Joget on Amazon Elastic Kubernetes Service

Deploying Joget on Amazon Elastic Kubernetes Service (EKS) provides a robust and scalable environment for managing business applications. Amazon EKS simplifies the process of running Kubernetes, a powerful container orchestration platform, without the need to install, operate, and maintain your own Kubernetes control plane or nodes. This integration offers several benefits:

Scalability: EKS automatically scales your application depending on the load, ensuring efficient resource utilization.
High Availability: EKS is designed for fault tolerance and high availability, minimizing potential downtime and ensuring your Joget applications are always running.
Security: Leveraging AWS's secure infrastructure, configurations are optimized to maintain security standards and protect your data and processes.
Simplified Management: With EKS, the complexity of managing a Kubernetes cluster is significantly reduced, enabling you to focus more on deploying and improving your applications rather than infrastructure management.

Prerequisites

Before you begin, ensure you have these CLI tools installed:

AWS CLI
Terraform
Kubectl
Helm (optional, for deployment from AWS Marketplace)
eksctl (optional, for deployment from AWS Marketplace)

Ensure that you have configured AWS CLI with access keys or an assumed role with sufficient permissions and also downloaded Terraform Infrastructure as Code (IaC). Otherwise, download the joget-terraform.zip file.

Configuring terraform remote backend

This section details configuring a remote backend using AWS services to store your Terraform state. This process ensures your infrastructure provisioning with Terraform is reliable, secure, and manageable.

This Terraform configuration provisions the minimal required infrastructure for Joget. You may need to adjust various parameters to suit your specific environment. For detailed guidance, see the official AWS and HashiCorp Terraform documentation.

Create a terraform.tfvars file within the backend directory of your Terraform project.
Ensure the following variable is declared in the file:

App Name
app_name="<your-app-name>
Run the following command to initialize Terraform, which prepares your directory for other commands:
```
terraform init
```
Optionally, you can run the following command to see the resources Terraform plans to deploy:
```
terraform plan
```
To apply the Terraform configuration and create the infrastructure, execute:
```
terraform apply -auto-approve
```
After applying the initial Terraform configuration:
Go to the infrastructure directory and open the main.tf file.

Locate the Terraform backend settings block:

backend "s3" {
    bucket         = "xxx"
    key            = "terraform.infrastructure.tfstate"
    region         = "xxx"
    dynamodb_table = "xxx"
}

Replace xxx with your specific AWS service details as configured in steps 1-5.

This process will create a local Terraform state. The remote state will only apply for infrastructure.

Deploying AWS infrastructure

Create a terraform.tfvars file and ensure all necessary variables are included for your infrastructure set up.

app_name=”<your-app-name>”
cluster_name=”<your-eks-cluster-name>”
rds_username=”<your-rds-username>”
rds_password=”<your-rds-password>”

Run terraform init to initialize the Terraform working directory.
Run terraform plan to preview the changes Terraform will apply. (optional)
Run terraform apply -auto-approve to create the infrastructure.

Note: This step may take between 20 to 30 minutes.

Core services and resource deployed

These are the core services and resources (non exhaustive) list deployed from Terraform:

Virtual Private Cloud (VPC)
Elastic Kubernetes Service (EKS)
Elastic File System (EFS)
Relational Database System (RDS) - Serverless
Helm Charts:
- AWS Load Balancer Controller
- AWS EFS CSI Driver
EC2 Servers - Created through EKS provisioning

Deploying Joget DX 8

Download the joget-dx8-tomcat9-deployment.yaml file (Kubernetes manifest).
Modify the fileSystemId in StorageClass to the one that has been deployed through terraform from prior steps.
Run kubectl apply -f joget-dx8-tomcat9-deployment.yaml to deploy Joget DX 8.
Run kubectl get pods -A to check the status of the containers.
The manifest file creates a Storage Class with EFS CSI as provisioner which will dynamically create a Persistent Volume.

Accessing Joget through Load Balancer

Accessing your Joget application through a Kubernetes-managed AWS Load Balancer involves a series of steps that ensure secure and efficient connectivity.

To locate the DNS of the load balancer created by Kubernetes, run the following command:
```
kubectl get ingress -A
```
You will see an address in the Address column, similar to:

k8s-namespace-RANDOM-STRING.REGION.elb.amazonaws.com
Use the Address obtained in the previous step and go to /jw. This will redirect you to the database setup page.
Enter your database information on the provided page.

Ensure to use the writer endpoint when setting up the Joget database, leveraging the RDS Aurora Serverless included in your Terraform infrastructure.
Click Save and wait for the database configuration to complete.
Once finished, click Done to be redirected to Joget's main page.

Troubleshooting Common Issues

Several common issues can arise when deploying and managing cloud infrastructure, mainly when using tools like Terraform, Kubernetes, and services from the AWS Marketplace. This section outlines typical problems you may encounter, including errors related to AWS credential management, Kubernetes cluster access, and AWS Marketplace deployments. For each type of error, we provide a clear explanation of the issue, along with step-by-step solutions to help you resolve the problem efficiently and effectively.

Terraform Errors

Error: error configuring S3 Backend: no valid credential sources for S3 Backend found
- Cause: You may have not set up your AWS Credentials yet, or if you are assuming the role, your session may have expired.
- Solution: Run aws configure and enter your access keys, or export the access keys to your terminal environment. You may also try assuming the role again to obtain new session credentials.

Kubernetes/EKS Errors

- Unable to locate credentials. You can configure credentials by running "aws configure"
  - Cause: You may have not setup your AWS Credentials yet, or if you are assuming role, your session may have expired.
  - Solution: Similar to the Terraform error, run aws configure and enter your access keys, or export the access keys to your terminal environment. You may also try assuming the role again to obtain new session credentials.
- You must be logged in to the server (Unauthorized):
  - Cause: This happens when you are using different credentials - different users or roles to access the cluster. If you are the cluster creator, you should be able to access the cluster
  - Solution:
    1. In the Terraform Iac, go to infrastructure/compute/eks/eks.tf
    2. Under the module eks, add the following:
      - If you are using users credential
        
        aws_auth_users= [ { userarn = "arn:aws:iam::<account-id>:user/<username>" username = "<username>" groups = ["system:masters"] } ]
      - If you are using roles, you may append the aws_auth_roles block like so:
        
        { rolearn = “arn:aws:iam::<account-id>:role/<role-name>” username = "<role-name>" groups = ["system:masters"] }

AWS Marketplace Issues

Quicklaunch: CloudFormation Stack Creation Failed:
- Cause: There can be numerous reasons the stack can fail. But the most common and important reason is the Helm chart failed to be deployed.
- Solution: Check the reason for the error from the CloudFormation console > Quicklaunch stack > Helm stack in the reason column.

Created by Julieth Last modified by Aadrian on Dec 13, 2024

Tags:

Previous Joget on AWS Marketplace NextJoget on Azure Marketplace