Code for How to Deploy Django to Kubernetes: Part 2 YouTube live stream.
- How to setup Kubernetes (EKS) using Terraform
- How to setup an RDS database that can be used from EKS
- How to setup EFS for persistent data storage
- How to Deploy a Django app which supports the Django admin and static media files.
- Terraform
- aws-vault for AWS authentication
- Docker for building and pushing Docker images
- Kubernetes CLI (kubectl)
- Helm
- AWS account
Useful commands used in the tutorial.
Initialise terraform (required after adding new modules):
terraform initPlan terraform (see what changes will be made to resources):
terraform planApply Teraform (make changes to resources after confirmation):
terraform applyDestroy resources in Terraform (removes everything after confirmation):
terraform destroyConfigure local EKS CLI to use cluster deployed by Terraform
aws eks --region $(terraform output -raw region) update-kubeconfig \
--name $(terraform output -raw cluster_name)NOTE: For Windows users, you may need to adjust the
$()syntax. You can simply runterraform outputto view all outputs and manually include them in the command.
Authenticate Docker with ECR
aws ecr get-login-password --region <REGION> | docker login --username AWS --password-stdin <ACCOUNT ID>.dkr.ecr.<REGION>.amazonaws.comBuild and compress image in amd46 platform architecture:
docker build -t <REPO NAME>:<REPO TAG> --platform linux/amd64 --compress .
docker push <REPO NAME>:<REPO TAG>Get a list of running nodes in cluster:
kubectl get nodesApply recommended dashboard configuration:
kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.7.0/aio/deploy/recommended.yamlCreate a cluster role binding:
kubectl create clusterrolebinding serviceaccounts-cluster-admin \
--clusterrole=cluster-admin \
--group=system:serviceaccountsCreate an auth token for a user (required to authenticate with the Kubernetes Dashboard:
kubectl create token admin-user --duration 4h -n kubernetes-dashboardStart the kubernetes proxy (allows access to Kubernetes dashboard and API):
kubectl proxyNOTE: The dashboard is accessible via this URL once the proxy is running: http://localhost:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/
Apply kubernetes config (requires a kustomization.yaml file in the root of the target directory):
kubectl apply -k ./path/to/configExecute a command on a running pod (for example, to get shell or create a superuser account with Django)
kubectl exec -it <POD NAME> shInstall EFS CSI driver in Kubernetes:
helm repo add aws-efs-csi-driver https://kubernetes-sigs.github.io/aws-efs-csi-driver/
helm upgrade -i aws-efs-csi-driver aws-efs-csi-driver/aws-efs-csi-driver \
--namespace kube-system \
--set image.repository=602401143452.dkr.ecr.eu-west-2.amazonaws.com/eks/aws-efs-csi-driver \
--set controller.serviceAccount.create=true \
--set controller.serviceAccount.name=efs-csi-controller-sa \
--set "controller.serviceAccount.annotations.eks\\.amazonaws\\.com/role-arn"=<ROLE_ARN>NOTE: The
<ROLE_ARN>comes from the deployed resource in Terraform and can be viewed by runningterraform output efs_csi_sa_role. Theimage.repositoryvalue is different for each region and you can find the right one in the Amazon container image repositories docs page.
- Starting Point - this is the project we are starting from in the tutorial
- Terraform .gitignore file template
- Terraform VPC AWS module
- Terraform RDS AWS module
- Terraform security group AWS module
- Terraform EKS AWS module
- Terraform IAM AWS modules
- Kubernetes docs for Deploying the Dashboard UI
- Local Dashboard Proxy URL
- Docs for installing the Amazon EFS CSI driver
- ECR private registry authentication docs