Deploying API Manager on AWS EKS

4 min readSep 17, 2020

What is AWS EKS?

Kubernetes(k8s) is a container orchestration solution which is one of the top open source projects widely used across the globe today. K8s gained it’s massive popularity due to the ease it brings in deploying, maintaining and scaling applications inside containers.

Amazon Elastic Kubernetes Service (Amazon EKS)[1] is a fully managed Kubernetes service provided by Amazon. With Amazon EKS, you can take advantage of all the performance, scale, reliability, and availability of the AWS platform, as well as integrations with AWS networking and security services, such as Application Load Balancers for load distribution, Identity Access Manager (IAM) for role based access control, and Virtual Private Cloud (VPC) for pod networking[2].

Let’s get started

In this guide I will be guiding you step by step on how you can deploy the API Manager pattern 1 on AWS EKS. You can have a look at the other patterns available here. The below deployment diagram represents the API Manager Pattern 1 deployment we will be building today.

API Manager Pattern 1 Deployment Diagram

Prerequisites

Checking out the code

Clone the git repository. Let’s rename the checked out directory as <Kubernetes_Home>

git clone https://github.com/wso2/kubernetes-apim.git

2. Checkout the preferred branch(ex: 3.0.x) . Let’s refer to this as <Kubernetes_Home>

Creating the Cluster

You can create the EKS cluster following this document. Create a cluster of two nodes.
When launching the managed node group make sure you select the instance type as c5.large.

Creating the Ingress Controller

Execute the below commands to create the ingress controller’s prerequisites.

kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/static/mandatory.yaml

2. You can execute the below command to check the status of the ingress controller. Verify if this is in running state.

kubectl get pods — all-namespaces -l app.kubernetes.io/name=ingress-nginx — watch

3. Next we need to install the L7 type load balancer.

kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/static/provider/aws/service-l7.yaml
kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/static/provider/aws/patch-configmap-l7.yaml

For More information refer this documentation.

Installing Helm

You can install helm according to your OS by following the documentation. The recommended version to use is version — v2.14.3.
Next install the below helm repos

helm repo add wso2 https://helm.wso2.com && helm repo update

Installing Tiller

Install tiller to your cluster with role based access control. Create a file name rbac-config.yaml and paste the content from here.
Next execute the following commands

kubectl create -f rbac-config.yaml
helm init — service-account tiller — history-max 200

Now we have completed setting up all the prerequisites. We can move on to the actual deployment of API Manager.

Installation of APIM pattern 1

Open the values.yaml file found in the location <Kubernetes_Home>/advanced/am-pattern-1 and make the following changes.

Update your wso2 subscription credentials in the file under the subscription tag. If you leave this black the GA releases of the API Manager will be pulled from the public docker hub. If you provide the credentials this will pull from the docker.wso2.com repo. Note that by default this will create a cluster in version you specified of API Manager.

For more details on the configurable options please refer this documentation.

2. Next we need to run the helm chart using the below command. You can change the values in green to any preferred value.

helm install — dep-up — name apimanager <Kubernetes_Home>/advanced/am-pattern-1 -f <Kubernetes_Home>/advanced/am-pattern-1/values.yaml — namespace mydeployment

3. Verify the pods in the api manager cluster are all in the running state. You can list the pods using the below command. Then it should output something similar to below.

kubectl get pods -n mydeployment

4. Obtain the external IP (EXTERNAL-IP) of the Ingress resources by listing down the Kubernetes Ingresses. You should see an output similar to the below

kubectl get ing -n mydeployment

Output of the k8s ingress listing

5. Ping the address value to get the ip address

ping a58550dc3230911ea84060aa9538df86–321835838.us-west-2.elb.amazonaws.com

6. Add this obtained ip address against the “HOSTS” in step 4 into your hosts (/etc/hosts) file of your machine in order to access the cluster in the browser. See a sample from my machine’s hosts file

52.36.135.151 apimanager-am
52.36.135.151 apimanager-gateway
52.36.135.151 apimanager-analytics-dashboard

7. Now you can access the api manager apps as below.

Publisher — https://apimanager-am/publisher
Dev portal — https://apimanager-am/devportal
Analytics — https://apimanager-analytics-dashboard/analytics-dashboard
Carbon — https://apimanager-am/carbon