

Flightdeck for AWS consists of Terraform modules to provision AWS resources and configuration for clusters as well as Helm charts and configuration to install necessary resources into provisioned clusters.

AWS Architecture

Prerequisites

Before installing, you will need:

  • An AWS account or organization. An organization is recommend to facilitate multi-account setup and single sign-on.
  • AWS credentials with administrative access to each account.
  • A Terraform state backend in each account. If you don't have state backends yet, You can use our Cloudformation template to provision them.

Deployment

You can deploy Flightdeck in your AWS organization by applying the major modules in order.

We recommend separate clusters for pre-production and production. Each cluster will need a network, ingress stack, cluster, and the Flightdeck platform. We also recommend isolating the stack for each stage into its own AWS account.

Network

Flightdeck requires a VPC with public and private subnets. The VPC and subnets must be tagged following the conventions of the Kubernetes AWS cloud provider.

You can use the same VPC for multiple clusters by using more than one cluster tag. We recommend using separate VPCs for production and pre-production.

You can create a VPC and all required resources following the required conventions and our recommended best practices using the network module. If you have an existing VPC you'd like to use, make sure your VPC and its subnets have the appropriate tags.

Ingress

Flightdeck uses application load balancers to route public traffic to the cluster. You can reuse the same load balancer for multiple clusters, but each cluster will require its own target group. You can provision a load balancer and target groups using the ingress module.

Cluster

Flightdeck deploys on top of AWS EKS. We recommend using separate EKS clusters for production and pre-production. You can provision the required AWS resources including an EKS cluster using the cluster module.

Platform

Flightdeck contains pre-configured Helm charts for SRE. You can deploy the platform in your clusters using the platform module.

Service Account Roles

In order for pods running in your cluster to access AWS resources, you will need to create IAM roles in your AWS accounts and service accounts in your cluster. You can use the included service account role module to create roles that work with clusters created using Flightdeck.